Study Reveals How an $800 Satellite Dish Captured Sensitive Communications

Published October 20, 2025

Dave Levin, an associate professor of computer science at the University of Maryland, wondered if he’d just committed a felony. He and research collaborators had pointed a basic dish antenna purchased online toward a communications satellite hovering above Earth, and now the scientists could hear private citizens’ voicemails and read thousands of text messages intercepted from a major U.S. cellular provider’s transmission.

Flabbergasted by the security flaw, Levin and his colleagues at the University of California, San Diego (UCSD) alerted lawyers, who said they’d broken no law but advised them to stop surveilling the U.S. telecom provider and preserve their data. Over the last year and a half, the researchers instead pointed their dish at 38 other satellites that collectively cover 40% of the planet, discovering a motherlode of highly sensitive, unencrypted data.

The dish, placed on a roof at UCSD, picked up internet communications from U.S. and Mexican military ships and units; private cellular traffic transmitted by other U.S. and Mexican providers; internet browsing data from in-flight Wi-Fi and mobile networks; internal communications within Mexican banks and utilities; and corporate emails and login credentials and from a U.S. megastore’s Mexican subsidiary.

It was less like finding a needle in a haystack than “needles raining down from the sky,” said Levin, who has an appointment in the University of Maryland Institute for Advanced Computer Studies and is a core faculty member in the Maryland Cybersecurity Center. “This was traffic that organizations thought was within their private network, and there it was, in the clear.”

After months of secrecy during which they alerted affected agencies and companies, the team—led by UCSD researchers and joined by UMD computer science Ph.D. student Annie Dai—revealed its findings last week to kick off the Association for Computing Machinery Conference on Computer and Communications Security in Taiwan. The researchers stand with their satellite receiver.

The disclosure carries heavy implications for national security. The researchers warn that just by using satellite hardware that can be purchased for $800 on Amazon, adversaries could launch mass surveillance schemes or hijack identities to wreak havoc on infrastructure systems like power grids and oil and gas pipelines or on military operations.

“We hope this work will have a long term-impact of showing that we need to have an eye in the sky to make sure any sensitive satellite communication will stay secure,” said Aaron Schulman ’07, Ph.D. ’13, Levin’s former UMD classmate and now a UCSD associate professor who co-led the project.

The cellular provider leaks were in the form of “backhaul” data: transmissions between cell providers and cell towers that are relayed by satellite within private networks. Cellular companies often employ the system in remote residential areas and assume it won’t be disturbed unless someone breaks into a facility and hacks into a server, Levin said.

After positioning their dish, the researchers used publicly available databases to find scores of geostationary satellites (which have orbits that allow them to stay over a fixed point on the ground), intending to study various forms of algorithms and encryptions. But after several months they realized that half of the satellites were broadcasting unprotected data.

The exposed organizations’ engineers were shocked when the research team contacted them, said Levin.

“Almost everyone we disclosed our findings to reacted with 'You shouldn't be able to see this,’” but were ultimately grateful for the notifications, he said.

Several factors could explain the security breakdown: Companies may leave data unencrypted because of the cost or complexity. Many organizations outsource satellite operations to private encryption contractors, but the data gets decrypted just before reaching a satellite, “and then it gets transmitted to half of the entire world,” said Levin.

The researchers are still working to inform affected companies of leaks, keeping their names out of the public domain for now, Levin said.

Spy agencies around the world have presumably been eavesdropping on satellites since soon after they were launched decades ago, and though other academic researchers have previously revealed minor instances of privacy leaks, Levin wonders why no one explored the problem more deeply until now.

“I guess nobody really thought to do it,” he said. “And now, everybody’s going to want in. It’s that easy. We literally just pointed a dish at the air and looked up.”

—Story by John Tucker, Maryland Today staff