World’s first in-orbit cybersecurity demonstration at CYSAT

Paris, April 25 th, 2023 – In order to raise awareness about cybersecurity vulnerabilities in space systems, security experts from Thales will present during the CYSAT conference how they managed to ethically hack and safely recover OPS-SAT, a shoebox sized satellite and ‘flying laboratory’ from the European Space Agency (ESA).

Cybersecurity has not been historically a priority for space engineers, rather focusing on maximizing the lifetime of satellites. Today the situation is changing as thousands of satellites capable of collecting and transmitting sensitive data are being launched, raising deep concerns about their resilience against cyberattacks in a tense geopolitical context.

Aside from developing its own security products, CYSEC is organizing the 3rd edition of CYSAT in Paris on April 26-27th, the biggest European event dedicated to cybersecurity for the space industry. Its purpose is to bring 500+ stakeholders to the Station F in Paris: space agencies, leading industrial companies, satellite operators, end-users, startups and universities, to learn about the latest threats, but also security products and services.

Ethical hacking is becoming standard in many industries, its purpose is to reward ethical hackers to identify vulnerabilities in a product or a service. Security teams can then immediately fill the gap by implementing defensive strategies, making the product or service more secure.

Security experts from leading tech company Thales were selected for the “Hack CYSAT” challenge for which ESA’s OPS-SAT – a shoebox-sized flying “laboratory” for in-orbit demonstration of revolutionary new control systems and software that would be too risky to trial on a “real” satellite – was made available.

Thales’s Red Team was asked to propose attack scenarios able to disturb the nominal operations of the satellite by targeting the flight computer onboard, the operating system or the various payloads available on board like a camera, a GPS, and Attitude Determination and Control System, a software-defined radio, etc.

“We’re asking people to do, in a controlled environment, exactly what we don’t want to happen in real life. It’s an exciting opportunity to engage with and learn from the best minds across Europe, using one of ESA’s exciting new missions.” said David Evans, OPS-SAT project manager.

The goal of Hack CYSAT is primarily educational, to show space engineers concretely how hackers think and what damage they could do on a satellite, but also how an attack can be detected, remedied, and eventually prevented.

At CYSAT on April 27 th, the Thales team of four cybersecurity researchers will explain how they managed to access the satellite’s onboard system, use standard access rights to gain control of its application environment, and then exploit several vulnerabilities to introduce malicious code into the satellite’s systems. This made it possible to compromise the data sent back to Earth, in particular by modifying the images captured by the satellite’s camera, and to achieve other objectives such as masking selected geographic areas in the satellite imagery while concealing their activities to avoid detection by ESA.

After the demonstration the satellite was then safely recovered by the OPS-SAT team and the vulnerabilities patched, making OPS-SAT more resilient to cyber threats thanks to the Thales team.

“Hack CYSAT is a fantastic opportunity for the space community to understand how hackers think and operate. Our goal is to raise awareness about cyber risks on satellites and promote a modern approach of “security-by-transparency”, similar to what other industries managing critical infrastructures and sensitive data are implementing” added Mathieu Bailly,

Mathieu Bailly, VP Space at CYSEC and Director of CYSAT

Mathieu Bailly


CYSEC is a European cybersecurity company, headquartered in Switzerland and with offices in France, providing innovative software products to protect critical infrastructures on ground and in space. Founded in 2018 by experienced cybersecurity experts, CYSEC is now counting more than 30 employees, with more than 10 experts dedicated to the space industry. Indeed, CYSEC is pioneering end-to-end, European and off-the-shelf cybersecurity products for newspace missions.


  • ARCA SATLINK for end-to-end protection of satellite operations through the TMTC link, on board and on ground.
  • ARCA SATCOM for secure satellite communications without reducing the performance.
  • ARCA Trusted OS to enable secure cloud-to-cloud architecture on board  and on ground.



CYSAT is the biggest European event dedicated to cybersecurity for the space industry. Since 2021, CYSAT brings together space professionals, engineers and decision-makers with security specialists: ethical hackers, researchers, but also startups and industrial leaders, to build a resilient and sovereign European space industry. CYSAT is organized by CYSEC. Learn more about CYSAT here