• Explore
  • Blog
  • Podcast
  • About
  • Services
  • Contact
Menu

Exploring Information Security

Securing the Future - A Journey into Cybersecurity Exploration
  • Explore
  • Blog
  • Podcast
  • About
  • Services
  • Contact

Created by ChatGPT

Exploring TEMPEST: Hacking the Future of Space Security

February 19, 2025

This blog post is based on a podcast I recorded with Tim Fowler back in January. I’ve used ChatGPT to take the episode transcript and turn it into a blog that I have reviewed and edited. Check out the episode: https://www.exploresec.com/eis/219

The Rise of Space Cybersecurity

Cybersecurity has long been a critical focus in terrestrial technology, but as the space industry continues to expand, the need for security in orbit has never been more urgent. One person leading this charge is Tim Fowler, the creator of TEMPEST, a 1U CubeSat educational project designed to bring hands-on security training into the realm of space systems.

In a recent Exploring Information Security podcast episode, I sat down with Fowler to discuss TEMPEST, its impact on cybersecurity education, and why space security needs a shift in focus.

Why Space Security Matters

The rapid expansion of satellite technology means that more devices than ever before are being launched into space—often without robust security measures. Fowler highlighted that traditional approaches to securing IT systems don’t always translate well to space-based infrastructure.

Some of the key concerns include:

  • Unsecured Communication Links – Space systems often rely on unencrypted signals, making them susceptible to interception.

  • Satellite Hijacking – Attackers could take control of a satellite’s operations and disrupt services or use it for malicious activities.

  • Supply Chain Vulnerabilities – Many CubeSats are built from commercial off-the-shelf components, which can introduce security risks.

TEMPEST allows students and professionals to experience these risks firsthand in a controlled environment, making it an essential tool for training the next generation of space cybersecurity experts.

What is TEMPEST?

TEMPEST—an acronym for Tim’s Endeavor into Manically Producing Educational Space Technologies—is a modular, intentionally vulnerable CubeSat that provides cybersecurity professionals, students, and researchers with a hands-on way to test and hack satellite systems.

Fowler, an expert in space cybersecurity, launched the project to address a major gap in the industry: most CubeSat kits focus on functionality, but none include security as a fundamental component. TEMPEST is designed to fill that void by allowing users to simulate attacks, build defenses, and understand real-world space security challenges.

A Hands-On Approach to Learning

TEMPEST was designed to be modular and hackable. Fowler structured the CubeSat with intentionally built-in security flaws to simulate real-world attack scenarios. Users can explore:

  • Radio frequency (RF) security and satellite communications.

  • Embedded system vulnerabilities within the CubeSat’s flight computer.

  • Software-defined radios (SDRs) for signal interception and manipulation.

  • Security hardening techniques to counteract common attack vectors.

The first generation of TEMPEST hardware debuted at Wild West Hacking Fest in 2024, where attendees were able to test, break, and improve upon the system in real time. Fowler also runs training sessions where participants assemble and experiment with the CubeSat, learning about space security hands-on.

The Accidental Broadcast Storm

One of the most entertaining moments Fowler shared was an unexpected security lesson during a training session. When a room full of students powered up their TEMPEST CubeSats simultaneously, the devices inadvertently started talking to each other, creating a self-replicating “broadcast storm.”

This unintentional experiment highlighted a crucial lesson in satellite security: small design choices can have major consequences. Even unintended interactions between satellites can create denial-of-service conditions or unexpected network behaviors, reinforcing the importance of secure communication protocols in space systems.

What’s Next for TEMPEST?

While TEMPEST is currently only available through Fowler’s space cybersecurity training courses, plans are underway to release a public version that allows more people to engage with the project.

Upcoming developments include:

  • A new defensive security course focused on satellite protection strategies.

  • Open-source release of older TEMPEST versions, allowing users to build their own CubeSats.

  • Expanded training opportunities at major security conferences in 2025.

Where to Learn More

If you’re interested in learning about space cybersecurity and hacking CubeSats, TEMPEST offers a unique and invaluable resource. Keep an eye out for future training sessions and updates by following:

🌐 EthosLabs.space – Fowler’s main site for TEMPEST training and updates.
🎙️ Exploring Information Security Podcast – Listen to the full episode for an in-depth discussion on TEMPEST.

Final Thoughts

Space cybersecurity is one of the most exciting frontiers in infosec, and projects like TEMPEST are helping shape the future. By providing a hands-on, educational platform for space security, TEMPEST ensures that the next generation of security professionals is ready to defend our critical space infrastructure. 🚀

What are your thoughts on space cybersecurity? Let’s discuss in the comments!

In Experiences, Technology Tags Ethos Labs, TEMPEST, Hacking Space, Space, Space Cybersecurity
Comment

Latest PoDCASTS

Featured
Jul 8, 2025
[RERELEASE] How to crack passwords
Jul 8, 2025
Jul 8, 2025
Jul 2, 2025
[RERELEASE] How to find vulnerabilites
Jul 2, 2025
Jul 2, 2025
Jun 24, 2025
[RERELEASE] What is data driven security?
Jun 24, 2025
Jun 24, 2025
Jun 17, 2025
[RERELEASE] What is a CISSP?
Jun 17, 2025
Jun 17, 2025
Jun 10, 2025
[RERELEASE] From ShowMeCon 2017: Dave Chronister, Johnny Xmas, April Wright, and Ben Brown talk about Security
Jun 10, 2025
Jun 10, 2025
Jun 4, 2025
How to Perform Incident Response and Forensics on Drones with Wayne Burke
Jun 4, 2025
Jun 4, 2025
Jun 3, 2025
That Shouldn't Have Worked: A Red Teamer's Confessions with Corey Overstreet
Jun 3, 2025
Jun 3, 2025
May 28, 2025
when machines take over the world with Jeff Man
May 28, 2025
May 28, 2025
May 20, 2025
How to Disconnect From Cybersecurity
May 20, 2025
May 20, 2025
May 13, 2025
How to Implement a Content Security Policy (CSP)
May 13, 2025
May 13, 2025

Powered by Squarespace