Floods the uplink with noise. SNR drops to -2dB (normal: 14dB). Packet loss spikes to 40%+. Satellite becomes unresponsive. North Korea regularly jams GPS over the Korean peninsula.

Injects unauthorized commands into the telecommand uplink. Normal rate: 0.3/s → attack: 3.8+/s. Can permanently destroy a satellite. Russia did this to Viasat KA-SAT in 2022, destroying 5,800 modems across Europe.

Captures a legitimate command packet and retransmits it later. Satellite re-executes the command. Detected via duplicate packet nonces and command rate spike from 0.3/s to 2.3/s.

The most overlooked satellite attack vector. Instead of attacking the satellite directly, attacker targets the human operators on the ground. A spear-phishing email with a spoofed sender tricks a ground station operator into clicking a credential harvester. The attacker then logs in with stolen credentials and queues unauthorized commands to the satellite. This is exactly how Russia attacked Viasat KA-SAT in 2022 — breaching the ground network first, then pushing malicious firmware to 5,800 modems across Europe, knocking Ukraine's military communications offline on the first day of invasion.