Artemis II Is Airborne. So Is the Threat: What Deep Space Cybersecurity Tells Us About Protecting Critical Infrastructure

On April 1, 2026, NASA's Artemis II mission lifted off from Kennedy Space Center in Florida, sending four astronauts on a 10-day journey around the Moon and back. It is the first time humans have traveled beyond low Earth orbit since Apollo 17 in December 1972. Commander Reid Wiseman, Pilot Victor Glover, Mission Specialist Christina Koch, and Canadian Space Agency astronaut Jeremy Hansen are making history in real time.

But for cybersecurity professionals, policymakers, and national security practitioners, Artemis II is more than a milestone. It is a live, unfolding lesson in what happens when critical systems operate in environments where traditional security tools simply do not reach.

The mission is already surfacing vulnerabilities that every defender of critical infrastructure needs to understand.

WHEN THE LIGHTS FLICKER 240,000 MILES FROM HOME

Within the first hours of the mission, the Artemis II crew reported a fault warning light aboard the Orion spacecraft. Mission controllers at NASA's Johnson Space Center in Houston assessed the data and resolved the issue remotely. Later, a separate system failure involving the spacecraft's toilet required the crew to restore normal operations themselves.

Neither incident endangered the mission. But both illuminate a cybersecurity challenge that is rarely discussed in boardrooms or policy briefings:

• In deep space, the distance between a problem and the people who can fix it is measured not just in miles but in minutes of communication delay.

• When systems fail or are compromised, the human-in-the-loop model that governs most incident response frameworks becomes functionally impossible.

• Crew members must serve as their own first responders, operating without the real-time support that ground-based security teams normally provide.

This is not a theoretical risk. It is a design constraint with direct parallels to critical infrastructure on Earth, including industrial control systems in power plants, offshore oil rigs, and remote military installations, where operators frequently work in communication-limited or fully isolated environments.

NASA'S CYBERSECURITY POSTURE: WHAT THE WATCHDOGS FOUND

The vulnerabilities aboard Orion do not exist in isolation. They reflect a broader institutional gap that federal oversight bodies have already flagged.

In June 2025, the U.S. Government Accountability Office published a landmark cybersecurity report on NASA's space programs. Its findings were direct:

• NASA had not completed an agency-wide cybersecurity risk assessment, the foundational step that allows any organization to prioritize threats and direct defenses where they matter most.

• The GAO issued 16 specific recommendations to bring NASA's cybersecurity risk management program in line with federal standards.

• NASA concurred with fewer than half of those recommendations outright.

The Orion spacecraft itself relies on command and control IT systems housed at Johnson Space Center, systems that store, process, and transmit the data that keeps the crew alive. An agency overseeing an $80 billion portfolio of space assets without a completed risk assessment is an agency with structural blind spots at precisely the moment adversaries are most active.

For policymakers and intelligence practitioners, this is a familiar pattern. The same institutional inertia that delayed cybersecurity modernization in energy, water, and healthcare sectors is now visible in the space domain.

THE THREAT LANDSCAPE IS ALREADY CROWDED

The vulnerabilities Artemis II surfaces are not hypothetical. The threat environment around space systems is active, documented, and escalating.

• At the Black Hat 2025 security conference in Las Vegas, German researchers demonstrated that software and encryption libraries used by both NASA and Airbus could be exploited to shut down, move, or crash satellite flight systems remotely.

• Research presented at the 2026 Workshop on the Security of Space and Satellite Systems found that common satellite software platforms are poorly equipped to handle malicious components, leaving designers facing a difficult choice between security and performance.

• A 2025 study by researchers at the University of California, San Diego and the University of Maryland intercepted vast quantities of private and potentially sensitive communications from geostationary satellites, including traffic from government and military sources.

• The space industry broadly lacks a unified framework for linking IT systems and operational technology systems aboard spacecraft, the same IT/OT convergence gap that has left power grids and water systems exposed for years.

Perhaps most critically for Artemis II, the mission includes a planned 40-minute communications blackout when the crew passes behind the Moon. During that window, there is no contact with Mission Control and no capacity for remote intervention of any kind. For adversary intelligence services, that window is a case study in exploiting predictable denial-of-signal gaps, a technique already applied against satellite communications in active conflict zones.

WHAT CRITICAL INFRASTRUCTURE DEFENDERS MUST TAKE FROM THIS MISSION

Artemis II is not just a space story. It is a critical infrastructure story. The lessons it offers apply directly to the professionals and policymakers responsible for protecting systems on the ground.

• Zero-Trust is no longer optional in space operations. Leading space operators have already begun adopting Zero-Trust architectures, rotating encryption keys, and onboard anomaly detection systems to counter spoofing and command injection attacks. These same frameworks must be extended to any environment where remote access is delayed, limited, or denied.

• The ground segment is part of the attack surface. Two of the pre-launch delays that pushed Artemis II back from its original window were caused by a hydrogen leak and a helium flow issue in the rocket's upper stage. Whether accidental or not, these events underscore that launch infrastructure carries the same threat exposure as the vehicle itself.

• Space must be treated as critical infrastructure in practice, not just in policy documents. Multiple allied governments, including Australia, have acknowledged that space systems underpin global navigation, communications, financial networks, and defense operations, yet security investments remain shallow and fragmented.

• Incident response frameworks must be redesigned for communication-denied environments. The current model, in which a security operations center responds remotely to alerts, assumes reliable connectivity. Artemis II demonstrates that critical systems can and do operate well beyond that assumption.

THE BOTTOM LINE

Artemis II is making history. It is also handing the cybersecurity community one of its most consequential real-world datasets in years. The anomalies surfaced in the first days of this mission, the fault warnings, the system failures, the communications blackouts, are not embarrassments. They are data points. The question is whether practitioners, policymakers, and institutional leaders are paying close enough attention to act on them before a less forgiving environment turns a manageable gap into a catastrophic one.

Space is the newest frontier of critical infrastructure security. The adversaries who understand that are already at work. The defenders must catch up.

HOW OSRS CAN HELP

OGUN Security Research and Strategic Consulting LLC provides intelligence-driven cybersecurity analysis, risk assessments, and strategic consulting for organizations operating in high-stakes, complex environments. Whether your organization is navigating the intersection of space policy and cyber risk, building resilience into critical infrastructure, or developing frameworks for communication-denied operational environments, OSRS brings the analytical rigor and national security expertise your mission requires. Visit www.ogunsecurity.com to learn more or schedule a consultation.

CONCLUSION

Artemis II launched with four astronauts and a decade of engineering ambition. It also launched with an unresolved cybersecurity posture that mirrors vulnerabilities found in power grids, defense networks, and industrial control systems across the globe. The mission will return its crew safely to Earth. The question it leaves behind, about how nations and organizations protect critical systems in environments where the traditional security playbook does not apply, will take far longer to answer.

The work starts now.

AUTHOR BIO: Dr. Sunday Oludare Ogunlana is Founder and CEO of OGUN Security Research and Strategic Consulting LLC, a Professor of Cybersecurity, and a national security scholar advising global intelligence and policy bodies on emerging threats.

If you found this article valuable, please share it with your colleagues and network. The conversations we have today about space cybersecurity will shape the policies and defenses of tomorrow.

Subscribe to the OSRS email list at www.ogunsecurity.com to receive expert intelligence briefs, cybersecurity analysis, and national security insights delivered directly to your inbox.

Enjoyed this article? Stay informed by following OSRS on Google News, Twitter, and LinkedIn for more exclusive cybersecurity insights and expert analyses.