The numbers that define the modern launch environment are also the numbers that define its cyber exposure. Vandenberg Space Force Base logged 51 launches in 2024 — a pace not seen in 50 years — and surpassed that with 66 in 2025. The base projects 150 launches over the next five years and upwards of 200 by 2036. Each of those missions represents a narrow window during which ground systems, range instrumentation, communications links, and mission-critical software must all function without interruption. For an adversary seeking to deny U.S. space access, that window is not a technical detail. It is a targeting opportunity.
In March 2026, Space Systems Command acknowledged this reality by embedding dedicated cyber defense units directly inside its two major launch deltas. The 630th Cyberspace Squadron was activated on March 10 at Vandenberg under Space Launch Delta 30. The 645th Cyberspace Squadron, previously aligned to Space Delta 6, was reassigned to Space Launch Delta 45 at Patrick Space Force Base in September 2025. The organizational logic is deliberate: by placing these squadrons within the launch delta structure — not under a separate cyber command — the Space Force is treating range cyber defense as a core operational responsibility rather than a support function provided from elsewhere. Adversaries who attempt to deny, disrupt, or destroy launch capability through malware, network intrusion, or command spoofing now face defenders who are mission-owners, not service providers.
Why the Launch Range Is a High-Value Target
The launch range is a point of compression. It is where the entire investment in a satellite program — often measured in years and billions of dollars — passes through a single set of ground systems in a window measured in minutes. Ground control, range safety, telemetry, and tracking infrastructure are all networked, all digitized, and all dependent on communications links that an adversary may be able to access or disrupt. This is not a speculative threat. The same techniques observed in attacks on Ukrainian communications infrastructure and energy sector industrial control systems translate directly to the space launch environment: network intrusion to pre-position, denial-of-service to disrupt, and command spoofing to create uncertainty at a critical moment.
The expansion of the commercial launch sector amplifies this risk rather than distributing it. A high launch cadence means that the range — including its shared instrumentation, safety systems, and ground networks — is under load almost continuously. What was once a discrete, episodic operational environment is now a persistent one. Persistent operations require persistent defense.
The AI Layer That Makes Scale Tractable
The two new squadrons address the organizational gap. The technology investment underway addresses the scale problem. The Space Force is currently fielding AI-powered tooling on two parallel tracks. On the ground, Space Force Chief Information Security Officer Seth Whitworth has described how large language models are accelerating the cyber compliance workflow — compressing the Authority to Operate process from a cycle that once took three to eighteen months into one measured in weeks or days. That compression matters operationally: it means software updates and system changes can be certified and deployed at a pace compatible with a high-tempo launch schedule, rather than sitting in review queues while vulnerabilities age.
On orbit, the Cyber Resilient On-Orbit program — developed by BigBear.ai, Proof Labs, and Redwire Space Systems — takes a different approach to the same problem. Rather than attempting to prevent every intrusion at the perimeter, CROO monitors satellite telemetry directly: reaction wheel speeds, star tracker position data, sun sensor angles, and other behavioral outputs that a satellite's flight software generates continuously. Machine learning models trained on high-fidelity digital twins of specific satellite platforms can detect anomalies that would be invisible to conventional signature-based monitoring. When a satellite behaves differently from how it should — subtly, in ways that a human analyst reviewing thousands of telemetry streams could not realistically catch — CROO flags it. The program is expected to reach operational availability in 2026.
What This Signals for the Defense Industrial Base
The organizational and technical moves the Space Force is making in the launch domain reflect a broader pattern that defense technology companies should read carefully. Cyber defense is no longer being treated as a separate competency layered on top of operational systems — it is being integrated into the operational chain at every level where there is a meaningful attack surface. The 630th and 645th squadrons are embedded in launch deltas. CROO is embedded in the satellite telemetry layer. The AI compliance tooling is embedded in the ATO process itself. The integration pattern is consistent: move the defense closer to the asset being defended, and make the defense AI-assisted so it can operate at the tempo and scale the mission demands.
For the defense technology industrial base, that integration pattern carries a practical implication. The capability gaps that remain — in automated range defense, in AI-assisted telemetry anomaly detection, in continuous authority-to-operate frameworks for rapidly iterating space software — are not gaps in threat awareness. The Space Force has made clear it understands the threat. The gaps are in fielded capability that can operate at launch cadence, at scale, in an environment where the window for response may be shorter than the window for a human to read an alert. Companies that can close those gaps with verifiable, test-and-evaluation-backed solutions are positioned at the intersection of the two largest vectors in defense acquisition right now: space resilience and trusted AI.
