The Biggest Risk to A.I. in Space Is Sitting on the Ground

Putting data centers in space has moved from science fiction to procurement. SpaceX, Meta and Google are all pursuing the concept, and for sound reasons: orbit offers near-continuous solar power and the natural cooling of space, sidestepping the energy, permitting and cooling constraints currently throttling data center construction on Earth. In April, Meta announced that it had already reserved a gigawatt of future orbital solar capacity. As A.I.’s appetite for power outpaces what terrestrial grids can comfortably supply, the commercial logic is difficult to ignore.

But the debate is stuck on the wrong question. We are still arguing about whether orbital data centers are technically feasible and how cheaply we can launch them—a debate even the field’s own leaders continue to have. In February, OpenAI’s Sam Altman called orbiting data centers “ridiculous for now,” citing high failure rates and cost. The more important question is what happens when something fails—and where the real vulnerability actually sits when it does. It is easy to assume the risk lives in orbit. Mostly, it doesn’t. It lives on the ground, at the handful of stations that connect satellites back to Earth. Today, those facilities underpin every orbital computing system, yet they receive only a fraction of the protection their strategic importance warrants.

On Earth, a hardware failure is a technician walking into a server room. In orbit, a routine glitch or a micro-meteorite strike can sideline an asset until the next launch window, turning what would be routine maintenance into months of lost capacity. This is not hypothetical. In March, a SpaceX Starlink satellite suffered a mysterious anomaly in orbit, the kind of fault that on the ground is a maintenance ticket and in orbit can strand an asset for good. The technology to deploy servers in space is advancing faster than the technology to service them once they arrive. Until in-orbit maintenance becomes practical, every failure is a loss, and that reframes the entire business case. Mean time to repair is no longer measured in hours. It is measured in launch windows.

That reality should reorder system design. If failures cannot be prevented the way they are on the ground, they must be anticipated instead. Redundancy and graceful degradation stop being nice-to-haves and become the whole architecture, distributing workloads across multiple satellites and orbital planes so that losing one platform reduces capacity rather than crippling operations. 

The trap is co-location: when several tenants share a single orbital platform, one physical impact becomes a shared, unmitigable outage. And the economics are unforgiving. Radiation, thermal cycling and collision exposure turn ordinary faults into total losses, driving insurance and redundancy costs well above what most energy-savings projections account for. A business running critical workloads off one or two satellites is sitting on a catastrophic single point of failure that no launch-cost spreadsheet adequately captures.

But even the in-orbit case is only half of the problem. Every orbital data center still depends on Earth, at ground stations, downlink facilities and the fiber networks that carry data its last mile to users. A satellite is only as resilient as the ground infrastructure connecting it to the network, and those facilities are far easier to disrupt than a hardened terrestrial data center. Concentrate global compute behind a small number of ground stations, and you have created attractive physical choke points for anyone seeking to cause disruption, whether through jamming, signal interference or physical intrusion. The computing power may sit in orbit. The most accessible vulnerabilities remain firmly on the ground. 

This is the part of the conversation that receives the least attention when it arguably deserves the most. As orbital computing scales, these ground facilities become the new crown jewels of the digital economy. The uncomfortable truth is that the resilience of a space-based data center will depend less on the sophistication of its satellites than on the security of an otherwise unremarkable building on Earth.

Securing that infrastructure is not primarily a cybersecurity problem, and treating it as one is a mistake. Satellites, ground stations and terrestrial networks operate as a single interconnected system, meaning a compromise anywhere can cascade across an entire architecture. A  breached ground station is simultaneously a physical security incident and a cyber event. 

Protecting these sites, therefore, means abandoning the habit of disconnected security measures—a camera here, an access reader there, a visitor log on a clipboard—and moving toward integrated security architectures in which physical access, video, alarms and identity systems work together. Organizations will need analytics that can identify anomalies before they become incidents, rather than simply documenting what has already happened. As these facilities become single points of failure for orbital compute, that coherence becomes the difference between a contained incident and a national-scale outage. 

None of this is an argument against putting compute in space. The energy case is genuine, and the companies pursuing it are serious. It is an argument for pricing the risk honestly before we get there, for investing in servicing, redundancy and ground-segment security with the same ambition we are bringing to launch. The industry has an answer to A.I.’s energy problem. It has not yet developed an equally convincing answer to its resilience problem. The organizations that succeed in orbit will be the ones that solve both.