Cyber intelligence firms linked to Israel have reportedly developed systems capable of locating and identifying Starlink users without breaching the Elon Musk-owned satellite network, according to reports.

An investigation by the Israeli newspaper Haaretz claims that two firms have developed "data fusion" techniques.

Don't miss our latest stories on Google News

The report describes a surveillance model that involves the large-scale analysis of advertising identifiers, smartphone telemetry, browsing traces, social media activity, and geolocation data to determine where Starlink terminals are operating and, in some cases, who is using them.

The investigation uncovers a new trend in cyber intelligence, moving away from spyware tools such as Pegasus and towards mass data analysis and surveillance models similar to those used by Palantir Technologies and its law enforcement clients, such as ICE.

Exploiting the digital footprint

One company identified in the investigation, Cyprus-based TargetTeam, markets a platform called Stargetz.

Sales materials reviewed by Haaretz, a news outlet favored by centrist-left-leaning readers, claim the system can monitor nearly 1 million Starlink terminals worldwide and track internet activity from up to 5.5 million connected devices.

The company also reportedly claims it has already “de-anonymized” around 200,000 terminals by linking devices or usage patterns to identifiable users.

Strong password generator

Upgrade the security of your online accounts.

Create strong passwords that are completely random and impossible to guess.

Convenient way to secure and use all your passwords. Now 72% OFF!

Get NordPass

The tech works by exploiting the digital footprint created by smartphones and other devices connected beneath a Starlink terminal. Advertising IDs, app telemetry, location data, and online activity can leak into the wider tech ecosystem, where analysts can correlate devices appearing at the same time and place as a Starlink connection.

Once an advertising identifier is linked to a person elsewhere online, investigators may be able to trace it back to a specific location.

“The ship can use its AIS [Automatic Identification System], but the crew still needs TikTok,” a salesperson told Haaretz, suggesting that even if a vessel conceals its official location data, smartphones used by crew members may still reveal where it is.

Has Starlink been cracked?

Starlink has become a valuable resource in conflict zones and under internet shutdowns, because it can keep users connected even when conventional telecom networks are censored, damaged, or offline.

Because it is satellite-based, users often assume it is harder for governments or telecom providers to monitor than conventional internet connections tied to a local phone network or internet service provider.

Image by Cybernews — New techniques mean Starlink's network of more than 8,000 low-Earth-orbit satellites don't need to be intercepted to reveal ID or location

But while Starlink's network of more than 8,000 low-Earth-orbit satellites makes traditional signal interception difficult, sophisticated data analysis models now mean there’s no need to hack or intercept the network itself.

Another company named in the investigation, Tel Aviv-based Rayzone, is said to offer similar Starlink-monitoring capabilities as part of a broader suite of intelligence and data-analysis tools overseen by the Israeli defense ministry.

The conversation on this topic is live. Join in the discussion.

The firm was previously the subject of a joint Guardian and The Bureau of Investigation report into telecom signaling exploitation and mobile geolocation tracking by exploiting weaknesses in the Channel Islands’ telecom network infrastructure.