OPSWAT Sent a Cybersecurity Device Toward Space to Prove Critical Systems Can Defend Themselves Offline

OPSWAT has taken a rugged cybersecurity device to the edge of space to make a point about the future of critical infrastructure protection: security tools may need to work in places where no one can reboot them, patch them, or connect them back to the cloud.

The Tampa-based critical infrastructure cybersecurity company released video of its MetaDefender Kiosk Mini operating during a near-space validation mission, where the device was lifted by weather balloon to 104,883 feet. During the flight, OPSWAT said the system processed thousands of malware samples while exposed to extreme cold, high radiation, low pressure, and a lack of cloud connectivity.

The mission was designed less as a space stunt than a stress test for a growing security problem. Satellites, defense systems, industrial sites, remote energy facilities, and other mission-critical environments often cannot rely on fast internet access, immediate human support, or conventional endpoint security models. In those settings, OPSWAT argues, cybersecurity has to be local, segmented, deterministic, and prevention-first.

“Space systems should be treated as critical infrastructure, and the cyber infrastructure that supports them should be treated as mission-critical infrastructure,” said Benny Czarny, Founder and CEO, OPSWAT. “Cybersecurity in space cannot be built around the idea that someone on Earth will always be available to fix the problem. It must be local, deterministic, segmented, and prevention-first.”

The MetaDefender Kiosk Mini is built to sanitize USB drives, external drives, and other removable media before they enter sensitive environments. During the near-space flight, the device operated independently using local compute and OPSWAT’s Deep CDR technology, which treats files as potentially hostile, strips risky active content, and rebuilds clean versions before they are allowed into protected systems.

That model matters in environments where connectivity can be delayed, degraded, denied, or unavailable. In space, military operations, oil and gas facilities, mining sites, chemical plants, and other industrial settings, removable media can remain a practical way to move files between isolated systems. It can also become a path for malware if those files are not inspected and sanitized before crossing into operational technology or mission systems.

The weather balloon mission exposed the kiosk to temperatures as low as -45.6°F, near-vacuum pressure of 9.5 hPa, high UV radiation, humidity, water exposure, and rapid movement. After almost 230 minutes, the balloon burst and the device continued operating during descent before landing in a river.

For OPSWAT, the demonstration lands at a moment when space-based infrastructure is becoming a bigger part of enterprise and national cyber risk planning. The World Economic Forum’s Global Cybersecurity Outlook 2026 found that 15% of global organizations now consider dependence on space-based assets, including satellites, GPS, and satellite communications, in their cyber risk mitigation strategies. As access to orbit becomes cheaper and more commercially available, the line between terrestrial cyber risk and space-enabled operations is starting to blur.

The concern is not just malware aboard a satellite. Future attacks could involve electronic warfare, interception, spoofing, jamming, intelligence collection, or spacecraft positioned to support attacks against terrestrial targets. That makes space systems part of a broader critical infrastructure attack surface, one that includes ground stations, supply chains, removable media, and the software used to manage space operations.

“More than the altitude, technology, and cool video, the idea was that cybersecurity has to work in environments where humans cannot easily reach, repair, or reset,” said Czarny. “In space, there is no simple onsite support, quick replacement, or easy second chance. The system must have full trust before it leaves the ground.”

OPSWAT said the same ruggedization that allows the kiosk to operate in harsh industrial environments helped it survive the near-space test. The MetaDefender Kiosk line is used in sectors where systems may be exposed to dust, humidity, toxic chemicals, flammable materials, and temperature swings. The device also holds Class 1, Division 2 certification from UL, qualifying it for certain hazardous locations where flammable gases or vapors may be present, including oil and gas, chemical, and mining operations.

The broader message is that cyber resilience for critical infrastructure cannot depend only on detection and response after something goes wrong. In isolated, hazardous, or unreachable environments, the first line of defense may need to be a device that blocks contaminated files before they ever touch the systems keeping satellites, factories, pipelines, or military networks running.

OPSWAT’s near-space flight may be marketing with a dramatic backdrop, but the security argument underneath it is practical. As critical infrastructure expands into more remote and hostile environments, cybersecurity tools will be judged not just by what they can detect, but by whether they can keep working when the cloud disappears, the temperature drops, and no human is coming to fix the problem.