Satellites, the crucial components of our modern technology infrastructure, have increasingly become targets for hackers and cybercriminals. Recent incidents have demonstrated that these devices are not as secure as we may think. Researchers, nation-states, and cybercriminals have successfully hijacked satellite control and communications systems, causing disruptions and outages.
Last year, Russian hackers caused an outage for the Ukrainian satellite Internet service provider Viasat on the day of its ground invasion. A pro-Russian hacktivist group, Killnet, performed a distributed denial-of-service (DDoS) attack against SpaceX’s Starlink system, which was providing connectivity to cut-off regions of Ukraine. The Wagner Group, a private military contractor, claimed responsibility for a temporary outage at Russian Internet provider Dozor-Teleport by uploading malware to multiple satellite terminals.
While we have seen the vulnerability of satellite links, what about the satellites themselves? Are they secure? According to Johannes Willbold, a doctoral student at Ruhr University in Bochum, Germany, the answer is no. Willbold will be presenting his research on satellite vulnerabilities at the Black Hat USA conference in Las Vegas next month.
In a survey conducted by Willbold and his team, they found that many satellite engineers and developers have not implemented adequate security measures to prevent third-party intrusion. Out of the 17 different models of satellite surveyed, three respondents admitted to having no security measures in place. Five were unsure or declined to comment, and only nine had implemented some form of defense. However, even among those nine, only five had implemented access controls.
Willbold explains that there is a lack of security measures in satellites because the sector has relied on security by obscurity. Manufacturers have kept their machines closed off from both attackers and security analysts, making it difficult to assess the vulnerabilities of these devices.
Satellites used in low earth orbit (LEO) often contain computing hardware similar to embedded devices on Earth, such as regular ARM boards. On the software side, they may use real-time operating systems like VxWorks or basic Linux. These technologies, while familiar, also present potential avenues for intrusion.
One potential attack vector is through the wide-open communications link of the satellite. Hackers could set up their own ground station to communicate with LEO satellites, which can be as cheap as a two-meter dish for $10,000. However, one major challenge is the timing of satellite links. Satellites are only visible for a short period of time as they orbit the Earth, and maintaining a constant connection requires multiple ground stations, which can be costly.
The consequences of a compromised satellite can vary depending on which part of the system is breached. Attackers could manipulate data, steal confidential information, or even cause physical damage by altering the orbit of the satellite or directing it towards other objects in space.
To address these vulnerabilities, government organizations, military agencies, and the security community are taking steps to enhance satellite security. The FBI and CISA have advised satellite communications providers to implement basic security precautions, while the US Space Force has added new squadrons to boost military defense and modernize satellite control infrastructure. Organizations like NIST, MITRE Corp., and Aerospace Corp. have developed frameworks for modeling threats and planning countermeasures against space threats.
The security community is also actively involved in satellite security. The US Air Force and Space Force recently partnered with Aerospace Corp. for a satellite hacking competition called “Hack-a-Sat.” Developers are also working on quantum computing-resistant channels for secure data transmission to and from spacecraft.
It remains to be seen how satellite security will evolve in the coming years. Willbold notes that the space industry has been around for decades, but rapid changes and advancements may require a new approach to satellite security. As our reliance on satellites continues to grow, it is crucial that we address these vulnerabilities and strengthen the security of these vital devices.