One of the worst nightmares of governments and organizations has become real: Satellite communication systems (SATCOM) have severe vulnerabilities and can be hacked
Satellite communication systems (SATCOM) hacking is one of the worst nightmares for governments and organizations. And at Black Hat 2018 conference Ruben Santamarta of IOActive and his team revealed severe vulnerabilities in SATCOM used by airplanes, ships and military worldwide. Cyber attacks could modify routes, hacking the GPS, or leak the position of a specific unit of soldiers everywhere, creating huge problems, damages and also deaths. Furthermore there is an increase in cyber warfare and cybercrime activity worldwide, that could exploit these vulnerabilities to earn money or gain advantages towards the targets. In the press conference Santamarta and his cyber security team gave only a teaser about what they discovered. Not only. Malicious hackers, using satellites, could carry out “cyber-physical attacks”, turning antennas into RF weapons that operate, essentially, like microwave ovens against specific targets everywhere.
Ruben Santamarta of IOActive at Black Hat 2018 explained how a malicious hacker can seize the control os SATCOM and what he could do from there
Santamara explained that some of the largest airlines in the US and Europe had their entire fleets accessible from the Internet, exposing hundreds of in-flight aircraft. Sensitive NATO military bases in conflict zones were discovered through vulnerable SATCOM infrastructure. Vessels around the world are at risk as cyber attackers can use their own satellite communication systems antennas to expose the crew to RF radiation. The cyber security researcher said that these attacks work by connecting to the satellite antenna from the ground, through the internet, and then using security weaknesses in the software that operates the antenna to seize control. From there, the malicious actor can do whatever he wants. From disrupt, intercept or modify all communications passed through the antenna to eavesdrop on emails sent through an in-flight wifi system, or attempt to launch further hacking attacks against devices connected to the satellite network.
The SATCOM could be used also as a RF weapon to carry on “cyber-physical attacks”. But only on the ground
A cyber aggressor could also reposition the satellite antenna and sets its output at maximum power, to launch a “high intensity radio frequency (HIRF) attack”. A “cyber-physical attack”. Santamara told that “we’re basically turning Satcom devices into radio frequency weapons. It’s pretty much the same principle behind the microwave oven.” The cyber directed aggression can used to injure people or to cause physical damage to target’s electrical systems. It depends on the target and the power of the apparatus. But only on the ground. This thanks to the fact that the planes tend to be built with a significant amount of HIRF shielding. However for the cyber security expert, the consequences of the SATCOM vulnerabilities “are shocking. Essentially, the theoretical cases I developed four years ago are no longer theoretical.”