How hackers can hijack a satellite

A computer flying hundreds or even thousands of kilometers in the sky, at a speed of tens of thousands of kilometers an hour, is nonetheless still a computer. And every connected computer has an attack surface.

Researchers, nation-states, and even ordinary cybercriminals have long demonstrated how to hijack the control and communications aspects of satellite technology. Just last year, on the day of its ground invasion, Russian hackers caused an outage for the Ukrainian satellite Internet service provider Viasat. And on Nov. 18, pro-Russian hacktivist group Killnet performed a distributed denial-of-service (DDoS) attack against SpaceX’s Starlink system, which was providing connectivity to cut-off regions of Ukraine. More recently, the Wagner Group claimed responsibility for a temporary outage at Russian Internet provider Dozor-Teleport. The group did it, supposedly, by uploading malware to multiple satellite terminals.

It’s clear that we can disrupt satellite links, but what about the satellites themselves? The firmware and software hovering up there in the sky? Arguably, they’re just as exposed.

In a presentation next month at Black Hat USA in Las Vegas, Johannes Willbold, a doctoral student at the Ruhr University in Bochum, Germany, will demonstrate how satellites can be manhandled by hackers. (Hint: It’s not that hard.)

“There’s certainly a security by obscurity there,” he acknowledges, “but apart from that, a lot of satellites are not doing anything else to prevent misuse.”

Satellites Cling to Security by Obscurity

In a paper published earlier this year, Willbold and five colleagues surveyed 19 engineers and developers representing 17 different models of satellite. Of those 17, three of the respondents admitted they had not implemented any measures to prevent third-party intrusion. In five cases the respondents were unsure or declined to comment, while the remaining nine had, indeed, implemented some defenses. Yet even some of those better cases were iffy — only five of those nine, for example, had implemented any kind of access controls.

“So many of the satellites that we looked at just straight-up had no protection against somebody manipulating the satellite, except for security by obscurity,” Willbold says.

The manufacturers can get away with it because, he says, because the sector is so cordoned-off. Industry pros have long doubled as gatekeepers, preventing both would-be attackers and security analysts from getting any kind of peek inside their machines.

Willbold and his team ran into this reality head-on. It took them four whole months to recruit those 19 survey respondents. “In general, we observed that people were very reluctant to share any details about their satellites and their security aspects,” they lamented in their paper.

The problem is that satellites are no longer quite as obscure as they might have once seemed.

What Satellites Are Made Of

“In more expensive and bigger satellites, you can imagine all kinds of very specialized, radiation-hardened hardware that is explicitly required when you go a lot further out into space,” Willbold explains.

However, the majority of satellites occupy low earth orbit (LEO), where, he says, it’s less of an issue.

“The computing hardware in low earth orbit is similar to embedded stuff on Earth, because it’s cheap and readily available,” he explains. For example, “you might find regular ARM boards, just like the regular embedded devices on Earth — the same processors made for the automotive sector.”

To read the complete article, visit Dark Reading.