It sounds like the stuff of sky beams and science fiction because for many years it was. In movies and on TV, satellites are regularly hacked to perform dastardly deeds. But at Black Hat this week, researchers have shown a number of methods of launching real attacks against SATCOM systems. Four years ago, these attacks were merely theoretical proof-of-concepts. Today, at Black Hat 2018, they aren’t.
Ruben Santamarta, principal security consultant the security company IOActive, gave a preview of his upcoming talk on Thursday.
PCMag was on hand for the preview. Santamarta focused on three areas of investigation: aviation, maritime, and military. All three proved vulnerable to remote attack in different ways. In aviation, Santamarta was able to attack and disrupt various systems not related to keeping the aircraft flying through the sky. Digital devices carried by both passengers and crew were still vulnerable to attack and could be targeted via onboard Wi-Fi.
The maritime and military applications were more directly threatening. In maritime applications, Santamarta could either alter antenna alignments or increase the amount of power these systems consumed to the point that they began interfering with other electronic equipment. Between antenna alignment access and the ability to compromise navigational systems simply through power draw, a black hat could leave a ship adrift, unable to trust its navigation equipment.
As for military applications, the word there is grim. Santamarta was able to extract the precise GPS coordinates of every antenna he communicated with, posing an obvious danger to the location of anything with a satellite uplink. With control over both the position and the transmission power of the satellites in question, he could theoretically launch attacks against the transponders in the satellites themselves.
“It is possible to use a specific amount of power in the transmission to create a scenario where biological and electrical systems can be affected,” Santamarta explained. “This can be used to create burns if [people] are affected by the transmission of the antenna.”
Mitigation development is already well underway, but completely fixing these flaws could prove extremely difficult. SATCOM devices are often part of a fixed installation and can’t exactly be popped into a trunk for a quick trip down to the IT department.
This is rather obviously sensitive information and Santamarta stressed that he, his employer, and related government agencies had all worked together and cooperated fully in putting together both their report on the vulnerabilities and the public speech to be given at BlackHat. Obviously, certain information will be omitted from the final talk.