Recently, an experienced cyber security expert discovered a way to hack into satellite communications systems utilized by multiple industries. Military personnel, commercial and recreational pilots, as well as ship captains among others, are prime examples of professions that rely on satellite networks in order to communicate and transfer vital data when phone lines or wireless networks are not available.
“These devices are wide open right now,” according to Ruben Santamarta, the security consultant and expert based in Madrid, Spain with IOActive who first discovered the hole. “If someone can see the password or that user name it’s over,” went on to add. “Those vulnerabilities can be exploited to remotely compromise those devices.”
This comes at a time when the satellite communications industry continues to see steady growth, as other industries continue to rely on satellite communication in order to meet their needs. In fact, between 2008 and 2013, the U.S. satellite telecommunications industry experienced an estimated a growth of 3.4% per year. Additionally, the satellite telecommunications industry continues to boom, and generates a whopping $6 billion in revenue annually, while employing an estimated 14,301 workers.
Santamarta claims to have used reverse engineering, or decoding, in order to hack satellite communications equipment utilized in the aerospace, maritime and military industries to name a few.
Military personnel use satellite terminals for combat units. The radio transmissions sent are normally encrypted in order to prevent interception. However, Santamarta has discovered a way to distrupt the satellite communication channels, potentially preventing combat units from sending vital data, such as requesting back up while they are under attack.
In the maritime sector, satellite communications technology is used in order to send and receive vital information which can affect the safety of the staff, crew, and passengers. for example, if the vessel is experience some form of distress, such as a fire, or even a terrorist attack, they can transmit a distress call in order to ask for help. However, Santamarta has discovered a way to to modify the firmware, preventing the crew from seding a distress signal or call.
In the aerospace industry, Santamarta discovered a way to disrupt satellite communications by modifying the data going through certain channels. However, in some instances, physical access is necessary in order to compromise the device, whereas some require nothing more than a wireless connection.
Though Santamarta has discovered vulnerabilities in several satellite communication systems, it’s still important to note how necessary these systems are. These loopholes give security analysts the opportunity to further refine and fortify existing communication systems.