Hacking Satellites Is Surprisingly Simple

This site may earn affiliate commissions from the links on this page. Terms of use.

Satellites are physically quite secure orbiting the Earth, but the advent of cheaper high-power antennas makes them vulnerable in other ways. Engineers have only recently started taking cybersecurity seriously in satellite design, and as PCMag reports, that means hacking a satellite might not be as difficult as you think. Bill Malik, VP of Infrastructure Strategies at Trend Micro, calls the range of vulnerabilities exposed on satellites “astonishing.”

For a lot of the satellites orbiting over our heads, the designers never envisioned people on the ground would attempt to hijack the signal. With limited memory and processing capacity, many satellites don’t even use data encryption. For example, the Voyager 1 probe would have to crunch bits for six days just to set up an SSL link. This is something engineers have to keep in mind as low-power devices like CubeSats become more common.

Malik showed the audience at the recent RSA conference several known attacks on NASA systems, some of which focused on satellites. For example, an attacker could access the systems on the Hubble Telescope and open its camera hatch while pointed at the sun, destroying the sensitive optics. They could also use the solar panels to blow out the batteries. Many satellites are also vulnerable to jamming attacks that could disrupt important commands from ground control.

There are more satellites in orbit than ever before, and that means more objects vulnerable to hacking. In the coming years, we might rely on systems like the SpaceX’s Starlink for internet access and other vital functions. Malik stresses the need for satellite design to incorporate security at the most basic levels, but there are some changes operators can make in the short term as well.

CubeSats make is cheaper to access space, but they could be targets for hackers.

Malik suggests using frequency hops to make it harder for attackers to jam signals. In the case of GPS, ground systems should make greater use of GPS authentication to ensure the signals are authentic and not manipulated by a third-party. Thankfully, newer satellites are using encryption, but Malik stresses that is not a silver bullet. Operators still need to carefully monitor and log satellite traffic.

It is getting cheaper to launch satellites, but they’re far from disposable for most operators. Deploying a cheap but hackable satellite might not be the best call. Malik encourages businesses to consider whether a satellite is actually the best solution for a given problem. It might only cost a few thousand dollars to get a CubeSat up, but someone on the ground can set up a sophisticated antenna to hack it for much less. 

Now read:

Let’s block ads! (Why?)

ExtremeTechExtreme – ExtremeTech