Hacker Cracks Satellite Communications Network

Uploaded on 2015-08-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Small+satellite+terminals+(VSAT)+are+vulnerable+to+Cyber+attack.gif

Small satellite terminals (VSAT) are vulnerable to Cyber attack.

A researcher says he can eavesdrop on, and even alter, data flowing through a satellite network operated by Globalstar, which provides communications services and equipment to militaries, oil companies, and many other organizations. “I can say with 100-percent confidence I did inject data back into the network,” Colby Moore, who works for a network security company called Synack, told reporters at the Black Hat cybersecurity conference.

Many organizations use Globalstar products to monitor assets in remote locations — say, equipping a fleet of trucks deep in the wilderness with satellite modems that periodically send their locations and operating conditions back to headquarters. The modems use the STX3 transmitter chip to send the data up to Globalstar’s orbiting Simplex constellation, where it is sent around the globe and back down to the proper ground station.

The STX3 doesn’t encrypt the data before it sends it. For less than $1000, Moore bought a simple software-defined radio system and a few other components to assemble a transceiver that allowed him to sniff the data as it headed into space.
He discovered that not only could he read the GPS coordinates that told him exactly where the GlobalStar-equipped assets were, but he was able to add his own fake information to the stream.

So far, he’s only been able to hack the uplink, not the downlink, but the data is the same, so stealing from the downlink doesn’t present a particularly tough challenge, he says. Moore said he told company officials about the vulnerability more than a month ago. He says they responded with concern, said Moore. 

How big a problem is this? If you rely on Globalstar’s Simplex network, your communications may be far more naked — and changeable — than you realize. A lot of military personnel use satellite phones and satellite tracking to communicate back home from dangerous deployments. Oil and gas companies use satellite-based geo-tracking to keep tabs on multimillion-dollar oil shipments. A lot of aviators use satellite tracking to reassure air traffic control that their plane isn’t deviating from course. Journalists and relief workers operating in dangerous locations often use satellite tracking so that they can be found in case they are kidnapped or go missing.

So what if an outsider can change your data in transit? Consider how the military might react if a small private plane appeared to be deviating from its flight path, making a beeline toward the White House. Or how the Navy might react if supertankers in the Strait of Hormuz suddenly vanished. Or how the Army might react if an enemy somehow knew just where to find U.S. soldiers lying in wait.

Globalstar has responded to repeated media inquiries with a statement offering assurance (but no real proof) that the situation was largely under control “Our engineers would know quickly if any person or entity was hacking our system in a material way and this type of situation has never been an issue to date. We are in the business of saving lives daily and will continue to optimize our offerings for security concerns and immediately address any illegal actions taken against our company.”

Then there are the vulnerabilities in infrastructure. Globalstar’s satellite tracking is “used heavily in [supervisory control and data acquisition] systems, water pipeline monitoring,” said Moore. And in June, the company announced that they would integrate its services with Lockheed Martin Flight Services to provide satellite location data to non-commercial pilots.
It’s not immediately clear just how many militaries rely on the company’s Simplex network. Pentagon officials could not immediately respond to requests for comment. But Spain and other NATO allies have well-publicized business contracts with the company.

Globalstar’s testimonial page offers this note from a U.S. Army captain who was operating in Iraq: “I can’t even begin to tell you what a lifeline your phone has been for us. You should know that one of my fellow soldiers was able to hear the cry of his newborn son thanks to your system. It is much appreciated.”

DefenseOne

 

« Japan: Court Rules Against Bitcoin Compensation
US Spies on EU Companies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Code Decode Labs

Code Decode Labs

Code Decode Labs provides consulting for IT Technology, Cyber Security, Advanced Defense & Policing Technologies, Intelligent Networks, and Information Security.

TrustedIA

TrustedIA

TrustedIA is a cyber and protective security company. Our mission is to help businesses protect themselves from disruptive events that can impact their successful operation.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

Leidos

Leidos

Leidos is a recognized leader in cybersecurity across the federal government, bringing more than a decade of experience defending cyber interests globally.

Keeper Security

Keeper Security

Keeper is a leading enterprise password manager and cybersecurity platform for preventing password-related data breaches and cyberthreats.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Center for Information Security Awareness (CFISA)

Center for Information Security Awareness (CFISA)

CFISA was formed by a group of academics, security and fraud experts to explore ways to increase security awareness among audiences, including consumers, employees, businesses and law enforcement.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

Cybersecurity Dubai

Cybersecurity Dubai

Protect your business from cyber-attacks with Cybersecurity Dubai, your partner in online security solutions.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.