Hacker Cracks Satellite Communications Network

Small+satellite+terminals+(VSAT)+are+vulnerable+to+Cyber+attack.gif

Small satellite terminals (VSAT) are vulnerable to Cyber attack.

A researcher says he can eavesdrop on, and even alter, data flowing through a satellite network operated by Globalstar, which provides communications services and equipment to militaries, oil companies, and many other organizations. “I can say with 100-percent confidence I did inject data back into the network,” Colby Moore, who works for a network security company called Synack, told reporters at the Black Hat cybersecurity conference.

Many organizations use Globalstar products to monitor assets in remote locations — say, equipping a fleet of trucks deep in the wilderness with satellite modems that periodically send their locations and operating conditions back to headquarters. The modems use the STX3 transmitter chip to send the data up to Globalstar’s orbiting Simplex constellation, where it is sent around the globe and back down to the proper ground station.

The STX3 doesn’t encrypt the data before it sends it. For less than $1000, Moore bought a simple software-defined radio system and a few other components to assemble a transceiver that allowed him to sniff the data as it headed into space.
He discovered that not only could he read the GPS coordinates that told him exactly where the GlobalStar-equipped assets were, but he was able to add his own fake information to the stream.

So far, he’s only been able to hack the uplink, not the downlink, but the data is the same, so stealing from the downlink doesn’t present a particularly tough challenge, he says. Moore said he told company officials about the vulnerability more than a month ago. He says they responded with concern, said Moore. 

How big a problem is this? If you rely on Globalstar’s Simplex network, your communications may be far more naked — and changeable — than you realize. A lot of military personnel use satellite phones and satellite tracking to communicate back home from dangerous deployments. Oil and gas companies use satellite-based geo-tracking to keep tabs on multimillion-dollar oil shipments. A lot of aviators use satellite tracking to reassure air traffic control that their plane isn’t deviating from course. Journalists and relief workers operating in dangerous locations often use satellite tracking so that they can be found in case they are kidnapped or go missing.

So what if an outsider can change your data in transit? Consider how the military might react if a small private plane appeared to be deviating from its flight path, making a beeline toward the White House. Or how the Navy might react if supertankers in the Strait of Hormuz suddenly vanished. Or how the Army might react if an enemy somehow knew just where to find U.S. soldiers lying in wait.

Globalstar has responded to repeated media inquiries with a statement offering assurance (but no real proof) that the situation was largely under control “Our engineers would know quickly if any person or entity was hacking our system in a material way and this type of situation has never been an issue to date. We are in the business of saving lives daily and will continue to optimize our offerings for security concerns and immediately address any illegal actions taken against our company.”

Then there are the vulnerabilities in infrastructure. Globalstar’s satellite tracking is “used heavily in [supervisory control and data acquisition] systems, water pipeline monitoring,” said Moore. And in June, the company announced that they would integrate its services with Lockheed Martin Flight Services to provide satellite location data to non-commercial pilots.
It’s not immediately clear just how many militaries rely on the company’s Simplex network. Pentagon officials could not immediately respond to requests for comment. But Spain and other NATO allies have well-publicized business contracts with the company.

Globalstar’s testimonial page offers this note from a U.S. Army captain who was operating in Iraq: “I can’t even begin to tell you what a lifeline your phone has been for us. You should know that one of my fellow soldiers was able to hear the cry of his newborn son thanks to your system. It is much appreciated.”

DefenseOne

 

« Japan: Court Rules Against Bitcoin Compensation
US Spies on EU Companies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

Andreessen Horowitz (a16z)

Andreessen Horowitz (a16z)

Andreessen Horowitz (known as "a16z") is a venture capital firm in Silicon Valley, California that backs bold entrepreneurs building the future through technology.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Veratad Technologies

Veratad Technologies

Veratad Technologies, LLC is a world class provider of online/real-time Identity Verification, Age Verification, Fraud Prevention and Compliance Solutions.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

Cyber Crucible

Cyber Crucible

Cyber Crucible is a cybersecurity Software as a Service company definitively removing the risk of data extortion from customer environments.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

Trackd

Trackd

At trackd, we’re re-imaging vulnerability remediation for the benefit of the entire cyber security community. Automating Vulnerability Remediation without the Fear of Disruption.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.

Metrics that Matter (MTM)

Metrics that Matter (MTM)

Metrics that Matter redefines how organizations approach cybersecurity by offering unprecedented insight into the value of their assets to criminals and tailored action plans to protect.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.