[BreachExchange] Expert Warns that Hacked Satellite Systems Could be Used to Launch Microwave-Like Attacks

Mon Aug 13 08:12:00 EDT 2018

https://hackercombat.com/expert-warns-that-hacked-satellite-systems-could-be-used-to-launch-microwave-like-attacks/

A cybersecurity researcher has pointed out, at the Black Hat
conference in Las Vegas, that if hackers lay hands on the satellite
systems used by ships, planes etc, they could use the same to carry
out microwave-like attacks.

The researcher, Ruben Santamarta, has clarified that such satellite
systems, which are used by ships, planes and the military to connect
to the internet, are vulnerable to cyberattacks; hackers can hijack
these systems and turn the satellite antennas into weapons that would
operate like microwave-ovens and then carry out “cyber-physical
attacks” using them.

The Guardian reports- “According to research presented at the Black
Hat information security conference in Las Vegas, a number of popular
satellite communication systems are vulnerable to the attacks, which
could also leak information and hack connected devices. The attacks,
which are merely a nuisance for the aviation sector, could pose a
safety risk for military and maritime users, the research claims.”

The report further says-“Ruben Santamarta, a researcher for the
information security firm IOActive, carried out the study, building on
research he presented in 2014. “The consequences of these
vulnerabilities are shocking,” Santamarta said. “Essentially, the
theoretical cases I developed four years ago are no longer
theoretical.””

In the words of Ruben Santamarta, “Some of the largest airlines in the
US and Europe had their entire fleets accessible from the Internet,
exposing hundreds of in-flight aircraft. Sensitive NATO military bases
in conflict zones were discovered through vulnerable SATCOM
infrastructure. Vessels around the world are at risk as attackers can
use their own SATCOM antennas to expose the crew to RF radiation.”

Hackers would connect to the satellite antenna from the ground,
through the internet; they would then spot and exploit vulnerabilities
in the software that operates the antenna to gain control of the
antenna. Once this is accomplished, the hackers can do all kinds of
mischief. They could intercept, disrupt and modify all the
communication that passes through the antenna that’s in their control.
They can eavesdrop on emails sent through an in-flight wifi system.
They can plan and launch new hacking attacks targeting systems or
devices that are connected to the satellite network they have taken
control of.

There are instances when risk is critically high. The Guardian report
explains this- “In the case of the military, for instance, the attack
also exposes the location of the satellite antenna, since they usually
need an attached GPS device to function. “If you can pinpoint the
location of a military base, that’s a safety risk,” Santamarta noted,
“but not for a plane or a ship”, whose locations are generally
public.”

It further says- “Both military and maritime users are also at the
risk of what Santamarta described as “cyber-physical attacks”:
repositioning the antenna and setting its output as high as it will
go, to launch a “high intensity radio frequency (HIRF) attack”.”

Using the same principle that works for microwave ovens, SATCOM
antennae are turned into radio frequency weapons. Hackers can, as said
earlier, launch HIRF attacks, which could cause physical damage to
electrical systems. Since planes are mostly built with HIRF shielding,
there’s not much safety risk in the aviation sector.

The Guardian report observes- “Following the research, IOActive worked
with the aviation industry to ensure that affected airlines are no
longer exposing their fleets, and passengers, to the open internet.
But while the company reported the issues with the maritime and
military uses of satellite technology to US and EU regulators, it has
not received any further information about fixes.”