Hacked Satellite Systems can Launch Microwave-Like Attacks, Expert Warns

A cybersecurity researcher has pointed out, at the Black Hat conference in Las Vegas, that if hackers lay hands on the satellite systems used by ships, planes etc, they could use the same to carry out microwave-like attacks.

The researcher, Ruben Santamarta, has clarified that such satellite systems, which are used by ships, planes and the military to connect to the internet, are vulnerable to cyberattacks; hackers can hijack these systems and turn the satellite antennas into weapons that would operate like microwave-ovens and then carry out “cyber-physical attacks” using them.

The Guardian reports- “According to research presented at the Black Hat information security conference in Las Vegas, a number of popular satellite communication systems are vulnerable to the attacks, which could also leak information and hack connected devices. The attacks, which are merely a nuisance for the aviation sector, could pose a safety risk for military and maritime users, the research claims.”

The report further says-“Ruben Santamarta, a researcher for the information security firm IOActive, carried out the study, building on research he presented in 2014. “The consequences of these vulnerabilities are shocking,” Santamarta said. “Essentially, the theoretical cases I developed four years ago are no longer theoretical.””

In the words of Ruben Santamarta, “Some of the largest airlines in the US and Europe had their entire fleets accessible from the Internet, exposing hundreds of in-flight aircraft. Sensitive NATO military bases in conflict zones were discovered through vulnerable SATCOM infrastructure. Vessels around the world are at risk as attackers can use their own SATCOM antennas to expose the crew to RF radiation.”

Hackers would connect to the satellite antenna from the ground, through the internet; they would then spot and exploit vulnerabilities in the software that operates the antenna to gain control of the antenna. Once this is accomplished, the hackers can do all kinds of mischief. They could intercept, disrupt and modify all the communication that passes through the antenna that’s in their control. They can eavesdrop on emails sent through an in-flight wifi system. They can plan and launch new hacking attacks targeting systems or devices that are connected to the satellite network they have taken control of.

There are instances when risk is critically high. The Guardian report explains this- “In the case of the military, for instance, the attack also exposes the location of the satellite antenna, since they usually need an attached GPS device to function. “If you can pinpoint the location of a military base, that’s a safety risk,” Santamarta noted, “but not for a plane or a ship”, whose locations are generally public.”

It further says- “Both military and maritime users are also at the risk of what Santamarta described as “cyber-physical attacks”: repositioning the antenna and setting its output as high as it will go, to launch a “high intensity radio frequency (HIRF) attack”.”

Using the same principle that works for microwave ovens, SATCOM antennae are turned into radio frequency weapons. Hackers can, as said earlier, launch HIRF attacks, which could cause physical damage to electrical systems. Since planes are mostly built with HIRF shielding, there’s not much safety risk in the aviation sector.

The Guardian report observes- “Following the research, IOActive worked with the aviation industry to ensure that affected airlines are no longer exposing their fleets, and passengers, to the open internet. But while the company reported the issues with the maritime and military uses of satellite technology to US and EU regulators, it has not received any further information about fixes.”