Hacking…. Hacking Satellites.?

Space is open for business. In recent years we have seen the explosion of private corporations, governments, academia, and hobbyists engaging in space research and development. These organizations are moving faster than ever before. The original space shuttle took about 14 years to design and build before it was operational (which is pretty dang fast actually), but this shuttle design was used for the next 40+ years (up until the cancelation of the Space Shuttle program in 2011). 21st century spacecraft design is much quicker. SpaceX for example has created the Falcon I, Falcon 9, Falcon Heavy, and Starship (currently in development) all since 2002 when it was founded. While these rockets certainly share similarities, the point is that just this one company has designed four different models, and there are many more companies, governments, and organizations that are entering the realm of space.  Furthermore, the development of miniature satellites has exploded in the past twenty years. As I wrote about in my last blog post, anyone can launch a CubeSat (miniature satellite) to space if they get a good team, create a good design, and a good proposal. People ranging from middle schoolers to corporations have launched these miniature satellites to space. 

This exponential increase of involvement in space development and research is incredible, but it also poses many issues that need to be further explored to prevent potentially great destruction and even loss of human life. Many of these satellites (as I will explore) are sent up into space with little to no security. They are vulnerable to cyber hacking, and serious damage can be inflicted if a satellite is hijacked in space. For example, one rogue hacker could jam a locking mechanism and sensor in the docking system on the International Space Station. This could result in an inability for the spacecraft to dock (which would be bad) or even worse it could cause a failed docking, pressurization, and explosion of the International Space Station. Furthermore, many modern satellites have propulsion built in, hence a rogue hacker could take control of it, drive it off course and cause a catastrophic collision in space. Astronauts’ lives are literally at risk here. Even if these extremes never happen, there is a real threat of people hijacking satellites and causing harm through intercepting sensitive data, jamming communications, or using the satellite to further hijack other satellites nearby.

While these ideas may seem far-fetched, these threats to space systems are very real. In 2015 two researchers, Schneider and Sec, successfully hacked into Iridium satellites. Iridium Communications Network is a voice and data provider that provides services through their satellite constellation consisting of 66 Low-Earth-Orbit (LEO) satellites. It took these two guys about a month to start intercepting traffic from the Iridium satellites, although as they said in their 2015 presentation the only challenge they really had was spotting the frequencies being intercepted as they are very small and fast (about 8ms long signals).

They were able to intercept traffic using their “rad1o badge” which is basically just a Raspberry Pi that contains a full-featured software defined radio transceiver. Using this and a PCB antenna they were able to collect 22% of all the packets you can receive with a proper Iridium antenna. They were able to receive up to 50% of pager message channel traffic using a commercial Iridium antenna. It’s also worth pointing out that they also were able to intercept traffic using a DIY antenna and build that cost about $55.

It took them about a year to reach the point where they could consistently intercept Iridium traffic and decode it, as it took them some time to figure out the frequency shifts the satellites were using.

This should be extremely concerning to you. Two guys, with basically a Raspberry Pi and an antenna were able to figure out how to hack into a satellite constellation in less than a year. It’s also worth noting that the largest user of the Iridium network is the Pentagon. This would make one think there is good security on the satellites, but as Sec described, the Iridium satellite network has no security. They do not encrypt their traffic; they basically rely on frequency shifts, which is not a valid form of providing message confidentiality. 

“The problem, isn’t that iridium has poor security. It’s that it has no security” – Sec

Given how easy it was for these two guys, a government agency with billions of dollars at their disposal and thousands of employees could completely infiltrate satellite networks, and this is a very serious issue. This threatens potentially billions of individuals’ private information. Satellite companies need to take a serious look into their systems before launching their satellites into space. We are currently using a “if it breaks then we will fix it later” security mindset, but this needs to be changed if we are to ensure a private uncensored satellite internet access and communication system to anyone in the world.

If this interests you, I would recommend watching their full presentation in 2015 where they intercept Iridium traffic live on-stage; it’s pretty cool:

Good article on Iridium satellite hacking:

https://www.vice.com/en_us/article/bmjq5a/its-surprisingly-simple-to-hack-a-satellite

Iridium repo:

https://github.com/muccc/iridium-toolkit

Talk of creators explaining Iridium hacking toolkit (and cool live demo)

Satellite Tracking:

http://www.satflare.com/home.asp

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: