Hacking Satellite Communications

Monday, February 06, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

One more to worry about is the real security of satellite infrastructures.

In a technological civilization, satellites play a vital role in the management and transmission of information of all kinds. Satellites in fact do the work in silent that we enjoy every day, but we often forget this crucial aspect of communications.

Are these powerful systems of communication actually safe? Is it sufficient just to be in orbit thousands of miles above our heads  in order to ward off the danger of an attack? In using satellites, are we sure that nobody could listen in on our communications?

Of course not! The main concern is the possibility of compromising satellite those communications in the context of warfare.

Consider that satellite communication are widely used in military applications, particularly in those regions where other communication infrastructures are insufficient or absent, like the Middle East and Africa.

Security researchers have demonstrated that satellite phones can be easily intercepted and deciphered.

It is already of enough concern any common computer can be used to hack the two encryption systems used to protect satellite phone signals, so anyone with a computer and a radio could conceivable eavesdrop on calls, and a multitude of satellite phones are vulnerable. 

With a few thousand dollars it is possible, according a researchers' announcement, to buy the equipment and software needed to intercept and decrypt satellite phone calls from hundreds of thousands of users.

The academics have summarized the threat in a single sentence: "Do not Trust Satellite Phones".

The two main standard encryption algorithms that have been compromised are known as GMR-1 and GMR-2, which are implemented by the satellite phone operators. The problem really affects only those companies that use the ETSI GMR-1 and GMR-2 encryption algorithms. 

The speed with which it is possible to decipher a call is linked to the computing power applied, but keep in mind that it is possible with suitable equipment decipher the communications in real time.

The researchers are convinced that the main problem is related to the encryption algorithms and the "security through obscurity" approach applied by attempting to use secrecy of design and implementation to provide security, and preventing the security community from testing them.

In publishing the hacking procedure proof-of-concept, the researchers hoped to prompt the ETSI organization to set new standards based on stronger encryption algorithms.

It was revealed in the past that GSM communications, an approach used to hide the algorithms for encrypting communications is certainly wrong, and represents a risk to the integrity of the overall infrastructure.

Due to this incorrect approach in the management of the algorithms, many organizations have implemented extra layers of cipher software in their satellite phones with the unintended result of increasing its vulnerability.

A consequence of the announcement is that satellite handsets with built in encryption mechanisms based on the hacked algorithms are no longer secure, which could pose a considerable threat to the business and military sectors. Hostile governments and criminals are actually able to monitor satellite phone networks on a large scale.

If the situation regarding satellite encryption algorithms is worrying, certainly the security of the satellites themselves is not any better.

A report released in 2011 named titled the "2011 Report to Congress of the U.S.-China Economic and Security Review Commission" revealed that some US operated satellites were vulnerable to attacks, and on more than one occasion attackers had taken control of the systems.

Sensitive satellite systems have been successfully breached, according to the report:

"Satellites from several U.S. government space programs utilize commercially operated satellite ground stations outside the United States, some of which rely on the public Internet for 'data access and file transfers,' according to a 2008 National Aeronautics and Space Administration quarterly report.† The use of the Internet to perform certain communications functions presents potential opportunities for malicious actors to gain access to restricted networks." 

Information regarding several attacks to satellite control systems are in the public domain, and these events have been confirmed also by The National Aeronautics and Space Administration (NASA).

Below is a brief list of events:

  • On October 20, 2007, Landsat-7, a U.S. earth observation satellite jointly managed by the National Aeronautics and Space Administration and the U.S. Geological Survey, experienced 12 or more minutes of interference.
  • On June 20, 2008, Terra EOS [earth observation system] AM–1, a National Aeronautics and Space Administration- managed program for earth observation, experienced two or more minutes of interference.The responsible party achieved all steps required to command the satellite but did not issue commands.
  • On July 23, 2008, Landsat-7 experienced 12 or more minutes of interference. The responsible party did not achieve all steps required to command the satellite.
  • On October 22, 2008, Terra EOS AM–1 experienced nine or more minutes of interference. The responsible party achieved all steps required to command the satellite but did not issue commands.

In the report, the responsibility for the attacks was assigned to China, but similar hacks can be conducted by every hostile foreign government. We must consider that compromised satellites are a serious risk, the exposure could affect communications in the business and military sectors, and also can cause the loss of sensitive and strategic technological information.

My last consideration is related to threats to satellite systems. In our imagination we make the mistake of considering only as possible sources of attacks as being foreign governments.

The proof that this view is wrong arrived in recent weeks when the group Anonymous announced that it had successfully hacked a NASA satellite The group has also published on Pastebin evidence of knowledge on NASA project.

Clearly the situation merits a high level of attention given the looming threat.

References

Cross-posted from Security Affairs

Possibly Related Articles:
23232
Network->General
Information Security
Encryption Research Hacking Vulnerabilities Exploits Standards National Security Communications Algorithms Satellites Pierluigi Paganini ETSI GMR-1 GMR-2 Landsat-7
Post Rating I Like this!
Default-avatar
Sheila Santos Congratulations for the great article, is certainly something that in the future may be compromised the security of satellites
http://alegrafesta.com.br
1406396749
Default-avatar
Kim kim Votre approche de ce poste est unique et appréciation. Je vous écris un article pour notre travail de recherche et ce post m'a aidé. Merci.
http://www.repliquemontresluxes.eu
1409634390
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.