20 Jun Hackers Look To The Heavens
Cybercriminals see satellites as a new frontier
Metuchen, N.J. – Jun. 20, 2019
When I look up on a clear night into the heavens, I have to marvel at all of it; the stars, planets and even the man-made satellites plodding across the night sky. Some hackers see these same satellites as a new frontier too, but filled with vulnerabilities just waiting to be exploited.
Of the 5,000+ known satellites currently blanketing the earth’s upper atmosphere, 777 are active communication satellites. Some are for spying while others are still unidentified.
We have come to depend upon them daily, but there is much more to satellites than just GPS-based turn-by-turn directions. Satellites aid in weather prediction, Internet access, wireless phone communications, radio, TV broadcasts and the list goes on and on.
With the average cost to launch a satellite plummeting down from $400 million to only $57 million (due in large part to reusable rocket technology pioneered by SpaceX and others), we can expect the number of launches and orbits to increase substantially over the next few years. That will bring about an increase in satellite dependence for all and number of moving targets in the sky for those that wish to threaten that dependence.
At this year’s RSA, Trend Micro’s VP of Infrastructure Strategies, Bill Malik, called the range of vulnerabilities exposed on satellites “astonishing.”
Low Earth orbit and geosynchronous satellite technology are in the midst of a renaissance. SpaceX is currently slated to launch as many as 12,000 satellites and Amazon has recently joined the satellite race with their own project Kuiper which promises to launch a constellation of 3,236 satellites at various altitude levels for Internet service covering 90 percent of the Earth’s population.
While the average price per pound for orbit has fallen to only $2,500, satellites can take between 2 to 3 years to build. In security, time is measured in days not years, so future-proofing a satellite expected to orbit for many years from emerging attacks is nearly impossible. In a perfect world, security measures should be the last thing on a satellite design team’s agenda, but it is also safe to assume that all technology can and will be hacked.
Going forward, researchers should consider employing GPS-based authentication methods to make sure that hackers are not manipulating satellites by spoofing ground station commands. Modern satellites utilize encryption, but that only slows down a hacker and nothing is 100 percent secure. Security must literally be built from the ground up starting at the ground stations all the way up to each and every satellite in orbit.
So, next time you find yourself marveling at the night sky, remember that a hacker might also be marveling at that same sky but for different reasons.
Scott has presented extensively on cybersecurity and corporate espionage at conferences around the globe. He has recently overseen the development of several cell phone detection tools used to enforce a “no cell phone policy” in correctional, law enforcement, and secured government facilities. He is regularly interviewed for leading national publications and major network television stations including Fox, Bloomberg, Good Morning America, CNN, CGTN, CNBC, MSNBC and many more. He is the author of ‘Hacked Again’, his latest book as well as a contributor for Huffington Post and guest blogs regularly for Tripwire’s State of Security series. Scott also writes for Business Value Exchange, Fortune Magazine and IBM Big Data & Analytics Hub.