How vulnerable is satellite broadband?

Cyber communications are vulnerable to both cyber-attack and kinetic attacks on physical infrastructure, with satellites potentially at risk says new report.

How vulnerable is satellite broadband?
How vulnerable is satellite broadband?

“A significant danger to cyber-space may come from outer space in the form of kinetic weapons that attack vital satellites” reports SIGNAL magazine, the official publication of AFCEA (Armed Forces Communications and Electronics Association) in an article entitled Anti-satellite Weapons Pose Major Cyber-threat.

The story reflects an earlier SC report on a presentation by Ruben Santamarta, principal security consultant at IOActive Security Services, at 4SICS where he demonstrated the vulnerability of satellite navigation systems and how to hack a satellite.

In an email to SCMagazineUK.com, Santamarta questions whether we underestimate the need for, and potential fragility of satellite communications (satcoms) — a vital component for aircraft, maritime vessels, oil rigs, military operations and even financial markets. “Maybe we tend to focus our attention on the common terrestrial communication infrastructures where most of the attacks happen,” he suggests.

However, he notes, certain areas of satcom networks and infrastructure are easier to threaten than others. “Satcom equipment used in the ground segment, especially those devices such as terminals used on board aircraft, vessels or vehicles, are more exposed to attacks,” he says. This doesn't mean other components are free of vulnerabilities. “The lack of security culture in some products is usually a consequence of not thinking your products will become a valuable target at some point,” Santamarta suggests. “We have seen these problems in the industrial world. Actually, the situation is totally the opposite. Industrial control systems and satcom devices are a very valuable target for different actors.”

Simon Bull, senior consultant with specialised satcoms consultancy Comsys, agrees that areas of a network could be threatened, although actual transmissions are harder to attack without access and insight. “[Satellite broadband provider] Hughes has always encrypted all its outbound traffic,” he points out. In addition spread spectrum transmission, often used by the military, while less efficient, is also much less vulnerable to jamming.”

Ironically, Bull says, there's a more prosaic threat to security that may be equally serious: unlike ground-based fibre-optic systems, radio spectrum used by satellites is limited. “Interference is a problem the industry deals with generally and it's getting worse all the time as more people crowd into spectrum,” he says.

Vendors, meanwhile, are showing more interest in the security of their systems. A recent whitepaper by Santamarta cites multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. However, he says, “Some of them [vendors] have taken these threats seriously and are responding accordingly. Fortunately several important companies and public institutions, that rely on satellite communications for their operations are demanding more security and information about these attack scenarios.”

Direct military attack, by contrast, would be not only highly visible but difficult. Bull points out that geostationary satellites, tens of thousand of kilometres above the earth's surface, could only be reached by weapons fired from other satellites. However, the SIGNAL article notes that “nearly all satellites have dual civilian and military modes”, and Bull suggests that LEO and MEO (low or medium earth orbit) satellites involved in navigation, communications and reconnaissance and tactical targeting missions could be threatened. Indeed, he says, “GPS, [satellite constellations] Iridium and O3b, Earth Observation and all the surveillance systems are in lower earth orbits. In theory you could bring those down with a rocket. In fact if you knocked out one of Iridium's 66 satellites that might be all you need: the debris will take out part of the orbital arc.”

For now, however, both Bull and Santamarta would advise more focus on the cyber-protection side. As Santamarta says: “The chance of a cyber-attack against satcom infrastructure, involving vulnerabilities and malware, is more feasible than physical destruction of satellites.”