Satellite hacking incidents can wreak havoc in areas ranging from terrestrial communications to military operations, oil and gas pipeline integrity, and financial markets. In this guest blog, Conrad Smith, Chief Technology Officer of SRT Wireless, explains the importance of hardening commercial satellite communications, and how SRT Wireless has implemented safeguards against hacking into the VIPturbo modem for the Thuraya satellite network.
The satellite communications industry is abuzz with concern about cybersecurity, and for good reason.
Last spring, cybersecurity advisory firm IOActive released
a much-publicized report detailing multiple vulnerabilities in a wide range of commercial and military satellite communications systems. These vulnerabilities include digital backdoors built into computer codes, hard-coded credentials that allow easy access to devices, insecure language protocols, and weak encryption of communications channels.
The firm found that these vulnerabilities could allow hackers to intercept, manipulate, or block satellite communications—in some cases even take control of the satellite itself through something as simple as a text message containing a malicious code.
“If one of these devices is compromised, the entire satellite communications infrastructure could be at risk,” the report said. “Ships, aircraft, military personnel, emergency services, and industrial facilities, which include oil rigs, water treatment plants and gas pipelines, could be affected.”
Consequences of a breached infrastructure
Satellite security breaches have been reported as far back as 1999, when a group of hackers in the south of England utilized a home computer to change the “characteristics of channels used to convey military communications, satellite television and telephone calls.”
In 2007, Tamil rebels in Sri Lanka successfully hacked a U.S. Intelsat satellite in order to send pirated radio and television broadcasts to other countries.
And in 2008, hackers gained control of the NASA Terra EOS earth observation satellite twice—for two minutes in June and nine minutes in October.
Today, commercial vendors and the U.S. government alike must embrace hardening of their satellite communications systems. An attack on global positioning systems (GPS) alone could wreak havoc on global financial systems, where stock trading systems use GPS to synchronize with each other. Even a momentary discrepancy could cause a “Flash Crash” such as the one on May 6, 2010, in which the Dow Jones Industrial Average lost nine percent of its value within minutes.
Delivering enhanced security for satellite communications
These real-life incidents illustrate the critical importance of hardening—the proofing of satellite software and communications against outside interference—particularly as attacks are increasing in both frequency and sophistication.
To guard against cyber-attacks and mitigate potential damage, SRT Wireless, a Thuraya Service Partner, hardens its satellite modems prior to deployment. As a company with more than 15 years of experience serving customers in national security and law enforcement missions, we want to bring that level of protection to commercial customers.
To be specific, our software undergoes a series of vulnerability analyzes by a third party to identify and help close off potential cyber-attack methodologies. The areas analyzed include logical vulnerabilities as well as attacks based upon malformed packets.
Added security assessments and adjustments need not mean an increase in the costs of modems. SRT’s VIPturbo modem packs more features into a smaller box at a lower price than our competitors.
The warning signs are clear, yet the solutions are available. While hardening may require new actions on the part of satellite communications providers and customers, the benefits will greatly reduce the potential for cybercrime and attacks on your operations.
For more information on SRT Wireless’s mobile satellite solutions, please visit http://srtwireless.net.