James Pavur, the author of the research identified that hackers can target Satellites with merely a $300 device.
Black Hat USA 2020 took place from 1 to 6 August and has brought rather interesting yet unnerving cybersecurity briefings from experts and professionals alike. A recent press release published, explains how threat actors can intercept internet traffic even if they are a continent away.
James Pavur, a researcher and doctoral candidate at Oxford University whilst speaking at the virtual event explained the vulnerability in global satellite internet communication.
Usually what happens is Satellite ISP’s have the ability to provide internet connections in far-flung areas, even where connectivity isn’t possible. This could either be a shipping fleet in the middle of the Atlantic Ocean or pilots in flight, campers in the midst of wilderness, or even observatories located in the Arctic.
BlackHat 2020: BlueRepli attack lets hackers bypass Bluetooth authentication on Android
Pavur explains in his research a critical point that makes satellite connections vulnerable to cyber attacks. When a satellite ISP forms a connection with the internet for a customer, it transmits the customer signals to a satellite in ‘geostationary orbit’ through a communication channel.
The signals are then sent down the same channel to a receiving telluric (earthbound) hub routing internet connection. In this whole chain, the response signals that are sent back ensues a broadcast transmission between the satellite and user which contains customer traffic.
Basically, the downstream signals are in the form of a wide beam that covers as many customers as possible. So, mere radio signals carrying a response to a Google search will reach the user in the midst of the ocean but can also hit an attacker’s satellite dish sitting in the other corner of the world.