Security Expert Discovers Hole In Satellite Communications

Ruben Santamarta says satellite systems are "wide open"

View Comments (
)
|
Email
|
Print

    NEWSLETTERS

    8/18/2014: Ruben Santamarta says satellite systems are "wide open." Tammy Leitner reports for NBC 5 Investigates.

    A cyber security expert tells NBC5 Investigates he has found a way to hack into the satellite communications systems used in multiple industries.

    "These devices are wide open right now," said Ruben Santamarta, a security consultant based in Madrid, Spain with IOActive.

    Pilots, ship captains and military personnel rely on satellite networks to communicate when there are no phone lines or wireless networks available.

    "If someone can see the password or that user name it's over," he added. "Those vulnerabilities can be exploited to remotely compromise those devices."

    Santamarta said he used something called reverse engineering -- or decoding -- to hack satellite communications equipment used in aerospace, maritime and military industries.

    "In the military sector they use satellite terminals for combat units," said Santamarta. "They normally encrypt the radio [transmissions] they send. But we can disrupt the satellite communications channel so we can prevent combat units [from asking] for help if they are being attacked."

    And in the maritime sector, satellite communications are used to send and receive vital information that affects the safety of the crew.

    "If they are being attacked by terrorists, or they are suffering fire, they can send a distress call," he said. "But we found we can modify the firmware in some of those terminals, so we can prevent a crew from sending a distress call."

    Santamarta recently published a 25-page report and went public with his findings at Defcon 22 - the largest hacking conference in the world - held earlier this month in Las Vegas, Nevada.

    "For the aerospace sector we can disrupt satellite communications, [and] potentially modify the data that goes through those channels," said Santamarta. "In some cases you need physical access to compromise the devices we analyzed, but in other cases you can use Wi-Fi or the entertainment network to access that device."

    His research took place in a lab setting and has not been tested on an actual commercial plane. But his findings have raised concerns in the aviation industry.

    "He has uncovered real vulnerabilities in satellite communication systems," said Dr. Phil Polstra, a hardware hacker, security professional and digital forensics professor at Bloomsburg University of Pennsylvania. "You could use those vulnerabilities to send a bogus message."

    Polstra says that while it might be possible to send a fake message - potentially rerouting a plane -- it's unlikely a pilot would act on it.

    "You could tell an airplane to reroute or tell them there's bad weather ahead, but what you can't automatically do is take over a new airplane," said Polstra. "There are checks in place and the pilot will verify those messages before acting on them."

    As for the claim that it's possible to hack into the satellite communications on a passenger jet through Wi-Fi, aviation experts say that is unlikely.

    "If that were even plausible and if someone were able to do that, we monitor the flight's path all the time," said Captain Polly Kadolph, former pilot and aviation professor at University of Dubuque in Iowa. "So if we see the flight path doing something we don't intend or want it to do, in a half second you just click it off and it's ours -- we are just flying it like we have been flying it by hand for thousands of hours

    Captain Kadolph says humans, not computers, are the best line of defense against cyber threats.

    "One topic that the airline industry is talking about is the over reliance on automation," she said.

    As automation in planes increases, the chance of cyber hijacking does as well.

    "At this point all those vulnerabilities are really dangerous so they need to change the way they are implementing these devices," said Ruben Santamarta.

    But changes may not be happening anytime in the near future. Santamarta says IOActive contacted all of the manufacturers of the satellite communication systems where they found vulnerabilities.

    "Some of the vendors state they are not going to budge on anything," said Santamarta. "I think we need time to fix those issues."