WASHINGTON – Security flaws in many satellite telecommunications systems leave them open to hackers, raising potential risks for aviation, shipping, military and other sectors, security researchers said Thursday.
A paper released by the security firm IOActive found “multiple high-risk vulnerabilities” in all the satellite systems studied.
“These vulnerabilities have the potential to allow a malicious actor to intercept, manipulate or block communications, and in some cases, to remotely take control of the physical device,” the report said.
Ruben Santamarta, author of the report, said he was concerned “because satellite communications are used in a variety of critical scenarios.”
He said most ships and aircraft use satellite communications, and the military also sometimes uses commercial satellite systems. If the systems are compromised, “for military communications, a foreign government or agency can target these devices and they can track the location of units and soldiers.” For aircraft or ships an attacker “can spoof data” and either block or disrupt emergency communications.
Santamarta said he had no evidence of any disruption affecting Malaysia Airlines Flight MH370, but noted that “it is technically possible” that the plane’s communications could have been tampered with.
Santamarta said the vulnerabilities were mainly in ground equipment that connects to the satellites.
“IOActive found that malicious actors could abuse all of the devices within the scope of this study,” the report said. “The vulnerabilities included what would appear to be back doors, hard-coded credentials, undocumented and/or insecure protocols, and weak encryption algorithms.”
The company began its research in 2013. In January, a security warning was issued by the Computer Emergency Response Team, a group of researchers backed by the U.S. Department of Homeland Security.
IOActive said most satellite communications vendors did not respond to the alert to upgrade their systems.
“Ships, aircraft, military personnel, emergency services, media services and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities,” the report said.