Airplanes, ships, oil rigs and other important forms of transport and infrastructure could be at risk from attacks on the satellite communications (Satcoms) systems used for services such as WiFi.
Principal security consultant researcher at IOActive, Ruben Santamarta, is to present a talk at this week’s Black Hat conference in Las Vegas entitled SATCOM Terminals: Hacking by Air, Sea, and Land in which he will demonstrate how this is possible.
The presentation will show all the technical details of how these attacks could happen, mainly based on “static firmware analysis via reverse engineering”, including a live demo against two of these systems, IOActive said.
“Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities,” IOActive said.
The demonstration will follow on from inititial research Santamarta revealed in April that purported to find vulnerabilities with a raft of satellite communications kit in use in a vareity of sectors, including transport and military.
“IOActive found that malicious actors could abuse all of the devices within the scope of this study. The vulnerabilities included what would appear to be backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms,” the report said.
“In addition to design flaws, IOActive also uncovered a number of features in the devices that clearly pose security risks.”
At the time IOActive also warned that despite alerting many of the vendors listed in its report to its findings, no action was taken.
“Coordinated disclosure is a basic principle of security research, particularly in such high-stakes cases. With the help of the CERT Coordination Center, IOActive initiated the process to alert the affected companies about the issues we had uncovered.
“Unfortunately, except for Iridium, the vendors did not engage in addressing this situation. They did not respond to a series of requests sent by the CERT Coordination Center and/or its partners.”