LOS ANGELES—A California cyber-security firm has released a report illustrating that small-dish satellite systems are at a high risk of being hacked.
IntelCrawler’s report reveals that as many as 10,500 VSATs—very-small-aperture terminals—are open to attack in the United States alone. Some of these are being used by critical infrastructure systems, including oil and gas industries.
VSATs function in networks that consist of three components: a central hub (station on earth), a satellite, and VSAT earth stations/stabilized antennas. A VSAT station sends outbound information to the satellite, whose transponder beams it back to earth to be picked up by other VSAT stations. These, in turn, transmit the data to the hub.
VSAT networks can be hacked four ways: jam, eavesdrop, hijack, and control. What these four methods of infiltration have in common is tampering with the transmission in some way. A hacker can overpower a receiver; replace a signal with another, such as by copying and altering files sent via the Internet, a.k.a. “spoofing”; or even gain control of a satellite to the extent that one can maneuver it in orbit.
It is the act of transmission which makes VSATs vulnerable. As a result, it is very important to secure VSAT networks.
But the scan performed by InterCrawler has revealed that many owners of VSATs, from utilities industries in Australia to the Ministry of Civil Affairs of China Infrastructure, have not adequately protected their satellites.
VSATs are not intrinsically vulnerable. Their levels of security, like most things, depend on how they are configured. And in many instances, including in the United States, these satellites have been configured insecurely.
Specifically, many VSAT networks still have default factory password settings, which can easily be accessed from handbooks published online. Some networks do not even require a password.
The problem is even bigger than that, however. With the availability of search engines like SHODAN, which is known as the “Google for hackers”, not to mention geolocation technologies that can physically locate vulnerable VSATs, it is easier than ever to gain control of VSAT satellites themselves.
This fact is especially concerning given that the U.S. National Security Agency used satellites to gather information on American citizens. A simple hack of a satellite could therefore expose this information to criminals, thereby threatening millions of individual Americans’ personal security.
Intercrawler has clearly revealed that VSATs can be vulnerable to hacking. But its scan also indicates that much of this insecurity can be pinpointed to human error.
In addition to the various ways administrators can make critical infrastructure more secure, including taking networks off the Internet, it would appear that one can easily protect these industries’ VSAT networks by simply instituting a password.
Absent plugging these security holes, oftentimes with common-sense measures, sysadmins risk doing nothing and subsequently allowing malicious actors to steal data or even gain control of satellites that are potentially carrying sensitive information.
David Bisson | @DMBisson
Bio: David is currently a senior at Bard College, where he is studying Political Studies and writing his senior thesis on cyberwar and cross-domain escalation. He also works at the Hannah Arendt Center for Politics and Humanities at Bard College as an Outreach intern. Post-graduation, David would like to leverage his extensive journalism experience as well as his interest in computer coding and social media to pursue a career in cyber security, both its practice and policy.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.