http://arstechnica.com/security/2014/04/mission-critical-satellite-communications-wide-open-to-malicious-hacking/
By Dan Goodin
Ars Technica
April 17, 2014
Mission-critical satellite communications relied on by Western militaries
and international aeronautics and maritime systems are susceptible to
interception, tampering, or blocking by attackers who exploit easy-to-find
backdoors, software bugs, and similar high-risk vulnerabilities, a
researcher warned Thursday.
Ground-, sea-, and air-based satellite terminals from a broad spectrum of
manufacturers—including Iridium, Cobham, Hughes, Harris, and Thuraya—can
be hijacked by adversaries who send them booby-trapped SMS text messages
and use other techniques, according to a 25-page white paper published by
penetration testing firm IOActive. Once a malicious hacker has remotely
gained control of the devices, which are used to communicate with
satellites orbiting in space, the adversary can completely disrupt
mission-critical satellite communications (SATCOM). Other malicious
actions include reporting false emergencies or misleading geographic
locations of ships, planes, or ground crews; suppressing reports of actual
emergencies; or obtaining the coordinates of devices and other potentially
confidential information.
"If one of these affected devices can be compromised, the entire SATCOM
infrastructure could be at risk," Ruben Santamarta, IOActive's principal
security consultant, wrote. "Ships, aircraft, military personnel,
emergency services, media services, and industrial facilities (oil rigs,
gas pipelines, water treatment plants, wind turbines, substations, etc.)
could all be impacted by these vulnerabilities."
Santamarta said that every single one of the terminals he audited
contained one or more weaknesses that hackers could exploit to gain remote
access. When he completed his review in December, he worked with the CERT
Coordination Center to alert each manufacturer to the security holes he
discovered and suggested improvements to close them. To date, Santamarta
said, the only company to respond was Iridium. To his knowledge, the
remainder have not yet addressed the weaknesses. He called on the
manufacturers to immediately remove all publicly accessible copies of
device firmware from their websites to prevent malicious hackers from
reverse engineering the code and uncovering the same vulnerabilities he
did.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
