The Dismal State of SATCOM Security

← Back to Stories (view on slashdot.org)

The Dismal State of SATCOM Security

Posted by timothy on Thursday April 17, 2014 @03:40AM from the my-sputnik-or-yours dept.

An anonymous reader writes "Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive found while analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals does not include only design flaws but also features in the devices themselves that could be of use to attackers. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability; just sending a simple SMS or specially crafted message from one ship to another ship would be successful for some of the SATCOM systems."

54 comments

Min score:

Reason:

Sort:

Tell us MORE! by Anonymous Coward · 2014-04-17 03:44 · Score: 0, Troll

Keep telling us! More Please! Again! Remind those that may have missed this before how any simpleton can hack satellites. Please, you're doing the entire
world a great service by restating what everyone wants no one to know. Like this HELPS in any form? Do you really think that the 'good guys' are going to listen to YOUR great words of, well, repetition?
1. Re:Tell us MORE! by Bugamn · 2014-04-18 02:54 · Score: 1
  
  So you believe in security through obscurity, right?
Encryption by drizuid · 2014-04-17 03:49 · Score: 1

so, just like your data communications in your house, if you don't want someone eavesdropping on your conversation toss a type1 encryption device in front of it, like every other security conscious satcom user.
1. Re:Encryption by Anonymous Coward · 2014-04-17 04:11 · Score: 2, Informative
  
  That won't protect you from denial of service attacks.
  And in quite a lot of the use cases, the reaction won't be "Bummer, can't get to slashdot" but will be:
  - "Bummer, can't warn the train driver there are boulders on the rail"
  - "Bummer, can't contact search and rescue and the ship is sinking"
  - "Bummer, can't contact HQ and request Air support to help with these guys shooting rpgs on my convoy"
  Note: Substitute "Bummer" with appropriate four letter word.
  Also,
  type 1 encryption devices won't be available to most users (certainly not to civilians outside the US).
2. Re:Encryption by Anonymous Coward · 2014-04-17 04:40 · Score: 0
  
  so, just like your data communications in your house, if you don't want someone eavesdropping on your conversation toss a type1 encryption device in front of it, like every other security conscious satcom user.
  not everybody can get access to type1 encryption devices...
3. Re:Encryption by K.+S.+Kyosuke · 2014-04-17 04:49 · Score: 2
  
  Be a contrarian - go for Type i encryption devices!
  
  --
  Ezekiel 23:20
4. Re:Encryption by X0563511 · 2014-04-17 05:16 · Score: 1
  
  Or, one could fall back on terrestrial radio for all of these examples...
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
5. Re:Encryption by GarethIwanFairclough · 2014-04-17 06:08 · Score: 1
  
  In my experience in the military, satcom IS the backup for the radio. In fact, we were told only to use satcoms as a last resort due to a lack of encryption.
ignorance was bliss by Anonymous Coward · 2014-04-17 03:50 · Score: 2, Insightful

Isn't it great how security went from a concern, to an afterthought, to completely irrelevant over the span of twenty years? Only to be magically resurrected as a hot button issue of worldwide concern for every other news story for arguably the next 5 years. And all because big corps, with all their endless offshoring, cost cutting, profit seeking, litigation circumvention, and merciless assault on tax avoidance will continue to skip to the loo with endless payrolls, blaming all of this all the while on "outside forces". It makes me feel like IT Security is as fun a joke in the boardroom as GAAP. We don't even have a real ruling body anymore according to IETF sources. Is there anything that isn't a mucked up mocked up half assed attempt at stopping this all?
1. Re:ignorance was bliss by Lumpio- · 2014-04-21 23:02 · Score: 1
  
  Huh? Security was completely irrelevant at some point in the recent past? When exactly?
Re:SATCOM or Ship-to-Ship? by Anonymous Coward · 2014-04-17 03:56 · Score: 0

Not nearly as interesting as a conversation with this guy.
Aren't those guys rocket scientists? by johnjaydk · 2014-04-17 03:57 · Score: 1

You would have thought people who made satellites were, like rocket scientists. Not drunken lemmings.

--
TCAP-Abort
1. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 04:07 · Score: 0
  
  Their focus is more on keeping something in orbit at 18,000 miles an hour, 24 hours a day, so you can yammer on about them being idiots to social media.
2. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 04:10 · Score: 1
  
  Not saying I'm representative of the whole group, but I'm a rocket scientist, and I'm pretty pants at information security.
3. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 04:11 · Score: 0
  
  Rocket scientists and rocket engineers design (and sometimes help with the building and operation of) the rockets that launch the satellites. Companies that own the rockets are generally willing to launch whatever a legal entity that pays their large fee wants launched unless a government tells them "no, we're not letting you launch that." Unless the communications satellite has rockets of its own, odds are slim that rocket scientists will be involved in its design.
4. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 04:29 · Score: 0
  
  It seems your peers at NASA are equally shitty at security, so no reason for you to feel bad.
  NASA basically is hacked by everybody who wants to. An enromous "mart" for anybody who wants to start an ICBM capability, bascially.
5. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 04:37 · Score: 0
  
  So how's your ICBM coming, poseur?
6. Re:Aren't those guys rocket scientists? by cusco · 2014-04-17 04:42 · Score: 3, Insightful
  
  The problem is that reliability has always been considered as paramount in these devices, for very good reasons, and inserting a security layer in the stack increase the likelihood of problems and increases their complexity. There are satellite phones out there which have been in almost continuous use for 15 years, good luck flashing that firmware to handle encryption or to obfuscate that hard-coded password. For most satellite communications users I don't foresee the situation changing any time soon. They guy running a gold dredge in the upper Amazon isn't going to want to cough up for a new phone when his current one has been working fine for the last decade, nor is the tribal chief in New Guinea or the crab boat captain in the the Bering Straight. What they have works, and they don't give a shit whether the phone can be hacked as long as it works when they really need it. The commodities speculator in his Lear jet might be concerned, let him pay for the system upgrades, but leave the rest of the system backwards compatible for those people who need reliability overall.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
7. Re:Aren't those guys rocket scientists? by ColdWetDog · 2014-04-17 04:52 · Score: 1
  
  Even rocket scientists have managers. And managers have VPs and VPs have to talk to the CEO about shareholder value.
  As always, shit rolls down hill.
  
  --
  Faster! Faster! Faster would be better!
8. Re:Aren't those guys rocket scientists? by Anonymous Coward · 2014-04-17 05:04 · Score: 0
  
  You are a fucking idiot.
9. Re:Aren't those guys rocket scientists? by johnjaydk · 2014-04-17 05:13 · Score: 1
  
  Not saying I'm representative of the whole group, but I'm a rocket scientist, and I'm pretty pants at information security.
  Getting them up there and not having them fall down is not half bad. I still try to keep my kerbals from blowing up. But seriously, at least accept that info-sec is important. There might be a business case in not being totally p0wnd.
  
  --
  TCAP-Abort
10. Re:Aren't those guys rocket scientists? by X0563511 · 2014-04-17 05:18 · Score: 1
  
  I'd think most expensive satellites have some form of thruster on them for retasking, station adjustment, and debris avoidance...?
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
11. Re:Aren't those guys rocket scientists? by dave562 · 2014-04-17 09:43 · Score: 1
  
  I know you are kidding, but the scientists who are putting the satellites into orbit are not the same group as the engineers who are designing the satellites in the first place.
12. Re:Aren't those guys rocket scientists? by Joe_Dragon · 2014-04-17 10:14 · Score: 1
  
  crab boat captain in the the Bering Straight boat upkeep is noting next to the cost of a new sat phone
13. Re:Aren't those guys rocket scientists? by cusco · 2014-04-17 10:24 · Score: 1
  
  No, but just because it won't bankrupt him doesn't mean that he wants the annoyance of buying, setting up and learning a new (and more expensive) system that may well not be as reliable as the old one. My dad bought one of the first consumer-level Lowrance fish finders on the market. He used it until he couldn't fish any more, even though there were "better" models on the market. Why buy a new one when that one did exactly what he wanted exactly the way he was used to it?
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
Re:SATCOM or Ship-to-Ship? by Anonymous Coward · 2014-04-17 04:03 · Score: 0

There are alot of guys who do it. One of the best was Ivan Artner, and he suspiciously died in a motorcycle accident.
They will take it seriously by Chrisq · 2014-04-17 04:06 · Score: 0

They will take it seriously when someone pwns a communications satellite.
1. Re:They will take it seriously by janoc · 2014-04-17 04:31 · Score: 2
  
  Which is happening routinely. Many older birds don't require any authentication nor anything - they simply retransmit whatever they hear on one frequency on another one: http://spectregroup.wordpress....
  And those are US NAVY (!!!) satellites!
  Doing that with Iridium or Inmarsat hardware is a bit more complex, because the protocols are mostly digital, but not impossible neither.
As a SATCOM professional... by DeTech · 2014-04-17 04:06 · Score: 3, Informative

LDR services like Inmarsat were never meant to be secure. Now if this was about AEHF that would be news.
1. Re:As a SATCOM professional... by DigitAl56K · 2014-04-17 04:28 · Score: 1
  
  LDR services like Inmarsat were never meant to be secure. Now if this was about AEHF that would be news.
  I'm pretty sure they're meant to be at least secure enough that Joe Shmoe couldn't take them over with a text message or a known hardcoded credential. Well, unless you can point someone at this list of vulnerabilities and say "it's not meant to be secure", and still make your sale, of course.
2. Re:As a SATCOM professional... by DeTech · 2014-04-17 04:37 · Score: 2
  
  Well, unless you can point someone at this list of vulnerabilities and say "it's not meant to be secure", and still make your sale, of course.
  That of course is the kicker. The customer base for Inmarsat and Iridium is not the SHIELD/HYDRA community the OP has in his head. This is more the western union /pay-as-you-go-phone crowd.
3. Re:As a SATCOM professional... by jratcliffe · 2014-04-17 04:43 · Score: 1
  
  Iridium's largest customer (by far) is the US DoD.
4. Re:As a SATCOM professional... by DeTech · 2014-04-17 04:53 · Score: 1
  
  yes. but look at what they use it for.
5. Re:As a SATCOM professional... by Anonymous Coward · 2014-04-17 05:38 · Score: 0
  
  TFA shows that BGAN was marketed to the military for use on the secure network.
6. Re:As a SATCOM professional... by Anonymous Coward · 2014-04-17 07:37 · Score: 0
  
  Yes, it was. That said, it doesn't rely on the default security model, which is virtually nonexistent.
Why would you think otherwise? by mveloso · 2014-04-17 04:26 · Score: 2

Anyone talking on a sat phone is by definition interesting to the government - any government. Why would you think that these would be secure?
OSS security debate by janoc · 2014-04-17 04:27 · Score: 3, Interesting

Wasn't it just yesterday that someone has posted a flamebait summary about the Heartbleed bug changing the "Open source is safer" discussion?
This is a great evidence of what happens when you rely on security by obscurity in proprietary software. Nobody is forced to fix things, sloppy coding is the norm and there are backdoors galore ...
Unfortunately, the bad guys laugh, the vendors play ostrich with the heads in sand and everyone else is suffering the consequences ...
Timothy, please edit before posting... by Em+Adespoton · 2014-04-17 04:28 · Score: 1

"Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive found while analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals includes not only design flaws, but also device features that attackers could leverage. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability; sending a simple SMS or specially crafted message from one ship to another ship would be enough to compromise some of the SATCOM systems."
Took 30 seconds, and makes the summary actually make sense.
Satellites? Vital? by Anonymous Coward · 2014-04-17 04:42 · Score: 0

Maybe in the 60s and 70s. Then people figured out what ~250ms of RTT costs and figured undersea cable was worth the investment. Satellite is mainly for:
1. Backup links when undersea cables are too congested to survive.
2. Sat phones which typically use LEO satellites and is really only viable if there are no other alternatives. I'll lump fixed basestation Internet access here as well, even though they're often geostationary satellites.
3. TV broadcast where latency doesn't matter.
The idea that you pick up a cell phone and the camera instantly pans to a beeping satellite and then down to who you're talking to is a great movie effect, but has little bearing on reality.
1. Re:Satellites? Vital? by Anonymous Coward · 2014-04-17 05:43 · Score: 0
  
  Satellite is mainly for:
  1. Backup links when undersea cables are too congested to survive.
  This is a ridiculous speculative statement. You have no idea what you're talking about, really none.
  
  2. Sat phones which typically use LEO satellites and is really only viable if there are no other alternatives.
  Again you are flat wrong. Please see Wikipedia's article on "Satellite phone" for basic clue, but Inmarsat BGAN and Thuraya are the two relevant systems, and they're both geostationary and both cheaper than roaming.
2. Re:Satellites? Vital? by Anonymous Coward · 2014-04-17 08:37 · Score: 0
  
  Cheaper than roaming in what world? BGAN is shockingly expensive.
Brazil and US Navy Satellites by Anonymous Coward · 2014-04-17 04:48 · Score: 1

Hijacking satellites has been going on for some time. There is this story from Strategy Page:
-----
Brazil and the U.S. have been arresting people who have been illegally using obsolete, but still functioning, U.S. Navy FLTSATCOM communications satellites. The FLTSATCOM (Fleet Satellite Communications System) were eight communications satellites launched between 1978-89. Two of the launches failed, and FLTSATCOM was replaced by the UFO in the 1990s. Although the FLTSATCOM birds were built to last for seven years, two of them are still operational twenty years later.
As the navy stopped using FLTSATCOM in the late 1990s (shifting over to the more efficient UFO satellites), ham radio users in Brazil discovered that the FLTSATCOM satellites had no security on them. If you knew the frequency and had a satellite dish, you could send a signal to the FLTSATCOM satellite, that would then automatically be rebroadcast by the satellite over a wide area below. While the navy sent encrypted messages (which sound like static, for anyone picking it up below on ham radio gear), the Brazilians found that they could simply use FLTSATCOM to communicate over a wide area (the interior of the country) that lacked telephones. FLTSATCOM birds had multiple transponders, making several simultaneous conversations possible. There was no security because, back in the 1970s,the remote possibility of homemade satellite dishes using FLTSATCOM, did not seem to warrant the additional hassle of adding passwords to transmit from the satellites.
--------
https://www.strategypage.com/dls/articles/U.S.-Navy-Satellites-Hijacked-5-31-2009.asp
Re:SATCOM or Ship-to-Ship? by ColdWetDog · 2014-04-17 04:50 · Score: 1

You don't need a giant dish. You see those Iridium handsets? That's all that you need. The newer ones fit in a cargo pocket.

--
Faster! Faster! Faster would be better!
Beta Sucks by Anonymous Coward · 2014-04-17 05:03 · Score: 0

You, uih, missed the whole 'anything mobile that may be out of range of a cell tower' thing.
Paging Bob Cooper by Anonymous Coward · 2014-04-17 05:41 · Score: 0

... and that guy/guys who broadcast that Max Headroom bit back in the 80s!
Uh no by jon3k · 2014-04-17 06:36 · Score: 1

> Anyone talking on a sat phone is by definition interesting to the government - any government.

Uh, no. I live on the coast and every big (especially charter) fishing boat has sat phones. Most of it the conversations are: "Yes honey I'm still at the office looks like I'm going to be REALLY late".
1. Re:Uh no by tirefire · 2014-04-17 08:02 · Score: 1
  
  Not just fishing boats, but people in Alaska, Nevada's Great Basin, The Northwest Territories...
Unique conditions and needs by KaLeVR1 · 2014-04-17 10:07 · Score: 1

There are a couple of factors that are worth considering. Unlike fiber or coax transport systems, satellites are usually used for very long distance communications. Because of this, it is quite frequent that your link will terminate in another country or even continent. This will make standards compliance and procurement a challenge from day one since you can't guarantee everyone has access to the same equipment.
Secondly encryption standards have to be agreed upon and quite often, equipment from different manufacturers can't be cross-utilized, so you can't just assume that off-the-shelf crypto will be an option to everyone who will participate.. This means everyone has to agree what to use in advance, which could lead to still other challenges. So it's not as easy as the question implies.

--
Peace, K1
Re:WTF! Republicans don't make a damn bit of sense by Anonymous Coward · 2014-04-17 19:09 · Score: 0

I think the Apache Foundation only hired illiterate morons. It's like the Apache people just string random words together.
Who would've thought? by Lumpio- · 2014-04-21 22:55 · Score: 1

A big ancient expensive government-backed system is full of security flaws.