Hacking a Satellite is Surprisingly Easy

Caroline Haskins, writing for The Outline: Hundreds of multi-ton liabilities -- soaring faster than the speed of sound, miles above the surface of the earth -- are operating on Windows-95. They're satellites, responsible for everything from GPS positioning, to taking weather measurements, to carrying cell signals, to providing television and internet. For the countries that own these satellites, they're invaluable resources. Even though they're old, it's more expensive to take satellites down than it is to just leave them up. So they stay up. Unfortunately, these outdated systems makes old satellites prime targets for cyber attacks. [...]

A malicious actor could fake their IP address, which gives information about a user's computer and its location. This person could then get access to the satellite's computer system, and manipulate where the satellite goes or what it does. Alternatively, an actor could jam the satellite's radio transmissions with earth, essentially disabling it. The cost of such an attack could be huge. If a satellite doesn't work, life-saving GPS or online information could be withheld to people on earth when they need it most. What's worse, if part of a satellite -- or an entire satellite -- is knocked out of its orbit from an attack, the debris could create a domino effect and cause extreme damage to other satellites.

I could find no evidence for the claim about Win95

[UnknowingFool]

I read the article and while it makes the claim about Win95, it doesn't go into detail about it or support it with facts. I find that claim somewhat incredulous as most satellites would never use a GUI based desktop OS. Maybe some control systems on the ground use Win95 and have ever been updated.

I would agree with the basic premise that many satellites especially older ones are not hardened against cyber attacks.

Re:Security / Jamming

[Strider-]

Naw, the vast majority of commercial communications satellites are still dumb bent-pipe repeaters. There's no security on them, save for nulling antennas and similar techniques.

I used to work for a company that built flyaway VSAT systems, so I know this stuff pretty intimately. A number of years ago, SES Americom (one of the big operators in North America) called me up for help in locating a wildcat transmitter that was causing interference with one of their birds. They called us because they knew we built stable, small aperture uplink terminals that could be a useful reference. Basically they had me transmit a known narrow-band signal at high power, then used that and my sidelobes as a reference to find the offender. After a weekend of doing doppler locating, they tracked it down to about a 1 x 2 mile ellipse, east of Detroit. Their suspicion was that it was a HughesNet terminal, probably on a gas station, that had gone bad.

Re: Say what?

This whole article is complete bullshit. Of course satellites do not run Windows 95. GPS satellites alone have existed for longer than that.

Wtf Slashdot?

Probably just ground control stations use Win95

[bigmacx]

There's noo way some satellite up there is actually running Windows 95 for anything on the the satellite hardware itself. I'm not believing that.

But I will believe there might be ground control workstations running Windows 95 for some function due to having custom software developed on it or a hardware device/card that cannot be moved to a newer version of Windows.

I know of all kinds of customer sites with Win95 workstations still in use. These are for specialized applications like manufacturing machine control or scientific test tools. They either keep them completely off the network and block all USB ports, etc, OR they use a very discrete localized network.