Slashdot Mirror
Hacking a Satellite is Surprisingly Easy (theoutline.com)
Caroline Haskins, writing for The Outline: Hundreds of multi-ton liabilities -- soaring faster than the speed of sound, miles above the surface of the earth -- are operating on Windows-95. They're satellites, responsible for everything from GPS positioning, to taking weather measurements, to carrying cell signals, to providing television and internet. For the countries that own these satellites, they're invaluable resources. Even though they're old, it's more expensive to take satellites down than it is to just leave them up. So they stay up. Unfortunately, these outdated systems makes old satellites prime targets for cyber attacks. [...]
A malicious actor could fake their IP address, which gives information about a user's computer and its location. This person could then get access to the satellite's computer system, and manipulate where the satellite goes or what it does. Alternatively, an actor could jam the satellite's radio transmissions with earth, essentially disabling it. The cost of such an attack could be huge. If a satellite doesn't work, life-saving GPS or online information could be withheld to people on earth when they need it most. What's worse, if part of a satellite -- or an entire satellite -- is knocked out of its orbit from an attack, the debris could create a domino effect and cause extreme damage to other satellites.
A malicious actor could fake their IP address, which gives information about a user's computer and its location. This person could then get access to the satellite's computer system, and manipulate where the satellite goes or what it does. Alternatively, an actor could jam the satellite's radio transmissions with earth, essentially disabling it. The cost of such an attack could be huge. If a satellite doesn't work, life-saving GPS or online information could be withheld to people on earth when they need it most. What's worse, if part of a satellite -- or an entire satellite -- is knocked out of its orbit from an attack, the debris could create a domino effect and cause extreme damage to other satellites.
I'd think a satellite would want some type of RTOS for it's main system. I used WinCE some 15-20 years ago and it sucked ass, but I'd rather use it to control a satellite than I would Win95 (or a modern Linux for that matter).
Windows 95 is a consumer desktop OS? Does the author means that the control software for the satellites runs on Win 95?
I'd imagine that the satellites themselves would use a real-time or server OS i.e. QNX, NT, or a Unixoid OS. Running a desktop OS on hardware with no direct display would be stupid, and satellite engineers aren't likely to be stupid.
NT I Could See
Back in the day, NT was actually a pretty good OS, and used in a number of mission critical applications. (Including some I worked on.)
But... 95? Really?
That was certainly not MILSPEC approved for that sort of thing. And NASA had even tighter requirements and a higher specification bar.
I really suspect that the author has their facts a bit scrambled.
Check your premises.
There has never been a microsoft flight certified any thing.
And no intel stuff that i know of.
those birds were designed in the 60s for GPS and more than likely use some version of the IBM AGC for the apollo missions.
Linux modi 2.6.26-2-parisc
What do you want to bet that "Caroline Haskins, writing for The Outline" has no idea what hacking is.
What a terrible article, and by article, I mean Mail Chimp advertisement.
I read the article and while it makes the claim about Win95, it doesn't go into detail about it or support it with facts. I find that claim somewhat incredulous as most satellites would never use a GUI based desktop OS. Maybe some control systems on the ground use Win95 and have ever been updated.
I would agree with the basic premise that many satellites especially older ones are not hardened against cyber attacks.
Well, there's spam egg sausage and spam, that's not got much spam in it.
Literally... Chicken little has confirmed it!
Um... Yea, a lot of stuff is POSSIBLE, but the question really is about how practical it is. What's the actual level of risk? Pretty low.
These things are expensive. Older satellites might be vulnerable to exploits launched from the Web, but I've got to believe that such "over the web" control systems are quite well protected and monitored. Disrupting over the AIR (I.E. RF links) are going to require specialized equipment and some specialized knowledge about what you are doing (not all satellites use the same control uplink frequencies), and actually taking CONTROL is like to require insider knowledge of expected modulation techniques, telemetry formats, encryption keys and a lot of other things.
There are a lot of places that have the uplink equipment, though it's not that long of a list and most of that equipment is already being used for commercial applications. An uplink setup is prohibitively expensive for an individual to build and commercial companies that own them like to keep track of when they are used. You could possibly arrange to use one by stealing a mobile unit or breaking into one and using it, but you will get discovered pretty quick.
All this to say, Disruption is easy, so doing a denial of service attack is pretty high risk, you just need to access the right equipment. DOS attacks (and uplink mistakes) happen all the time now. Taking control? Not very likely, very low risk. State actors might have the resources, but apart from that, it's not going to be worth the effort and costs.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Naw, the vast majority of commercial communications satellites are still dumb bent-pipe repeaters. There's no security on them, save for nulling antennas and similar techniques.
I used to work for a company that built flyaway VSAT systems, so I know this stuff pretty intimately. A number of years ago, SES Americom (one of the big operators in North America) called me up for help in locating a wildcat transmitter that was causing interference with one of their birds. They called us because they knew we built stable, small aperture uplink terminals that could be a useful reference. Basically they had me transmit a known narrow-band signal at high power, then used that and my sidelobes as a reference to find the offender. After a weekend of doing doppler locating, they tracked it down to about a 1 x 2 mile ellipse, east of Detroit. Their suspicion was that it was a HughesNet terminal, probably on a gas station, that had gone bad.
...si hoc legere nimium eruditionis habes...
The actual command/control of the spacecraft themselves is protected by reasonably heavy Cryptography. When a Long March rocket failed in China while launching Intelsat 708, Intelsat failed to recover the cryptographic equipment from the wreckage, despite significant risks taken by their crew.
...si hoc legere nimium eruditionis habes...
There's noo way some satellite up there is actually running Windows 95 for anything on the the satellite hardware itself. I'm not believing that.
But I will believe there might be ground control workstations running Windows 95 for some function due to having custom software developed on it or a hardware device/card that cannot be moved to a newer version of Windows.
I know of all kinds of customer sites with Win95 workstations still in use. These are for specialized applications like manufacturing machine control or scientific test tools. They either keep them completely off the network and block all USB ports, etc, OR they use a very discrete localized network.
Security through obscurity is no security at all, and no amount of smugness in a retarded comment will fix that.
Releasing the know how does multiple services. First, it lets independent operators or consumers of said tech determine if the attack vector works on their systems. Second, it encourages the producers / manufacturers to implement fixes. They will be less inclined to spend the resources correcting the issues if they feel the fact that the attack isn't in the wild. Third, it prevents bas actors from capitalizing on an attack since the issue would be resolved faster. Fourth, it allows consumers to implement mitigation strategies and test them, while a solution is being formulated.
I browsed the article, and there are no actual facts to support the claim that hacking a satelite is surprisingly easy. None.
The claim that they run Windows 95 is not supported at all. A quick google revealed that most of the older satelites did not have a traditional operating system at all.
The whole article looks mostlly like clickbait, written by somebody with little knowledge of computers and even less about satelites.
The Intelsat 708 launch failure occurred in 1996. Typical lifespan for a geostationary satellite is approximately 15 years, before they're moved to a graveyard orbit and rendered inert.
For the most part, the TT&C (Tracking Telemetry and Control) codes for managing the spacecraft themselves has always been a closely guarded secret, and one fo the things that is subject to ITAR controls, due to the cryptography involved.
That said, there have been at least one incident where sabotage of the satellite was suspected, but this occurred during a rather bitter labour dispute between the satellite operator and their tracking and monitoring staff.
...si hoc legere nimium eruditionis habes...
Maybe someone googled for "what operating system runs on old satellites" and didn't realize that the Satellite made by Toshiba is a laptop, not an actual Earth orbiting device.
I, too, do not believe that any satellite is running Windows 95. To say the least, Win95 has not been optimized for power efficiency or running on resource-poor radiation hardened microprocessors, memory and support chips. Considering the Win95 is just a gui on top of MSDOS, running just MSDOS would make far more sense than Win95. Who would be using a mouse and looking at the screen on a satellite? Would they be using PCAnywhere on a space dial-up modem link?
Furthermore, Windows 95 has a timer wraparound bug that causes a crash every 49.7 days, and that bug wasn't found until the early 2000's, so anyone that used Win95 as a space OS has a dead satellite.
Win95 was used on the ground. Here's some info from people who were involved in all that back then.
https://www.quora.com/Why-do-t...
Also, I'm not seeing any evidence in the article that "hacking a satellite is surprisingly easy".
First off, the article is pure bullshit. There may be some Windows 95 components, but the satellites don't run off of Windows 95. These are embedded systems running small and tiny operating systems. They need to be light and with low power usage.
If you look at the article, there is one and only one place that says "Windows" or "Windows 95", and that's the intro paragraph. There are not references or annotations supporting this assertion. It's click-bait, and that makes Slashdot a click-bait enabler.
"A malicious actor could fake their IP address, which gives information about a user's computer and its location."
Nope. Not even remotely accurate.
"A plan fiendishly clever in its intricacies"- Homer Simpson
I personally integrated many birds for SES, Hispasat, Hughes, NBNco, Echostar, I even retrofitted Terrestar 2 into Echostar 21. Article is BS. Used mostly BAE rad750 processors. subsystems are controlled by MIL-STD-1553 just like your F14 tomcat was initially designed for developed in 1978. Mostly running scripts in either ADA or tcl from ground stations. All their communication is fully encrypted on launch. You could theoretically jam them by blasting the same frequencies, it wouldn't go long undetected.
The only satellite I ever saw running Windows 95 was a Toshiba Satellite. I think TFA's author is confused.