Hackers Can Easily Disrupt Aircraft Satellite Links

Cobham AVIATOR 700 SATCOM device. Credit: Cobham.

(Image credit: Cobham AVIATOR 700 SATCOM device. Credit: Cobham.)

LAS VEGAS — How hard is it to hack into satellite communications? Not that hard, according to researcher Ruben Santamarta of Seattle-based security company IOActive. He's found a number of flaws in several widely-used satellite communication (SATCOM) terminals, the ground-based devices that communicate with orbiting satellites.

Speaking at the Black Hat security conference in Las Vegas yesterday (August 7), Santamarta showed how SATCOM devices work and what kinds of flaws, including hard-coded credentials, backdoors and insecure and undocumented protocols, are present in them. 

MORE: 12 More Things You Didn't Know Could Be Hacked

The average person may never connect directly to a SATCOM network, but people in the maritime, industrial, military and aerospace sectors do on a regular basis. On a commercial aircraft, both pilots and passengers, at least those who use on-board Wi-Fi, connect to SATCOM-based networks while in the air. SATCOM is used in emergency services, and media personnel use SATCOM connections to access the Internet while reporting from the field.

With the SAILOR 6006 marine SATCOM terminal made by British vendor Cobham, attackers could remotely access the device via a communication protocol called thraneLINK. Attackers could then pretend to be upgrading the targeted SAILOR's firmware, but actually replace that firmware with a malicious variant.

The Cobham AVIATOR 700 is a SATCOM device used on airplanes for important communications as well as the passengers' in-flight Wi-Fi. A passenger might be able to use the in-flight Wi-Fi connection, in addition to other authentication bypass flaws Santamarta found in the device, to interfere with pilots' ability to communicate or to send and receive distress signals. 

Many other devices require operators to use passwords hard-coded into the devices' firmware, making the passwords impossible to change. Anyone with physical access (or in some cases, remote access) could easily find the passwords within the device's code. 

Santamarta also found hard-coded passwords and security backdoors in some SATCOM devices, including several devices made by Germantown, Maryland-based vendor Hughes Communications. Designed for use by Hughes administrators, the backdoors could nevertheless be used by attackers to gain remote access to the devices via simply an SMS message.

"The NSA is really happy with this," Santamarta said sarcastically.

Santamarta's talk comes just months after Malaysian Airlines flight MH370 mysteriously disappeared over the Indian Ocean, and there has been speculation that the plane could have been hacked. IOActive said it's extremely unlikely that someone used the same bugs that Santamarta documented to affect MH370.

SATCOM device flaws can't be used to seize control of an airplane's navigation, IOActive's Craig Brophy told Tom's Guide. IOActive has no evidence any of Santamarta's flaws have been exploited in the wild.

Santamarta said he disclosed all the bugs he found to the SATCOM devices vendors. Some were skeptical of his findings, pointing out that his tests were all conducted in a laboratory setting and would probably be harder to accomplish in real life.

"Cobham devices can therefore only be subject to attacks if the attacker has either physical access to the device or the network has been installed incorrectly," Santamarta said a Cobham representative told him. 

Hughes acknowledged its devices had hard-coded passwords and backdoors, but said that was "common practice" and that the passwords were "not intended to be a terminal security mechanism."

"If someone can remotely or physically reach your SATCOM devices, it's over," Santamarta concluded.

A full white paper of Santamarta's findings is available at IOActive's website

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, on Facebook and on Google+.

TOPICS

Jill Scharr is a creative writer and narrative designer in the videogame industry. She's currently Project Lead Writer at the games studio Harebrained Schemes, and has also worked at Bungie. Prior to that she worked as a Staff Writer for Tom's Guide, covering video games, online security, 3D printing and tech innovation among many subjects. 

Latest in Online Security
A person on a laptop converting a PDF to a DOC
FBI issues warning over free online file converters that infect your PC with malware
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
A woman using her laptop securely with a cup of coffee in hand
5 common mistakes people make when shopping for antivirus software
Windows
240 million Windows 10 users are vulnerable to six different hacker exploits — protect yourself now
Victims of Identity Theft
FTC says Americans lost $12 billion to scams last year and these were the worst ones — here's how to stay safe
Apple iPhone 16 Plus Review.
Apple just released an emergency security update for a flaw used in an ‘extremely sophisticated attack’ — update your devices right now
Latest in News
A person on a laptop converting a PDF to a DOC
FBI issues warning over free online file converters that infect your PC with malware
The Find my People feature
Android Find My can now track your friends and family — here's how to use it
Foldable iPhone concept image
Are you sitting down? Here’s what the foldable iPhone could cost
Samsung HW-Q990D soundbar
Samsung’s flagship 2024 soundbar just got bricked by a new firmware update — don’t update
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
Owen Cooper as Jamie Miller in Adolescence
'Adolescence' is a gripping new Netflix show that's already hit No. 1 — and it’s 100% on Rotten Tomatoes