Satellites Are A Wide-Open Channel For Hackers

The recent Black Hat 2020 Conference went virtual this year, like other major conferences.

The industry-recognized information security event ran August 1-6, 2020 and featured a combination of training, briefings, and keynote speakers.

One keynote, an academic researcher and Oxford doctoral candidate, brought to light some alarming information regarding the widespread accessibility of eavesdropping hacking.

James Pavur spoke about gaps in the communications streaming process created by wide coverage areas.

It turns out that conversations that take place in your home may be open to any prying ear with just a mere $300 in equipment costs needed to gain access.

Satellite communication equipment can be used by attackers from across the globe due to their wide geographical attack area. While outgoing connections from a user to a satellite take place through a narrow channel of communication, the reverse down link between the satellite and the user is a broadcast transmission that is more susceptible to interception.

Pavur demonstrated the process of tuning into channels with a low-cost satellite dish, an easy piece of equipment to acquire second hand. He explained that when paired with a PCIe satellite tuner card and a satellite locator software like EPS Pro, hackers could easily identify vulnerabilities.

This is startling news for the average consumer, but the implications of these capabilities are far-reaching for many industries that rely on satellite ISPs in areas where terrestrial communications are insufficient.

Industries that rely on satellite communication like aviation, oil, and cruise lines are particularly vulnerable. In fact, Pavur cited one example that could give hackers access to the same information your internet service provider sees.

“Imagine a cruise line that has a bunch of Windows devices aboard it ships. This Windows local area network with all that internal LDAP traffic and SDP traffic will be broadcast over the satellite link, giving an eavesdropper perspective from behind the firewall.”

What can businesses do to guard against attack via satellite?

With the presence of commercial satellites increasing, it has become more and more important for businesses to prioritize defending themselves against unwanted access. The first step in this direction is to create and maintain a cybersecurity policy within your organization. Whether your plan consists of in-house IT management or outsourcing, it’s important to have a dedicated team that handles cybersecurity needs.

That team should address the following security needs:

  • Utilize secure tunneling to protect sensitive information
  • Adhere to strong encryption practices for all transmitted data
  • Implement stronger authentication requirements

The attack surface for hackers seems to be expanding at a rate that is difficult for many businesses to keep up with. We’re happy to audit your current cybersecurity system.

Schedule a consultation today with a Starfish Computer specialist!