Forgot your password?
typodupeerror
Security Communications

The Dismal State of SATCOM Security 54

Posted by timothy
from the my-sputnik-or-yours dept.
An anonymous reader writes "Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive found while analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals does not include only design flaws but also features in the devices themselves that could be of use to attackers. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability; just sending a simple SMS or specially crafted message from one ship to another ship would be successful for some of the SATCOM systems."
This discussion has been archived. No new comments can be posted.

The Dismal State of SATCOM Security

Comments Filter:
  • so, just like your data communications in your house, if you don't want someone eavesdropping on your conversation toss a type1 encryption device in front of it, like every other security conscious satcom user.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      That won't protect you from denial of service attacks.

      And in quite a lot of the use cases, the reaction won't be "Bummer, can't get to slashdot" but will be:
      - "Bummer, can't warn the train driver there are boulders on the rail"
      - "Bummer, can't contact search and rescue and the ship is sinking"
      - "Bummer, can't contact HQ and request Air support to help with these guys shooting rpgs on my convoy"
      Note: Substitute "Bummer" with appropriate four letter word.

      Also,
      type 1 encryption devices won't be available to mo

  • by Anonymous Coward

    Isn't it great how security went from a concern, to an afterthought, to completely irrelevant over the span of twenty years? Only to be magically resurrected as a hot button issue of worldwide concern for every other news story for arguably the next 5 years. And all because big corps, with all their endless offshoring, cost cutting, profit seeking, litigation circumvention, and merciless assault on tax avoidance will continue to skip to the loo with endless payrolls, blaming all of this all the while on "ou

    • by Lumpio- (986581)
      Huh? Security was completely irrelevant at some point in the recent past? When exactly?
  • You would have thought people who made satellites were, like rocket scientists. Not drunken lemmings.
    • by Anonymous Coward
      Not saying I'm representative of the whole group, but I'm a rocket scientist, and I'm pretty pants at information security.
      • by johnjaydk (584895)

        Not saying I'm representative of the whole group, but I'm a rocket scientist, and I'm pretty pants at information security.

        Getting them up there and not having them fall down is not half bad. I still try to keep my kerbals from blowing up. But seriously, at least accept that info-sec is important. There might be a business case in not being totally p0wnd.

    • by cusco (717999) <brian@bixby.gmail@com> on Thursday April 17, 2014 @12:42PM (#46780235)

      The problem is that reliability has always been considered as paramount in these devices, for very good reasons, and inserting a security layer in the stack increase the likelihood of problems and increases their complexity. There are satellite phones out there which have been in almost continuous use for 15 years, good luck flashing that firmware to handle encryption or to obfuscate that hard-coded password. For most satellite communications users I don't foresee the situation changing any time soon. They guy running a gold dredge in the upper Amazon isn't going to want to cough up for a new phone when his current one has been working fine for the last decade, nor is the tribal chief in New Guinea or the crab boat captain in the the Bering Straight. What they have works, and they don't give a shit whether the phone can be hacked as long as it works when they really need it. The commodities speculator in his Lear jet might be concerned, let him pay for the system upgrades, but leave the rest of the system backwards compatible for those people who need reliability overall.

      • crab boat captain in the the Bering Straight boat upkeep is noting next to the cost of a new sat phone

        • by cusco (717999)

          No, but just because it won't bankrupt him doesn't mean that he wants the annoyance of buying, setting up and learning a new (and more expensive) system that may well not be as reliable as the old one. My dad bought one of the first consumer-level Lowrance fish finders on the market. He used it until he couldn't fish any more, even though there were "better" models on the market. Why buy a new one when that one did exactly what he wanted exactly the way he was used to it?

    • Even rocket scientists have managers. And managers have VPs and VPs have to talk to the CEO about shareholder value.

      As always, shit rolls down hill.

    • by dave562 (969951)

      I know you are kidding, but the scientists who are putting the satellites into orbit are not the same group as the engineers who are designing the satellites in the first place.

  • They will take it seriously when someone pwns a communications satellite.
    • by janoc (699997)

      Which is happening routinely. Many older birds don't require any authentication nor anything - they simply retransmit whatever they hear on one frequency on another one: http://spectregroup.wordpress.... [wordpress.com]

      And those are US NAVY (!!!) satellites!

      Doing that with Iridium or Inmarsat hardware is a bit more complex, because the protocols are mostly digital, but not impossible neither.

  • by DeTech (2589785) on Thursday April 17, 2014 @12:06PM (#46779945)
    LDR services like Inmarsat were never meant to be secure. Now if this was about AEHF that would be news.
    • LDR services like Inmarsat were never meant to be secure. Now if this was about AEHF that would be news.

      I'm pretty sure they're meant to be at least secure enough that Joe Shmoe couldn't take them over with a text message or a known hardcoded credential. Well, unless you can point someone at this list of vulnerabilities and say "it's not meant to be secure", and still make your sale, of course.

      • by DeTech (2589785)

        Well, unless you can point someone at this list of vulnerabilities and say "it's not meant to be secure", and still make your sale, of course.

        That of course is the kicker. The customer base for Inmarsat and Iridium is not the SHIELD/HYDRA community the OP has in his head. This is more the western union /pay-as-you-go-phone crowd.

  • by mveloso (325617) on Thursday April 17, 2014 @12:26PM (#46780097)

    Anyone talking on a sat phone is by definition interesting to the government - any government. Why would you think that these would be secure?

    • by jon3k (691256)
      > Anyone talking on a sat phone is by definition interesting to the government - any government.

      Uh, no. I live on the coast and every big (especially charter) fishing boat has sat phones. Most of it the conversations are: "Yes honey I'm still at the office looks like I'm going to be REALLY late".
      • by tirefire (724526)
        Not just fishing boats, but people in Alaska, Nevada's Great Basin, The Northwest Territories...
  • OSS security debate (Score:4, Interesting)

    by janoc (699997) on Thursday April 17, 2014 @12:27PM (#46780107)

    Wasn't it just yesterday that someone has posted a flamebait summary [slashdot.org] about the Heartbleed bug changing the "Open source is safer" discussion?

    This is a great evidence of what happens when you rely on security by obscurity in proprietary software. Nobody is forced to fix things, sloppy coding is the norm and there are backdoors galore ...

    Unfortunately, the bad guys laugh, the vendors play ostrich with the heads in sand and everyone else is suffering the consequences ...

  • "Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive found while analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals includes not only design flaws, but also device features that attackers could leverage. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/o

  • by Anonymous Coward

    Hijacking satellites has been going on for some time. There is this story from Strategy Page:
    -----
    Brazil and the U.S. have been arresting people who have been illegally using obsolete, but still functioning, U.S. Navy FLTSATCOM communications satellites. The FLTSATCOM (Fleet Satellite Communications System) were eight communications satellites launched between 1978-89. Two of the launches failed, and FLTSATCOM was replaced by the UFO in the 1990s. Although the FLTSATCOM birds were built to last for seven ye

  • There are a couple of factors that are worth considering. Unlike fiber or coax transport systems, satellites are usually used for very long distance communications. Because of this, it is quite frequent that your link will terminate in another country or even continent. This will make standards compliance and procurement a challenge from day one since you can't guarantee everyone has access to the same equipment.

    Secondly encryption standards have to be agreed upon and quite often, equipment from different m

  • A big ancient expensive government-backed system is full of security flaws.

Make sure your code does nothing gracefully.

Working...