InfoconDB

Presented at Black Hat USA 2018, Aug. 9, 2018, 2:30 p.m. (50 minutes)

In 2014, we took to the stage and presented "A Wake-up Call for SATCOM Security," during which we described several theoretical scenarios that could result from the disturbingly weak security posture of multiple SATCOM products. Four years later, we are back at Black Hat to prove those scenarios are real.

Some of the largest airlines in the US and Europe had their entire fleets accessible from the Internet, exposing hundreds of in-flight aircraft. Sensitive NATO military bases in conflict zones were discovered through vulnerable SATCOM infrastructure. Vessels around the world are at risk as attackers can use their own SATCOM antennas to expose the crew to RF radiation.

This time, in addition to describing the vulnerabilities, we will go one step further and demonstrate how to turn compromised SATCOM devices into RF weapons. This talk will cover new areas on the topic, such as reverse engineering, Radio Frequency (RF), SATCOM, embedded security, and transportation safety and security.

Presenters:

Ruben Santamarta - Principal Security Consultant, IOActive
Ruben Santamarta is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, AMI, vulnerability research, exploit development, and malware analysis. As a principal consultant at IOActive, Mr. Santamarta performs penetration testing, identifies system vulnerabilities, and researches cutting-edge technologies. Mr. Santamarta has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Ekoparty, 4SICS, and Black Hat USA.

Last Call for SATCOM Security

Presenters:

Links:

Similar Presentations: