Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks

Presented at Black Hat USA 2020 Virtual, Aug. 5, 2020, 12:30 p.m. (40 minutes)

Space is changing. The number of satellites in orbit will increase from approximately 2,000 today to more than 15,000 by 2030. "New Space" brings promises of ubiquitous broadband and unprecedented connectivity for billions. As the first trials of these mega-constellations take orbit, we stand at a critical technical inflection point where the InfoSec community can contribute and ensure that the security mistakes of the past do not become critical vulnerabilities for the future.

This briefing presents an experimental look at attacking satellite broadband communications across three domains: land, air, and sea. We find that an attacker using $300 of home television equipment can spy on these communications from thousands of miles away with virtually no risk of detection. We walk though the hardware we used and software we developed to evaluate this threat against real-world systems using two distinct communications protocols: DVB-S MPE and DVBS-2 GSE.

This threat is contextualized through the analysis of terabytes of real-world satellite traffic recordings made using our hardware setup. We'll present some of our most interesting findings from inside these captures which contain sensitive data from some of the world's largest organizations. From home satellite broadband customers, to wind farms, to oil tankers, to aircraft, satellite eavesdropping represents a critical threat to privacy and communications security. Beyond eavesdropping, we also demonstrate that, under the right conditions, attackers can even hijack active sessions over the satellite link.

The talk concludes by reflecting on the physical characteristics that have incentivized insecure satellite broadband and approaches to overcome them. We present an open-source tool which individual customers can use to encrypt their traffic without requiring ISP involvement.

The briefing assumes no background in satellite communications or cryptography. Its goal is to provide a starting point for researchers interested in tackling challenging security problems in outer space.

Presenters:

• James Pavur - DPhil Student, Oxford University
  James Pavur is a Rhodes Scholar at Oxford University working on a DPhil in Cybersecurity. His academic research is primarily on the threats to satellite systems with a focus on satellite communications and trustworthy spaceflight operations. Prior to Oxford, he majored in Science, Technology and International Affairs (STIA) at Georgetown University where he graduated with the School of Foreign Service Dean's Medal (highest cumulative GPA) in 2017. He has held numerous internships and professional positions related to information security. This included acting as Director of Information Security for Students of Georgetown Inc. (The Corp), a student run non-profit with more than 300 employees. He has also assisted with computer crimes investigations as an intern with the United States Postal Service Office of the Inspector General, worked on embedded systems reverse-engineering as an intern at Booz Allen Hamilton, and even pen-tested air-conditioners for the Public Buildings Services while working for Telos Corporation. Outside of computers, James enjoys flying kites and collecting rare and interesting teas.

Links:

• https://www.blackhat.com/us-20/briefings/schedule/#whispers-among-the-stars-a-practical-look-at-perpetrating-and-preventing-satellite-eavesdropping-attacks-19391

Similar Presentations:

• REcon 2023 / Cracking the final frontier: Reverse engineering and exploiting low-earth orbit satellites
• DEF CON 28 (2020) Virtual / Whispers Among the Stars: Perpetrating (and Preventing) Satellite Eavesdropping Attacks
• BSidesLV 2019 / Satellite Vulnerabilities 101