Posted on April 1, 2022 at 4:37 PM
Cybersecurity research studies have recently turned towards orbiting satellites and their impact on the state of security. Satellites are devices created with a focus on durability and reliability.
However, as engineers focus on these prime features, they fail to pay attention to providing ultra-security to these devices. Security researcher Karl Koscher questioned the life cycle of a satellite, asking what happens after an old one has been commissioned and is now moving into “graveyard orbit.”
Broadcasting using a decommissioned satellite
Koscher conducted a study in 2021 after he received authorization alongside his colleagues to access and broadcast using a Canadian satellite dubbed Anik F1R. This satellite was launched in 2005 to aid Canadian broadcasters. The satellite was designed to be used for only 15 years.
This satellite has abroad coverage because it extended below the southern border of the US to Hawaii and reached the eastern parts of Russia. The satellite is currently on the way to moving into its graveyard orbit. Most of the services that use this satellite have moved to a new satellite.
Communications between the researchers and Anik F1R were possible through special access to an uplink license and transponder slot lease. Koscher managed to take over the communications of this satellite, and he was able to broadcast information to the Northern Hemisphere.
In an interview with WIRED, Koscher noted that his “favourite thing” was to actually see that the satellite was still working. “It’s kind of unreal to go from making a video stream to having it broadcast across all of North America,” Koscher added.
Koscher and his colleagues also used the satellite to broadcast a livestream from a security conference in ToorCon, San Diego. Last week, he explained that the team was able to communicate with the satellite using an unidentified commercial uplink facility. This station comes with a specially-powered dish to support communication between satellites. Koscher converted this facility to a command centre, from which they could broadcast from the satellite.
Security threat posed by decommissioned satellites
The researchers had the authorization to access the satellite and the uplink facility. However, the fact that this satellite could still be used has raised questions over the use of decommissioned satellites that are yet to move further away into grave orbit.
“Technically, there are no controls on this satellite or most satellites – if you can generate a strong enough signal to make it there, the satellite will send it back down to earth. People would need a big dish and a powerful amplifier and knowledge of what they were doing. And if a satellite were fully utilized, they would need to overpower whoever else was using that particular transponder spot or frequency,” Koscher added.
The one with the highest level of communication with the satellite has its message broadcast the most. However, it is nearly impossible for an individual to overpower large broadcasting companies. Nevertheless, this has happened before.
In 1986, a hacker known as Captain Midnight hacked into an HBO broadcast of The Falcon and the Snowman after obtaining unauthorized access to the Galaxy 1 satellite signal. The worrying trend of hackers hijacking satellites has only intensified in recent years. Hackers are currently using underutilized satellites for personal gains.
In 2009, 39 people were arrested in Brazil after they were suspected of hijacking US Navy satellites through high-powered antennas. They also used ad hoc gear for their citizens band (CB) short-distance radio communications.
Besides satellites being hijacked by independent hackers, they can also be hijacked by countries. Koscher notes that countries that want to broadcast propaganda can do so through these satellites, and they do not have to bear the burden of launching their own satellites. All that they need to do is possess ground equipment that allows them to access the satellites.
In 2020, Ang Cui, an embedded device security researcher, said decommissioned satellites were not the only ones in danger of being hijacked. Cui noted that even new satellites could be compromised. However, he noted that hackers mainly turned toward the satellites in their final stages of life.
One of the colleagues of Koscher noted that there was a need to create awareness of satellite uplink capabilities. The researcher opined that these capabilities should be noted down as many and should not be highlighted as exclusive or scarce. “What is this was just a universal utility,” the researcher said.