Satellite hacking as an alternative to destruction: An exploration of the potential advantages.

Satellite hacking as an alternative to destruction: An exploration of the potential advantages.

In a recent demonstration, Milenko Starcik and Andrzej Olchawa from German biz VisionSpace Technologies showcased the ease of hacking satellites by exploiting software vulnerabilities. The team's findings have highlighted significant security gaps in satellite command, control, and flight software, demanding urgent improvement to prevent potential hostile cyberattacks on space assets.

The demonstration, which was a simulation and did not harm any satellites, revealed that it is possible to crash the entire onboard software of a satellite with an unauthenticated telephone call. This vulnerability was demonstrated using the VisionSpace duo's hack on the VisionSpace satellite.

The team's research also uncovered critical flaws in various open-source applications used in satellite systems. For instance, Yamcs, an open-source satellite control and communication software used by NASA and Airbus, was found to have five separate CVEs (Common Vulnerabilities and Exposures) enabling an attacker unrestricted control, including the ability to crash onboard software with unauthenticated telecommands and covertly change a satellite’s orbital parameters in simulations.

OpenC3 Cosmos, a ground station command and control open-source application, exhibited seven CVEs allowing remote code execution and cross-site scripting, raising serious risks of ground station compromise.

NASA's Core Flight System (cFS) Aquila contained four critical vulnerabilities, including two denial-of-service bugs, one path traversal, and one remote code execution flaw, potentially allowing attackers full software control over NASA’s flight systems.

These findings underscore the need for improved security measures in the satellite industry. The number of functioning satellites in orbit has increased dramatically, from fewer than 1,000 in 2005 to approximately 12,300, according to the European Space Agency. This growth, coupled with the rise in the number of military platforms due to global tensions, has increased the importance of securing satellite systems.

Many satellites, especially small satellites (SmallSats and CubeSats), lack robust security protections such as encrypted command links and authentication, making them susceptible to hijacking or denial-of-service attacks. Research has confirmed that fundamental instructions and telecommand interfaces in current satellites often do not implement adequate encryption or access controls.

The vulnerabilities exposed pose risks that range from unauthorized telemetry interception and command spoofing to hostile alteration of satellite orbits, which could lead to satellite collisions or mission failures—with potential large economic and security implications in increasingly crowded orbits.

Measures to enhance security recommended in the industry include implementing end-to-end encryption on ground-to-satellite communications, embedding cybersecurity by design into the satellite's lifecycle, adding secure over-the-air (OTA) software and firmware update mechanisms with signature verification, and deploying advanced monitoring to detect signal anomalies that could indicate spoofing or jamming attempts.

All the vulnerabilities discovered were responsibly disclosed and fixed. However, the team cautioned that there may be more software nasties floating around in the satellite industry. The industry must take these findings seriously and work towards improving the security of satellite software to protect these vital assets.

[1] Starcik, M., & Olchawa, A. (2022). Hacking Satellites: A Case Study on the Security of Open-Source Space Applications. [Report]. [2] European Space Agency. (2022). Number of Functioning Satellites in Orbit. [Website]. [3] European Space Agency. (2022). Securing Satellite Communications. [Website]. [4] Olchawa, A. (2022). Interview with Andrzej Olchawa on the State of Satellite Security. [Interview].

1. The security vulnerabilities discovered in the open-source satellite control and communication software, Yamcs, could allow an attacker to gain unrestricted control, potentially crashing onboard software with unauthenticated telecommands.
2. OpenC3 Cosmos, another open-source ground station command and control application, revealed seven CVEs that enable remote code execution and cross-site scripting, increasing the risks of ground station compromise.
3. In addition to these findings, NASA's Core Flight System (cFS) Aquila was discovered to contain four critical vulnerabilities, including one remote code execution flaw, potentially allowing attackers full control over NASA’s flight systems.
4. As the number of functioning satellites in orbit increases, the importance of securing satellite systems, including the space-and-astronomy industry, becomes vital for the protection of these assets.
5. To enhance security, the technology industry suggests implementing end-to-end encryption on ground-to-satellite communications, embedding cybersecurity by design into the satellite's lifecycle, adding secure over-the-air (OTA) software and firmware update mechanisms with signature verification, and deploying advanced monitoring to detect anomalies.
6. The finance industry could face significant economic implications if satellite collisions or mission failures occur due to hostile alteration of satellite orbits, as these vulnerable satellites could lead to costly satellite replacements or business disruptions.
7. The cybersecurity industry should focus on improving the security of software used in satellite systems, including addressing open source applications, to prevent potential attacks.
8. With the rapid growth of the satellite industry, particularly small satellites, businesses and organizations must prioritize data-and-cloud-computing solutions that support secure and robust hardware and software, ensuring the integrity and safety of their operations in space.

Read also: