US: Researchers from security consultancy IOActive have revealed that vital satellite constellations are susceptible to hacking and other dangers. The firm conducted static firmware analysis through the reverse-engineering of several satellite devices. The services examined by the report include Inmarsat-C, Very Small Aperture Terminal (VSAT), Broadband Global Area Network (BGAN), BGAN machine-to-machine (M2M), FleetBroadband (FB), SwiftBroadband and Classic Aero Service. These services are used in a variety of functions such as communications, navigation and military operations. After careful analysis, the reports reveal possible attack scenarios against satellites that provide these services, including those made by important satellite contractors such as Harris Hughes, and Iridium.
After examining the firmware of the satellites, researchers found that malicious actors could attack the satellites with methods such as: exploiting admin code backdoors via SMS messages to install malicious firmware, possibly resulting in fraud, denial of service, physical damage, or data spoofing; compromising terminals through their authentication mechanisms in order to spoof navigation charts or disrupt the operational integrity of cargo vessels; injecting malicious firmware or executing arbitrary code into terminals to obtain GPS coordinates or disable communications. According to the reports if any of the above mentioned affected devices are compromised then the entire SATCOM infrastructure could be at risk. Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc. are capable of being impacted by these vulnerabilities.
Source: Defense systems