Headline
Satellites Are Rife With Basic Security Flaws
German researchers gained rare access to three satellites and found that they’re years behind normal cybersecurity standards.
Hundreds of miles above Earth, thousands of satellites are orbiting the planet to keep the world running smoothly. Timing systems, GPS, and communications technologies are all powered by satellites. But for years, security researchers have warned that more needs to be done to secure the satellites against cyberattacks.
A new analysis from a group of German academics provides a rare glimpse into some of the security weaknesses in satellites currently circling the Earth. The researchers, from the Ruhr University Bochum and the Cispa Helmholtz Center for Information Security, have examined the software used by three small satellites and found that the systems lack some basic protections.
The satellites inspected by the researchers, according to an academic paper, contain “simple” vulnerabilities in their firmware and show “that little security research from the last decade has reached the space domain.” Among the problems are a lack of protection for who can communicate with the satellite systems and a failure to include encryption. Theoretically, the researchers say, the kinds of issues they discovered could allow an attacker to take control of a satellite and crash it into other objects.
There are multiple kinds of satellites in use today, ranging in size and purpose. Satellites created by commercial companies can be found photographing the Earth and providing navigation data. Military satellites are cloaked in secrecy and often used for spying. There are also research satellites, which are run by space agencies and universities.
Johannes Willbold, a PhD student at Ruhr University Bochum and the lead researcher behind the security analysis, says the current state of satellite security can be classed as “security by obscurity.” In other words: Little is known about how well they are protected. Willbold says the research team approached multiple organizations with satellites in space to ask if they could inspect their firmware, and the vast majority refused or didn’t reply—he praises the openness of the three that worked with his team.
The three satellites the team focused on are used for research, fly in low Earth orbit, and are largely operated by universities. The reserachers inspected the firmware of ESTCube-1, an Estonian cube satellite that launched in 2013; the European Space Agency’s OPS-SAT, which is an open research platform; and the Flying Laptop, a mini satellite created by Stuttgart University and defense firm Airbus.
The researchers’ analysis says they found six kinds of security vulnerabilities across all three satellites and 13 vulnerabilities in total. Among these vulnerabilities were “unprotected telecommand interfaces,” which satellite operators on the ground use to communicate with the vehicles when they are in orbit. “Oftentimes, they lack access protection in the first place,” says Willbold, who is also presenting the research at the Black Hat security conference in Las Vegas next month. “They’re essentially not checking anything.”
As well as the vulnerabilities within the satellites’ software, Willbold says, the team found an issue in a code library that appears to be used by multiple satellites. The research details a stack-based buffer overflow vulnerability in software developed by nanosatellite manufacturer GomSpace. The source of the problem, the research says, is within a library that was last updated in 2014. Willbold says GomSpace acknowledged the findings when the researchers reported the issue. GomSpace did not respond to WIRED’s request for comment.
The creators of the satellites examined by the researchers told WIRED that providing their firmware to the researchers was beneficial and that they will take the findings on board for future spacecraft. Simon Plum, head of the Mission Operations Department at the European Space Agency (ESA), says a different level of security is applied to OPS-SAT than to other missions, as it is a “space laboratory.” However, Plum says ESA is reviewing the findings and has made at least one change to the satellite already. “We want to protect space systems from cyber threats and develop culture and common knowledge of resilience in the field of space cybersecurity,” Plum says.
Andris Slavinskis, an associate professor at the University of Tartu in Estonia who works on the ESTCube project, says the findings are “important and relevant” and that the ESTCube-1 system was “developed and launched during the Wild West times of the cubesat world.” A second version of the satellite, ESTCube-2, is set to launch this year. Meanwhile, Sabine Klinkner, a professor of satellite technology at Stuttgart University, which partly developed the Flying Laptop, says the “weaknesses” the researchers found are a result of trade-offs around functionality and access to the satellite.
“As with many university satellites, our threat model weighted the small incentives to attack an academic satellite against the still not completely trivial challenges in establishing a link and sending valid commands to the satellite,” Klinkner says. No malicious connections to the satellite have been spotted, Klinkner adds. And she says future missions will have increased cybersecurity measures to protect against threats.
Despite the satellite security analysis mostly focusing on research and academic satellites, it highlights wider security issues around satellites that experts have been concerned about for years. Gregory Falco, an assistant professor at Johns Hopkins University who focuses on space cybersecurity, says it is rare for researchers to be able to get their hands on satellite firmware and publish research on it. There’s “almost nothing” publicly available that’s similar to the type of analysis the German team completed, Falco says.
The warnings about space systems aren’t new. Researchers have long said more needs to be done to protect space systems from attack and to improve how they are created. Falco says that space firmware and software development is a “nightmare” for two reasons. First, legacy software is often used in development and is rarely updated, Flaco says. “The other reason why is because space systems are not built by software developers. They are built by aerospace engineers, for the most part.” The German researchers also surveyed 19 satellite industry professionals about the levels of security in their systems. “We focused on providing a functioning system instead of a secure one,” one of those surveyed said, according to the academic paper.
Juliana Suess, a research analyst and policy lead on space security at the defense think tank Royal United Services Institute, explains that there are multiple ways satellite systems can be attacked, beyond software and firmware vulnerabilities. These include jamming and spoofing attacks, which interfere with the signals being transmitted to and from satellites. “You don’t need to be a space power to do it,” Suess says. Last year, security researchers with permission demonstrated how a decommissioned satellite could be used to broadcast rogue TV signals. And in October 2007 and July 2008, Chinese hackers were blamed for disrupting two US satellites.
Suess believes the cyberattack against the Viasat satellite system at the start of Russia’s full-scale invasion of Ukraine last year has acted as a further wake-up call to the space industry. In the early hours of February 24, 2022, when Russian troops first moved into Ukrainian land, a cyberattack interrupted thousands of modems from the satellite internet system. The attack knocked connections offline around the world, including German wind farms. The EU, UK, and US have linked the attack to Russia, and it has prompted the US National Security Agency to speak out about satellite security.
As experts continue to sound the alarm around space cybersecurity issues, the commercial space sector is going through a boom. SpaceX and other companies are racing to put thousands of satellites into orbit to provide internet connections, and it has become cheaper for satellites to photograph Earth from space. Alongside big firms, there’s a smaller array of companies building components and parts to be included in spacecraft. This supply chain poses extra security risks.
“They absolutely are not prioritizing security,” Falco says. “They probably don’t have any people who know anything about it on their staff.” In June of this year, the Institute of Electrical and Electronics Engineers Standards Association announced a new effort, which Falco is chairing, to introduce common practices and requirements for cybersecurity across the space industry. “There’s so much money that’s going into developing commercially led space systems, commercial entities need to have some guidance,” Falco says.