View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Satellite communication systems ‘vulnerable’ to hacking

The vulnerabilities could impact the safety of ships, aircraft, military personnel, emergency services, media services, and industrial facilities.

By Vinod

Several satellite communication systems manufactured by leading companies claimed to have vulnerabilities which allow remote hackers to intercept, manipulate, block and even control the entire communications system of the device.

According to a research conducted by security consultancy firm IOActive, the vulnerabilities can have severe bearing on the safety of ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations).

The vulnerabilities included hardcoded credentials, undocumented protocols, insecure protocols, and backdoors.

IOActive studied satellite communications (SATCOM) devices used in military, aerospace, maritime, critical infrastructure, during last quarter of 2013.

The study mainly focused on ground basted SATCOM systems manufactured by leading manufacturers including Harris, Hughes, Cobham, Thuraya, JRC, and Iridium.

Through analysis and reverse engineering of the freely and publicly available firmware updates of popular SATCOM technologies, IOActive found that hackers can exploit all the devices.

"Insecure and undocumented protocols, backdoors, hard-coded credentials…mainly design flaws that allow remote attackers to fully compromise the affected devices using multiple attack vectors," the report added.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products."

"In certain cases no user interaction is required to exploit the vulnerability; just sending a simple SMS or specially crafted message from one ship to another ship would be successful for some of the SATCOM systems."

IOActive researchers also claim that in addition to the vulnerabilities and design flaws, a number of features in the devices could pose security risks.

The researchers have also recommended that the manufacturers and resellers should remove all publicly accessible copies of device firmware updates from their websites and strictly control access to updates in the future.

SATCOM technologies help access internet remotely, help vessels and aircrafts operate safely as well as provide critical communication to military and emergency services.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.