Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
6 likes3,047 views
The document discusses exploiting trust relationships in satellite communication networks. It describes how an attacker could potentially "piggyback" on a satellite network by finding an unused frequency and transmitting data without authorization, akin to adding a "rogue carrier." The document notes challenges in detecting such rogue transmissions and suggests cooperation across satellite operators could help with detection. It concludes by noting previous work compromising the data link layer and suggests combined attacks on the data link and network layers could allow more serious exploitation of satellite systems.
Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship
- 1. 2.0 Hacking a Bird in the Sky Exploiting Satellite Trust Relationship Jim Geovedi Raditya Iryandi jim.geovedi@bellua.com raditya.iryandi@bellua.com
- 2. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Disclaimer This presentation is intended to demonstrate the inherent security, design and configuration flaws in publicly accessible satellite communication networks and promote the use of safer satellite communication systems. Viewers and readers are responsible for their own actions and strongly encourage to behave themselves.
- 3. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Slanguage Dictionary ‣ Bird: a variety term for satellite; "The proposed channel would be carried by an Asian bird to be launched next spring."
- 4. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Satellite ‣ A satellite is any object that orbits another object (which known as its primary).
- 5. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Artificial Satellite ‣ It was the English sci‐fi writer Arthur C. Clarke who conceived the possibility of artificial communication satellites in 1945. Clarke examined the logistics of satellite launch, possible orbits and other aspects. Arthur C. Clarke, science fiction author, meeting with fans, at his home office in Colombo, Sri Lanka. source: http://en.wikipedia.org/wiki/Arthur_C._Clarke
- 6. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Artificial Satellite ‣ The first artificial satellite was Sputnik 1 launched by Soviet Union on 4 October 1957. In 1957, the Soviet Union launched Sputnik, a basketball‐size capsule that became the Earth’s first man‐made satellite. Sputnik’s radio signals were a “raspberry” from the Soviets, fumed one U.S. pundit. The next year, the United States created NASA, and the space race was under way. source: http://magma.nationalgeographic.com/ngm/2007‐10/space‐travel/space‐travel‐photography.html
- 7. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Satellite Internet Services ‣ One‐way multicast: used for IP multicast‐based data, audio and video distribution. ‣ Most Internet protocols will not work correctly over one‐way access, since they require a return channel. ‣ One‐way with terrestrial return: used with traditional dial‐up access to the Internet, but downloads are sent via satellite at a speed near that of broadband Internet access. ‣ Two‐way satellite access: allows upload and download data communications.
- 8. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Very Small Aperture Terminal ‣ A one or two‐way terminal used in a star, mesh or point to point network with. Antenna size is restricted to being less than or equal to 3.8 m at Ku band and 7.8 m at C band. ‣ It consists of a large high performance hub earth station (with an antenna of up to 9 m in diameter) and a large number of smaller, lower performance terminals. These small terminals can be receive only, transmit only or transmit/receive. A 2.5m parabolic dish antenna for bidirectional high‐speed satellite Internet. source: http://en.wikipedia.org/wiki/VSAT
- 9. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Frequency Band Designations 300 MHz 3 GHz VHF UHF 1 GHz VHF UHF L S 3 GHz 30 GHz SHF EHF 8 GHz 12 GHz 18 GHz 40 GHz 75 GHz C X Ku K Ka V source: http://www.satcom‐services.com/sat_freq.htm
- 10. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Data communication service using satellite access media with Time Division Multiplex (TDM) / Time Division Multiple Access (TDMA) technology based on Internet‐protocol. source: http://www.lintasarta.net/PRODUKLAYANAN/Satelit/VsatIP/tabid/85/Default.aspx
- 11. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Data communication service using satellite access media with Single Channel per Carrier (SCPC) connecting point‐to‐point and point‐to‐multipoint. source: http://www.lintasarta.net/PRODUKLAYANAN/Satelit/VsatLink/tabid/86/Default.aspx
- 12. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Attacks against Satellite Systems ‣ Hypothetical Attacks ‣ Denial of services (uplink/downlink jamming, overpower uplink), orbital positioning attacks (raging transponder spoofing, direct commanding, command replay, insertion after confirmation but prior to execution) ‣ Practical Attacks
- 13. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Abusing Satellite Systems "Satellite Piggyjacking" (Exploiting Satellite Trust Relationship on VSAT Network)
- 14. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Satellite Piggyjacking ‣ Selecting target ‣ Pointing antenna ‣ Find "free" frequency ‣ Transmit and receive ‣ Detection evasion
- 15. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Demo
- 16. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 17. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 18. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 19. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 20. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 21. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 22. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 23. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 24. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 25. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008
- 26. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Real User
- 27. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Real User Us
- 28. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Real User Us
- 29. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Real User Us
- 30. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Us
- 31. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Rogue Carrier Detection Evasion Allocated Frequency Us
- 32. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 Detection Issues ‣ Require at least another satellite and satellite operator to detect rogue carrier (similar to GPS mechanism). ‣ Satellite operator alliance co‐operation. ‣ Specialised company detecting rogue carrier. ‣ Hard to detect if rogue carrier has ability to switch frequency automatically prior detection.
- 33. Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship HITBSecConf Dubai 2008 The End ‣ Two years ago, we presented how to compromise data link layer. ‣ Today, we present how to compromise network layer. Data Link + Network = ?