HackingSATCOMS vulnerable to hacking

Published 11 August 2014

Satellite communications systems (SATCOMS) used by soldiers on the front lines, airplanes, and ships are vulnerable to hacking, according to analyst Ruben Santamarta’s presentation at the recent Black Hatcybersecurity conference.While none of the vulnerabilities discovered could directly cause a plane to crash, or override pilot commands, they could delay or intercept communications, exposing security and classified information to bad actors.

Satellite communications systems (SATCOMS) used by soldiers on the front lines, airplanes, and ships are vulnerable to hacking, according to analyst Ruben Santamarta of IOActive. At the recent Black Hat cybersecurity conference, Santamarta presented his research showing that communications devices from firms Harris, Hughes, Cobham, Thuraya, JRC, and Iridium are vulnerable to attack due to security flaws built into the systems, most notably, backdoors, or special entry points which are designed for fast or emergency access into systems.

SATCOMS developers insist that backdoors do not pose a security risk, and consider them a “common practice in electronic products,” because vendors and technicians sometimes forget passwords. Santamarta refutes saying “I can’t recommend ever a back door. It’s a security risk. It’s not a good idea.”

Defense Onereports that the Cobham Aviator 700D, a common SATCOM in military aviation, could be hacked to cause “catastrophic failure.” While none of the vulnerabilities discovered could directly cause a plane to crash, or override pilot commands, they could delay or intercept communications, exposing security and classified information to bad actors. The most serious vulnerability on the Cobham Aviator 700D allowed a hacker access to systems swift broadband unit (SBU), and the satellite data unit (SDU). “Any of the systems connected to these elements, such as the Multifunction Control Display Unit (MCDU), could be impacted by a successful attack,” Santamarta writes in his paper. “The SBU contains a wireless access point.”

The MCDU provides vital information such as the amount of fuel left in a plane. If compromised, a hacker could give a pilot wrong information about the plane, causing the pilot to take actions based upon misinformation.

Cobham spokesman Greg Caires claims that the backdoor on the Cobham Aviator 700D helps ensure ease of maintenance, and “we determined that you have to be physically present at the terminal to use the maintenance port,” refuting the ability to hack the system via Wi-Fi. Santamarta reiterated, however, that while certain attacks require physical access, other vulnerabilities within the SBU “can be attacked through the Wi-Fi.” In marketing the Cobham Aviator 700D, Cobham states that “aviator 700D becomes the aircraft’s very own Wi-Fi hotspot in the sky, supporting in-flight use of smart phones, personal tablets and laptops.”