As part of Cybersecurity Awareness Month every Saturday I’ll be sharing links to videos, presentations, etc. that show interesting, surprising and entertaining content. Today’s theme is how to hack a satellite.
At the recent DEF CON Safe Mode conference there was a Hack-a-Sat "Capture the Flag" competition with $100,000 up for grabs. Capture the Flag, or CTF, is type of competitive game where a goal is announced and teams compete reach that goal which might be to extract a file or break into a specific component.
The competition took place over six rounds with the initial rounds, for obvious reasons, being based on simulated or hardware copies of satellites but the final round was an 'on orbit'
- You are locked out of the Ground Station by an adversary, get back in.
- Regain access to the satellite, whilst it is spinning out of control.
- Repair the on-board software, restoring corrupted control data.
- Regain control of the flight software which has been hijacked.
- Restore normal operations to the satellite.
- Prove that you have regained control by imaging the moon.
There's a great 5-minute rundown of competition here:
And here's the picture of the moon taken by the winner of the on-orbit challenge. It might be a small picture, but remember - this was taken by a real satellite. In Space. In a hacking competition.And from last year's RSA Conference a talk about the risks of satellite attacks and evidence of attacks that have already taken place...
Moving to a slightly different angle here, what could you get from satellites? Here, James Pavur gives a thoroughly interesting run-down of an unbelievable amount of confidential information can be pulled out of the air with just $300 worth of equipment due to unsecured satellite broadband services.
So spare a thought next time you look up at the sky, and maybe take a step outside and take a look at satellites in orbit with your own eyes.