Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

2020-08-06 19:49

Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims.

When a satellite ISP makes an internet connection for a customer, it beams that customer's signals up to a satellite in geostationary orbit within a narrow communications channel; that signal is then sent back down to a terrestrial receiving hub and routed to the internet.

"And then we used a PCIe satellite tuner card. These are widely available for people who want to watch satellite television on their computer."

The Oxford team took their set-up and applied it to real satellite internet connections, finding that generally speaking, the satellite ISPs they examined did not seem to be employing encryption by default.

"And so as a result, satellite internet service providers have built a tool called a performance-enhancing proxy, which is essentially a benevolent man-in-the-middle that intercepts and modifies your TCP sessions on both sides of the satellite link to make it feel fast. Unfortunately, if you use standard end to end encryption, this will stop the ISP from being able to engage in that benevolent man-in-the-middle attack, and it will slow your satellite speeds to a crawl."

News URL

https://threatpost.com/black-hat-satellite-comms-eavesdropping-hack/158146/

#blackhat #eavesdropping #hack #satellite