Space is changing. More than 15,000 satellites are expected in orbit by 2030, the majority for internet communications. This updated briefing from DEF CON 28 shows how an attacker, using $300 of widely available home television equipment, can intercept deeply sensitive data transmitted by satellite services belonging to some of the world’s largest organizations.
In this talk, we will touch on a series of case studies looking at intercepted satellite internet traffic from three domains: air, land, and sea. From oil tankers to wind farms, we’ll see how satellite eavesdropping attacks can threaten the privacy and security of critical systems and how, under certain conditions, attackers can abuse their eavesdropping position to even hijack and alter traffic.
The talk concludes by presenting open-source tools we have developed to help researchers interested in working on these problems: including a proof-of-concept exploit which has been made publicly available in the months following DEF CON 28. We’ll also touch on the work we’ve done to help mitigate these vulnerabilities, namely an open-source secure satellite communications research testbed and proxy. Finally, we will talk about new research directions that may be of interest to others looking to make contributions on satellite communications security.
While this talk includes technical components, it assumes no prior background in satellite communications or cryptography.DEFCONConferenceRead More