Recent geopolitical events have exposed our critical dependence on the wireless infrastructure used to facilitate worldwide communication. State-sponsored groups are actively attacking and exploiting space-based communication networks, causing outages and serious economic damage. Despite initial research findings pointing out a lack of security, such networks enjoy growing adoption and are still placed at the heart of today's communication infrastructure, ranging form the transportation sector over oil rigs to consumer internet. Worryingly, the command and control networks that support this satellite-based communication have received little attention from the security community so far. This paper addresses this research gap and conducts a systematic security assessment of the Very Small Aperture Terminal (VSAT) ecosystem. More specifically, we investigate the attack surface of the underlying command and control networks and analyze the systems currently used by industry-leading vendors. Through systematic reverse engineering, we uncover a number of wide-reaching vulnerabilities that illustrate the perilous position of the satellite industry. We then systematically formulate a phase-based threat model to categorize these issues and uncover several inherently insecure design practices.
ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec)
2024-05-27
2024-06-19