Starlink, owned by Elon Musk, has launched more than 3,000 small satellites into orbit. This network of satellites brings Internet connections to hard-to-reach locations on Earth and was a vital source of communication during Russia's ongoing war in Ukraine.
Thousands more satellite launches are planned as the industry is booming at the moment, but like any emerging technology, attempts to hack these satellite components are increasing.
Among these attempts, Lennert Waters, a security researcher at Belgium's KU Leuven, conducted an experiment showing the vulnerabilities of Starlink receivers, satellite dishes dubbed "Dishi MC Flat Face" ( Dishy McFlatface) which are placed on homes and buildings.
Waters presented his experience at the Black Hat information security conference in Las Vegas, where he showed security experts how a series of hardware vulnerabilities allow attackers to gain access to the Starlink system and run custom code on devices, according to a report by Wired . ) specialist in technology.
To gain access to the satellite dish software, Waters scraped a dish he had purchased and created a custom hacking tool that could be connected to a Starlink dish.
The hacking tool, a homemade circuit board known as a modchip, is made with off-the-shelf components and costs about $25.
Hacking tool A homemade circuit board known as ModShip costs about $25
Once attached to a Starlink dish, a homemade circuit board (PCB) can launch an attack by introducing a syntax that temporarily shortens the protection system's timing to help bypass Starlink's security safeguards. This "glitch" allows Waters to gain access to previously locked parts of the Starlink system.
Waters shared his tool on the open source GitHub, including some details needed to launch the attack.
"As an attacker, let's say you wanted to attack the satellite itself, you could try to build your own system that would allow you to talk to the satellite, but that's very difficult. So if you want to attack the satellite, you want to go through user terminal because that would potentially make your life easier."
The Belgian researcher notified Starlink of the flaws last year, and the company paid Waters a bounty through a rewards program for identifying vulnerabilities.
Waters says that while SpaceX has released an update to make the attack more difficult, the underlying issue cannot be fixed unless the company creates a new version of the chipset. Waters says all existing user terminals are at risk.
Starlink says in a blog that it plans to release a "public update" after Waters' Black Hat show, but declined to reveal any details about that update - to Wired - before the update was released.
Mask challenged Russia to stop his satellites
Ukraine used the Starlink system to support the Internet infrastructure damaged by Russian bombing.
Musk donated a truckload of dishes to a war-torn Ukraine whose communications had been damaged, shipping thousands of satellite receivers to the Ukrainians, allowing them to stay connected to the Internet despite destroying traditional sources.
Musk previously revealed concerns that Russia might spy on Starlink communications, but - in an interview - he said he was not worried about Russia destroying Starlink satellites with missiles.
In an interview with Business Insider, Musk said that there are now too many Starlink satellites in the sky, and that the pace of SpaceX launching more satellites is faster than the Kremlin's war machine can drop them from space.
But with these loopholes, couldn't Russian hackers control Starlink stations as the Belgian researcher did and at the lowest cost?
Tags:
DIGITAL LINE
