Researchers Used a Decommissioned Satellite to Broadcast Hacker TV

Credit to Author: Lily Hay Newman| Date: Wed, 30 Mar 2022 13:01:24 +0000

To revist this article, visit My Profile, then View saved stories.

To revist this article, visit My Profile, then View saved stories.

Independent researchers and the United State military have become increasingly focused on orbiting satellites' potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended to be ultra-secure. But at the ShmooCon security conference in Washington, DC on Friday, embedded device security researcher Karl Koscher raised questions about a different phase of a satellite's life cycle: What happens when an old satellite is being decommissioned and transitioning to a “graveyard orbit”?

Koscher and his colleagues received permission last year to access and broadcast from a Canadian satellite known as Anik F1R, launched to support Canadian broadcasters in 2005 and designed for 15 years of use. The satellite's coverage extends below the US southern border and out to Hawaii and the easternmost part of Russia. The satellite will move to its graveyard orbit soon, and nearly all other services that use it have already migrated to a new satellite. But while Anik F1R still had its uplink license and transponder slot lease, Koscher had the opportunity to take over and broadcast to the northern hemisphere.

“My favorite thing was actually seeing it work!” Koscher tells WIRED.  “It's kind of unreal to go from making a video stream to having it broadcast across all of North America.”

Koscher and his colleagues from the Shadytel telecommunications and embedded device hacking group broadcast a livestream from another security conference, ToorCon San Diego, in October. At ShmooCon last week, he explained the tools they used to turn an unidentified commercial uplink facility (a station with a special powered dish to communicate with satellites) into a command center for broadcasting from the satellite.

In this case, the researchers had permission to access both the uplink facility and the satellite, but the experiment highlights the interesting gray area when a defunct satellite is not being used but has not yet moved father away from Earth to its final resting orbit. 

“Technically, there are no controls on this satellite or most satellites—if you can generate a strong enough signal to make it there, the satellite will send it back down to the Earth,” Koscher explains. “People would need a big dish and a powerful amplifier and knowledge of what they were doing. And if a satellite were fully utilized, they would need to overpower whoever else was using that particular transponder spot or frequency.”

In other words, whoever yells loudest into a (geosynchronous orbiting) microphone will have their voice amplified the most, but it's difficult to overpower established broadcasting giants—although not unprecedented. In 1986, for example, a hacker who called himself Captain Midnight broke into an HBO broadcast of The Falcon and the Snowman by hijacking the Galaxy 1 satellite signal.

More recently, hackers have taken advantage of underutilized satellites for their own purposes. In 2009, Brazilian Federal Police arrested 39 suspects on suspicion of  hijacking US Navy satellites using high-powered antennas and other ad hoc gear for their own CB (citizens band) short-distance radio communications.

Beyond independent hackers, Koscher points out that the lack of authentication and controls on satellites could allow countries to hijack each others' equipment. “One implication is that states who want to broadcast propaganda could do it without launching their own satellite, they could use another satellite if they have the ground equipment,” he says.

Ang Cui, an embedded device security researcher who launched the NyanSat open source ground station project in 2020, notes that decommissioned satellites aren’t the only ones that could be hijacked. “One could take over even newish satellites,” he says. But thinking about those in the end-of-life stages, he adds, “There definitely are things that are just hanging out up there.”

One of Koscher's colleagues, who goes by the hacker name Falcon, notes that from a pluralistic, freedom-of-information perspective, satellite uplink capabilities could be reimagined as plentiful and available rather than exclusive and scarce. “What if this was just a universal utility,” Falcon says with a faraway look.

https://www.wired.com/category/security/feed/

Leave a Reply