US researchers found it surprisingly easy to access private text messages and military data using homemade satellite scans that cost as little as €500.
ADVERTISEMENT
Hackers can easily gather a trove of sensitive personal and military information from satellites in space using just a $600 (€512) kit, according to a new study.
Researchers from the University of California, San Diego and the University of Maryland conducted the first scan of internet traffic coming from 39 satellites in geostationary orbit (GEO) in western North America, as well as 411 transponders that receive their signals. The researchers built their system using everyday products.
Over a seven-month period, they gathered unencrypted traffic such as text messages, phone numbers, calling history, and internet browsing history from satellites used by mobile providers T-Mobile, TelMex, and AT&T.
They also identified unencrypted data from US military sea vessels, the Mexican government and military. That included sensitive military administrative reports, references to military terminal locations, and live locations for deployments and traffic.
The researchers accessed and decoded this data using simple equipment such as TV satellite dishes, meaning such unencrypted data can be intercepted by anyone “with a clear view of the sky and $600,” the study said.
“The severity of our findings suggest that these organisations do not routinely monitor the security of their own satellite communication links,” the researchers said.
They said their findings are particularly alarming given experts had previously assumed that such widescale satellite signal interception was only feasible for actors with high-quality equipment and software, such as military and intelligence agencies.
‘Clear mismatch’ on how data is secured
In September, the European Space Agency (ESA) estimated that there are about 12,500 satellites in the Earth’s orbit that are still operational.
The US non-profit Union of Concerned Scientists estimated in 2023 that 590 satellites are in geostationary orbit (GEO), which are satellites that fly at an altitude of nearly 36,000 kilometres and move from west to east to match the Earth’s rotation.
These types of satellites are often used by telecommunications companies and for weather monitoring, according to the ESA.
GEO satellite information is also used to build private and secure networks for remote commercial and military equipment, the study notes.
Dozens of transponders on board the GEO satellites amplify the signals they receive, change the signals’ frequency, and send them back down to a ground station on Earth, where they are then sent to TV satellite dishes, WiFi receivers, or cell towers.
The standard practice in the industry is to encrypt the data that is sent to and from the satellite at various levels, which the researchers said was not the case among the signals they intercepted.
“There is a clear mismatch between how satellite customers expect data to be secured and how it is secured in practice,” the report said, noting that telecommunications companies normally encrypt data at the “radio layer” before information is sent from an individual phone to a mobile tower.
The researchers said there are many reasons why communications, browser history, and other information might not be encrypted by the satellites.
One reason they found is that link-layer encryption – which would protect all of the data – could force companies to pay additional licensing fees to the operators of specific satellite terminals and hubs.
Encrypting data also makes bandwidth more expensive for companies, with firms such as Panasonic telling the study authors that it could incur up to a 30 per cent loss in revenue for doing it.
Challenges remain for potential satellite hackers
For the study, the researchers built a GEO traffic parser with easy-to-find products, such a TV satellite dish, a signal receiver, and a dish motor, which gave them access to several satellite signals. They also used a tuner card to measure and decode the passive traffic between satellites.
Every day for seven months, they scanned all of the 411 transponders in the test area that broadcast to televisions and internet applications to collect a three-minute data capture of what they had transmitted over the last 24 hours.
Despite the easy assembly of this decryption kit, the researchers noted that there are still challenges for potential hackers.
People who want to gain access to satellite data would have to find a way to automatically aim a ground station’s satellite in the right direction for it to interpret several signals from different satellites at once.
They would also have to have the technical knowledge to understand the data that is collected.
