Satellite Hacking 101: How Hackers Took Over a Government-Owned Satellite

Satellite Hacking – Are government-controlled satellites secure enough?

A recent hack into a nanosatellite, OPS-SAT, proves otherwise.

A team of cybersecurity experts from multinational tech company Thales took part in the European Space Agency’s (ESA) Hack CYSAT challenge and managed to successfully hack into a nanosatellite called OPS-SAT that was sent up into low Earth orbit in 2019.

This intrusion gave the team full control of the satellite’s communication, imaging, and maneuverability systems.

Artist's impression of OPS-SAT. Credit: ESA - European Space Agency.

Artist’s impression of OPS-SAT. Credit: ESA – European Space Agency.

How much access did they get?

The hackers were able to access the satellite’s onboard camera, global positioning system, and attitude control system as a result of the intrusion.

The cybersecurity team stated that they accessed satellite controls via its onboard system and then entered its control interface using conventional access permissions.

The researchers further went on to prove their ability to inject malicious code into the system.

Previous Incidents

Cybersecurity experts have been warning about the vulnerabilities of commercial satellite systems for some time now. In fact, last year, a Belgian researcher proved he could hack into a SpaceX Starlink terminal with his custom modchip, while an academic team from the University of Texas successfully took control of a Starlink signal without requiring an actual intrusion.

Moreover, a leaked CIA report suggested that the U.S. believes China is developing ways to “seize control” of foreign satellites, while past hacks have linked China to U.S. observation satellite attacks.

What Does This Means?

If the cybersecurity team could do it, surely hackers can do it too.

The cybersecurity team that accessed the satellite control warned about the possibility of a hacker masking parts of the satellite’s imaging system, providing them with the means to stay hidden from detection by the satellite’s monitoring system.

The possibility of gaining control over a satellite’s attitude controls and GPS presents a wide range of security concerns.

The threat of satellite hacks is so serious that a bipartisan group of senators introduced a bill that would offer more resources for hack-proofing U.S. satellites. But it hasn’t made it to the Senate yet since it can cause $3 million annually.

Pierre-Yves Jolivet, Thales’ VP of Cyber Solutions, while talking about the importance of incorporating security into Satellite’s design phase, noted,

The space sector must prioritize cybersecurity throughout the satellite’s entire life cycle, starting from the design phase to development and maintenance of the systems.

For more news and updates on Cybersecurity, visit The Cybersecurity Club.

AI/ML: Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools

France Passes Bill Allowing Remote Phone Surveillance, Raising Privacy Concerns

Social Media Scams Rack Up $2.7 Billion in Losses Since 2021, Reports FTC

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats