Satellite hack raises security questions
By Corey Grice
Staff Writer, CNET News
PanAmSat suffers satellite setback
November 19, 1998
Outage hits pagers, Net access
May 21, 1998
Britain’s Ministry of Defense is denying that the nation’s military satellites were hacked, but the reported disruption raises questions about the security of all satellite-based communications services.
Control of one of the satellites in Britain’s Skynet system, which delivers communications services to the nation’s Royal Air Force and other armed forces units, was reportedly seized by hackers over the weekend. The British government was then the subject of an alleged blackmail threat following the attack.
But the government is denying that the James Bond-like incident ever occurred.
“The satellite system has not been hacked into and the satellite has not changed course,” said a spokeswoman for Britain’s Ministry of Defense, who declined to give her name. “And, the security levels make it extremely difficult, if not impossible, to hack into the system.”
Industry experts said hacking into a satellite system is difficult, and commercial satellites are relatively safe from meddlers. Yet as the communications industry begins to rely more heavily upon satellites, the cause for concern over hackers is no longer limited to Webmasters.
Commercial satellite launches are on the rise and the number of “birds” in the sky continues to grow. There are about 330 commercial satellites in orbit today, according to the Satellite Industry Association, a commercial trade group.
Companies such as Iridium, a satellite mobile phone provider which owns a 66-satellite network, and Teledesic, a satellite data provider, have hinged their whole business success on their galactic machinery.
Meanwhile, direct broadcast satellite operators, such as DirecTV and EchoStar Communications, have grown in popularity in recent years and, as a result, have cut into the cable television market.
This increasing use of satellites raises security and reliability questions should computer hackers turn their attention to the heavens. Although not the work of hackers, nearly 40 million paging customers were without service last year when PanAmSat’s Galaxy IV satellite broke down–a reminder of what could happen when a communications satellite fails.
“[Hacking is] a concern and companies are taking steps to prevent that,” said Clayton Mowry, executive director of the Satellite Industry Association. “But it’s not like you’d use a backyard dish to do this.”
Industry experts said satellite companies use encryption to protect their data and company control centers, used to monitor satellites and maintain their correct position in space, are typically secure facilities with surveillance cameras, alarms, and other security measures.
“You’d need the encryption keys, or access to a control center, or both,” Mowry said. “I don’t know of any cases where satellites have been commandeered.”
How to hack
Analysts said there are several ways satellite systems can be disrupted. With sufficient power from a satellite dish on the ground, an orbiting satellite’s signal can be blocked.
“One way is simply brute force, by sending a signal up to a given satellite and jamming it,” said Steve Blum, president of Tellus Venture Associates, a satellite consulting firm. “That’s nothing new. That’s as old as radio itself.”
Experts said that occasionally happens by accident, but jamming a satellite is easy to trace and communications services, such as TV signals, are rarely disrupted as programmers and providers usually have backup capacity on other satellites.
The computer systems used to monitor and control the satellites also pose a potential weak link; although most are housed in secure facilities, in theory they could be infiltrated, Blum said.
But industry sources said many of the potential pitfalls are not unique to satellites. Smaller radio stations have been known to have their signals blocked by more powerful transmitters. And hackers could just as easily attempt to break into the computer systems of a cable operator in an attempt to shut down services to a certain neighborhood.
“The guys that designed these systems all have military histories,” Blum said. “You’re dealing with companies that are very much knowledgeable about security.”