Providing internet connectivity from satellites orbiting the Earth is becoming an increasingly popular idea, especially as Elon Musk continues to launch satellites into low orbit to build his next Starlink network.
Workers on remote oil rigs, ships crossing international waters, and airlines in areas where cellular or broadband Internet is not available already use satellite Internet connections. However, the safety of these connections has recently been called into question thanks to an experiment conducted by Oxford University researcher James Pavur.
Pavur presented the results of his experience at Black Hat 2020, where he tried to convince the information security community that the insecure nature of broadband satellite communications is worth considering. Over the course of several years, successfully intercepted signals from 18 satellites transmitting the internet over a 100 square meter square kilometer from a fixed physical location in the UK.
During his experience, Pavur was able to listen to all kinds of different communications, including navigation information sent to a Chinese plane over an unencrypted connection, messages transmitted by an Egyptian tanker that allowed him to decipher information on the ship, and even personally, information information about his crew, resetting account passwords for a Greek billionaire's yacht network, and more.
Intercept Internet traffic via satellite
Satellite Internet traffic is easy to intercept due to the fact that there is currently no technology available that allows parties to validate the integrity of an encrypted satellite connection.
With just a €90 satellite dish and a €200 commercially purchased satellite video broadcast tuner, Pavur was able to intercept satellite internet traffic. Using publicly available sources, he identified the orbital tracks of the satellites and pointed his satellite dish in their direction.
To log the transmitted data, Pavur used signal logging software and modified it to focus on Internet traffic using HTTP protocols. The technique he was using did not require a particularly high level of technical ability, and in total he was able to download over 8TB of data from the satellites orbiting above him.
Pavur hopes that his experience and presentation at this year's Black Hat conference will raise awareness of the possible lack of security in satellite Internet connections.
- We've also highlighted the best VPN services