Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and...
Transcript of Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and...
![Page 1: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/1.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
Whispers Among the Stars
James Pavur, DPhil Student
Oxford University, Department of Computer Science
#BHUSA @BLACKHATEVENTS
Perpetrating (and Preventing) Satellite Eavesdropping Attacks
![Page 2: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/2.jpg)
#BHUSA @BLACKHATEVENTS
2
![Page 3: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/3.jpg)
#BHUSA @BLACKHATEVENTS
3
![Page 4: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/4.jpg)
#BHUSA @BLACKHATEVENTS
4
![Page 5: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/5.jpg)
#BHUSA @BLACKHATEVENTS
Bio / Contributors• PhD Student @ Oxford University,
Systems Security Lab• Title of (blank) thesis_draft.tex file:
Securing New Space: On Satellite Cybersecurity
• Don’t Work Alone…• Daniel Moser, armasuisse / ETH
Zürich• Martin Strohmeier, armasuisse /
Oxford University• Vincent Lenders, armasuisse• Ivan Martinovic, Oxford University
5
![Page 6: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/6.jpg)
#BHUSA @BLACKHATEVENTS
Lessons from the Past
Ruhr-University Bochum, 2005 Black Hat DC, 2009 Black Hat DC, 2010
6
![Page 7: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/7.jpg)
#BHUSA @BLACKHATEVENTS
3 Domain-Focused Experiments
18 GEO Satellites
Coverage Area ~100 million km2
![Page 8: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/8.jpg)
#BHUSA @BLACKHATEVENTS
Whose Data?
9 FORTUNE GLOBAL 500 MEMBERS
6 OF 10 LARGEST AIRLINES
~40% MARITIME CARGO MARKET
GOVERNMENTAL AGENCIES
YOU?
8
![Page 9: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/9.jpg)
#BHUSA @BLACKHATEVENTS
3-Minute SATCOM Crash Course
Photo: Three Crew Members Capture Intelsat VI, NASA, 1992, Public Domain9
![Page 10: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/10.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
![Page 11: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/11.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
![Page 12: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/12.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
![Page 13: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/13.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
![Page 14: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/14.jpg)
#BHUSA @BLACKHATEVENTS #BHUSA @BLACKHATEVENTS
![Page 15: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/15.jpg)
#BHUSA @BLACKHATEVENTS
![Page 16: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/16.jpg)
#BHUSA @BLACKHATEVENTS
![Page 17: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/17.jpg)
#BHUSA @BLACKHATEVENTS
![Page 18: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/18.jpg)
#BHUSA @BLACKHATEVENTS
![Page 19: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/19.jpg)
#BHUSA @BLACKHATEVENTS
![Page 20: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/20.jpg)
#BHUSA @BLACKHATEVENTS
Threat Model
20
![Page 21: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/21.jpg)
#BHUSA @BLACKHATEVENTS
Nation-State Actor Tech
Photo: Het grondstation van de NSO, Wutsje, July 2012, Wikimedia Commons, CC BY-SA 3.021
![Page 22: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/22.jpg)
#BHUSA @BLACKHATEVENTS
Nation-State Actor Tech
Photo: Het grondstation van de NSO, Wutsje, July 2012, Wikimedia Commons, CC BY-SA 3.022
![Page 23: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/23.jpg)
#BHUSA @BLACKHATEVENTS
$300 of TV Equipment
TBS-6983/6903 ~$200-$300 (or comparable PCIE DVB-S tuner, ideally with APSK support)
Selfsat H30D ~$90 (or any old satellite dish + LNB off Craigslist)
23
![Page 24: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/24.jpg)
#BHUSA @BLACKHATEVENTS
![Page 25: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/25.jpg)
#BHUSA @BLACKHATEVENTS
MPEG-TS + MPE/ULE• Legacy (but still popular)
standard• Sort of a hacked together
combination of protocols built for other purposes
• Tools exist for parsing• dvbsnoop, tsduck, TSReader
• Primary focus of related work from 2000-2010
25
![Page 26: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/26.jpg)
#BHUSA @BLACKHATEVENTS
GSE (Generic Stream Encapsulation)• More modern, popular
among enterprise “VSAT” customers
• In practice, networks assume equipment in the $25k-$100k range
rame Data iel rame Data iel
a loa a loa
S a loa
ea er
ea er
ea er
S ea er
S ragment Start
S ragment n
S ea er
S ea er
S ea er
S ragment
Start
ea er
ea er
26
![Page 27: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/27.jpg)
#BHUSA @BLACKHATEVENTS
GSExtract
• Custom tool to forensically reconstruct bad recordings
• Applies simple rules to find IP headers / place fragments
• https://doi.ieeecomputersociety.org/10.1109/SP40000.2020.00056
• Public Release?• https://github.com/ssloxford 65%
11%
24%
40%
24%
36%
50%
15%
35%
40%
10%
50%
Packet Recovery Rate Using GSExtract
27
![Page 28: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/28.jpg)
#BHUSA @BLACKHATEVENTS
dvbsnoop
GSExtract
*.pcapDish + Tuner Card
DVB-S
28
![Page 29: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/29.jpg)
#BHUSA @BLACKHATEVENTS
General Findings
NO DEFAULT ENCRYPTION
ISP-ESQUEVANTAGE POINT
BREACH THE PERIMETER
29
![Page 30: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/30.jpg)
#BHUSA @BLACKHATEVENTS
Terrestrial
30
![Page 31: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/31.jpg)
#BHUSA @BLACKHATEVENTS
TLS == Privacy?
31
![Page 32: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/32.jpg)
#BHUSA @BLACKHATEVENTS
TLS != Privacy
Top SSL Certificate Names (MPEG-TS Case Study)
32
![Page 33: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/33.jpg)
#BHUSA @BLACKHATEVENTS
!TLS != Privacy
33
![Page 34: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/34.jpg)
#BHUSA @BLACKHATEVENTS
IOT & Critical Infrastructure
“admin-electro…..”
34
![Page 35: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/35.jpg)
#BHUSA @BLACKHATEVENTS
Maritime
35
![Page 36: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/36.jpg)
#BHUSA @BLACKHATEVENTS
Art: Rodney’s Fleet Taking in Prizes After the Moonlight Battle, Dominic Serres, Public Domain
Case Study: 100 Random Ships
36
![Page 37: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/37.jpg)
#BHUSA @BLACKHATEVENTS
~10% of Vessels Identifiable
37
![Page 38: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/38.jpg)
#BHUSA @BLACKHATEVENTS
~10% of Vessels Identifiable
![Page 39: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/39.jpg)
#BHUSA @BLACKHATEVENTS
~10% of Vessels Identifiable
![Page 40: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/40.jpg)
#BHUSA @BLACKHATEVENTS
~10% of Vessels Identifiable
![Page 41: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/41.jpg)
#BHUSA @BLACKHATEVENTS
ECDIS
• Electronic Chart Display and Information System
• Standard Formats Support Cryptographic Verification
• But we observed more than 15,000 unsigned charts files in transit
• Many also use proprietary formats
41Photo: Navigation system used on an oil tanker, Hervé Cozanet, Wikimedia Commons, CC BY-SA 3.0
![Page 42: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/42.jpg)
#BHUSA @BLACKHATEVENTS
Listening Can Be Enough…
Publicly Routable FTP Fileshares
Chart Update Via Email
42
![Page 43: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/43.jpg)
#BHUSA @BLACKHATEVENTS
General Privacy
Captain of Billionaire’s Yacht – MSFT Acct. Crew Passport Data Transmitted to Port Authorities
43
![Page 44: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/44.jpg)
#BHUSA @BLACKHATEVENTS
Aviation
44
![Page 45: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/45.jpg)
#BHUSA @BLACKHATEVENTS
Where Did the Planes Go????
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts DD
A D S
ropean airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts T
T T S V
ast sian airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts D
VA V D WSSS SS
sian stralian airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts
AT A S S
erican airports
Chart: Xavier Olive, Impact of COVID-19 on worldwide aviation, https://traffic-viz.github.io/scenarios/covid19.html
45
![Page 46: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/46.jpg)
#BHUSA @BLACKHATEVENTS
Where Did the Planes Go????
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts DD
A D S
ropean airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts T
T T S V
ast sian airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts D
VA V D WSSS SS
sian stralian airports
a n a n e e ar ar ar Apr Apr a a n n a
of
ep
artin
fli
hts
AT A S S
erican airports
Lots of Useless Nonsense (e.g.
Instagram Traffic)
Almost Entirely Essential Traffic
People Who Really Need to Travel
Chart: Xavier Olive, Impact of COVID-19 on worldwide aviation, https://traffic-viz.github.io/scenarios/covid19.html
![Page 47: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/47.jpg)
#BHUSA @BLACKHATEVENTS
Crossing the “Red Line”
”A primary concern is the sharing of these SATCOM devices between different data domains, which could allow an attacker […] to pivot from a compromised IFE to certain avionics”
47
![Page 48: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/48.jpg)
#BHUSA @BLACKHATEVENTS
The Loneliest EFB
Photo: Gulfstream Aerospace G150, Robert Frola, 2011, Flickr, GFDL.48
![Page 49: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/49.jpg)
#BHUSA @BLACKHATEVENTS
GSM @ 30,000ft
49
![Page 50: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/50.jpg)
#BHUSA @BLACKHATEVENTS
Active Attacks?
50
![Page 51: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/51.jpg)
#BHUSA @BLACKHATEVENTS
TCP Session Hijacking
• Snoop TCP sequence numbers• Impersonate satellite-terminal
conversation endpoint• Possibly bi-directional, but more
complex
• Network Requirements• IPs must be routable to attacker• No TCP sequence number
altering proxies
51
![Page 52: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/52.jpg)
#BHUSA @BLACKHATEVENTS
![Page 53: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/53.jpg)
#BHUSA @BLACKHATEVENTS
![Page 54: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/54.jpg)
#BHUSA @BLACKHATEVENTS
![Page 55: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/55.jpg)
#BHUSA @BLACKHATEVENTS
![Page 56: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/56.jpg)
#BHUSA @BLACKHATEVENTS
![Page 57: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/57.jpg)
#BHUSA @BLACKHATEVENTS
![Page 58: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/58.jpg)
#BHUSA @BLACKHATEVENTS
Ethics and Disclosure
Adhered to legal obligations in jurisdiction
of data collection
• Data stored securely and only while needed
• Data was never shared with 3rd parties
• Encryption untouched
• Won’t “name and shame”
Followed responsible disclosure process
• Contacted satellite operators in 2019
• Reached out to some of the largest impacted customers
Vast majority of companies were receptive
• Shared findings directly to CISOs of several large orgs
• Unclear if any changes have been made…
• Only one organization threatened legal action if we published!
58
![Page 59: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/59.jpg)
#BHUSA @BLACKHATEVENTS
Thanks FBI!
59
![Page 60: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/60.jpg)
#BHUSA @BLACKHATEVENTS
Thanks FBI!
60
![Page 61: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/61.jpg)
#BHUSA @BLACKHATEVENTS
Thanks FBI!
![Page 62: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/62.jpg)
#BHUSA @BLACKHATEVENTS
Mitigations and Defenses
62
![Page 63: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/63.jpg)
#BHUSA @BLACKHATEVENTS
Why Does This Happen?• Not 100% Incompetence /
Ignorance• Latency -> Miserable TCP
Experience• S s fix wit “ e rforman e
n an ing rox ies” s • Basically a benevolent Man-In-
The-Middle attack
• an ’t se tra itional en -to-end VPN and PEP
i atenc atellite o
ro nd t ationto
nternet at odem to or tation
63
![Page 64: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/64.jpg)
#BHUSA @BLACKHATEVENTS
Short-Term Fixes
Accept VPN performance hit
Use TLS / DNSSEC / etc. ISP: Alter sequence numbers in PEP
64
![Page 65: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/65.jpg)
#BHUSA @BLACKHATEVENTS
Longer-Term – “QPEP”
stomerWorkstation
lient
SatelliteTerminal
Satellite
S ro n station
nternet Ser er
nternet DestinationSer er
T
Sessions
ltiplexe an n r p te Session T Sessions
or f rt erV
65
![Page 66: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/66.jpg)
#BHUSA @BLACKHATEVENTS
QPEP Design Principles
OPEN SOURCE ACCESSIBLE & SIMPLE TARGET INDIVIDUALS (NOT ISPS)
Contribute Here: https://github.com/ssloxford/qpep
66
![Page 67: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/67.jpg)
#BHUSA @BLACKHATEVENTS
Traditional VPN Encryption (OpenVPN) Encrypted PEP (QPEP)
~25 seconds ~14 seconds
67
![Page 68: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/68.jpg)
#BHUSA @BLACKHATEVENTS
Satellite Broadband Traffic is Vulnerable to Long-Range Eavesdropping Attacks
Satellite Customers Across Domains Leak Sensitive Data Over Satellite Links
Performance and Privacy Don’t Need to Trade Off in SATCOMs Design
Key Takeaways
68
![Page 69: Whispers Among the Stars · Oxford University, Department of Computer Science Perpetrating (and Preventing) Satellite Eavesdropping Attacks. ... $300 of TV Equipment TBS-6983/6903](https://reader033.fdocuments.us/reader033/viewer/2022050507/5f98bd5e3cb1c95198592884/html5/thumbnails/69.jpg)
#BHUSA @BLACKHATEVENTS
T e “Next o ” i n now n. Encr t ever t in .
Questions/Ideas: [email protected] thanks to a.i. solutions for offering academic access to FreeFlyer, used in our animations!