Security researchers have revealed new vulnerabilities in satellite communication and on-board operating systems with potentially critical safety implications for the aviation and maritime industries.
IOActive’s Ruben Santamarta authored the first paper, launched at Black Hat yesterday, which is a follow-up to his 2014 research on satcom vulnerabilities.
It details how attackers could exploit the flaws to take control of satcom systems and earth stations on commercial aircraft such as Norwegian, Icelandair and Southwest and those used by the US military in conflict zones.
Although there was no risk to aircraft safety, the vulnerabilities could be exploited from the ground to attack crew and passenger devices and control satellite antenna positioning and communications, the report claimed.
The impact on the military, however, could be more destructive, if the enemy were able to use the flaws to disrupt or modify on-board satellite comms and/or pinpoint the location of military units.
A separate safety risk lies with satcom generated High Intensity Radiated Fields (HIRF), which the report claimed could be manipulated to launch a cyber-physical attack to “provoke malfunctions in critical navigation systems or even health damages to persons exposed to this kind of non-ionizing RF.”
The issues highlighted in the report have been addressed by the aviation industry, but experts said they should serve as a wake-up call.
“It’s not the first time this year that the security of satellite systems has been called into question, but the news that software vulnerabilities exist in the US national security infrastructure must jolt the global security industry into action," argued Paul Farrington, director of EMEA solutions architects at Veracode. "Security must be built into software from the outset, then it must be continuously, rigorously tested with preventative patching immediately undertaken on vulnerabilities."
The other report, set to be delivered on Sunday, details vulnerabilities in the popular WingOS operating system used by countless airlines around the world to provide Wi-Fi to passengers, as well as hospitals, casinos and even the New York City subway.
They could theoretically be exploited not only to compromise passenger devices but also to move to other more critical systems on board, according to report author Josep Rodriguez.
“Since the attacker now has code execution at the WingOS device, now the attacker can pivot and try to attack these other assets inside the internal network of the New York City subway or at the aircraft scenario,” he explained.
“Obviously, we don't know for sure what is beyond that, but what is clearly obvious is that this is technically possible and clearly this is also a really juicy entry point for attackers that might want to attack other assets in the internal network of that particular scenario.”