Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks

Conference:  BlackHat USA 2020



The presentation discusses the vulnerabilities and risks associated with satellite communication systems, including the potential for eavesdropping, interception of sensitive information, and unauthorized access to critical infrastructure. The speaker also highlights the need for increased security measures and mitigation strategies to prevent attacks.
  • Satellite communication systems are vulnerable to eavesdropping and interception of sensitive information
  • Internet service providers can access and exploit user data, including web browsing history and email communications
  • IoT and critical infrastructure systems are often insecurely connected to satellite links, making them vulnerable to attacks
  • Maritime communication systems are also vulnerable to de-anonymization and identification of specific ships and their operational technology
  • Increased security measures and mitigation strategies are necessary to prevent attacks
The speaker provides an example of a lawyer in Spain whose email conversation with a client was intercepted, compromising attorney-client privilege and personal communications privacy. The eavesdropper was able to access the lawyer's web browsing history, email inbox, and email address, allowing them to steal his PayPal account or any other account. This illustrates the potential harm that an internet service provider or other eavesdropper can do to an individual's privacy and security.


Space is changing. The number of satellites in orbit will increase from approximately 2,000 today to more than 15,000 by 2030. "New Space" brings promises of ubiquitous broadband and unprecedented connectivity for billions. As the first trials of these mega-constellations take orbit, we stand at a critical technical inflection point where the InfoSec community can contribute and ensure that the security mistakes of the past do not become critical vulnerabilities for the future.This briefing presents an experimental look at attacking satellite broadband communications across three domains: land, air, and sea. We find that an attacker using $300 of home television equipment can spy on these communications from thousands of miles away with virtually no risk of detection. We walk though the hardware we used and software we developed to evaluate this threat against real-world systems using two distinct communications protocols: DVB-S MPE and DVBS-2 GSE.This threat is contextualized through the analysis of terabytes of real-world satellite traffic recordings made using our hardware setup. We'll present some of our most interesting findings from inside these captures which contain sensitive data from some of the world's largest organizations. From home satellite broadband customers, to wind farms, to oil tankers, to aircraft, satellite eavesdropping represents a critical threat to privacy and communications security. Beyond eavesdropping, we also demonstrate that, under the right conditions, attackers can even hijack active sessions over the satellite link.The talk concludes by reflecting on the physical characteristics that have incentivized insecure satellite broadband and approaches to overcome them. We present an open-source tool which individual customers can use to encrypt their traffic without requiring ISP involvement.The briefing assumes no background in satellite communications or cryptography. Its goal is to provide a starting point for researchers interested in tackling challenging security problems in outer space.