Wednesday, October 5, 2022

“Star De-Linked”: SpaceX Offers Job To ‘Badass Engineer’ Who Hacked Starlink Satellite Network With A Homemade Device

A Belgian security researcher successfully hacked Elon Musk’s Starlink satellite dishes with the help of a homemade circuit board that cost about $25 to create, according to various media reports. 

Lennert Wouters gave a presentation titled “Glitched on Earth by humans” at the annual  Black Hat Security Conference on August 10, where he described the vulnerabilities that enabled him to break into Starlink satellite terminals and write his custom code. 

“The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network,” Wouters said in a press release. 

During the Conference, he demonstrated a modchip, also known as a homemade circuit board, to attendees, according to Wired. The modchip would directly connect to a Starlink dish and was built using components that could easily be purchased off-the-shelf for about $25. 

Image of the device used by the hacker to carry out the attack. – Snap from presentation

Wouters first analyzed the Starlink dish to develop a layout for the modchip that would fit over the existing Starlink board. He connected the modchip, which included a Raspberry Pi microcontroller, flash storage, electronic switches, and a voltage regulator, to the existing Starlink printed circuit board (PCB) and wired it together. 

According to Wouters, the tool would give hackers control over the entire network and previously inaccessible system areas by enabling them to run code on Starlink devices. The researcher has made his modchip’s design publicly accessible on GitHub.

“Our attack results in an unfixable compromise of the Starlink [user terminal] and allows us to execute arbitrary code. “The ability to obtain root access on the Starlink [user terminal] is a prerequisite to freely explore the Starlink network,” he said.

Wouters carried out the hack as a part of a program run by SpaceX that rewards researchers for spotting flaws in the Starlink service. On August 10, SpaceX praised Wouters for the discovery and announced that it had released a software update. 

However, Wouters told Wired that until SpaceX develops a new model of the terminal’s main chip, Starlink will continue to be vulnerable to hacking.

Wouters explained that he didn’t divulge his knowledge to aid in hacking Starlink satellite dishes. Instead, he anticipates that it will assist the private space company in enhancing cybersecurity for its clients.

Consequences For Starlink

The ambitious project Starlink, a constellation of low Earth orbit satellites, aims to bring satellite internet access to every country in the world. Since 2018, more than 3,000 small satellites have already been placed to bring internet access to remote locations.

SpaceX
On May 30, 2020, the SpaceX Falcon 9 Crew Dragon capsule lifts off from Kennedy Space Center, Fla. On Saturday, June 13, 2020, SpaceX launched yet another batch of Starlink satellites, continuing the companys mission to build a constellation of satellites that can deliver high-speed internet to the entire planet. (Joe Burbank/Orlando Sentinel/Tribune News Service via Getty Images)

Customers who wish to use the satellite internet service must spend over $100 per month and more than $500 for the hardware necessary to install the 19-inch wide “Dishy” satellite dish.

The company currently has over 400,000 subscribers all over the world. The Federal Communications Commission also permitted the company to beam its service to moving cars, boats, and airplanes. 

It is important to note that Starlink and other similar satellite constellations are being used more frequently, so threat actors are more highly motivated to find security flaws and launch attacks on them.

As Russian troops entered Ukraine on February 24, Russia decided it would be advantageous to disrupt a satellite that provided internet communications throughout Europe by attacking its technology on the ground.

At a critical juncture in the invasion, the action successfully interfered with communications in Ukraine while also impacting other parts of Europe. It even caused a ripple effect, jamming critical infrastructure such as airplane navigation systems.

An artist illustrates SpaceX’s Starlink satellite internet constellation beams broadband access from orbit.

A Starlink hack could quickly turn into a global security issue. After Russia allegedly breached Ukraine’s previous satellite provider, Kyiv’s military started utilizing Starlink terminals earlier this year. The US Air Force also announced on August 4 that Starlink would be used to support its operations in Europe and Africa.

Paul Szymanski, a space warfare expert who has worked closely with multiple services (Air Force, Army, Navy, Marines) and civilian organizations (NASA, DARPA, FEMA), was contacted by EurAsian Times to learn whether US adversaries could compromise Starlink satellites.

“As far as I know, this Starlink hack required physical attachment to a Starlink receiver antenna. Most security systems can be hacked if the adversary has physical access to actual equipment. So he [Lennert Wouters] hacked one terminal, not thousands – so what? If it were considered easy, Russia would have already hacked all Starlink terminals used by Ukrainians,” Szymanski said.

He added, “Many say that the tens of thousands of Starlink satellites make it relatively immune. Due to human ingenuity, there is always a way.

It seems that if Starlink satellites can maneuver away from each other automatically, then a hacker can change the algorithm in all satellites to insert a negative sign, so when a Starlink satellite attempts to maneuver away, it will move closer and crash the entire network.

Meanwhile, SpaceX has released a six-page online paper inviting security researchers to “bring on the bugs” and thoroughly explaining how it protects the Starlink system.

Featured News