During the latest edition of the DEF CON hacking conference held in Las Vegas, the group of white hat hackers Shadytel demonstrated how to take control of a satellite in geostationary orbit. The group used a satellite called Anik F1R, which was dismissed in 2020.
The group was authorized to perform the hack and the satellite they hacked had been decommissioned, which means that it is going to send to a graveyard orbit. The graveyard, also called a junk orbit, is an orbit that lies away from common operational orbits, some satellites are moved into such orbits at the end of their operational life to avoid colliding with operational spacecraft and satellites.
One of the members of the group, Karl Koscher, explained that they had access to an unused uplink facility which included the hardware to connect to a satellite.
“[Koscher] said that they also had a license to use the uplink, and a lease on the satellite’s transponder, which is a unit that opens a channel between the receiving and the transmitting antennas.” Lorenzo Franceschi-Bicchierai wrote on Motherboard.
The group of hackers was able to stream the talks at the hacking conference ToorCon last year along with hacker movies like WarGames.
Koscher and its group highlighted the risks that threat actors, once gained access to an uplink facility, could take control of decommissioned satellites to conduct malicious activities.
Koscher explained that it is quite easy to find the hardware to connect the satellite, the group used a Hack RF software defined radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. The software is cheap, it only costs around $300.
(SecurityAffairs – hacking, satellite)