Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Red Hot Cyber Academy

Satellites Under Hackers’ Control: “It’s Easier to Hack Them Than to Use Satellite Weapons”

Redazione RHC : 9 August 2025 11:48

At the Black Hat conference in Las Vegas, VisionSpace Technologies demonstrated that it is much easier and cheaper to disable a satellite or alter its trajectory than to use anti-satellite weapons. It’s enough to find and exploit vulnerabilities in the software that controls the device itself or in the ground stations with which it interacts. Olhava emphasized that he previously worked at the European Space Agency, where he repeatedly reported vulnerabilities in the IT infrastructure of ground stations, but, not having waited for solutions, decided to do it himself.

Over the past 20 years, the number of operational satellites has grown from less than 1,000 to approximately 12,300, according to the European Space Agency. A significant portion of these are SpaceX’s Starlink satellites, but the number of military platforms has also increased significantly due to geopolitical tensions. Added to this is the fact that satellites have become cheaper to develop and launch, accelerating their proliferation.

However, the growth in the number of devices is accompanied by security issues in the control software. One example is the open system Yamcs, used by NASA and Airbus to communicate and control orbital devices. Five vulnerabilities were found in its code , allowing full control of the system. As part of the demonstration, specialists showed how to send a command to ignite the engines and change the satellite’s orbit, so that this is not immediately displayed in the operator interface. The experiment was conducted in a simulator, and the real devices were not damaged.

The situation was even worse in OpenC3 Cosmos, another open system for controlling devices from ground stations. Seven vulnerabilities were identified there , including the ability to execute remote code and conduct cross-site scripting attacks. Even NASA hasn’t been without problems: four critical flaws have been discovered in the Core Flight System (cFS) Eagle package: two leading to a denial of service, a path traversal vulnerability, and a flaw allowing remote execution of arbitrary code. These flaws can disable onboard software and give attackers complete control over the systems.

The open-source cryptography library CryptoLib, used on many satellites, has also been affected by serious problems. Four vulnerabilities were discovered in the version used by NASA, while the standard package had seven, two of which were assessed as critical. According to Startsik, some of the discovered errors allow the entire onboard software to crash with a simple unauthenticated request, causing a reboot. If the device is incorrectly configured, all encryption keys are reset. In this case, the system is completely vulnerable to further intervention.

All identified flaws have been transferred to the developers and have already been fixed. However, VisionSpace specialists are convinced that it is impossible to entrust control of the orbital vehicle to insecure solutions and assume that other critical vulnerabilities may persist in the software used.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli