The researchers’ analysis says they found six kinds of security vulnerabilities across all three satellites and 13 vulnerabilities in total. Among these vulnerabilities were “unprotected telecommand interfaces,” which satellite operators on the ground use to communicate with the vehicles when they are in orbit. “Oftentimes, they lack access protection in the first place,” says Willbold, who is also presenting the research at the Black Hat security conference in Las Vegas next month. “They’re essentially not checking anything.”
As well as the vulnerabilities within the satellites’ software, Willbold says, the team found an issue in a code library that appears to be used by multiple satellites. The research details a stack-based buffer overflow vulnerability in software developed by nanosatellite manufacturer GomSpace. The source of the problem, the research says, is within a library that was last updated in 2014. Willbold says GomSpace acknowledged the findings when the researchers reported the issue. GomSpace did not respond to WIRED’s request for comment.
The creators of the satellites examined by the researchers told WIRED that providing their firmware to the researchers was beneficial and that they will take the findings on board for future spacecraft. Simon Plum, head of the Mission Operations Department at the European Space Agency (ESA), says a different level of security is applied to OPS-SAT than to other missions, as it is a “space laboratory.” However, Plum says ESA is reviewing the findings and has made at least one change to the satellite already. “We want to protect space systems from cyber threats and develop culture and common knowledge of resilience in the field of space cybersecurity,” Plum says.
Andris Slavinskis, an associate professor at the University of Tartu in Estonia who works on the ESTCube project, says the findings are “important and relevant” and that the ESTCube-1 system was “developed and launched during the Wild West times of the cubesat world.” A second version of the satellite, ESTCube-2, is set to launch this year. Meanwhile, Sabine Klinkner, a professor of satellite technology at Stuttgart University, which partly developed the Flying Laptop, says the “weaknesses” the researchers found are a result of trade-offs around functionality and access to the satellite.
“As with many university satellites, our threat model weighted the small incentives to attack an academic satellite against the still not completely trivial challenges in establishing a link and sending valid commands to the satellite,” Klinkner says. No malicious connections to the satellite have been spotted, Klinkner adds. And she says future missions will have increased cybersecurity measures to protect against threats.
Despite the satellite security analysis mostly focusing on research and academic satellites, it highlights wider security issues around satellites that experts have been concerned about for years. Gregory Falco, an assistant professor at Cornell University who focuses on space cybersecurity, says it is rare for researchers to be able to get their hands on satellite firmware and publish research on it. There’s “almost nothing” publicly available that’s similar to the type of analysis the German team completed, Falco says.