Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hacking a Bird in the Sky: The Revenge of Angry...

Hacking a Bird in the Sky: The Revenge of Angry Birds

An updated Satellite hacking presentation

Jim Geovedi

May 21, 2011
Tweet

More Decks by Jim Geovedi

Other Decks in Technology

Transcript

  1. Hacking a Bird in the Sky The Revenge of Angry

    Birds Jim Geovedi, Raditya Iryandi, Raoul Chiesa
  2. Local ISPs Video Contribution Teleport PSTN End Users End Users

    Internet Teleport Corporate Data Networks (Interactive & Multicast) Direct Broadcast TV Last-mile Broadband Broadcast Video to Cable Headends
  3. EARTH Geostationary Orbit Altitude: 35,786 km Low Earth Orbit Altitude:

    500-2,000 km Medium Earth Orbit Altitude: 8,000-20,000 km average distance to moon: 384,400 km Highly Elliptical Orbit Altitude: >35,786 km
  4. Propulsion System Solar Arrays Solar Arrays Telemetry, Attitude Control, Commanding,

    Fuel, Batteries, Power/Thermal Systems High Power, Amplifier, Filter Down-converter, Pre-amplifier, Filter Transponder Transmitter Section Transponder Receiver Section Uplink Downlink Earth Stations / Antennas RX Antenna Jakarta TX Antenna Jayapura
  5. Example of Frequency and Polarisation Distribution 3720 1 3760 3

    3800 5 3840 7 3880 9 3920 11 3960 13 4000 15 4040 17 4080 19 4120 21 4160 23 4060 18 4100 20 4140 22 3940 12 3980 14 4020 16 3820 6 3860 8 3900 10 3701 T/M 3740 2 3780 4 4180 24 4199 T/M 3700 4200 Frequency MHz Transmit Horizontal Polarisation Vertical Polarisation 5945 1 5985 3 6025 5 6065 7 6105 9 6145 11 6185 13 6225 15 6265 17 6305 19 6345 21 6385 23 6285 18 6325 20 6365 22 6165 12 6205 14 6245 16 6045 6 6085 8 6125 10 5965 2 6005 4 6405 24 6424 CMD 5925 6245 Frequency MHz Receive Vertical Polarisation Horizontal Polarisation Channel spacing = 40 MHz — Usable bandwidth = 36 MHz
  6. VSAT / Very Small Aperture Terminal ‣ Two-way satellite communication

    ‣ Use small dish antennas (diameter: 75cm-2,4m) ‣ Managed by the HUB (master earth station)
  7. Hub Equipment Hub Equipment Hub Equipment Hub Equipment TV Station

    / HQ Network Affiliated TV Stations VSAT Network Topologies / Simplex Transmission
  8. VSAT Network Topologies / Point-to-Point Duplex Transmission Customer Site Private

    Network Public Network Customer Site Private Network Public Network CPE CPE
  9. VSAT Network Topologies / Star Network Hub Equipment Hub Equipment

    Hub Equipment Hub Equipment Public/Private Networks Networks or Sites
  10. VSAT Network Topologies / Mesh Network Hub Equipment Networks or

    Sites Hub Equipment Networks or Sites Hub Equipment Networks or Sites
  11. f1 f2 f3 Transponder f1 f2 f3 Access Methods /

    FDMA (Frequency Division Multiple Access)
  12. Access Methods / CDMA (Code Division Multiple Access) Transponder f1

    f1 f1 f1 ------------------------------------------ oooooooooooooooooooooooooooooooooooooooooo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ++++++++++++++++++++++++++++++++++++++++++
  13. Satellite Vulnerabilities Current systems are vulnerable to a variety of

    attacks, and future systems promise little improvement.
  14. Unless you have millions of dollars and a team of

    engineers, you have no hope of taking over commercial or governmental satellites. If someone did put together the power to try such a stunt, they would be more likely to damage a satellite than take it over. How to Break into Satellites: Not! Carolyn Meinel’s GUIDE TO (mostly) HARMLESS HACKING Gobbles!
  15. It is worth noting that the most likely cause of

    damage to or loss of service from a satellite is the actual operator. Dan Veeneman
  16. Dan Veeneman Low Earth Orbit Satellites Dan Veeneman Future &

    Existing Satellite Systems Warezzman DVB Satellite Hacking Jim Geovedi, Raditya Iryandi, Hacking a Bird in the Sky: Hijacking VSAT Connection Jim Geovedi, Raditya Iryandi, Anthony Zboralski Hacking a Bird in the Sky: Exploiting Satellite Trust Relationship Adam Laurie $atellite Hacking for Fun & Pr0fit! Leonardo Nve Egea, Christian Martorella Playing in a Satellite Environment 1.2 Jim Geovedi, Raditya Iryandi Hacking Satellite: A New Universe to Discover 1996 1998 2004 2006 2008 2009 2011 Jim Geovedi, Raditya Iryandi, Raoul Chiesa Hacking a Bird in the Sky: The Revenge of Angry Birds
  17. Veeneman’s Satellite Hypothetical Attacks Jam Uplink Overpower Uplink Jam Downlink

    Denial of Service ? Takeover Spare Satellite Raging Transponder Spoofing Direct Commanding Command Replay Insertion Orbital Positioning
  18. Frequency Conversion Geolocation Spectrum Monitoring Digital/Analog Record and Replay Network

    Gateway Network Gateway COMSEC Front-end Processor IP Ground Antenna Command and Control Receivers/Modems Satellite TT&C Ground Networks
  19. CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDERING REMITTANCE

    CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC (SHARIA) BANKING MOBILE BANKING CARD MANAGEMENT
  20. VSAT / Automated Teller Machine Networks Hub Equipment Hub Equipment

    Hub Equipment Hub Equipment Core Banking Networks Automated Teller Machines Standard Network Equipment ATM ATM ATM ATM
  21. The Usual Culprits People Problems Weak Passwords Lack of Awareness

    Lack of Skills System Problems Outdated Systems Insecure Configurations Insecure Protocols
  22. Framework Goals ‣ Dead or Alive status / checking if

    the bird is still alive ‣ Protocols / understand which protocols the target is running ‣ Service type / knowing which service we can (ab)use ‣ Distributed IP C&C / widening the coverage
  23. Satellite Carrier Monitoring System ‣ Spectrum Analyser and Digital Spectrum

    Processor analysis ‣ Reference trace and measurement ‣ Automatic alerts for abnormal and missing carriers