Think of satellites as big, vulnerable IoT devices, researcher says

Bill Malik of Trend Micro is calling on manufacturers to think of satellites in similar terms as any other connected device. The risks, though, involve objects moving at 16,000 to 18,000 miles an hour.

Orbiting hunks of metal make it possible for billions of earthlings to benefit from marvels of the digital age, from GPS signals and weather monitoring systems to the communication protocols for credit card authorizations and other complex transactions.

Humans take it for granted these satellite connections are secure, but new research suggests we’ll need to take important steps to keep it that way.

As of January there were at least 1,957 satellites in orbit, according to the Union of Concerned Scientists, some of which are vulnerable to various levels of snooping and disruption, including jammed communications, data interception, data hijacking and outright takeovers. The issue is especially urgent now because of the coming wave of connected devices and the evolution of 5G cellular networks, said Bill Malik, vice president of infrastructure technologies at the security vendor Trend Micro, who presented research on satellite security Wednesday at the RSA cybersecurity conference.

“We didn’t think about this much until the popularization of the internet, and now specifically the tightly coupled nature of the internet of things, but they’ve become interesting to scrutinize,” Malik told CyberScoop in a phone call before RSA. “People have been messing with satellites for some time.”


Malik called on manufacturers to think of satellites in similar terms as any other connected device, describing the Voyager spacecraft NASA launched into deep space in 1977 as “simply the most remote IoT device.”

“You need to provide authentication, data confidentiality, some way of data integrity. You’ve got to provide some way of repudiation, and you need to have some mechanism of knowing that you’re talking to the right thing,” Malik said.

The problems that can occur when satellite technology goes awry have been on display before.

In 2009, roughly 490 miles above the Taymyr Peninsula in Siberia, two communication satellites slammed into each other. Both machines were destroyed, creating a debris field of roughly 2,000 pieces above the Earth’s surface. The floating metal created enough of a hazard to force the International Space Station to perform a precautionary avoidance maneuver.

Investigators determined the collision was accidental; caused by a deactivated Russian satellite crashing into a privately-owned U.S. craft. The incident provides a glimpse at what can happen should ground control lose its grip on a satellite high above the planet.


“You’re talking about things that are moving about 16,000 to 18,000 miles an hour. And that packs a wallop,” Malik said.

In Malik’s presentation he cited a case two decades ago in which attackers reportedly took control of a U.K. military satellite operating as part of the defense ministry’s Skynet program.

Fraud investigators from Scotland Yard probed allegations that hackers “interfered” with a Skynet satellite, altering its course, the BBC reported in 1999. British defense officials denied the satellite had been breached, calling a successful attack nearly impossible, though Malik told CyberScoop the incident raised awareness in the halls of government that hackers could infiltrate space technology.

In another case that occurred in 2017, at least 20 ships traveling through the Black Sea said their GPS devices indicated they had run aground somewhere near Sochi, Russia. The exact cause of the apparent GPS spoofing attack remains a mystery, though Malik suggested that is just the kind of incident that could occur again as economic reliance on satellite technology grows.

“With active participation from the private sector, we see a lot of innovation that comes from our clever thinking,” he said. “But satellites have very long lives, which means the consequences of getting this wrong are serious.”

Latest Podcasts