Major Security Flaws Found in Satellite Communications
Researchers from UC San Diego and the University of Maryland revealed that nearly half of geostationary satellite signals transmit unencrypted data, exposing sensitive communications from telecom networks, military operations, and critical infrastructure[1].
Using just $800 in off-the-shelf equipment - a satellite dish, roof mount, motor and tuner card - the team intercepted vast amounts of unprotected data over three years from their San Diego location[2]. Their findings included:
- T-Mobile cellular network traffic, including over 2,700 phone numbers and one-sided call/text content captured in just 9 hours[2:1]
- U.S. military vessel communications and Mexican military/law enforcement data, including helicopter locations and narcotics intelligence[2:2]
- Critical infrastructure communications from power grids and offshore oil platforms[3]
- In-flight WiFi data from 10 different airlines[2:3]
“It just completely shocked us. There are some really critical pieces of our infrastructure relying on this satellite ecosystem, and our suspicion was that it would all be encrypted,” said Aaron Schulman, UCSD professor who co-led the research[2:4].
After being notified, some companies like T-Mobile quickly added encryption, while others, including certain U.S. critical infrastructure operators, have yet to secure their systems[3:1].
The researchers estimate they accessed only 15% of global satellite transponders from their single location, suggesting the vulnerability’s true scope is far larger[2:5]. Johns Hopkins professor Matt Green noted: “The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible”[2:6].
What? I knew this 20 years back. We were playing with basic TV sat dish and intercepting random files.
Well, one thing are TV sats and way other communication and military sats. That you can have hundreds of TV channels for free with an cheap sat reciever and parabolic is certainly nothing new
No I’m not talking about tv. I’m talking about communication and files. It was known for decades
Just to add more context: these are good guy hackers who have responsibility shared their findings with the companies affected. It took them around 3 years to translate the signals they intercepted. And as far as anybody can tell, no one used this in the wild. It’s wild but it isn’t Snowden-wild.
I wonder, if hackers with scarce means were able to access the communications, how much could the hackers and secret services do that did not warn of this breach?
We’ll never know until another NSA employee defects to Russia.
The Snowden leaks happened while Snowden was in Hong Kong, before he defected to Russia.
Because protecting our childrens, I think.
