Satellite Interference
Indonesian Hackers
Show How Easy It Is
To Get Data From the Sky
September 15, 2006
JAKARTA, Indonesia -- How safe is your satellite?
Satellites are nothing new: They've been in orbit for nearly half a century, since the Soviets launched Sputnik 1 in 1957. The first commercial geosynchronous satellite -- hovering in the same place above the earth's surface and allowing transmission of telephone, television and radio -- was launched in 1965. They keep us in touch with each other.
But they aren't invulnerable. A couple of Indonesian hackers -- computer geeks who like to test other people's defenses -- have found a way into a commercial satellite and have published some details of how they did it. While some are skeptical about the hackers' claims, they raise some questions because our data, whether phone conversations, Internet traffic, flight reservations or even banking transactions, are carried by satellites, often without encryption. The hackers' point: While satellite communication systems have made enormous advances in capability and performance, security hasn't kept pace, leaving current satellite systems vulnerable.
The problem is this: A satellite is just another way to get information from point A to B, like your telephone line, a message in a cleft stick, or a fiber-optic cable. It's still about data moving from one point to another, with the possibility that a bad guy may try to intercept it. The only difference is that it's in the sky. That introduces some problems, to companies using satellites and to hackers trying to get into them. Until recently, the advantage lay with the former, but that may no longer be the case.
Let me introduce the hackers: Jim Geovedi, a 28-year-old from Jakarta-based security consultancy PT Bellua Asia Pacific; and Raditya Iryandi, a 26-year-old hacker. On Aug. 17, they set up a satellite dish in the garden of a house in the Java hill city of Bandung and, amid $2,000-worth of cabling, computer screens and what looked like kitchen scales, captured data being transmitted by a commercial satellite. A video of what they did shows this data scrolling across a computer screen; there's nothing sensitive in there, but there could be. They're keen to stress they didn't do anything with the data, but they've proved they can access it. "If someone knows the basics of setting up a network and...a little bit about satellites and, the most important thing, (has) the right equipment, he or she could do the same thing as I did," Mr. Geovedi says.
Mr. Geovedi informed Indonesian law enforcement agencies before conducting the experiment, Fetri Miftach, director for professional services at Bellua, said. Indeed, the hackers have also held discussions with law enforcement officials since about improving satellite security against possible terrorist attacks. Mr. Fetri said that as far as the company knows there is no Indonesian law that would cover hacking a satellite.
So how hard is what they did? Mr. Geovedi won't go into detail, but says not very. They used a 3.7-meter dish, but could have used an ordinary satellite-TV dish. (They had to use the bigger one because of a problem with a neighbor's house blocking the signal, he explains.) A Web site lists all the nonmilitary satellites in orbit, along with identification numbers and frequencies. If you know which companies use which satellites, you're already some of the way to tapping into their data streams. This, Mr. Geovedi says, is easy in Indonesia since its geography -- a string of islands -- makes satellites the cheapest and most practical way for companies' branches to communicate with each other. The last piece of the puzzle, Mr. Geovedi says, is to take advantage of human error, where a backdoor is left open by a misconfiguration, or a factory setting is left unchanged.
If it's this easy, why hasn't it been done before? It has, says John Pironti, principal security consultant at Pennsylvania-based technology-services company Unisys Corp., which has worked on security issues for clients that use satellite communications -- but it's not "as well publicized as (ordinary) Internet attacks because it is not as well understood." Mr. Pironti declines to give more detail, except to say targets have been commercial satellites rather than military. Hackers, he says, tend to go for the easiest and cheapest way into data, and satellites aren't at the top of that list. Mr. Geovedi would seem to confirm that. He says he and others have known how to do this for several years, and only decided to do it now because he felt the public needed to know about it.
It's worth stressing that no sensitive data was found or captured. Neither was anything loaded into the satellite's computer -- false data, or an attempt to hijack the satellite itself and throw it off course. But all these things are possible. Even data such as transactions from automatic teller machines are based on the same protocols as ordinary Internet traffic and so aren't that hard to interpret, says Mr. Geovedi. And Mr. Pironti says that in places where landline connectivity such as copper wire or fiber-optic cable isn't available or cost-effective, companies and governments use satellites to communicate all sorts of data.
The other thing to stress is that there are a lot of old satellites up there -- satellites have an average lifespan of between 10 and 15 years -- and it was one of those that Mr. Geovedi was targeting. More modern satellites are better protected, although probably not invulnerable. The problem, Mr. Pironti says, is twofold. First, it's expensive to send technicians into orbit to upgrade the hardware, meaning that we'll be relying on some elderly tin cans for a few years to come. Secondly, sending data via satellite is more expensive than sending it via land, so those doing the sending are keen to keep costs low. This means sending the smallest amount of data they can, leaving off any encryption that swells the size of what they transmit.
David Kennedy, a senior consultant at Ohio-based technology security consultants SecureState, says that while in theory all data being transmitted by satellite are vulnerable, he would be shocked if sensitive data such as ATM traffic weren't fully encrypted and hard for hackers to get into. Says Wicak Soegijoko, Singapore-based commercial head for data services at Asian mobile phone satellite operator ACeS International: "It's possible, just, that most satellites are protected against" the kind of attack the Indonesian hackers showed.
That said, we should be concerned. This kind of attack may not be new, or particularly sophisticated, but it does undermine the conventional wisdom that hacking into a satellite is something only the big boys, with lots of money, equipment and power, can do. As satellite use grows, as hackers get more adventurous, and as prices for the tools involved fall, these kinds of attacks are bound to increase. "Hackers are always looking for the easiest ways to capture information," says Mr. Pironti of Unisys, "and as terrestrial systems become more complicated and as encryption becomes more widely used, a motivated and capable adversary will look to see where else can they go for that is a weak link in the chain. The satellite is that weak link."
卫星也遭黑客袭?
通过卫星进行数据传输是否安全?
卫星并非什么新鲜事物:自1957年前苏联发射“人造地球卫星1号”(Sputnik 1)后,卫星就开始在地球轨道上运行,已有近半个多世纪的历史。第一颗商业地球同步卫星于1965年发射升空,这种卫星与地球同步转动,相对静止于地球相同位置的上空,用于传输电话、电视和无线电信号,使人们能更好地相互保持联系。
但它们也并非无懈可击。几个印尼的“黑客”─即喜欢攻击他人电脑的人─发现了攻入商业卫星通讯系统的诀窍,并把一些细节情况公之于众。虽然有人还对这些黑客的言论持怀疑态度,但这一事件引起了人们的关注,因为我们的电话交谈、网络浏览、航班预定、甚至银行转账都可能通过卫星传输,而且经常是不加密的。黑客提醒了我们:虽然卫星通讯系统的功能和表现取得了巨大进步,但安全性并没有跟上前进的步伐,导致目前的卫星系统易受攻击。
问题在于:卫星通讯与电话线、互联网以及光纤通讯一样,只是信息传输的渠道之一,负责将数据从一个地点转移到另一个地点,因此也同样存在别有居心的人拦截数据的可能性,唯一的区别只是卫星在天上运行而已。这一特性无论是对那些使用卫星通讯的公司、还是那些试图攻入卫星系统的黑客来说,都存在一些问题,以往是前者占据上风多一些,但从最近的情况来看,可能情况会发生逆转。
我来介绍一下两位黑客:一位是就职于雅加达安全咨询公司PT Bellua Asia Pacific 的吉姆?乔维迪(Jim Geovedi),今年28岁;一位叫拉迪塔?艾兰迪(Raditya Iryandi),今年26岁。2006年8月17日,他们在万隆市的一间民宅后院搭起一个卫星接收器,花2000美元购置一些线缆、电脑显示器和零碎玩意,就捕捉到一颗商业卫星发出的数据。从他们录制的现场录像可以看到,卫星传输的数据在黑客的电脑屏幕上不断滚动;虽然这些数据并不机密,但机密数据也可能遭到拦截。两个黑客强调指出他们并未用这些数据做什么事情,只是证明了他们能够进入卫星系统。“只要掌握了搭建网络的基础技术…、再加上一点卫星知识,最重要的是配备合适的器材,任何人就能做到我所做的事情。”乔维迪说道。
Bellua公司专业服务部的负责人费特里?米塔奇(Fetri Miftach)说,乔维迪在进行上述尝试之前通知了印尼执法机构。事实上,此后两个黑客还和执法机构讨论如何改进卫星的安全性能,防止可能发生的恐怖主义袭击。费特里说,就公司所知,印尼在进攻卫星通讯系统方面没有相关的立法。
黑客入侵卫星系统有多难吗?这一点乔维迪没有细说,但表示并不太难。他们使用了一个3.7米直径的卫星信号接收装置,不过也可以使用普通的卫星电视接收器(乔维迪解释说,他们使用较大的接收器是因为邻居房子阻挡了卫星信号。)。有个网站罗列出所有在轨的非军事卫星及其识别号和频率,如果你知道哪些公司使用哪颗卫星,就相当于朝着拦截其数据的目标迈近了一步;而这一点,乔维迪说,在印尼显得格外容易做到,因为印尼由众多岛屿组成,其地理特性决定卫星通讯是公司分部之间进行沟通的成本最低、最实际的方式。达到目标的最后一步就是利用人为疏忽,比如在系统配置上留了个后门,或没有更改设备的出厂默认设置等。
如果入侵卫星系统真的如此容易,那为什么以前没有出现卫星黑客?宾西法尼亚州技术服务公司Unisys Corp.的首席安全顾问约翰?皮隆迪(John Pironti)一直为客户提供卫星通讯方面的安全服务,他说卫星黑客早就出现过,只是“没有像普通的互联网黑客攻击那样为大众所知,因为人们对这类黑客攻击还不太了解。”皮隆迪不愿说出细节情况,只是说黑客入侵的目标一般是商业卫星而非军用卫星。黑客一般喜欢选择最简单、成本最低的方式盗取数据,而卫星不是他们的首选。乔维迪自己的说法也似乎支持这一观点,他说自己和其他一些黑客几年前就知道如何攻击卫星系统,但现在才决定采取行动,因为他觉得公众需要提高卫星通讯方面的安全意识。
有必要指出,黑客在这次尝试中没有拦截任何机密信息,既没有把错误数据输入卫星电脑系统,也没有试图控制卫星系统并使之偏离轨道。不过乔维迪说,上述情况的发生并非危言耸听,甚至是自动取款机交易数据等机密资料也都基于普通互联网信息传输协议的方式进行,拦截起来并不困难。皮隆迪说,在那些电话线或光纤等地面传输方式无法使用或使用起来成本过高的地方,商业公司和政府一般都通过卫星传输各种数据。
另外有必要强调的是,地球上空有很多老卫星--卫星的平均寿命在10到15年之间--而乔维迪这次攻击的就是这类老卫星。新的卫星虽不能说无懈可击,但数据安全防护会相对好一些。乔维迪说,老卫星有两个方面的问题,一是把技术人员送入太空升级其硬件的成本很高,因此未来几年内老旧落后的卫星将继续服役;二是卫星传输比地面传输更昂贵,因此选择前者的公司都倾向于低成本运作,也就是说尽可能传输最少量的数据,不对信息进行加密,因为那样会增大数据量。
俄亥俄州技术安全咨询公司SecureState的资深顾问戴维?肯尼迪(David Kennedy)说,虽然理论上通过卫星传输的所有数据都容易受到攻击,但自动提款机交易数据等信息一般都经过加密,因此黑客很难破解。亚洲手机卫星运营商ACeS International公司数据服务部的负责人维凯克?苏吉乔克(Wicak Soegijoko)说:“黑客入侵卫星系统的可能性是存在的,但大多数卫星早就对印尼黑客的那种入侵方式采取了防护措施。”
话虽这么说,但卫星通讯的安全问题不可忽视。印尼黑客的这种攻击方式可能不算新颍,也不是特别高深,却恰恰扭转了人们长期存在的一些错误观念,即认为入侵卫星系统只能是那些资金雄厚、设备齐全、势力很大的人才能做到的事情。随着卫星通讯应用范围的扩大、黑客入侵卫星系统的兴趣增加、以及所需设备的价格降低,这类黑客攻击一定会有增无减。“黑客总是想通过最简便的方法获取信息,” Unisys公司的皮隆迪朔,“当地面通讯系统变得更成熟、信息加密方式被更普遍地采用时,有兴趣有能力的黑客一定会寻找安全防护系统中的薄弱环节,而卫星就是那个薄弱环节。”
Jeremy Wagstaff
