At a briefing for the Black Hat Security Conference online on Wednesday, James Pavur, a doctoral student at Oxford University, expressed his concerns about the safety of the satellite Internet, saying it posed a huge safety risk to ships and aircraft. More than a decade have passed since researchers have demonstrated serious privacy and security vulnerabilities in satellite-based Internet services, and attackers have been able to spy on and even tamper with data received by millions of users thousands of miles away.
(from: BlackHat.) PDF)
By 2020, the satellite Internet will become quite popular and service providers are trying to eliminate existing shortcomings, but the reality is that millions of satellite Internet users are still at risk despite the introduction of more advanced technologies.
James Pavur points out that over the past few years, it has used its continental advantage to intercept signals from 18 Internet satellites.
These satellites cover 100 million square kilometers and provide Internet access to aircraft and communications in the United States, the Caribbean, China, and India.
James Pavur, however, also found that some airliners were using unencrypted connections to obtain navigational information and potential avionics data.
It is also a concern that some passengers are using unsecured Internet satellite connections to make their first e-mail and browse the web, meaning they are at higher risk of being hacked.
James Pavur discovered that a system administrator had remotely logged on to a wind turbine in southern France, about 300 kilometers from it, and in the process exposed session cookies for authentication.
In addition, he intercepted the communications of an Egyptian cruise ship, knowing that it had suffered an alternator failure when he entered a Tunisian port, and was forced to suspend it for at least a month, even obtaining the name and passport information of the engineer who solved the problem.
In fact, as early as 2009-2010, many security researchers, including Adam Laurie and Leonardo Nve, warned about the insecurity of Internet satellites.
In addition, they analyzed newer protocols and found that the interception cost had been reduced from $50,000 to about $300. Unfortunately, to this day, countless satellite Internet users are still at risk of vulnerability.
James Pavur said he was unable to privately address the warnings to the vast majority of users and ended up having to get in touch with large businesses that were transmitting sensitive data in inscriptions.