CISPA
Browse
- No file added yet -

VSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices

Download (1.29 MB)
conference contribution
posted on 2024-06-07, 08:22 authored by Johannes Willbold, Moritz SchloegelMoritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten HolzThorsten Holz, Vincent Lenders
Recent geopolitical events have exposed our critical dependence on the wireless infrastructure used to facilitate worldwide communication. State-sponsored groups are actively attacking and exploiting space-based communication networks, causing outages and serious economic damage. Despite initial research findings pointing out a lack of security, such networks enjoy growing adoption and are still placed at the heart of today's communication infrastructure, ranging form the transportation sector over oil rigs to consumer internet. Worryingly, the command and control networks that support this satellite-based communication have received little attention from the security community so far. This paper addresses this research gap and conducts a systematic security assessment of the Very Small Aperture Terminal (VSAT) ecosystem. More specifically, we investigate the attack surface of the underlying command and control networks and analyze the systems currently used by industry-leading vendors. Through systematic reverse engineering, we uncover a number of wide-reaching vulnerabilities that illustrate the perilous position of the satellite industry. We then systematically formulate a phase-based threat model to categorize these issues and uncover several inherently insecure design practices.

History

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec)

Page Range

288-299

Publisher

Association for Computing Machinery (ACM)

Open Access Type

  • Not Open Access

BibTeX

@conference{Willbold:Schloegel:Bisping:Strohmeier:Holz:Lenders:2024, title = "VSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices", author = "Willbold, Johannes" AND "Schloegel, Moritz" AND "Bisping, Robin" AND "Strohmeier, Martin" AND "Holz, Thorsten" AND "Lenders, Vincent", year = 2024, month = 5, pages = "288--299", publisher = "Association for Computing Machinery (ACM)", doi = "10.1145/3643833.3656139" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC