Ethical hackers expose flaws in military war-zone satellites
ETHICAL hackers claim to have found a flaw in satellite communications that allowed them to track the location of soldiers as they move around topsecret military bases in conflict zones.
Satellite terminals used by the military were hijacked by researcher Robin Santamarta, of cyber security firm Ioactive, allowing him to control communications and detect physical locations.
The terminals are essential for soldiers to communicate while in war zones that either have insecure telecommunication networks or none at all.
Mr Santamarta told The Telegraph he was able to locate three military bases by hacking into the communication systems, two of which were not known to the public.
“The UK is not even the worst affected country,” he warned, claiming that American military operations were particularly vulnerable.
Mr Santamarta said one of the flaws could be exploited to expose crew on ships to radio frequency radiation, producing a similar effect to a microwave.
“It is possible to control the direction of antennas, mess with the satellites and force them to transmit electromagnetic energy,” he warned.
It follows warnings from the National Audit Office that Britain’s Armed Forces are ill-equipped to handle the increasing threat of cyber attacks from Russia and the incoming wave of “electronic warfare” because of a shortage of specialists in the UK.
The National Cyber Security Centre said it was “vigilant to cyber threats wherever they come from and we are ready to defend against them”.
Full details of the hack will be revealed next week at the Black Hat hacking conference in Las Vegas where Mr Santamarta will demonstrate on stage how to hack a ship remotely.
Planes “belonging to the biggest airlines in the world” and in use across Europe and the US are also affected by similar flaws, he said.
Ioactive is behind several highprofile ethical hacks in recent years. A researcher remotely took over a Jeep while it was being driven in 2016 and infiltrated a network of smart meters in the US in 2014.
Ioactive has been in contact with the system vendors to help them solve the problem before going public.