Lack of security controls within aerospace technology could mean outer space is the next target for cyber hackers.
Raj Samani, CTO EMEA Intel Security warns that security needs to be taken more seriously in this vulnerable sector.
He explains, “Traditionally the aerospace industry has relied on obfuscation as a means to protect itself. However, as we have witnessed within Critical infrastructure the real world exploits quickly follow identified vulnerabilities.
“The proliferation of satellites, used to support our everyday connectivity and communications, makes this a growing attack vector. Indeed we have seen multiple examples of vulnerabilities within satellite networks, and this being exploited for criminal gain.”
This year we have seen tech giants increasingly making moves to boost internet connectivity through space, from Facebook’s Internet-beaming drone to Samsung’s ‘space internet’ of 4,600 orbital satellites for global, cheap web access.
“Our reliance on low-orbiting satellites to support our telecommunications infrastructure have been shown to be vulnerable to eavesdropping, and security through obscurity has been exposed as no real defence. Such vulnerabilities are already being exploited with criminal groups leveraging commercial satellite communications to hide their command and control infrastructure which is of course achievable as the level of security deployed on compromised satellites lack the basic controls of most small businesses.”
“This is just the tip of the iceberg, many vulnerabilities have been documented and demonstrate that security by design principles have clearly not been adopted. We have witnessed basic vulnerabilities such as cached authentication credentials and the use of insecure protocols.
“It is critical that the aerospace industry takes this threat seriously and recognise that the myth that satellites are impenetrable, is just that, a myth.”