- Apr 24, 2016
Just how vulnerable are the thousands of government-operated satellites speeding along their orbits above our heads? A team of researchers proved they could hack into a European Space Agency-owned satellite, allowing them to take full control of its communication, imaging — and even its manoeuvrability systems.
The intrusion was a controlled hack as part of ESA’s ongoing CYSAT conference. According to a Tuesday release, a cybersecurity team from the multinational tech company Thales took up ESA’s Hack CYSAT challenge and found a way to seize control of an OPS-SAT nanosatellite originally sent up into low Earth orbit back in 2019. The intrusion allowed the hackers access to the satellite’s global positioning system, attitude control system, and even its onboard camera.
ESA claimed it still maintained control of the satellite during the test and that the researchers didn’t force the satellite to do any crazy tricks as it circled the globe. However, the cybersecurity team said they accessed satellite controls through its onboard system and then used standard access rights to enter its control interface. The researchers then proved they could also introduce new, malicious code into the system.
The team presented their hack at the conference on Thursday where they said a hacker could potentially mask parts of the satellite’s imaging system, allowing them to conceal themselves from the orbiting eye in the sky. Of course, gaining control of a satellite’s attitude controls and GPS could allow for a wide range of mischief.
“The space industry needs to take cybersecurity into account at every stage in the satellite’s life cycle, from initial design to systems development and maintenance,” said Pierre-Yves Jolivet, Thales’ VP of cyber solutions.
Researchers said they could access an imaging satellite’s control interface, letting them manipulate its systems and introduce malicious code.