The document discusses hacking satellite internet connections through VSAT systems. It provides background on satellites, how they are launched and positioned in orbit, and how satellite internet services work. It specifically focuses on VSAT systems, describing their topology and components, as well as how their signals are transmitted and received via satellite footprints. The goal is to demonstrate security flaws that could allow hijacking of VSAT connections.
Threat hunting and achieving security maturityDNIF
In this virtual meetup of DNIF KONNNECT (04.04.2019), where the growing DNIF community connects, interacts, shares and helps each other to grow and learn about the latest in threat hunting and many more...this time we have Mr. Ankit Panchal from NSDL who shall demonstrate an end to end demo of how you can achieve security maturity.
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Le déploiement des applications en mode SaaS, Office 365, Yammer, Salesforce, WebEX, Box et bien d’autres…devient incontournable. Cette démarche est souvent accompagnée d'une volonté de profiter des nouveaux usages telles que la mobilité, l'utilisation des tablettes et des smartphones, le BYOD, ..
Si l'IAM (Identity & Access management) n'est pas adapté à ce nouveau contexte, le taux d'adoption des nouvelles applications ou des nouveaux usages s'en trouvera ralenti. La multiplicité des Login/Mot de passe deviendra rapidement un frein à cette adoption en même temps qu’une menace sur la sécurité globale.
C'est pourquoi une stratégie d’adoption du SaaS doit être accompagnée d’une stratégie de gouvernance et de sécurité des Identités et des Accès cohérente.
Découvrez dans cette étude :
- État de l’art des offres IDaaS du marché : critères fonctionnels, techniques et juridiques
- De l’IAM traditionnelle à l’IDentity as a Service : contraintes, bénéfices, les scénarios possibles et les architectures
- Les offres du marché, actuelles et futures
- Les freins et les leviers : retour d’expériences clients
Étude réalisée au cours du premier semestre 2013 à partir d'un panel de clients représentatifs des différents secteurs d'activités des sociétés du CAC40.
Synthèse de l'étude présentée aux assises de la sécurité à Monaco le 3 Octobre 2013.
Threat hunting and achieving security maturityDNIF
In this virtual meetup of DNIF KONNNECT (04.04.2019), where the growing DNIF community connects, interacts, shares and helps each other to grow and learn about the latest in threat hunting and many more...this time we have Mr. Ankit Panchal from NSDL who shall demonstrate an end to end demo of how you can achieve security maturity.
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Le déploiement des applications en mode SaaS, Office 365, Yammer, Salesforce, WebEX, Box et bien d’autres…devient incontournable. Cette démarche est souvent accompagnée d'une volonté de profiter des nouveaux usages telles que la mobilité, l'utilisation des tablettes et des smartphones, le BYOD, ..
Si l'IAM (Identity & Access management) n'est pas adapté à ce nouveau contexte, le taux d'adoption des nouvelles applications ou des nouveaux usages s'en trouvera ralenti. La multiplicité des Login/Mot de passe deviendra rapidement un frein à cette adoption en même temps qu’une menace sur la sécurité globale.
C'est pourquoi une stratégie d’adoption du SaaS doit être accompagnée d’une stratégie de gouvernance et de sécurité des Identités et des Accès cohérente.
Découvrez dans cette étude :
- État de l’art des offres IDaaS du marché : critères fonctionnels, techniques et juridiques
- De l’IAM traditionnelle à l’IDentity as a Service : contraintes, bénéfices, les scénarios possibles et les architectures
- Les offres du marché, actuelles et futures
- Les freins et les leviers : retour d’expériences clients
Étude réalisée au cours du premier semestre 2013 à partir d'un panel de clients représentatifs des différents secteurs d'activités des sociétés du CAC40.
Synthèse de l'étude présentée aux assises de la sécurité à Monaco le 3 Octobre 2013.
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchMITRE - ATT&CKcon
From MITRE ATT&CKcon Power Hour October 2020
By:
Aunshul Rege, Associate Professor, Temple University, @prof_rege
Rachel Bleiman, PhD Student/NSF Graduate Research Assistant, Temple University, @rab1928
This presentation from the MITRE ATT&CKcon Power Hour session on October 9, 2020, explores the application of the MITRE ATT&CK® and PRE-ATT&CK matrices in cybercrime education and research. Specifically, Rege and Bleiman demonstrate the mapping of the PRE-ATT&CK matrix to social engineering case studies as an experiential learning project in an upper-level cybercrime liberal arts course. It thus allows students to understand the alignment process of threat intelligence to the PRE-ATT&CK framework and also learn about its usefulness/limitations. The talk also discusses the mapping of the ATT&CK matrix, tactics, techniques, software, and groups for two cybercrime datasets created by collating publicly disclosed incidents: (i) critical infrastructure ransomware (CIRW) incidents, and (ii) social engineering (SE) incidents. For the CIRW dataset, 39% of the strains mapped onto the ATT&CK software. For the SE dataset, 49% of the groups and 65% of the techniques map on to the MITRE framework. This helps the researchers identify the framework's usefulness/limitations and also helps our datasets connect to richer information that may not otherwise be available in the publicly disclosed incidents.
IoT security presented in Ada's List ConferenceCigdem Sengul
This talk is on IoT security and will use the UK Code of Practice for Consumer IoT Security to underpin the discussion.I describe various vulnerabilities and attacks that made the news headlines, which are the underlying reason why we need these rules now. In October 2018, the UK Government published the Code of Practice for Consumer IoT Security to support all parties involved in the development, manufacturing and retail of consumer IoT. The talk will open the floor to question whether regulation can be a fix to make us all more secure.
One of the major concerns for most organizations considering cloud services is security in the cloud. Are you looking to secure your cloud environment or services, no matter what they may be – data, operating system, domain or applications from intrusion and vulnerabilities? Azure Active Directory is Microsoft's multi-tenant, cloud-based directory, and identity management service helping secure your cloud and on-premise environments.
In this presentation, we discussed Azure Active Directory (Azure AD) Identity Protection, Conditional Access, Identity Management which uses AI and machine learning capabilities to help secure your cloud environment – Office 365 and Azure. In this session, we discussed
Advanced features of Azure AD
Demonstrate the detection capabilities, and real-time prevention
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Amazon Web Services
You may have heard of the buzzwords “chaos engineering” and “containers.” But what do they have to do with each other? In this session, we introduce chaos engineering and share a live demo of how to practice chaos engineering principles on AWS. We walk through chaos engineering practices, tools, and success metrics you can use to inject failures in order to make your systems more reliable.
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
langitselatan as one of the established astronomy community in Indonesia have been actively use social media to interact and discussion with their members and general public. Since 2011 langitselatan received question from public to answer in the form of blog article and now planning to extensively use social media network for astronomy outreach.
This paper reports the development and implementation of Waluku, an online astronomy knowledge base management system with the extension of the dialogue based natural language chatbot on the Twitter social network, that creates responses based on information extracted from langitselatan blog articles, Wikipedia articles and community supplied answers.
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
Dalam bahasa yang sama, kata yang paling sering digunakan, jumlah huruf per kata, serta berbagai statistik lain yang terkait dengan distribusi frekuensi sangat bergantung kepada ragam yang digunakan. Makalah ini menelaah perbandingan distribusi frekuensi kata antara empat ragam bahasa Indonesia yang populer di internet, yaitu Kompas (media massa), Wikipedia bahasa Indonesia (ensiklopedia), Twitter (mikroblog), dan Kaskus (forum). Kajian dilakukan dengan menggunakan korpus yang diambil dari data yang tersedia secara publik di internet serta diproses dengan menggunakan bahasa pemrograman Python serta beberapa pustaka pemrograman yang bersumber terbuka. Hasil kajian menunjukkan adanya perbedaan distribusi yang cukup tajam di antara keempat ragam bahasa Indonesia ini. Kompas banyak menggunakan kata akan karena sifat beritanya; Wikipedia banyak menggunakan kata adalah karena sifat deskriptifnya; Twitter banyak menggunakan kata aku karena sifat subjektifnya; Kaskus banyak menggunakan kata gan yang merupakan kata khas komunitas ini. Kajian ini juga memberikan beberapa hal yang harus diperhatikan dalam kajian serupa seperti penyiapan dan pembersihan data korpus dan leksikon. Kajian ini diharapkan dapat memberikan dasar penelitian lebih lanjut dalam bidang distribusi frekuensi dan analisis korpus bahasa Indonesia.
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchMITRE - ATT&CKcon
From MITRE ATT&CKcon Power Hour October 2020
By:
Aunshul Rege, Associate Professor, Temple University, @prof_rege
Rachel Bleiman, PhD Student/NSF Graduate Research Assistant, Temple University, @rab1928
This presentation from the MITRE ATT&CKcon Power Hour session on October 9, 2020, explores the application of the MITRE ATT&CK® and PRE-ATT&CK matrices in cybercrime education and research. Specifically, Rege and Bleiman demonstrate the mapping of the PRE-ATT&CK matrix to social engineering case studies as an experiential learning project in an upper-level cybercrime liberal arts course. It thus allows students to understand the alignment process of threat intelligence to the PRE-ATT&CK framework and also learn about its usefulness/limitations. The talk also discusses the mapping of the ATT&CK matrix, tactics, techniques, software, and groups for two cybercrime datasets created by collating publicly disclosed incidents: (i) critical infrastructure ransomware (CIRW) incidents, and (ii) social engineering (SE) incidents. For the CIRW dataset, 39% of the strains mapped onto the ATT&CK software. For the SE dataset, 49% of the groups and 65% of the techniques map on to the MITRE framework. This helps the researchers identify the framework's usefulness/limitations and also helps our datasets connect to richer information that may not otherwise be available in the publicly disclosed incidents.
IoT security presented in Ada's List ConferenceCigdem Sengul
This talk is on IoT security and will use the UK Code of Practice for Consumer IoT Security to underpin the discussion.I describe various vulnerabilities and attacks that made the news headlines, which are the underlying reason why we need these rules now. In October 2018, the UK Government published the Code of Practice for Consumer IoT Security to support all parties involved in the development, manufacturing and retail of consumer IoT. The talk will open the floor to question whether regulation can be a fix to make us all more secure.
One of the major concerns for most organizations considering cloud services is security in the cloud. Are you looking to secure your cloud environment or services, no matter what they may be – data, operating system, domain or applications from intrusion and vulnerabilities? Azure Active Directory is Microsoft's multi-tenant, cloud-based directory, and identity management service helping secure your cloud and on-premise environments.
In this presentation, we discussed Azure Active Directory (Azure AD) Identity Protection, Conditional Access, Identity Management which uses AI and machine learning capabilities to help secure your cloud environment – Office 365 and Azure. In this session, we discussed
Advanced features of Azure AD
Demonstrate the detection capabilities, and real-time prevention
Breaking Containers: Chaos Engineering for Modern Applications on AWS (CON310...Amazon Web Services
You may have heard of the buzzwords “chaos engineering” and “containers.” But what do they have to do with each other? In this session, we introduce chaos engineering and share a live demo of how to practice chaos engineering principles on AWS. We walk through chaos engineering practices, tools, and success metrics you can use to inject failures in order to make your systems more reliable.
Waluku: Answering Astronomy Questions through Social MediaJim Geovedi
langitselatan as one of the established astronomy community in Indonesia have been actively use social media to interact and discussion with their members and general public. Since 2011 langitselatan received question from public to answer in the form of blog article and now planning to extensively use social media network for astronomy outreach.
This paper reports the development and implementation of Waluku, an online astronomy knowledge base management system with the extension of the dialogue based natural language chatbot on the Twitter social network, that creates responses based on information extracted from langitselatan blog articles, Wikipedia articles and community supplied answers.
Perbandingan distribusi frekuensi kata bahasa Indonesia di Kompas, Wikipedia,...Jim Geovedi
Dalam bahasa yang sama, kata yang paling sering digunakan, jumlah huruf per kata, serta berbagai statistik lain yang terkait dengan distribusi frekuensi sangat bergantung kepada ragam yang digunakan. Makalah ini menelaah perbandingan distribusi frekuensi kata antara empat ragam bahasa Indonesia yang populer di internet, yaitu Kompas (media massa), Wikipedia bahasa Indonesia (ensiklopedia), Twitter (mikroblog), dan Kaskus (forum). Kajian dilakukan dengan menggunakan korpus yang diambil dari data yang tersedia secara publik di internet serta diproses dengan menggunakan bahasa pemrograman Python serta beberapa pustaka pemrograman yang bersumber terbuka. Hasil kajian menunjukkan adanya perbedaan distribusi yang cukup tajam di antara keempat ragam bahasa Indonesia ini. Kompas banyak menggunakan kata akan karena sifat beritanya; Wikipedia banyak menggunakan kata adalah karena sifat deskriptifnya; Twitter banyak menggunakan kata aku karena sifat subjektifnya; Kaskus banyak menggunakan kata gan yang merupakan kata khas komunitas ini. Kajian ini juga memberikan beberapa hal yang harus diperhatikan dalam kajian serupa seperti penyiapan dan pembersihan data korpus dan leksikon. Kajian ini diharapkan dapat memberikan dasar penelitian lebih lanjut dalam bidang distribusi frekuensi dan analisis korpus bahasa Indonesia.
Satellite Hacking — Intro by Indianz (2012)Jim Geovedi
A very good introduction by IndianZ (Martin Rutishauser) about Satellite Hacking. He also brought up some information that missed in my satellite hacking talks. Highly recommended for those who are interested in the subject.
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
In 2010 a number of practical high-profile attacks against GSM has been discussed and demonstrated. Still it should be noted that those only work against GSM (2G) which has been standardised in the early 90s. It was followed by the 3G family of standards in 2000 which in turn are currently superseded (better: complemented) by yet another generation (4G). LTE (4G) which is expected to be "the next big thing in mobile telco business" has an all-IP network architecture that is much flatter than the earlier architectures' ones.
This talk will provide an in-depth treatment of satellite telephony networks from a security perspective. The overall system seems secure, but in reality, it cannot be expected to be fully reliable.
We will briefly cover the satellite mobile system architecture, then discuss GMR (GEO-Mobile Radio) system elements, e.g. GSS (Gateway Station Subsystem), MES (Mobile Earth Station), AOC (Advanced Operation Center), and TCS (Traffic Control Subsystem) for GMR-1 systems and NCC (Network Control Center), GW (Gateway), SCF (Satellite Control Facility) and CMIS (Customer Management Information System) for GMR-2 systems.
From there, we will discuss the security issues of GMR system as it shares similar vulnerabilities with GSM–GMR is derived from the terrestrial digital cellular standard GSM and support access to GSM core networks, along with some interesting demos.
Time permitting, a question and answer session at the end of the presentation will allow participants to cover any additional issues in satellite telephony system they’d like to discuss.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Hacking a Bird in the Sky: Hijacking VSAT Connection
1. Hacking a Bird in the Sky
Hijacking Very Small Aperture Terminal (VSAT) Connections
Jim Geovedi and Raditya Iryandi
BELLUA ASIA PACIFIC
2. Hacking a Bird in The Sky
Disclaimer
This presentation is intended to demonstrate the inherent security, design and
configuration flaws in publicly accessible satellite communication networks and
promote the use of safer satellite communication systems. Viewers and readers
are responsible for their own actions and strongly encourage to behave
themselves.
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 2
3. Hacking a Bird in The Sky
Satellite
• A satellite is any object that orbits another
object (which known as its primary).
Artificial Satellites
• It was the English sci-fi writer Arthur C.
Clarke who conceived the possibility of
artificial communication satellites in 1945.
Clarke examined the logistics of satellite
launch, possible orbits and other aspects.
• The first artificial satellite was Sputnik 1
launched by Soviet Union on
4 October 1957
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 3
4. Hacking a Bird in The Sky
Types of Artificial Satellites
• Astronomical satellites • Solar power satellites
• Reconnaissance satellites • Space stations
• Navigation satellites • Weather satellites
• Killer satellites/anti-satellite weapons • Miniaturised satellites
• Biosatellites
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 4
5. Hacking a Bird in The Sky
How is a Satellite Launched into an Orbit?
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 5
6. Hacking a Bird in The Sky
Satellite Internet Services
• Used in locations where terrestrial Internet access is not available and in
locations which move frequently, e.g. vessels at sea and war zone.
• Can be used where the most basic utilities are lacking, require a generator or
battery power supply that can produce enough electricity.
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 6
7. Hacking a Bird in The Sky
Three Types of Satellite Internet Services
• One-way multicast: used for IP multicast-based data, audio and video
distribution. Most Internet protocols will not work correctly over one-way
access, since they require a return channel.
• One-way with terrestrial return: used with traditional dial-up access to the
Internet, with outbound data travelling through a telephone modem, but
downloads are sent via satellite at a speed near that of broadband Internet
access.
• Two-way satellite access: allows upload and download data
communications.
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 7
8. Hacking a Bird in The Sky
Very Small Aperture Terminal (VSAT)
• Two-way satellite ground station with a dish
antenna that is smaller than 3 metres.
• Nearly all VSAT systems are now based on
IP, with a very broad spectrum of
applications.
• Most commonly used interactive and
transactional application (online
communication between head office and
branches, flight ticket and hotel reservation,
ATM (Automated Teller Machine) and small
data traffic) and terminal application with
centralised database (data entry, inventory
control and payment point)
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 8
9. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 9
10. Hacking a Bird in The Sky
Internal Computer
(TT&C)
Body
Power source Attitude control
Grapple Fixture
Communications
Satellite Anatomy
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 10
11. Hacking a Bird in The Sky
The Control Centre
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 11
12. Hacking a Bird in The Sky
Tracking, Telemetry and Command Station
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 12
13. Hacking a Bird in The Sky
Topologies of VSAT
• A star topology, using a central uplink site, such as a network operations
centre (NOC), to transport data back and forth to each VSAT terminal via
satellite,
• A mesh topology, where each VSAT terminal relays data via satellite to
another terminal by acting as a hub, minimising the need for a centralised
uplink site,
• and a combination of both star and mesh topologies.
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 13
14. Hacking a Bird in The Sky
Satellite Footprint
• The footprint of a satellite is the ground area
that its transponders cover, and determines
the satellite dish diameter required to
receive each transponder's signal.
• There is usually a different map for each
transponder (or group of transponders) as
each may be aimed to cover different areas
of the ground.
• Footprint maps usually show either the
estimated minimal satellite dish diameter
required, or the signal strength in each area
measured in dBW.
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 14
15. Hacking a Bird in The Sky
100º E - 145.9º E
(SE Asia, Australia, China, Japan, Korea)
Satellite Name Position HD TV TV Digital TV Analog Radio Digital Radio Analog Data
ASIASAT 2 100.5º East 0 97 0 51 0 4
EXPRESS A2 103.0º East 0 13 0 12 0 2
ASIASAT 3S 105.5º East 0 258 0 56 0 22
CAKRAWARTA 1 107.7º East 0 70 0 19 0 5
TELKOM 1 108.0º East 0 57 0 0 0 4
AAP 1 108.2º East 0 57 0 0 0 17
BSAT 1A, 2A 110.0º East 10 3 4 14 0 0
JCSAT 110 110.0º East 0 63 0 20 0 0
SINOSAT 1 110.5º East 0 59 0 36 0 4
PALAPA C2 113.0º East 0 31 2 4 0 8
KOREASAT 2 113.0º East 0 48 0 0 0 3
KOREASAT 3 116.0º East 0 125 0 1 0 12
TELKOM 2 118.0º East 0 1 0 0 0 0
THAICOM 1A 120.0º East 0 6 0 1 0 0
ASIASAT 4 122.0º East 0 79 0 1 0 17
JCSAT 4A 124.0º East 0 93 0 0 0 7
JCSAT 3 128.0º East 0 142 0 103 0 21
JCSAT 5A 132.0º East 0 2 0 0 0 0
APSTAR 6 134.0º East 0 46 2 55 0 3
APSTAR V / TELSTAR 18 138.0º East 0 151 0 0 0 2
EXPRESS AM3 140.0º East 0 14 0 8 0 1
SUPERBIRD C 144.0º East 0 57 0 4 0 0
source: http://www.satcodx4.com/eng/ accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 15
16. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 16
17. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 17
18. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 18
19. Hacking a Bird in The Sky
MEASAT-1 @ 91.5º East
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 19
20. Hacking a Bird in The Sky
PALAPA C2 @ 113.0º East
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 20
21. Hacking a Bird in The Sky
TELKOM 1 @ 108.0º East
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 21
22. Hacking a Bird in The Sky
TELKOM 2 @ 118.0º East
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 22
23. Hacking a Bird in The Sky
Attacks against Satellite Systems
It’s politically sensitive, but it’s going to happen. Some people don’t want
to hear this, and it sure isn’t in vogue … but—absolutely—we’re going to
fight in space. We’re going to fight from space and we’re going to fight
into space…
General Joseph W. Ashy
Former Commander in Chief U.S. Space Command
source: http://www.au.af.mil/au/awc/awcgate/saas/spacy_wl.pdf accessed on 21 September 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 23
24. Hacking a Bird in The Sky
Hypothetical Attacks against Satellite Systems
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 24
25. Hacking a Bird in The Sky
Denial of Service Attacks
• Jam uplink and downlink
• White noise at frequency.
• Requires directed antenna.
• Requires very low power.
• Difficult to detect, especially if occurring
at irregular intervals.
source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 25
26. Hacking a Bird in The Sky
Denial of Service Attacks
• Overpower uplink
• Can be done with transportable satellite
ground terminals
• In tri-band (C-band, X-band, and
Ku-band).
• Power limited.
• Uplink equipment now contains ID
coding.
source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 26
27. Hacking a Bird in The Sky
Orbital Positioning Attacks
• Ranging transponder spoofing
• Multiple ground stations triangulate
satellite position using a series of tones
sent to a transponder.
• Ground stations observe phase
differentials.
• Ground or airborne spoofer could
transmit false response, resulting in
incorrect orbit determination.
source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 27
28. Hacking a Bird in The Sky
Orbital Positioning Attacks
• Direct commanding
• Preparation and delivery of telecommand
queue.
• Command replay
• Record outbound telecommand queue
from TT&C facility. Replay later to initiate
duplicate action.
source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 28
29. Hacking a Bird in The Sky
Orbital Positioning Attacks
• Insertion after confirmation but prior to
execution
• SCC formulates telecommand queue and
sends to TT&C.
• TT&C uplinks and receives readback,
which it returns to SCC.
• If readback is correct, SCC waits for
proper time to execute.
• Channel is vulnerable to update during
this period — new telecommand queue
may be uploaded prior to authenticated
execute.
source: http://www.decodesystems.com/attacks.html accessed on 28 August 2006
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 29
30. Hacking a Bird in The Sky
Practical Attacks against Satellite Systems
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 30
31. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 31
32. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 32
33. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 33
34. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 34
35. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 35
36. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 36
37. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 37
38. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 38
39. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 39
40. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 40
41. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 41
42. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 42
43. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 43
44. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 44
45. Hacking a Bird in The Sky
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 45
46. Hacking a Bird in The Sky
Discussion
• Other attacks against satellite?
• Law issues?
Warning: You are allowed to steal any contents of this material with or without notifying the authors. 46