Why can’t Russians hack Starlink satellites?

By Vilius Petkauskas,
Published by Cybernews, 21 May 2022

Safety measures that make the Starlink satellite constellation safe against attacks from the Kremlin’s and other adversaries might be short-lived.

The use of Starlink satellites in Ukraine ruffled some feathers in Russia, placing a red dot on SpaceX as a potential target for retaliation.

For one, the Director-General of Russia’s Roscosmos space agency, Dmitry Rogozin, expressed discontent over Ukrainian forces using Elon Musk’s satellites for communication.

“And for this, Elon, you will be held accountable like an adult – no matter how much you’ll play the fool,” Rogozin supposedly addressed Musk in a Telegram rant, retweeted by SpaceX founder himself.

“I don’t think that, fundamentally, there’s anything that makes Starlink terminal more secure than others, except for their scarcity at this point,”

Ang Cui, cybersecurity expert and founder of the cybersecurity firm Red Balloon Security, said.

While Rogozin is no stranger to brash claims, even hinting the International Space Station (ISS) might crash down “to Earth in an uncontrolled fashion,” the Russian state has the capabilities to attack commercial satellites.

Western intelligence agencies have confirmed that Russia was behind the attack on Viasat’s satellite KA-SAT network on the first day of the invasion of Ukraine, causing connection outages for thousands of users across Europe.

Reacting to the news about the attribution of Viasat’s attack, Musk himself admitted that Starlink satellites were under fire. However, he added that SpaceX’s infrastructure “has resisted all hacking and jamming attempts.”

Modern times, modern solutions

Apart from the fact they operate in space, satellites are just computers with embedded systems. The problem with space-fearing objects is that upgrading and maintaining devices operating literally out of this planet is a bit more complicated.

According to Mathieu Bailly, VP of Space at CYSEC, a cybersecurity company, here Starlink exceeds in the ability to act a lot faster than the operators of older systems could.

Starlink terminals delivered to Western Ukrainian city of Lviv. Image credit: Shutterstock.

“Starlink, just like Space-X, has built its products using modern DevSecOps tools. It’s a game-changer in terms of agility and security, so it’s no surprise they can do things in a click that would take months for historic players,” Bailly told Cybernews.

The problem with satellites is that they were not engineered with a modern hostile environment in mind. For example, the price of software-defined radio (SDR) systems dropped dramatically over the last decade, allowing enthusiasts to use computers instead of expensive hardware to communicate via radio waves, the main communications channels of older satellites.

According to Nicolas Chaillan, former US Air Force and Space Force Chief Software Officer (CSO), that’s where SpaceX exceeds. Starlink infrastructure can be updated several times a day, much like Tesla vehicles, minimizing the threat of unpatched vulnerabilities.

“The ability of Starlink to update their software multiple times a day is what’s been preventing Starlink from going down and still be there. They were able, within four hours to update software after the attack from Russia to effectively stop jamming,” Chaillan said during the CYSAT conference.

Apples and oranges

Since in recent months Russia targeted Viasat and, likely, Starlink, it’s easy to start comparing how companies behind the satellites fared against Moscow. However, that is not entirely fair.

While the Starlink constellation comprises thousands of satellites in the Low Earth orbit (LEO) at heights of less than 2,000 kilometers, Viasat operates a dozen satellites in the Geostationary orbit over 35,000 km above planet Earth.

The only real similarity between both systems is that they are space-based, but that’s where the parallels end. For example, Russia’s attack on Viasat did not interfere with satellites at all. It focused solely on ground-based systems.

There’s been ample time for threat actors to look into Viasat’s terminals, reverse-engineer them, and find weaknesses that can be exploited to hinder operations, Ang Cui, cybersecurity expert and founder of the cybersecurity firm Red Balloon Security, thinks.

Safety in novelty

Viasat has been in operation for a decade and advertises to have over 590,000 fixed broadband subscribers. For comparison, Starlink’s beta service has been in operation since 2020.

In March, Jonathan Hofeller, Vice president of Starlink commercial sales at SpaceX, said that Starlink has 250,000 subscribers across different business segments.

However, many Starlink customers face delays of up to several months, which means that the distribution of terminals is not as high as with more seasoned market players.

“I don’t think that, fundamentally, there’s anything that makes Starlink terminal more secure than others, except for their scarcity at this point,” Ang told Cybernews.

Starlink dish on a roof. Image credit: Shutterstock.

Inevitable change

Since Russia invaded Ukraine on 24th February, media reports suggest that 10,000 Starlink terminals were shipped to Ukraine. With an active war going on, these will inevitably come into Russia’s hands.

For example, reports emerged claiming that Starlink terminals were actively used in the port city of Mariupol, which is now entirely occupied by Russian forces.

“I’m sure there are people somewhere in Russia working on Starlink terminals that they’ve gotten out of Ukraine. And I guarantee you they’re reverse-engineering it right now. And the clock is ticking,” Cui explained.

Whether Russians succeed in hacking Starlink or not, the safety architecture of space communications will forever be altered by the growth of commercial space companies.

Combining private and government satellite communications proves to be a very hard nut to crack for adversaries, as General David Thompson, Vice Chief of space operations of the US Space Force, explained during a Senate Armed Services Committee hearing.

“You may be able to deny a piece of it (using space capabilities), but you can’t eliminate the capability writ large,” Thompson said.

Cybernews contacted Starlink for comment, but we have not received a response until the day of publication.

See: Original Article