A homemade circuit board that cost approximately $25 was used by a Belgian security researcher to successfully hack Elon Musk’s Starlink satellite dishes, according to numerous media sources.
At the annual Black Hat Security Conference on August 10, Lennert Wouters presented a presentation titled “Glitched on Earth by humans” in which he discussed the flaws that allowed him to gain access to Starlink satellite terminals and create his own bespoke code.
In a news statement, Wouters stated that “the general availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network.”
According to Wired, he showed guests how to use a modchip, often known as a DIY circuit board, during the Conference. The modchip was created using components that could readily be bought off-the-shelf for approximately $25 and would directly connect to a Starlink dish.
To design a layout for the modchip that would fit over the current Starlink board, Wouters first examined the Starlink dish. He linked together the modified Starlink printed circuit board (PCB), which had a Raspberry Pi microcontroller, flash storage, electronic switches, and a voltage regulator.
Wouters claimed that by allowing hackers to run code on Starlink devices, the tool would grant them control over the entire network as well as previously inaccessible system regions. On GitHub, the researcher has made the design of his modchip available to everyone.
We are able to run arbitrary code thanks to our attack, which compromises the Starlink [user terminal] in an unfixable way.
To freely explore, you must be able to gain root access on the Starlink [user terminal].
As part of a program established by SpaceX that compensates researchers for finding holes in the Starlink service, Wouters committed the hack. On August 10, SpaceX commended Wouters for the discovery and disclosed that a software fix had been made.
But according to Wouters, Starlink won’t stop being hackable until SpaceX creates a new design for the terminal’s primary chip.
Wouters clarified that he didn’t provide his information in order to help hack Starlink satellite dishes. He believes it will help the private space industry improve cybersecurity for its customers.
Repercussions For Starlink
With the help of a network of low Earth orbit satellites, the ambitious Starlink project hopes to provide satellite internet connectivity to every nation on the planet. To provide internet connection to remote areas, more than 3,000 tiny satellites have already been deployed since 2018.
The hardware required to build the 19-inch wide “Dishy” satellite dish costs more than $500 and costs customers who want to use satellite internet service more than $100 per month.
Currently, the company has over 400,000 subscribers worldwide. The corporation is also allowed to beam its service to moving automobiles, boats, and aircraft by the Federal Communications Commission.
The utilization of Starlink and other comparable satellite constellations is increasing, therefore threat actors are more driven to uncover security holes and conduct attacks against them.
On February 24, as Russian troops entered Ukraine, Russia determined it would be advantageous to strike a satellite’s ground-based electronics, disrupting a satellite that carried internet connectivity throughout Europe.
The action successfully disrupted communications in Ukraine at a crucial point in the invasion while also having an effect on other regions of Europe. Even worse, it had a knock-on effect that jammed crucial infrastructure, such the navigation systems on airplanes.
A Starlink hack may easily develop into a problem with global security. Kyiv’s military began using Starlink terminals earlier this year after Russia allegedly violated Ukraine’s prior satellite supplier. On August 4, the US Air Force also declared that it would employ Starlink to support its operations in Europe and Africa.
The EurAsian Times contacted Paul Szymanski, a space warfare specialist who has collaborated closely with a variety of services (Air Force, Army, Navy, Marines) and civilian groups (NASA, DARPA, FEMA), to find out if US opponents could hack Starlink satellites.
“As far as I’m aware, this Starlink hack needed to be physically attached to a Starlink receiver antenna. If the adversary gets physical access to the actual equipment, the majority of security systems can be compromised.
So, Lennert Wouters only managed to hack one terminal as opposed to thousands? If it were simple, Russia would have already compromised all Ukrainians’ Starlink terminals, according to Szymanski.
Many claim that Starlink’s tens of thousands of satellites make it comparatively impervious, he continued. There is always a solution thanks to human inventiveness.
If Starlink satellites can move apart automatically, it would appear that a hacker could alter all of the satellites’ algorithms to add a negative sign, causing the network to breakdown when a Starlink satellite tries to move apart.
SpaceX, meanwhile, has published a six-page web paper outlining how it safeguards the Starlink system and urging security researchers to “bring on the bugs.”