*Author of this article: OpenATS, belongs to the FreeBuf Original Reward Program, reproduction is prohibited without permission
Hello everyone, it's been a long time, I miss you very much~ Satellite Brother is back.Maybe you have noticed that satellite technology is gradually becoming civilianized. Private aerospace companies are emerging, and technology companies are queuing up to launch their 'small satellites'. Let's not worry about whether these small satellites are used for scientific research or other purposesPRIt is also the popularization of satellite technology. The issue of satellite security is also worth our in-depth exploration.
Previous article summary:
Satellite control systems
Due to the architecture and design of satellites, real-time operating systems are mainly used to provide the real-time and high reliability of the entire system. Currently, the control systems of satellites are mainly divided into the following types:
I. Large-scale real-time operating system
This type of system is mainly applied to large satellites. Due to the large number of sensors and actuators on large satellites, the control system is complex, and there are very high requirements for the processing of these data. Therefore, this type of satellite mostly uses real-time operating systems as the main platform, among which the commercial real-time system represented by VxWorks has a wide range of applications. Fighters, satellites, Mars rovers, and others have adopted it. NASA (National Aeronautics and Space Administration) has also opened source an operating system for their Mars rovers, MarsOS, and the robot operating system ROS, both of which are based on real-time systems. Gradually, some real-time systems developed by private technology companies have gained attention, such as the large-scale real-time operating system SylixOS developed by domestic open-source, which has also been adopted by some of our country's satellites.
II. Privately developed real-time systems
Due to the particularity of satellites, the technologies involved are national strategic resources and cannot be shared arbitrarily, leading to a relatively closed ecosystem. Therefore, many satellite control systems and software are mostly independently developed, with characteristics such as 'one satellite, one system', and strong closure.
III. Based on LinuxReal-time operating system
This type of system is mainly applied to some small and medium-sized satellites. The real-time operating systems developed based on Linux have the advantage of being comparable to traditional commercial real-time operating systems in terms of task processing and thread scheduling, and have the overall advantage of reducing development costs.
IV. Real-time operating system based on microcontroller
With the emergence of some real-time systems based on microcontrollers, such as RTOS and RT-Thread domestically produced, the control systems based on microcontrollers are gradually developing from simple control towards real-time performance, with increasingly good task scheduling performance and a significant advantage in handling simple tasks.
V. No operating system
Nano satellites usually do not have an operating system, the entire nano satellite only contains the control part, and the function of the nano satellite is single, such as simply transmitting beacons, signal relay, and other simple applications, which can be completed without a complex operating system.
However, it is not the case that the control system has no vulnerabilities; VxWorks has been found to have many vulnerabilities. The command channel of the satellite often does not coincide with the communication channel, and there are also some attack methods against the hardware and control system:}}
Control signal replay attack
Since the ground station's antenna signal is strong,射频信号 can be intercepted and stolen around the antenna, and the control instructions can be replayed to cause this type of control signal replay attack. Large satellites often adopt measures such as non-reversible instructions in the design of the control system, fully considering this factor. However, some small and medium-sized satellites do not have such designs, which can lead to successful attacks.
Hardware device vulnerabilities
When it is difficult to infiltrate the control system of the satellite, the attacker targets the receiving hardware in the communication system, some hardware that provides services such as modems, which have some security vulnerabilities including weak passwords and system flaws, leading to infiltration and subsequent threats to the data.
Due to the difference between satellite systems and general computer systems, the main security of satellites is reflected in communication. The communication methods between satellites and the ground all use radio communication, and now technologies such as laser and quantum communication have emerged, but the essence remains unchanged. So, what are the aspects of security related to satellite communication?
Common attacks on satellite communication
The common attacks on satellite communication are generally divided into two categories: one is passive attack, and the other is active attack.
1. Passive Attack
The most obvious one is information interception.The main advantage of satellites is their location, which allows for a wider communication range, reaching coverage that cannot be achieved on land. For this reason, the communication methods of satellite communication are mostly broadcast in a large area, broadcasting data within the coverage area, which leads to anyone within the range being able to intercept the signal and steal useful information. Some early commercial satellites even did not adopt encryption technology to reduce the complexity of the entire system, resulting in data leaks. Therefore, the units or individuals using satellite communication are relatively important customers, and the losses incurred are self-evident.
Many people find it incredible that satellite communication is not encrypted, feeling that such a high-level communication system should be very important, and encrypted communication is indispensable. In fact, this is not the case. The problems brought about by encryption include increasing the complexity of the system, research and development costs, and resource consumption. Since satellite communication equipment is expensive, including downconverters, modems, decoders, and software servers in the receiving line, upconverters and amplifiers in the uplink equipment, and antennas, etc., are all very expensive equipment. While there were very few people who were able to receive and decode satellite data in the past, with the advancement of technology, some new technologies such as SDR software radio technology have greatly reduced the cost of receiving. This has posed a threat to the currently serving satellite data that is not encrypted, and passive attacks are even impossible to detect the location of the attack through technical means.
2. Active Attack
This type of attack is based on passive attacks, making the attack more advanced and causing more serious losses.
Active attacks are generally divided into the following types:
Denial of Service Attack (DDoS)
Attacks against satellites also exist in the same attack methods as network attacks: DDoS. Attackers send legitimate false requests, causing the satellite to be unable to provide effective services to legitimate users. This type of attack is also difficult to defend against, because of the diversity of satellite communication links, such as the instability of clients and the diversity of links, making it difficult for satellites to provide good defense against such attacks. Each user's client is a receiving system and a transmitting system, and users lack professional knowledge, so they cannot get effective treatment when problems arise, leading to connection instability and generating a large number of connection requests. In addition, due to weather conditions such as rainfall, the satellite link may experience rain attenuation, and the number of access requests will increase significantly, but the satellite cannot blindly defend against these requests, so the system design will not be as good as network firewalls in defending against these requests, and the satellite cannot distinguish whether these requests are from legitimate users or malicious attackers.
Signal Interference Attack
This type of attack is the most common but also the most effective, and it is also often used in warfare. Since wireless communication may face this kind of attack, satellites are no exception. Interference is divided into blocking interference and noise interference, etc. Strong interference signals can cause the satellite to fail to normally receive and distinguish signals from customers, and thus cannot provide services. The location of such attack sources can only be roughly calculated as the ground interference source based on the signal field strength and other information of the satellite's signal, and then cooperate with relevant departments to find the interference source. Some communication satellite antennas have the technology of beam and line beam, which can avoid such attack methods and roughly locate the interference source, but the complex design of the internal radio frequency link and antenna of the satellite is only suitable for large communication satellites.
Broadband Resource Theft Attack
The most valuable resource on a satellite is the frequency resource, which provides the largest effective bandwidth. In the past, the main working form of satellite transponders was to receive signals from one party, process and exchange them on the satellite, and then forward them to the other party based on the information of the signals. However, some limiting factors of satellites, such as the limited power supply of the overall satellite platform and the limitations of the onboard computer processing capacity, have led to this system gradually being replaced by some bent pipe transparent transponders. Because satellites are launched into the sky and we cannot upgrade or maintain them later, after many years, satellites will face the problem that the hardware processing capacity cannot meet the growing information volume, leading to the gradual development of communication satellites towards the 'transmission on the satellite, processing below the satellite' direction. This can effectively avoid this problem, and for future hardware upgrades, only the ground station's hardware needs to be upgraded, while the satellite's work is simply to effectively utilize frequency resources to provide the largest communication bandwidth.
However, while bringing us benefits, it will also lead to some weaknesses. That is the theft of satellite broadband resources. Since satellites do not perform more in-depth unpacking of signals, they cannot determine whether the received signals and data are from legitimate users. When attackers send their illegal signals, satellites will still forward the signals, upconvert or downconvert them, and then forward them to the ground station with high power. At this time, if the attacker sets up a receiving system to demodulate and decode the data after self-receiving, and extract useful data to communicate privately through the satellite, it forms a complete attack on the theft of satellite resources. Malignant attackers may even use their own encryption algorithms to effectively encrypt communication data, making this type of attack difficult to defend.
Information forgery attack
This type of attack is also based on passive eavesdropping. After the user's data is illegally intercepted, the attacker forges the data and returns it to the uplink, and the ground station cannot distinguish whether the data comes from a legitimate user, leading to the modification of legitimate user data and the error of the entire communication data.
Key破解攻击
Such attacks are not common among ordinary attackers and require very high computer skills of the attackers, and are more common in space informatization wars between countries. Due to the importance of certain satellites, this type of attack is an important way to obtain some precious information. Strategic communication often determines the direction of war, so at present, various countries have successively developed relevant space strategic institutions to carry out such attacks.
The above are some common attack methods against satellites, and for some attack methods, the defensive methods available are limited, and it is impossible to take very effective measures. It is necessary to seek the help of ground wireless regulatory authorities to locate the attackers. With the advancement of technology, these attack methods will gradually appear in more satellite communication systems. Because of the特殊性 of satellites, once they are launched into space, they cannot be maintained or modified, and it is best to develop in the direction of software-defined satellites, so that the protocol vulnerabilities that may appear in the future can be effectively repaired and controlled. While satellite service providers should fundamentally ensure the channel encryption of satellite communication and basic work such as user authentication, to ensure the confidentiality and integrity of user communication data.
*Author of this article: OpenATS, belongs to the FreeBuf Original Reward Program, reproduction is prohibited without permission
评论已关闭