The popularity of low-orbit satellites for enterprise, civil and critical infrastructures has made the security of satellite communications a growing global concern. As a result, many satellite solution providers are facing the issue and trying to solve it by traffic encryption between user ground devices and high altitude satellites to avoid possible from the ground jamming attacks or even man-in-the-middle hijacking and manipulation, but does encryption really equal to secure?

In this session, we will go along with the audience on a journey to explore terrestrial broadcasting attacks, starting from two academic studies to explore how hackers can find encryption flaws in the hardware and software design architecture of satellite modem products, inject malicious firmware upgrades through man-in-the-middle hijacking and take down the remote execution again after dismantling the satellite communication equipment in a practical manner. We will explore the security costs of modern satellite modulation and demodulation process with its high firmware data transfer capability, the difficulties of man-in-the-middle identification for practical datacom-satellite communication, and how attackers can abuse the combination of these techniques and the possible threats.

As the cost-effectiveness of space technology increases, satellite networks are no longer exclusively used for scientific or military purposes. Low Earth Orbit (LEO) satellite technology is now more commonly used in OT environments for both private and government sectors. However, in 2024, global concerns over the Russia-Ukraine war and the Israel-Hamas conflict have resulted in a surge of aggressive attacks driven by geopolitical factors, with satellite networks becoming key targets influencing the outcome of these conflicts. The attack theories of the past are now practicing in reality.

This research studies the structure of the space industry. Due to performance limitations and specific development needs, the space industry faces attacks that are difficult to defend directly. In addition to explaining these attacks through the ongoing APT (Advanced Persistent Threat) war, this talk aims to mitigate the impact on satellite users' OT environments. This research collects security principles related to satellite networks from the U.S., Europe, and Japan in recent years. From this, we have derived objective principles applicable to satellite network users.

This talk will take the audience on an in-depth exploration of the current state and future trends of satellite networks and space cybersecurity. The focus will be on unveiling the security threats faced by modern satellite communication and control systems through offensive and defensive scenarios designed in CTF (Capture The Flag) competitions.

We will present case studies, technical analyses, and demonstrations to illustrate fundamental knowledge of satellite cybersecurity and common attack and defense techniques.

Through this talk, the audience will gain a deeper understanding of the importance of satellite cybersecurity, learn practical offensive and defensive techniques, and be inspired to explore further research in the field of satellite security.

Historically, the high costs associated with satellite manufacturing, design, and launch limited satellite production to government agencies or research institutions. However, in recent years, the development and widespread use of small satellites have emerged due to the significant reduction in launch costs associated with their smaller size. Consequently, projects developing satellite protocols and DIY cub satellites have proliferated. This study shares insights into classic vulnerabilities identified in past satellite attack research, along with new security issues we have discovered. We focus on a recent open-source satellite project, SPACECAN, and the decade-old open-source satellite communication protocol, libcsp, which is already in use by satellites. Our research identifies three vulnerabilities in the SPACECAN project related to CAN bus message transmission and highlights a flaw in message verification within the libcsp project. By revealing these vulnerabilities, we aim to raise awareness about the security of satellite communication systems, advocate for secure implementations in open-source satellite projects, and provide actionable recommendations to mitigate these risks.