AEROSPACE CYBERSECURITY

Angelina Tsuboi (G4LXY) x angelinatsuboi.com

 ABOUT ME
SOFTWARE x MECHATRONICS,
AEROSPACE CYBERSECURITY,
RESEARCHER @ NASA
I build aerospace cybersecurity
programs and multidisciplinary
engineering projects to spearhead
new technological endeavors and
research

angelinatsuboi.com | G4LXY.space
 MAIN OBJECTIVES

Conceptual Cybersecurity Attacks and

Understanding Techniques Prevention
Covering Terminology, Overview of Cybersecurity Common Attacks and
Purposes, and Overview Concepts and Tools Mitigation Mechanisms
WHAT IS A
SATELLITE?
Natural Satellites
An object in space that
orbits or circles around a
bigger object

Artificial Satellites
What are Satellites Used For?
Satellites are used for a wide range of scientific and technical applications
They can be categorized down into four categories:

● Communication
Includes a transponder to receive and send signals from Earth allowing for long-range
communication. Used in media transmission such as radio, TV, Internet, and telephone

● Remote Sensing
Monitor and track information about Earth such as environmental patterns. weather
forecasting, geographical mapping, and more

● Navigation
Sends telemetry data including position in space and time. Used for geolocation
purposes such as GNSS

● Astronomical
Giant telescope in orbit. Uses infrared imaging to investigate different types of celestial
bodies for astronomical research purposes
 The Rising Threat
The space industry is growing significantly annually due to the reduced
financial barrier to entry and growing accessibility of space-related
technology. However, this growth is met in tandem with bad actors trying
to exploit this tech to compromise satellites and other spacecraft.

One example of this occurred in 1998 when a team of hackers took control
of the U.S.-German ROSAT X-Ray satellite and instructed it to adjust its
satellite panels to aim towards the sun by hacking into the computers in
the Goddard Space Flight Center which fried the satellite’s batteries and
caused it to crash into Earth in 2011.

In 1999, hackers held the U.K’s SkyNet’s constellation of satellites for

ransom.

Hacking of satellites can cause infrastructure damage and nasty collisions

Satellite Cybersecurity
In order to combat the wide range of threats presented to modern spacecraft
especially satellites, there has been a rising initiative for ensuring the
cybersecurity of these systems.

Examples include the CSfC requirements to meet the transmission security

guidelines established by the NSA for military-grade satellites

However, there is still a lack of cybersecurity standards which is concerning as

more companies deploy satellites into space, Many companies perceive
cybersecurity as being too costly since very specialized solutions are required

Modern example of this is the Starlink involvement in the Russian Ukraine

Conflict, Russia has infested the Starlink satellite system with multiple hacking
attempts such as jamming and spoofing
 Reconnaissance

ATTACK PROCESS
Track the sat

Communication
Eavesdropping
Listen to the sat

Reverse Engineering and

Decoding Communication
Decode the sat

Exploitation of Vulnerabilities
and Attacking
Hack the sat
Satellite Reconnaissance
What information can you extract from a satellite?

Satellite Identification:
Type of satellite, company / organization affiliation, name, launch date, operator., passes, location. etc

Orbital Parameters:
Precise telemetry of satellite such as altitude, eccentricity, inclination, orbital period, etc

Satellite Imagery:
Extract images from satellites for infrastructure, environmental, and remote sensing analysis

Protocols and Encryption Methods

Identify vulnerabilities by analyzing ground control infrastructure, encryption methods, and protocols
Types of Satellites
Communication:
Type of satellite, company / organization affiliation, name, launch date, operator., passes, location. etc

Orbital Parameters:
Precise telemetry of satellite such as altitude, eccentricity, inclination, orbital period, etc

Satellite Imagery:
Extract images from satellites for infrastructure, environmental, and remote sensing analysis

Protocols and Encryption Methods

Identify vulnerabilities by analyzing ground control infrastructure, encryption methods, and protocols
Orbital Elements
Identifiers used to describe a location of a celestial body in space

a: length of the semi-major axis

e: eccentricity

i: inclination

Ω: right ascension of the ascending node

ω: argument of periapsis

v: true anomaly / time of periapsis passage (also

designated with θ)
Orbital Elements
TLE - Two-Line Element Set
Data format used to record and report the position and orbits of
artificial satellites orbiting Earth
Getting Satellite Information
OSINT (Open Source Intelligence): a technique for extracting information from publicly
available sources for a specific purpose

CelesTrak: Satellite TLEs and general information

AMSAT: Satellite pass prediction

Orbital Mechanics: Visualize orbital elements

N2yo: satellite tracking and prediction

Let’s Track the International
Space Station!
Objective: Track down the ISS’s live location and telemetry details
and plot where it is in orbit, in space, and over Earth
Step 1 - Get the TLE
Go to the CelesTrak NORAD Element Sets page

Click Space Stations

Copy the TLE under “ISS (ZARYA)”

PYTHON FOR
CYBERSECURITY
- Extensive library… Lots of
cybersecurity tools already
written using Python
- Minimal Learning Curve
- Built-in memory management
Step 2 - Interpret the TLE
Go to the github.com/ANG13T/satellite-hacking-workshop

Download the source code

Navigate to the scripts folder via terminal

Run python3 trackasat.py * install packages / libraries via pip3 install

Paste in TLE contents one line at a time

Visualize Satellite in Orbit

orbitalmechanics.info
Step 3 - Visualize the ISS in Orbit
Note the 6 Keplerian Elements:

Plug them into orbitalmechanics.info!

Satellite Ground Track and Position
Ground Track: 2D path of a spacecraft over Earth's surface

Ground Position: position of a spacecraft over Earth's surface denoted by

longitude and latitude
Step 4 - Plot the ISS Ground Track
Note the Ground Coordinates:

Plug them into this geo point plotter!

Note the Inclination and Semi-Major Axis

Plug them into this ground track visualizer!

Challenge
Track and Visualize Starlink
Objective: Apply what you have learned to do the following

1. Get the TLE for the Starlink 1007

2. Visualize the Orbit of the Satellite

3. Find the Position of the Satellite over Earth using GPS

Key Satellite Vulnerability
One of the biggest vulnerabilities with satellites is their use of long-range
communication with ground stations. Information is transmitted through open
network security protocols making it an easy target for cybercriminals.
Communication Foundations
Uplink: link up from ground station to satellite

Downlink: link from satellite to ground station

One-Way vs Two-Way Communication: one direction (broadcast) vs point-to-point

bilateral communication
Electromagnetic Waves
Electromagnetic radiation that describes oscillations of electric and magnetic fields

Measured by frequency and wavelength. Satellites use radio waves to receive and send
signals to and from Earth
Frequency and Bands
SATCOM - Satellite Communication
SATCOM (Satellite Communication) is a network architecture used by satellites to provide a variety of
applications from broadband internet, mobile television, and radio broadcasts

Communication links involve frequencies in the L-band with the range 1 to 2 GHz range
Problems with SATCOM
Technical Issues for Universal Encryption:
Since satellite signals travel extensive distances, they are at risk of packet loss and latency which causes massive
performance reductions for end-to-end encryption

Small Companies don’t have $$$ for Independent Encryption:

Large organizations are putting the burdensome task of developing custom encryption protocols on the
shoulders of independent companies, making smaller companies evade the task for their lack of resources

No Universal Security Guideline:

Many satellite communication protocols follow status quo practices making them struggle to keep up with
evolving attack methodologies
Repercussions of SATCOM Hacking

Satellite Onboard subsystem architecture and example comprimasation scenarios

Listening to Satellites
Satellite TV Dish Antenna

Directional Yagi Antenna

Software Defined Radio

RTL-SDR, NooElec SDR Mini 2 RTL SDR, etc

Decoder Software
Wxtoimg, Gqrx, Sox

Pass Prediction Software

GPredict, MMSSTV, etc
Intercepting Satellite Signals
1. Determine when Satellite is Overhead
Using Radio and Visual Pass Prediction from N2YO or sites like ISS Detector

2. Identify Satellite Frequency

Find the frequency for the target satellite using sites like kvh.com

3. Decode Satellite Signal

By noting decoder type and available tools, decode the signal into legible data
Decoding Communication
DVB (Digital Video Broadcasting)
physical layer standard to support high-data-rate satellite communications

APT (Automatic Picture Transmission)

An analog image transmission mode used by weather satellites to transmit weather photos

QPSK (Quadrature Phase Shift Keying):

A phase shift keying technique where two bits are modulated at one to carry twice as much
information

LDPC (Low-Density Parity-Check Code):

Forward Error Correction (FEC) technique to minimize errors upon transmission of data
Let’s Take a Break!
Let’s Decode Weather Images
from NOAA Satellites!
Objective: Predict NOAA 18 Satellite Pass, Extract Transmission,
Decode Transmission to Retrieve Image
Step 1 - Find Satellite Pass
Go to the N2YO.com website

Click Satellites on Orbit > Weather > NOAA 18

Scroll down the page till you see pass prediction

Step 2 - Find Satellite Frequency
Stay In the same NOAA 18 webpage

Find Downlink Frequency (137.9125 MHz)

Listening to NOAA Sats
RTL 2832U

Computer with SDR Sharp

Audio Recording Software (Audacity)

Bandwidth to 36 KHz

Sample Rate of 11025 Hz

Step 3 - Get Satellite Transmission
Download the pre-recorded audio file on GitHub
Step 4 - Decode Transmission
Go to the Open-Weather APT website

Choose the pre-recorded audio file

Select Absolute Value and Decode!

Types of Attacks
Jamming
Jamming well-known frequencies for satellites to cause disturbances and interrupting communication

Spoofing:
Transmitting a counterfeit radio signal to a receiver to override a legitimate satellite signal

Eavesdropping:
Accessing private data from a satellite by intercepting communication and deciphering communication

Hijacking and Control:

Using a satellite to transmit or control a signal and replace it with another. Hacker transmit fake data and can
gain control over a part of the satellite infrastructure
Materials for SAT Hacking
High Frequency Antenna

Radio Frequency Analyzers:

Decryption Software:
SkyGrabber is only $24
Common Attack Strategies
Counterfeit Signals for Spoofing
GPS Spoofing - Transmitting a fake signal to a receiver antenna to
override a valid GPS signal

Orbital and Terrestrial Jamming:

Sending fabricated frequencies via a rogue uplink or messing with
the downlink by jamming

Taking over TT&C:

Telemetry, Tracking, and Control link take over to send malicious
commands

Clever Eavesdropping:
Intercepting the frequencies with RF analyzers and decrypting
comms
Let’s Simulate Spoofing GNSS
Signals!
Objective: Create a believable GNSS data signal and simulate it!
What is GNSS Spoofing?
GNSS: Global Navigation Satellite System. Used to pin-point a location on Earth

GPS Spoofing: When a person alters data sent to satellite in order to appear in a different
location and time zone.
Ephemeral Positioning
Ephemeris: position of a celestial body in space

GNSS works by using ground based receivers to listen

from signals from satellites in the GNSS constellation

Each satellite encodes position data into the signal

By taking the signal from at least four satellites, satellite

navigation solution can be used to find the location of
the receiver via trilateration.
Step 1 - Determine Target
Get the GPS broadcast ephemeris file from NASA’s CDDIS site
Step 2 - Select Location
Go to Google Maps

Right-Click Point to Spoof and Note the GPS Coordinates

Transmitting Fake Signals
● Capable of transmitting signals

● Easy installation

● Compatible with GPS Spoof

 e a
s
t ’ s u :D
Le t io n
ul a
s i m

Wait! This is Illegal!

Step 3 - Transmit Signals
sudo hackrf_transfer -t gpssim.bin -f 1575420000 -s 2600000 -a 1 -x 0
Detecting GPS Spoofing #1
Absolute Power Monitoring:
Check for the power level of the received signal. This is effective
because spoofed signals increase the power content of their
transmission making the abnormality an indication of an attack
Detecting GPS Spoofing #2

Carrier to Noise Monitoring:

In open sky conditions, satellite movements and ionospheric conditions are relatively stable in contrast with
higher signal variation for a transmission near the ground
 CLASS RECAP

Communication Attacks and

Reconnaissance
Dissection Spoofing
Telemetry indicators, orbital EM Waves, bands, decoding,, Calculating passes,
mechanics, and plotting and eavesdropping strategies. and spoofing
 Attack Mitigation
So… how can we better protect satellites?

● Network Security
Network systems including more robust encryptors, diodes, and
gateways to protect data through transit that cover multiple layers
of security

● Secure Key Management

More open and accessible guidelines on the generation and
distribution of cryptographic keys for secure telecommunication

● Threat Monitoring
Development of more modern detection systems for cyber threat
intelligence and more supervision of cyber systems in space
 Future of Satellite Cybersecurity

Moonlighter Quantum Cryptography New Comm Protocols

SpaceX launched a hacking QEYSSat: LEO satellite with a quantum QPEP: new encrypted proxy
“sandbox” used for satellite receiver and transmitter of quantum for high latency satellite
training and research encoded photons communication
Resources for Further Exploration
G4LXY Tools Repository: Collection of tools for everything aerospace hacking

Hack-A-Sat Resources: Official resource list provided by Hack-A-Sat

Awesome Space List: Repository of a variety of space tools and applications

 THANK YOU!
Please feel free to reach out with
any questions and/or feedback!
[email protected]
angelinatsuboi.com