| PRESENTATION: | SATCOM Terminals: Hacking by Air, Sea, and Land | 
| PRESENTER(S): | Ruben Santamarta, Principal Security Consultant for IOActive | 
| CONFERENCE: | 4SICS | 
| LOCATION: | Skyddsrummet, Stockholm, Sweden | 
| DATE & TIME: | October 22, 2014 at 13:20 PM | 
Satellite Communications (SATCOM) play a vital role in the global telecommunications system. We live in a world where data is constantly flowing. It is clear that those who control communications traffic have a distinct advantage. The ability to disrupt, inspect, modify, or re-route traffic provides an invaluable opportunity to carry out attacks.
IOActive conducted SATCOM research focused on reverse engineering the freely and publicly available firmware updates for popular SATCOM technologies. They found that 100 per cent of the in-scope devices could be abused. The vulnerabilities they uncovered included multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities could allow remote, unauthenticated attackers to fully compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability, just sending a simple SMS or specially crafted message from one ship to another can do it.
In this presentation, Ruben will discuss the technical details of IOActive’s research, based largely on static firmware analysis via reverse engineering. The presentation will also include a live demo against two of these systems.
About Ruben Santamarta
Ruben Santamarta is Principal Security Consultant at IOActive where he performs penetration testing, identifies system vulnerabilities, and designs custom security solutions for clients in software development, telecommunications, financial services, and non-profit organizations. He has over 10-years of experience working for the security industry in different roles such as malware analysis or exploit development. Ruben has found dozens of vulnerabilities in products from leading IT and ICS vendors, being these last ones where he is currently focused. Ruben has presented at international conferences such as Ekoparty, RootedCon, Black Hat USA, and AppSec DC.
About 4SICS
4SICS is Stockholm’s international summit on cyber security in SCADA and Industrial Control Systems. 4SICS gathers the most important ICS/SCADA cyber security stakeholders across critical industries, such as energy, oil & gas, water, transportation, and smartgrid.
4SICS gives you a great opportunity to listen to international top speakers in the field and meet the most experienced stakeholders. It will be a single-track, two-day summit with generous time slots for presentations as well as interaction and networking. The summit will offer an opportunity to not only to increase your knowledge of today’s ICS/SCADA security risks, but also to receive practical advice on how to manage them. Moreover, 4SICS attendees will have an opportunity to participate and play KIPS – the Kaspersky Industrial Protection Simulation.
About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information.  Follow IOActive on Twitter: http://twitter.com/ioactive.
-###-

