Small satellite terminals could be open to cyberattacks

Military units that rely on very small aperture terminals (VSATs) for satellite communications in remote areas may want to double-check their security settings. Researchers from cyber intelligence company IntelCrawler recently scanned VSATs around the world and found many of them vulnerable to a cyberattack.

IntelCrawler’s scan identified nearly 3 million VSATs, many of them in the United States, and found that about 10,000 of them could be easily accessed, according to the company’s blog. “Many VSAT devices have telnet access with very poor password strength, many times using default factory settings,” the company said. Other terminals had open ports.

The fix isn’t hard — the company recommended that administrators examine their terminals and close any holes. All they might have to do is add a strong password.

VSATs — relatively small, light and inexpensive for satellite communications equipment — are used in a variety of settings, from point-of-sale credit card terminals to power grids and other infrastructure facilities. The military uses them extensively in the field when line-of-sight communications aren’t available. The terminals also have become common on unmanned aerial vehicles, which need light communications equipment.

If the terminals have open ports or easily guessed passwords, they could allow an intruder to monitor network traffic or compromise the network itself, InterCrawler said.

Military units have security protocols for their equipment, but passwords or other security settings for network devices such as routers, switches — and VSATs — can sometimes be overlooked. For units using the terminals, it wouldn’t hurt to check.