Soldiers with the Canadian Army's 1st Battalion 22nd Royal Regiment prepare for an operation at sunrise Monday, June 27, 2011 on Forward Operating Base Sperwan Ghar in the Panjwaii district of Kandahar province, Afghanistan

Soldiers with the Canadian Army's 1st Battalion 22nd Royal Regiment prepare for an operation at sunrise Monday, June 27, 2011 on Forward Operating Base Sperwan Ghar in the Panjwaii district of Kandahar province, Afghanistan AP Photo / David Goldman

Insights & Reports
Empowering the Data-Centric Force of the Future
Presented By NetApp
Download Now
The Essential Guide to Security Information and Event Management (SIEM)
Presented By Splunk | Carahsoft
Download Now
Science & Tech

Flaw in Some Satellite Communication Terminals Can Expose US Troops’ Location

Vulnerabilities in certain brands of communications terminals can be used to access GPS data on forward-deployed troops.

Patrick Tucker

|
Patrick Tucker
By Patrick Tucker
Science & Technology Editor

LAS VEGAS — Some satellite communication terminals that the military uses in forward-deployed locations are highly vulnerable to a pervasive flaw, according to researchers with cybersecurity company IOActive. Company officials say they are already working with the Defense Department and the vendors that produce the buggy equipment. But because some of the terminals are currently with troops at forward operating bases, the researchers declined to name them, due to security concerns.

IOActive researcher Ruben Santamarta uncovered the vulnerability, which he said could be used to intercept GPS downlink signals that reveal the location of a terminal and the soldiers using it.

The terminals’ self-pointing antennas use GPS, and sometimes instructions from their operators, to aim themselves at the right satellite. That location data is supposed to be visible only to the operator, through management software. Santamarta showed he could access that management software remotely.

“Some of the exposure happened because of misconfiguration issues. It was not solely an issue with the product,” John Sheehy, director of strategic service for IOActive said. “The configuration issue is very fixable. We’ve confirmed that some of them have been fixed.”

Santamarta said that while the risk to troops is high, the risk of bad actors actually being able to use the exploit was only medium.

His research also suggests that slightly larger SATCOM terminals, of the sort used in civilian maritime operations, can be manipulated to shoot nearby people with radio waves in order to cause pain. “Using a specific amount of power, it is possible to create a scenario in which biological tissue is affected, [as well as] electronic and electrical systems. This can be used to create burns or provoke malfunctions in electrical system.” He revealed his work at this year’s Black Hat conference in Las Vegas, Nevada.

Four years ago, Santamarta revealed pervasive problems in satcom systems manufactured by Harris, Hughes, Cobham, Thuraya, JRC, and Iridium.

NEXT STORY: The Future Airman is a Hacker