U.S. Space Force is working on a plan for security researchers to attempt to pwn a live satellite orbiting earth in Hack-A-Sat 4.
At this year’s DEF CON, hundreds of hackers were given access to a satellite, able to manipulate its systems in a way that could render it useless or potentially cause it crash land on the earth.
But thankfully they weren’t tinkering with the real thing. Instead, they were controlling a “flat sat” — the hardware components of an actual satellite stacked on an adjacent workbench.
But just letting hackers at components on the ground isn’t good enough for the U.S. Space Force.
It wants to test the defenses of satellites while they are orbiting earth — although with some key safeguards in place (more about that below). The newest U.S. military service is working on staging a “capture the flag” type contest where teams will be invited to try and break into a satellite while it is actually orbiting thousands of miles above the earth’s surface, Space Force officials told README.
If all goes as planned, the live satellite hacking contest will be the fourth iteration of the so-called “Hack-A-Sat” competition, which is designed to test — and ultimately improve — space cyber defenses. The first contest took place during the virtual DEF CON Safe Mode last year. The next one is scheduled to happen Dec. 11–12, 2021, and eight teams from Poland, Germany and Romania — as well all across the United States — will race to compromise adversary satellite systems while protecting their own.
“The Hack-a-Sat competition helps us identify potential vulnerabilities in our space systems,” explained U.S. Space Force Col. Wallace “Rhet” Turnbull, who runs defensive cyber operations for the USSF Space and Missile Systems Center in Los Angeles.
They’ve already learned how to improve satellite defenses from last year’s contest, he added. “From that, we were able to derive a number of new techniques, tactics and procedures that those teams were using, and then quickly adapt our systems to be able to identify and preempt those attacks.”
Hacking actual spacecraft will be a huge step in the evolution of the Hack-A-Sat contest—made possible by Project Moonlighter, a so-far little-noticed U.S. Space Force effort to shore up satellite cyber defenses. “Moonlighter will allow contestants to take the skills they’ve honed in prior Hack-A-Sat events and apply them to a live operational satellite,” said Capt. Charles “Aaron” Bolen, Space Force project manager for Moonlighter. He called it a “a cyber sandbox in space.”
The Hack-A-Sat booth at the DEF CON Aerospace Village — one of the many specialist areas of the con, each dedicated to a different sub-domain of hacking expertise. Photo by The Hack-A-Sat program is designed to get the global hacker community thinking more about space systems, which are increasingly crucial to daily life through technologies such as GPS. Traditionally, space systems have been the more or less exclusive province of a small and somewhat insular group of government engineers, scientists and academics, mostly with extremely high-level clearances, said Steve Colenzo, technology transfer lead for the Air Force Research Laboratory.
But, “Secrecy doesn’t equal security,” he said—the increasing democratization of space, with start-ups and even amateurs launching into orbit, could prove disastrous if systems were left insecure. And the U.S. government and military needs help to keep malicious attackers out, said Colenzo. “We can’t do this alone. We need the global hacker community to start paying attention and getting involved, otherwise bad things are going to happen.”
Bolen said that Project Moonlighter was still in the early stages, but that the satellite would be architected so as to isolate critical command and control systems from the elements the hacker contestants would be attacking. In addition, the contest controllers would have a way to reset those critical systems to a “known good state,” if they were accidentally impacted by contestants’ activities.
“The full design details of Project Moonlighter are … still in development and awaiting execution of Hack-A-Sat 2 this year, and Hack-A-Sat 3 next year,” he said, adding that having Hack-A-Sat contestants “contribute and feel a large sense of ‘buy-in’ is one of the things that makes Hack-A-Sat and project Moonlighter so exciting to the cyber community.”
Nonetheless, they’ll need to be very careful: Space is getting crowded — tens of thousands of small satellites will be launched over the next five years as Starlink, OneWeb, Amazon’s Project Kuiper and others build their “new space” Low-Earth Orbit constellations. The consequences of a satellite system compromise could be severe. A single orbital vehicle deliberately knocked off course to collide with another could set off a cascading chain reaction — the so-called Kessler effect — capable of destroying dozens or even hundreds of satellites, knocking out internet services and other communications links, or even impacting the ubiquitous satellite-based GPS system.
Based on the amount of interest in the Hack-A-Sat booth at DEF CON this year, there are plenty of hackers itching to take a crack at spacecraft. During the con, attendees had a chance to tinker with a prototype “flat sat.”
It’s the same kind of hardware that contestants in Hack-A-Sat 2 will use in this year’s capture-the-flag event. At DEF CON, a steady stream of the hackers tried their hand at the prototype in the Aerospace Village — one of the many specialist areas of the con, each dedicated to a different sub-domain of hacking expertise.
The set up enabled visitors to try “controlling” the flat sat — sending commands to it from a ground control terminal using Cosmos — a software platform used to control real satellites.
“The key here is we’re letting people get hands-on with this technology,” said Colenzo, “And they’re really just geeking out on it. Tinkering and loving the fact that they learned something new … which is important for this community.”
