Categories: Breaking NewsHacking

Hacking the Iridium network could be very easy

At the last the Chaos Communication Camp, held in Zehdenick, Germany experts demonstrated how to hack the Iridium network and eavesdrop its pager traffic.

At the last edition of the Chaos Communication Camp held in Germany the organizers distributed 4500 rad1o badges, powerful devices running a software that could be used to intercept satellite traffic from the Iridium communications network.

In a talk entitled “Iridium Hacking: please don’t sue us,” the experts Sec and Schneider have demonstrated how to intercept the Iridium pager traffic by using the Camp badge.

The Iridium satellite network is composed of 66 active satellites in low Earth orbit which offers voice and data communications for satellite phones, pagers, and integrated transceivers worldwide.

The Iridium satellite network is considered obsolete, its successor, the Iridium NEXT, is planned to be launched this year.

Among the user of the Iridium network there is the Pentagon, unfortunately the project developed by Motorola in 1980s lack of security by design as explained by the researchers in their talk.

“The problem,” noticed Sec, “isn’t that Iridium has poor security. It’s that it has no security.” “It’s kind of a myth that satellite hacking is hard,” schneider said. “You are all satellite hackers now. You have the equipment. Go have fun with it.”

The Iridium network has a limited data bandwidth, just 2.4 Kb/sec, its use is limited to specific applications. Iridium network is currently used for tracking purposes in logistic and transportation.

Just to give you an example, the Iridium pager traffic doesn’t use encryption by default and the majority of traffic is sent in clear text.

A presentation leaked by Wikileaks in 2008 states that the Iridium network is difficult to hack, but things are quite different.

“the complexity of the Iridium air interface makes the challenge of developing an Iridium L-Band monitoring device very difficult and probably beyond the reach of all but the most determined adversaries.”

The Iridium system could be hacked with a cheap software-defined radio like the rad1o badge or HackRF.

The majority of the pager traffic could be easily eavesdropping with off-the-shelf producTs and the software used by the researchers.

“With just the rad1o badge and onboard PCB antenna, you can collect 22 percent of all the packets you can receive with a proper Iridium antenna,” Schneider said “You just load the software on your PC, you attach the rad1o badge and you can start receiving Iridium pager messages,” “So happy hacking with that.”

The experts highlighted that the badge has a limited processing capability, this implies that Iridium traffic analysis needs a specific software (Iridium toolchain) that could run on a laptop or a cheap Raspberry Pi 2.

“A Raspberry Pi 2 is just beefy enough to process the traffic,” Sec said. “Short-burst data stuff is much more complex”.

During the talk Sec gave a live demo of the Iridium traffic eavesdropping, the expert demonstrated how to capture and decode the Iridium pager traffic.

This is just the beginning, Sec asked the audience for help locating a copy of the Iridium systems specifications, next step is to extend the features implemented by the toolchain that could be used in the future to decode AMS (aircraft communications) and RUDICS (internet) streams .

“If anyone happens to come across this document, we still want it,” Sec said, “and we will not ask questions.”

Let me suggest to give a look the slides presented by the experts.

 

Pierluigi Paganini

(Security Affairs – Iridium network, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

London hospitals canceled over 800 operations in the week after Synnovis ransomware attack

NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were…

9 hours ago

DORA Compliance Strategy for Business Leaders

In January 2025, European financial and insurance institutions, their business partners and providers, must comply…

1 day ago

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report…

2 days ago

City of Cleveland still working to fully restore systems impacted by a cyber attack

Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services.…

2 days ago

Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones

Ukraine’s security service (SBU) detained two individuals accused of supporting Russian intelligence in spreading propaganda…

2 days ago

Google fixed an actively exploited zero-day in the Pixel Firmware

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively…

3 days ago

This website uses cookies.