Edd Salkield, Sebastian Köhler, Simon Birnbach, Richard Baker (University of Oxford). Martin Strohmeier (armasuisse S+T), Ivan Martinovic (University of Oxford)
Presenter: Edd Salkield
Data from Earth Observation satellites has become crucial in private enterprises, research applications, and in coordinating national responses to events such as forest fires. These purposes are supported by data derived from a variety of satellites, some of which do not secure the wireless downlink channel effectively. This opens the door for modern adversaries to conduct spoofing attacks by overshadowing the signal with commercially available radio equipment.
In this paper, we assess the vulnerability of current Earth Observation systems to spoofing attacks conducted at the physical layer. The effect of these attacks is amplified since the data is received at dedicated ground stations and distributed to hundreds of downstream systems, which are themselves not designed with security in mind. Specifically, we take NASA’s live forest fire detection system as a case study, and demonstrate that the attacker can achieve arbitrary manipulation of fires in the derived dataset to trigger false emergency responses or mislead crisis analysis. We also assess the attack surface presented by ground station software which implicitly trusts data from the RF port. Against the NASA system we uncover several new vulnerabilities that can be exploited to stealthily deny service.
We conclude with a discussion of physical-layer counter-measures to detect and defend against spoofing, which can be implemented in existing deployments at the ground station.