Yahoo Finance Secret locations of soldiers working on military bases revealed using satellite flaw
A hacker claims to have found a flaw in satellite communications that allowed him to track the location of soldiers as they move around top secret military bases in conflict zones.
Satellite terminals used by the military to communicate while on remote bases were hijacked by cyber security researcher Robin Santamarta, of IOActive, allowing him to control communications and detect physical locations.
The terminals are essential for soldiers to communicate while in warzones that either have insecure telecommunication networks - or none at all.
Mr Santamarta told the Telegraph he was able to locate three military bases by hacking into the communication systems, two of which were not known to the public.
“The UK is not even the worst affected country,” he warned, claiming that the US’ military operations were particularly vulnerable. The findings are part of a wider project which details several critical vulnerabilities in satellite communication devices widely used in the military, aviation and maritime industry.
Mr Santamarta said one of the flaws could be exploited to expose crew on ships to radio frequency radiation, producing a similar effect to a microwave.
“It is possible to control the direction of antennas, mess with the satellites and force them to transmit electromagnetic energy,” he warned.
It follows warnings from the National Audit Office that Britain’s armed forces are ill-equipped to handle the increasing threat of cyber attacks from Russia and the incoming wave of “electronic warfare” because of a shortage of specialist talent in the UK.
Full details of the hack will be revealed next week at the popular Black Hat hacking conference in Las Vegas where Mr Santamarta will demonstrate how to remotely hack a ship onstage.
Planes "belonging to the biggest airlines in the world" and in use across Europe and the US are also affected by similar flaws, he said. The security researcher claimed he could exploit flaws to access the screens of passengers using cabin WiFi while in the air. Mr Santamarta said he could use the flaw to control crew communications by switching between channels to listen in on conversations between the cockpit and the control room from the ground - a world first.
IOActive is behind some of the most high profile ethical hacks in recent years. A researcher was able to remotely take over a Jeep while it was being driven in 2016 and infiltrating a network of smart meters in the US in 2014.
Mr Santamarta said: “The main concern here is the safety risk for people or devices that are vulnerable,” he said. The ability to disrupt a satellite transponder would allow someone to conduct a coordinated attack."
IOActive has been in contact with the satellite system vendors to alert them to the problems before going public, it said.
The National Cyber Security Centre said it was "vigilant to cyber threats wherever they come from and we are ready to defend against them".
