Researchers were surprised to find that all of these signals were not encrypted
By pointing the receiver at different satellites, the researchers amassed a treasure trove of data that included communications made by U.S. and Mexican military and law enforcement. This information included sensitive information such as the locations of personnel, equipment, and facilities. The university researchers expected the data to be encrypted and were surprised when they discovered that it wasn’t.
“It just completely shocked us. There are some really critical pieces of our infrastructure relying on this satellite ecosystem, and our suspicion was that it would all be encrypted. And just time and time again, every time we found something new, it wasn’t. They assumed that no one was ever going to check and scan all these satellites and see what was out there. That was their method of security. They just really didn’t think anyone would look up.”
-Aaron Schulman, UCSD professor, co-leader of the research team
T-Mobile customers will be happy to learn that just weeks after speaking with the researchers, the carrier quickly encrypted the communications data to prevent them from being grabbed by others. But other companies, including firms that own critical infrastructure in the U.S. that the report calls “vulnerable,” have not followed T-Mobile in improving the security of their satellite systems.
Anyone can set up a satellite receiver without spending a fortune
The researchers only were able to obtain the signals from satellites they could receive in San Diego which they computed to be 15% of the number of operating satellites. This is a scary number because it would seem to reveal that there is a huge amount of data that can be stolen by bad actors using a simple satellite receiver that costs under $1,000. Anyone who sets up a satellite receiver can pick up signals from satellites being sent to remote cell towers, even those thousands of miles away.
Diagram shows the workings of a carrier’s backhaul operations. | Image credit-RFIC Solutions
2,700 phone numbers were obtained by the researches from T-Mobile signals
Cybersecurity expert Matt Green, a computer science professor at Johns Hopkins University, went through the researchers’ report and stated, “It’s crazy. The fact that this much data is going over satellites that anyone can pick up with an antenna is just incredible,” Green says. “This paper will fix a very small part of the problem, but I think a lot of it is not going to change.” What is even scarier is the following comment made by Green: “I would be shocked if this is something that intelligence agencies of any size are not already exploiting.”
In nine hours of recording T-Mobile‘s backhaul satellite communications from their one dish, the researchers were able to collect 2,700 phone numbers, and all of the calls and texts that they received during that time period. It should be pointed out that the researchers could hear or read only one side of the conversations. Phone calls and messages sent to T-Mobile‘s remote towers were obtained by the research team while those sent from the towers to the carrier’s core network would have required another satellite dish.
The U.S. National Security Agency issued a security advisory in 2022 alerting others about the lack of encryption in satellite communications. It is assumed that the NSA and other intelligence agencies are already taking advantage of this vulnerability which means that wireless firms using satellites to transmit voice, text, and data should be examining the security of their backhaul if they haven’t already.
“Iconic Phones” is coming this Fall!
Good news everyone! Over the past year we’ve been working on an exciting passion project of ours and we’re thrilled to announce it will be ready to release in just a few short months.
LEARN MORE AND SIGN UP FOR EARLY BIRD DISCOUNTS HERE
#TMobile #customers #calls #texts #collected #unencrypted #satellite #signals
