Edd Salkield, Sebastian Köhler, Simon Birnbach, Richard Baker (University of Oxford). Martin Strohmeier (armasuisse S+T), Ivan Martinovic (University of Oxford)

Presenter: Edd Salkield

Data from Earth Observation satellites has become crucial in private enterprises, research applications, and in coordinating national responses to events such as forest fires. These purposes are supported by data derived from a variety of satellites, some of which do not secure the wireless downlink channel effectively. This opens the door for modern adversaries to conduct spoofing attacks by overshadowing the signal with commercially available radio equipment.

In this paper, we assess the vulnerability of current Earth Observation systems to spoofing attacks conducted at the physical layer. The effect of these attacks is amplified since the data is received at dedicated ground stations and distributed to hundreds of downstream systems, which are themselves not designed with security in mind. Specifically, we take NASA’s live forest fire detection system as a case study, and demonstrate that the attacker can achieve arbitrary manipulation of fires in the derived dataset to trigger false emergency responses or mislead crisis analysis. We also assess the attack surface presented by ground station software which implicitly trusts data from the RF port. Against the NASA system we uncover several new vulnerabilities that can be exploited to stealthily deny service.

We conclude with a discussion of physical-layer counter-measures to detect and defend against spoofing, which can be implemented in existing deployments at the ground station.

View More Papers

Backdoor Attacks Against Dataset Distillation

Yugeng Liu (CISPA Helmholtz Center for Information Security), Zheng Li (CISPA Helmholtz Center for Information Security), Michael Backes (CISPA Helmholtz...

Read More

Tag of the Dead: How Terminated SaaS Tags Become...

Takahito Sakamoto, Takuya Murozono (DataSign Inc)

Read More

Power to the Data Defenders: Human-Centered Disclosure Risk Calibration...

Kaustav Bhattacharjee, Aritra Dasgupta (New Jersey Institute of Technology)

Read More