Another Cobham satellite communications suite for vessels called Cobham SAILOR 6000 uses an insecure thraneLINK protocol that can be used by attackers to take full control of the suite, the IOActive researchers said. Cobham SAILOR 6000 handles Global Maritime Distress and Safety System (GMDSS) communications which includes transmitting or receiving ship-to-shore, shore-to-ship and ship-to-ship distress alerts; as well as rescue coordinating communications; on-scene communications; signals for localization and maritime safety information among other things.
Compromising the Cobham SAILOR 6000 communications suite poses a critical threat to the ship's safety, the researchers said.
According to IOActive, another vulnerable satellite communications system is Cobham AVIATOR 700, which is used on aircraft, including military craft. The system is available in two versions certified for the lowest levels of risk that their failure might pose to the aircraft, crew and passengers — levels E (no effect) and D (minor).
"IOActive was able to demonstrate that it is possible to compromise a system certified for level D that interacts with devices certified for level A [catastrophic risk], potentially putting the level A devices integrity at risk," the researchers said.
"More specifically, a successful attack could compromise control of the satellite link channel used by the Future Air Navigation System (FANS), Controller Pilot Data Link Communications (CPDLC) or Aircraft Communications Addressing and Reporting System (ACARS)," the researchers said. "A malfunction of these subsystems could pose a safety threat for the entire aircraft."
The published paper does not contain any technical details about the identified flaws in order to avoid their exploitation by malicious parties. However, the researchers plan to release such details later this year.
IOActive claims that it worked with the CERT Coordination Center (CERT/CC) to alert affected vendors about the vulnerabilities in their products.
"Unfortunately, except for Iridium, the vendors did not engage in addressing this situation," the researchers said. "They did not respond to a series of requests sent by the CERT Coordination Center and/or its partners."
The team recommends that SATCOM terminals manufacturers and resellers remove publicly accessible copies of the device firmware updates from their websites and strictly control access to such software in the future in order to prevent others from identifying the same or other vulnerabilities.
"If one of these affected devices can be compromised, the entire SATCOM infrastructure could be at risk," the researchers said. "Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities."
"Iridium has been in contact with CERT since they brought these concerns to our attention and we have taken the necessary steps in the Iridium network to alleviate the issue," Iridium Communications said in an emailed statement. "After extensive research internally, we have determined that the risk to Iridium subscribers is minimal, but we are taking precautionary measures to safeguard our users."
Harris, Hughes Network Systems, Cobham, Thuraya Telecommunications, JRC did not immediately respond to requests for comment on Friday.
Sign up for CIO Asia eNewsletters.