Location-tracking devices that communicate with a major satellite network operated by Globalstar can have their transmissions intercepted or mimicked with false data, a US security researcher said yesterday.
Globalstar, of Louisiana, has sold hundreds of thousands or millions of the devices, which are widely used for tracking valuable shipments and assets.
The problem is that unlike Globalstar's satellite phone services, data from the devices is not encrypted in transit, said Synack researcher Colby Moore, who will present his findings at next week's Black Hat security conference in Las Vegas.
Instead, the system changes frequencies and transmits a great deal of inconsequential data that can be discarded once an attacker figures out the methods involved, as Moore did.
Such systems "are kind of fundamentally broken from the get-go", Moore said in a phone interview. "I ended up figuring out how to decode the data in transit." In addition, the system does not make sure the data is coming from the place it claims.
The flaw is an architectural issue that Moore said would be hard or impossible to patch. New software could be written to encrypt the traffic in future devices, but the technology is already embedded inside popular hardware without that functionality and no clear way to install it.
Globalstar representatives did not respond to requests for comment.
Moore said his work would be easy to replicate and that organised crime, intelligence agencies or others may already be eavesdropping on the network.
Tracking-system devices using the Globalstar network are handy for monitoring shipments, sending longitude and latitude coordinates through dozens of low-earth-orbiting satellites. They can also carried by travellers and used for search-and-rescue missions.
Some devices send additional binary signals; for example, reporting whether an alarm has been tripped, which can also be intercepted and decoded or imitated with false information.
Major oil and gas companies are among Globalstar's customers. Moore said he did not know how many other satellite networks could have similar vulnerability to eavesdropping or faked traffic.
Share