ESA - Hacking the aerospace industry - should we worry ?
0 likes•792 views
The document discusses the vulnerabilities in the aerospace industry, detailing potential threats and attack vectors, including hacking software, hardware, and processes within space operations. It identifies various types of attackers, from amateurs to professionals, and emphasizes the importance of protecting sensitive information and systems. The author advocates for enhanced security measures and public awareness regarding these risks.
ESA - Hacking the aerospace industry - should we worry ?
- 1. Hacking the aerospace industry – should we worry? Jakub Kaluzny European Space Agency, Madrid, 2015
- 2. whoami ESAC project in 2012, beer&tapas lover Sr. IT Security Consultant at SecuRing • Consulting all phases of development • penetration tests • high-risk applications and systems Researcher • Hadoop, FOREX, MFP printers, proprietary network protocols • Aerospace industry?
- 3. Agenda – hacking space industry Who is your enemy? What can be hacked? How to protect?
- 4. WHO?
- 7. Whitehats
- 10. WHAT?
- 11. What can be hacked? Software • Company website Hardware Process People
- 14. What can be hacked? Software • Company website • Web app controlling telescope Hardware Process People
- 15. Web application controlling telescope http://hdwyn.com/european_extremely_large_telescope_chili_hd-wallpaper-89939/
- 16. Web application controlling telescope http://hdwyn.com/european_extremely_large_telescope_chili_hd-wallpaper-89939/ http://www.damncoolpictures.com/2014/11/these-photos-will-definitely-mess-with.html
- 17. What can be hacked? Software • Company website • Web app controlling telescope • Operations centre Hardware Process People
- 19. Goldeneye weapon of mass destruction http://jamesbond.wikia.com/wiki/Satellites
- 20. What can be hacked? Software Hardware • Take over a satellite Process People
- 21. Tamil Tigers hacked a satellite http://pixgood.com/aryabhatta-satellite.html
- 22. GPS clocks
- 23. What can be hacked? Software Hardware • Take over a satellite • Jamming / tampering GPS signal Process People
- 24. Hacking drones by tampering GPS signal
- 25. Tomorrow never dies GPS signal jamming
- 26. What can be hacked? Software Hardware • Take over a satellite • Jamming / tampering GPS signal • Communication with rockets / spacecrafts / space stations Process People
- 27. Amateur radio ham contacts ISS
- 28. What can be hacked? Software Hardware Process • Remote software update People
- 29. Voyager 1 https://en.wikipedia.org/wiki/Voyager_1
- 30. Exported encryption is bad enough
- 31. What can be hacked? Software Hardware Process • Remotely updating software • Deploying software on a telescope / spaceship / whatever People
- 33. SCADA worm
- 34. What can be hacked? Software Hardware Process People • ?
- 35. Phishing
- 37. HOW TO PROTECT?
- 38. Who can possibly attack your solution? How can he achieve it? What can you do? How to protect? http://the-tech-guy.net/2012/10/30/an-ultimate-solution-that-stops-people-from-hacking-your- passwords/
- 39. Should we worry?
- 40. Thank you Now go and change your passwords [email protected] MORE THAN SECURITY TESTING Free security consultancy service: www.securing.pl/konsultacje @j_kaluzny