Cybersecurity researchers will show the process of seizing control of a European Space Agency (ESA) satellite in a demonstration that has been described as the world's first ethical satellite hacking exercise. A group of experts from Thales and members of the ESA team will demonstrate the attack scenario at the CYSAT conference in Paris.
The attack targets OPS-SAT, a shoebox-sized nanosatellite that was launched in December 2019 and contains "an experimental computer 10 times more powerful than any modern ESA spacecraft."
The purpose of OPS-SAT is to eliminate the risks associated with testing flight control systems in real time. Thales said ESA maintained access to the satellite's systems throughout the exercise so that it could return to normal operations thereafter.
The exercise is aimed at raising awareness of potential vulnerabilities, as well as strengthening the cybersecurity of satellites and space programs in general, including both ground segments and orbital systems.
While the full nature of the Thales demonstration is not yet clear, the company says its team was able to capture a number of systems used to control the demonstration satellite in a traditional cyberattack.
The company said that pentesters took advantage of the "standard access rights to the satellite to gain control over its application environment" and then exploited vulnerabilities and injected malicious code into the satellite's systems.
The attack made it possible to intercept data sent back to Earth, in particular by altering images taken by the satellite's camera, and to achieve other goals, such as masking selected geographic areas on satellite images while hiding their activities in order to avoid detection by the Agency.
The demonstration took place due to the fact that space cybersecurity in general has attracted more attention from experts. Moreover, the Cyberspace Solarium Commission recently called on the US to officially designate space as a critical infrastructure sector and take steps to protect satellites and other space systems from cyberattacks.