Why hasn’t anyone been able to hack Starlink yet?


The use of Starlink satellites in Ukraine has made SpaceX a potential target for Russian cyber attacks.

Western intelligence services have already established that Russia is behind the attacks on the Viasat KA-SAT satellite network on the first day of the introduction of Russian troops into Ukraine on February 24, 2022. The cyberattack affected thousands of users across Europe who faced problems with their Internet connection. And the head of SpaceX, Elon Musk, admitted that intruders are constantly trying to attack Starlink. However, according to him, the SpaceX infrastructure is resistant to all attempts to hack or jam the signal.

Although satellites are space objects, in fact, they are computers with embedded systems. However, it is much more difficult to update and maintain these computers than terrestrial ones, since they are literally located off-planet. Here, according to Mathieu Bailly, vice president of the CYSEC information technology company, Starlink has an advantage over operators of older systems.

“Starlink, like Space-X, created its products using modern DevSecOps tools. This is a real breakthrough in terms of maneuverability and security, so it’s not surprising that what older players take months to do, they do in one click,” Bailey told Cybernews.

The problem with standard satellites is that they were created without taking into account modern threats. However, unlike them, the Starlink infrastructure can be safely updated several times a day, reducing the risks from newly identified vulnerabilities.

However, comparing Starlink with the same Viasat would not be quite right. The Starlink constellations number thousands of low-orbit satellites located no higher than 2 thousand km above the Earth’s surface. Viasat also manages dozens of satellites in geostationary orbit at an altitude of more than 35 thousand km.

The only thing in common between both systems is that they are in space, nothing else unites them. In addition, in the attacks on Viasat, the attackers in no way interacted with the satellites themselves, but attacked only ground systems.

In addition, hackers had enough time to study Viasat terminals, reverse-engineer them and search for vulnerabilities, notes An Cui from Red Balloon Security, since the company has been operating satellites for ten years. For comparison, the beta version of the Starlink service was launched only in 2020.

However, hacking Starlink is only a matter of time, Cui believes. Since February 24, about 10 thousand Starlink terminals have been left in Ukraine, which means that sooner or later they will end up in the hands of the Russians.

“I am sure that somewhere in Russia they are already working on Starlink terminals brought from Ukraine. I guarantee they are doing reverse engineering right now. The clock is ticking,” Cui said.

Start a discussion …