The Electronic Pearl Harbour gets a step closer

As I expected we keep finding more and more security vulnerabilities in devices that shouldn’t have them: essential control systems that govern the safety of critical infrastructure. The latest batch have been found by my IOActive colleagues in satellite communication (SATCOM) systems.

IOActive analyzed and reverse-engineered publicly-available firmware updates for technologies manufactured by Harris, Hughes, Cobham, Thuraya, JRC, and Iridium. They discovered multiple, high risk vulnerabilities in all SATCOM device firmware studied by IOActive. These vulnerabilities might enable a malicious hacker to intercept, manipulate, block, and in some cases take control of the physical device. The vulnerabilities included hardcoded credentials, undocumented protocols, insecure protocols, and backdoors.

As I’ve suggested before, we might find that Die Hard 4 was rather understated. 

Enhanced by Zemanta

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I disagree with the Electronic Pearl Harbour thesis:. Organised crime wishes to milk the cow - not kill it. They would far rather have us complacent than responding to a wake-up call. That said, I expect things to come a head this autumn as emplyers recruit dross to make up the numbers on their information security teams. Hence my latest blog http://www.computerweekly.com/blogs/when-it-meets-politics/2014/04/surviving-the-post-heartbleed.html
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close