1 00:00:00,040 --> 00:00:02,200 Speaker 1: I was able to see the sort of traffic people 2 00:00:02,200 --> 00:00:06,080 Speaker 1: were sending over their satellite Internet connections, so stuff like 3 00:00:06,280 --> 00:00:08,600 Speaker 1: text messages from people who are using in flight Wi 4 00:00:08,640 --> 00:00:11,600 Speaker 1: Fi services, or things like passengers on cruise ships when 5 00:00:11,600 --> 00:00:14,400 Speaker 1: they were making payments at point of sales systems. Also 6 00:00:14,440 --> 00:00:17,799 Speaker 1: a lot of like passport numbers, really concerning data to 7 00:00:17,840 --> 00:00:25,040 Speaker 1: be getting in clear text from Bloomberg News and iHeartRadio. 8 00:00:25,360 --> 00:00:32,320 Speaker 1: It's the big take, I'm West Kasova today. The latest 9 00:00:32,360 --> 00:00:46,280 Speaker 1: target for hackers satellites. Thousands of satellites circling high above 10 00:00:46,320 --> 00:00:48,920 Speaker 1: our heads make it possible to do many of the 11 00:00:48,960 --> 00:00:52,080 Speaker 1: things we take for granted every day. When you send 12 00:00:52,080 --> 00:00:55,000 Speaker 1: it texts, find your way with Google Maps, use your 13 00:00:55,040 --> 00:00:59,000 Speaker 1: credit card, even check the time on your phone, chances 14 00:00:59,040 --> 00:01:01,760 Speaker 1: are some bit of your info was beamed up to 15 00:01:01,840 --> 00:01:06,319 Speaker 1: a satellite from one place and beamed back down instantly 16 00:01:06,360 --> 00:01:09,200 Speaker 1: to where it needed to go. The downside to this 17 00:01:09,360 --> 00:01:15,200 Speaker 1: invisible miracle of technology, satellite systems aren't always as secure 18 00:01:15,440 --> 00:01:17,840 Speaker 1: as they should be, and this means they can be 19 00:01:18,000 --> 00:01:22,080 Speaker 1: easy targets for hackers looking to steal information for profit, 20 00:01:22,560 --> 00:01:26,720 Speaker 1: or governments looking to steal secrets or cripple the communications 21 00:01:26,760 --> 00:01:30,360 Speaker 1: systems of their rivals. What's extraordinary is it seems that 22 00:01:30,360 --> 00:01:32,760 Speaker 1: the Russians, if it were them, were prepared to take 23 00:01:32,840 --> 00:01:37,920 Speaker 1: extraordinary risks because they were aiming for the Ukrainian military. 24 00:01:38,360 --> 00:01:42,720 Speaker 1: That's my Bloomberg colleague Katrina Manson. She investigated a real 25 00:01:42,760 --> 00:01:46,319 Speaker 1: life example of this, a mysterious satellite hack on the 26 00:01:46,480 --> 00:01:49,840 Speaker 1: day Russia invaded Ukraine, and she joins me now to 27 00:01:49,960 --> 00:01:54,760 Speaker 1: tell us what she found. Katrina, can you start by 28 00:01:55,280 --> 00:02:01,160 Speaker 1: describing the satellite hack that happened in February of twenty 29 00:02:01,200 --> 00:02:03,800 Speaker 1: twenty two, just a little over a year ago, as 30 00:02:04,000 --> 00:02:07,440 Speaker 1: Vladimir Putin was saying he was launching a special military 31 00:02:07,440 --> 00:02:13,880 Speaker 1: operation on Ukraine. Ukrainian military communication connections that rely on 32 00:02:14,240 --> 00:02:16,600 Speaker 1: modems that link up to a satellite, we're going dead. 33 00:02:17,200 --> 00:02:20,720 Speaker 1: And it turned out that satellite communications were going dead 34 00:02:21,080 --> 00:02:26,119 Speaker 1: across Europe. These are all broadband internet connections that rely 35 00:02:26,240 --> 00:02:30,840 Speaker 1: on one single satellite, and it provides satellite connections to 36 00:02:31,639 --> 00:02:36,280 Speaker 1: more than one hundred thousand users across Europe. But specifically, 37 00:02:36,360 --> 00:02:39,320 Speaker 1: the thing that mattered so much to the Ukrainian military. 38 00:02:39,639 --> 00:02:43,760 Speaker 1: So imagine military are often in frontline positions in remote 39 00:02:43,760 --> 00:02:46,600 Speaker 1: locations where they can't get Internet the usual way you 40 00:02:46,680 --> 00:02:50,160 Speaker 1: would through a static connection. This allows you to dial 41 00:02:50,240 --> 00:02:53,960 Speaker 1: up essentially to connect to a satellite more than twenty 42 00:02:53,960 --> 00:02:57,480 Speaker 1: thousand miles up in space, and that's how you get 43 00:02:57,520 --> 00:03:01,440 Speaker 1: your Internet connection. And that's what went dead across Ukraine 44 00:03:01,680 --> 00:03:04,680 Speaker 1: and Europe. Now, this satellite is owned by a company 45 00:03:04,800 --> 00:03:09,360 Speaker 1: named Viasat. That's a US company based in California, so 46 00:03:09,480 --> 00:03:13,600 Speaker 1: a continent away. Users who rely on that satellite, their 47 00:03:13,600 --> 00:03:19,560 Speaker 1: connections started going dead. So when that happened, what actually 48 00:03:19,639 --> 00:03:23,040 Speaker 1: was happening? Why were these connections going dead? After a 49 00:03:23,120 --> 00:03:26,480 Speaker 1: lot of research and forensic analysis and all the things 50 00:03:26,480 --> 00:03:29,160 Speaker 1: that people have to do to what's called reverse engineer 51 00:03:29,280 --> 00:03:30,920 Speaker 1: a hack like this, and it turns out to have 52 00:03:30,960 --> 00:03:35,640 Speaker 1: been a very complicated hack. Attackers breached what's called a VPN, 53 00:03:35,640 --> 00:03:38,400 Speaker 1: a virtual private network that's an entry point into a 54 00:03:38,440 --> 00:03:41,600 Speaker 1: network that is meant to be secured. It wasn't. There 55 00:03:41,680 --> 00:03:44,240 Speaker 1: was what's called a misconfiguration. We don't have much more 56 00:03:44,240 --> 00:03:47,280 Speaker 1: information about that. They got into the network and then 57 00:03:47,320 --> 00:03:50,800 Speaker 1: they moved across the network again, another thing they shouldn't 58 00:03:50,800 --> 00:03:53,400 Speaker 1: be able to do. There should be doors, as it were, 59 00:03:53,440 --> 00:03:57,080 Speaker 1: fire doors preventing you from making the next move. They 60 00:03:57,120 --> 00:04:01,080 Speaker 1: get to a network management server that's essentially something that 61 00:04:01,400 --> 00:04:05,240 Speaker 1: controls the flow of information. They put in a malicious 62 00:04:05,280 --> 00:04:10,000 Speaker 1: software toolkit that's basically the bad instruction, and then that 63 00:04:10,040 --> 00:04:14,480 Speaker 1: bad instruction is sent to modems across Ukraine and Europe 64 00:04:14,880 --> 00:04:19,120 Speaker 1: and it wipes the modems. It overrides a part of 65 00:04:19,120 --> 00:04:22,520 Speaker 1: the modem which is used for memory, and the modems 66 00:04:22,520 --> 00:04:24,800 Speaker 1: are no longer operable, they can no longer make that 67 00:04:24,880 --> 00:04:28,520 Speaker 1: connection to the satellite. The rest of the system get online. 68 00:04:28,720 --> 00:04:31,760 Speaker 1: So essentially a piece of malware was distributed throughout the 69 00:04:31,760 --> 00:04:35,440 Speaker 1: network and it fried the modems. It's a really extraordinary 70 00:04:35,480 --> 00:04:39,280 Speaker 1: attack because people connect to the Internet through the satellite 71 00:04:39,480 --> 00:04:41,640 Speaker 1: just via your home moodem. That's the same thing that 72 00:04:41,720 --> 00:04:44,400 Speaker 1: gets the Internet signal into your house, and then it's 73 00:04:44,400 --> 00:04:47,040 Speaker 1: often distributed through a router so you can connect via 74 00:04:47,120 --> 00:04:50,560 Speaker 1: Wi Fi. That was the ultimate target of the attack. 75 00:04:50,680 --> 00:04:54,560 Speaker 1: So more than forty five thousand modems that connect to 76 00:04:54,560 --> 00:04:59,240 Speaker 1: the satellite system effectively were wiped. And when they were wiped, 77 00:04:59,240 --> 00:05:02,760 Speaker 1: they couldn't make the connection. So they determine that this 78 00:05:03,080 --> 00:05:07,320 Speaker 1: was a hack. Do they know who did the hacking? Well, interestingly, 79 00:05:07,600 --> 00:05:10,760 Speaker 1: vias at the company that owned the satellite and its partner, 80 00:05:11,200 --> 00:05:14,440 Speaker 1: Utel Sat that's a French company that ran the network 81 00:05:14,440 --> 00:05:18,120 Speaker 1: in partnership with Viasat, have never said They have only 82 00:05:18,120 --> 00:05:22,640 Speaker 1: ever said attackers. When I press them, they explain that 83 00:05:22,680 --> 00:05:26,600 Speaker 1: they are quite cage in order to preserve the network. 84 00:05:27,000 --> 00:05:29,839 Speaker 1: What did happen is it fell to countries. It fell 85 00:05:29,920 --> 00:05:32,839 Speaker 1: to the European Union, to the US, to the UK, 86 00:05:33,600 --> 00:05:38,680 Speaker 1: Australia and Canada to blame Russia And what basis did 87 00:05:38,680 --> 00:05:42,440 Speaker 1: they blame Russia for being responsible for this attack? US 88 00:05:42,480 --> 00:05:45,479 Speaker 1: intelligence spent something like four weeks looking into this attack. 89 00:05:45,760 --> 00:05:48,479 Speaker 1: At the moment that the attack happened, via SAT told 90 00:05:48,920 --> 00:05:52,159 Speaker 1: defense contractors and the US government through a specific way 91 00:05:52,160 --> 00:05:56,000 Speaker 1: that they share information because that same satellite that provides 92 00:05:56,520 --> 00:05:59,800 Speaker 1: your average Internet for users at home who just want 93 00:05:59,839 --> 00:06:03,599 Speaker 1: to stream movies or go on the Internet, the same 94 00:06:03,640 --> 00:06:07,680 Speaker 1: satellite also provides sensitive government services. It's a different part 95 00:06:07,720 --> 00:06:11,520 Speaker 1: of the satellite, but bias that immediately informed its government partners, 96 00:06:11,880 --> 00:06:15,520 Speaker 1: and the US launched an intelligence investigation into what had happened. 97 00:06:16,000 --> 00:06:19,600 Speaker 1: So did intelligence services in France and the UK, and 98 00:06:19,720 --> 00:06:23,839 Speaker 1: after four weeks, US intelligence determined that the GRU were 99 00:06:23,839 --> 00:06:28,320 Speaker 1: the attackers. The GRU is a Russian military intelligence unit 100 00:06:28,400 --> 00:06:31,880 Speaker 1: that has acquired quite a reputation for hacking. Do they 101 00:06:31,920 --> 00:06:33,720 Speaker 1: say with certainty that it was the Russians so they 102 00:06:33,760 --> 00:06:36,560 Speaker 1: just suspected? How were they able to determine that it 103 00:06:36,640 --> 00:06:40,919 Speaker 1: was actually the GRU. They haven't said much about that, 104 00:06:40,960 --> 00:06:44,080 Speaker 1: and in fact, in the public attribution, I think it's 105 00:06:44,120 --> 00:06:48,080 Speaker 1: only one country, Estonia, that has ever publicly labeled it 106 00:06:48,240 --> 00:06:52,680 Speaker 1: as the GRU. So all of these assessments have stayed private. 107 00:06:52,920 --> 00:06:58,360 Speaker 1: But the EU blamed clearly Russia. Others blamed Russian military hackers. 108 00:06:58,600 --> 00:07:01,400 Speaker 1: So there's a range of public contribution, but their private 109 00:07:01,400 --> 00:07:04,320 Speaker 1: work of the intelligence community is not something that anyone's 110 00:07:04,480 --> 00:07:08,320 Speaker 1: made public. And I imagine that the Russians take exception 111 00:07:08,400 --> 00:07:12,880 Speaker 1: to this conclusion. I did speak to the Russian embassy 112 00:07:12,960 --> 00:07:17,040 Speaker 1: in Washington, DC, and the statement they sent me, I think, said, 113 00:07:17,120 --> 00:07:21,920 Speaker 1: this is total nonsense. Internet users who were customers of 114 00:07:21,960 --> 00:07:25,480 Speaker 1: this satellite had their Internet and knacked out, but they 115 00:07:25,520 --> 00:07:29,560 Speaker 1: weren't really the target of this hack, is there? Right? Yeah? 116 00:07:29,600 --> 00:07:31,840 Speaker 1: What so extraordinary is it seems that the Russians, if 117 00:07:31,840 --> 00:07:35,120 Speaker 1: it were them, were prepared to take extraordinary risks because 118 00:07:35,560 --> 00:07:40,320 Speaker 1: they were aiming for the Ukrainian military communications and that's 119 00:07:40,320 --> 00:07:43,680 Speaker 1: what was knocked out. But there was what's called overspill. 120 00:07:43,840 --> 00:07:46,400 Speaker 1: So I'm told that they knew that the attack that 121 00:07:46,440 --> 00:07:50,480 Speaker 1: they pursued would affect other countries. And not only did 122 00:07:50,480 --> 00:07:54,120 Speaker 1: it affect other countries, they were NATO countries, and it 123 00:07:54,200 --> 00:07:57,880 Speaker 1: wasn't just people sitting at home, it was critical infrastructure. 124 00:07:57,960 --> 00:08:02,640 Speaker 1: So five thousand, eight hundred systems that monitor wind turbines 125 00:08:02,680 --> 00:08:06,520 Speaker 1: in Germany and across Europe, those monitoring systems were knocked out. 126 00:08:06,520 --> 00:08:09,920 Speaker 1: That counts as critical infrastructure, which is protected, and the 127 00:08:10,000 --> 00:08:12,720 Speaker 1: other is just sitting at home being on internet. Internet 128 00:08:12,720 --> 00:08:16,840 Speaker 1: communications are considered critical infrastructure. All of that is significant 129 00:08:16,880 --> 00:08:19,480 Speaker 1: because it raises the question of whether NATO had any 130 00:08:19,920 --> 00:08:25,080 Speaker 1: responsibility or potential to respond. Article five, which is that 131 00:08:25,440 --> 00:08:28,240 Speaker 1: mutual defense clause, the idea that if one is attacked, 132 00:08:28,600 --> 00:08:32,400 Speaker 1: everyone is attacked and you can respond, has been very 133 00:08:32,440 --> 00:08:36,200 Speaker 1: clearly expanded to include cyber No one's ever acted on 134 00:08:36,240 --> 00:08:38,720 Speaker 1: that yet, but there, of course there was potential for 135 00:08:38,840 --> 00:08:42,199 Speaker 1: NATO to say we two have been attacked. What was 136 00:08:42,240 --> 00:08:44,840 Speaker 1: the file out would eventually happen? How did they or 137 00:08:44,960 --> 00:08:48,360 Speaker 1: did they fix the problem. They ended up having to 138 00:08:48,360 --> 00:08:50,880 Speaker 1: send out more than forty five thousand modems and this 139 00:08:50,960 --> 00:08:55,280 Speaker 1: took weeks. They say that they prioritized getting modems to 140 00:08:55,559 --> 00:08:59,000 Speaker 1: Ukrainian distributors, so that was their main effort. And then 141 00:08:59,040 --> 00:09:01,760 Speaker 1: I think the other thing that's really interesting is the 142 00:09:01,880 --> 00:09:05,280 Speaker 1: US led a quiet diplomatic campaign over the course of 143 00:09:05,320 --> 00:09:10,520 Speaker 1: six weeks. Once they got that internal decision or assessment 144 00:09:10,559 --> 00:09:13,439 Speaker 1: that it was the gru the Russians military hackers who 145 00:09:13,440 --> 00:09:16,480 Speaker 1: were responsible for this, they tried to commence the European 146 00:09:16,600 --> 00:09:19,000 Speaker 1: Union that this was the case as well. They shared 147 00:09:19,040 --> 00:09:21,600 Speaker 1: technical information and then they went above and beyond and 148 00:09:21,640 --> 00:09:25,880 Speaker 1: shared additional intelligence information with two key members of the 149 00:09:25,920 --> 00:09:29,320 Speaker 1: European Union who were also the biggest victims of this 150 00:09:29,440 --> 00:09:33,360 Speaker 1: attack outside of Ukraine, France and Germany. And that is 151 00:09:33,440 --> 00:09:38,080 Speaker 1: so important because they are also the most influential members 152 00:09:38,160 --> 00:09:41,079 Speaker 1: of the European Union. And they have also historically been 153 00:09:41,240 --> 00:09:45,120 Speaker 1: very reluctant to blame anyone for attacks in public, even 154 00:09:45,120 --> 00:09:48,160 Speaker 1: if they reached that same assessment in private. They don't 155 00:09:48,200 --> 00:09:52,800 Speaker 1: tend to attribute attacks because of two main reasons. Really. One, 156 00:09:53,200 --> 00:09:56,680 Speaker 1: you can make things worse, you can incite attacks against 157 00:09:56,720 --> 00:09:59,840 Speaker 1: yourself and you could be wrong. It's quite difficult to 158 00:09:59,840 --> 00:10:03,280 Speaker 1: do attribution. And a ladder third. Germany in particular, was 159 00:10:03,360 --> 00:10:06,920 Speaker 1: navigating very complex relations with Russia right at the start 160 00:10:06,960 --> 00:10:10,760 Speaker 1: of that invasion because it took them so much by surprise, 161 00:10:11,120 --> 00:10:13,800 Speaker 1: and figuring out what their response would be of course 162 00:10:14,000 --> 00:10:18,320 Speaker 1: changes the rest of European history. In the end, did 163 00:10:18,360 --> 00:10:22,120 Speaker 1: the alleged target of this attack, the Ukrainian military, suffer 164 00:10:22,240 --> 00:10:24,560 Speaker 1: big setbacks in the early days of the war because 165 00:10:24,559 --> 00:10:26,760 Speaker 1: of this. Was it successful in carrying out what it 166 00:10:26,760 --> 00:10:30,880 Speaker 1: was trying to do? One Ukrainian cyber official said they 167 00:10:30,880 --> 00:10:33,720 Speaker 1: suffered a really huge loss in communications at the start 168 00:10:33,760 --> 00:10:36,400 Speaker 1: of the war. That's pretty much the most they've ever 169 00:10:36,480 --> 00:10:39,760 Speaker 1: put on record about this. My understanding is that two 170 00:10:39,800 --> 00:10:43,480 Speaker 1: main things were affected. Military communications. Command and control. Your 171 00:10:43,480 --> 00:10:46,480 Speaker 1: ability to reach your frontline troops and say move your 172 00:10:46,480 --> 00:10:50,839 Speaker 1: troops here really really matters at the start of any invasion, 173 00:10:50,880 --> 00:10:53,560 Speaker 1: and particularly this invasion, which, as we know now, the 174 00:10:53,640 --> 00:10:56,319 Speaker 1: Russians were intending to take the capital within three days. 175 00:10:56,320 --> 00:10:59,079 Speaker 1: This was intended to be a blitz quig, so disabling 176 00:10:59,120 --> 00:11:01,760 Speaker 1: satellite communication and the ability for the military to move 177 00:11:01,760 --> 00:11:05,440 Speaker 1: around and respond was an attempt to stave off any 178 00:11:05,480 --> 00:11:08,760 Speaker 1: counterattacked by the Ukrainians. Ultimately it did not work, but 179 00:11:08,840 --> 00:11:11,440 Speaker 1: that was what I'm told is the intention. The other 180 00:11:11,480 --> 00:11:14,880 Speaker 1: thing is that drones for espionage for tracking where the 181 00:11:14,920 --> 00:11:18,400 Speaker 1: Russians are rely on satellite internet, and I'm told that 182 00:11:18,440 --> 00:11:22,120 Speaker 1: it affected that as well. I think what's interesting about 183 00:11:22,160 --> 00:11:24,439 Speaker 1: this is the Ukrainians were able to come back very 184 00:11:24,520 --> 00:11:27,800 Speaker 1: very quickly, essentially because of a tweet to Elon Musk 185 00:11:28,040 --> 00:11:31,920 Speaker 1: and saying can we please have starlink. Starlink is the 186 00:11:32,040 --> 00:11:36,080 Speaker 1: satellite system owned by SpaceX's Elon Musk SpaceX that provides 187 00:11:36,160 --> 00:11:40,280 Speaker 1: an equivalent satellite Internet. It works in low Earth orbits, 188 00:11:40,360 --> 00:11:44,640 Speaker 1: so it has multiple thousands in fact, of satellites circulating 189 00:11:44,640 --> 00:11:47,360 Speaker 1: the Earth, so it's harder to take out a single satellite, 190 00:11:47,360 --> 00:11:51,079 Speaker 1: whereas the vias system relied on a geostationary satellite much 191 00:11:51,200 --> 00:11:55,199 Speaker 1: higher up and just that one single satellite. Vias AT 192 00:11:55,280 --> 00:11:59,040 Speaker 1: continues to face threats against this network. They told me 193 00:11:59,080 --> 00:12:03,120 Speaker 1: they face on and dynamic threats even up to today. 194 00:12:03,280 --> 00:12:06,600 Speaker 1: So although nothing has been successful at all in the 195 00:12:06,720 --> 00:12:09,880 Speaker 1: way that that February attack was last year, it certainly 196 00:12:09,880 --> 00:12:22,920 Speaker 1: could conceptually happen again. Our conversation continues after the break, Katrina, 197 00:12:23,000 --> 00:12:26,120 Speaker 1: what are our governments and companies doing to try to 198 00:12:26,480 --> 00:12:30,840 Speaker 1: harden their systems to wark future attacks. I think the 199 00:12:30,840 --> 00:12:33,760 Speaker 1: answer there is not enough. That's certainly what the researchers 200 00:12:33,840 --> 00:12:37,080 Speaker 1: I speak to are saying. But there is a push 201 00:12:37,200 --> 00:12:41,640 Speaker 1: to develop standards. These are minimum cybersecurity standards that affect 202 00:12:41,679 --> 00:12:45,840 Speaker 1: all parts of code in the satellite, encrypting data in 203 00:12:45,840 --> 00:12:49,080 Speaker 1: that link, raising standards across the board. But this is 204 00:12:49,080 --> 00:12:53,360 Speaker 1: a process that is really just beginning today. Something like 205 00:12:53,520 --> 00:12:57,000 Speaker 1: five thousand active satellites are in orbit around the Earth. 206 00:12:57,040 --> 00:12:59,559 Speaker 1: That's already a huge amount to try and protect, given 207 00:12:59,559 --> 00:13:02,839 Speaker 1: you also have all the associated systems that make them work. 208 00:13:03,240 --> 00:13:06,000 Speaker 1: This is growing so fast that I think that's why 209 00:13:06,000 --> 00:13:08,040 Speaker 1: it's been such a wake up call to the industry. 210 00:13:08,440 --> 00:13:11,360 Speaker 1: By twenty thirty, some high end estimates suggest that there 211 00:13:11,400 --> 00:13:14,720 Speaker 1: could be one hundred thousand active satellites in orbits, So 212 00:13:14,760 --> 00:13:16,800 Speaker 1: from five thousand to day to one hundred thousand in 213 00:13:16,800 --> 00:13:20,640 Speaker 1: the space of seven years. This problem is so set 214 00:13:20,800 --> 00:13:23,320 Speaker 1: to rise, and there are so many different ways to 215 00:13:23,360 --> 00:13:26,679 Speaker 1: attack satellites. Way back at the beginning of the space age, 216 00:13:26,840 --> 00:13:30,040 Speaker 1: no one even conceived anyone would be hitting And it 217 00:13:30,080 --> 00:13:34,520 Speaker 1: turns out that I've spoken to hackers, individual hackers, security researchers, 218 00:13:34,559 --> 00:13:38,160 Speaker 1: who've proved, who've shown that each of these is vulnerable. 219 00:13:38,640 --> 00:13:41,559 Speaker 1: What are some of the things that all these satellites 220 00:13:41,600 --> 00:13:46,439 Speaker 1: are doing. Well, there's Internet, that's one. There's satellite TV, 221 00:13:47,160 --> 00:13:52,280 Speaker 1: there's earth observation, earthquake monitoring, spying. The US has its 222 00:13:52,320 --> 00:13:55,040 Speaker 1: own spy satellites. But it was explained to me that 223 00:13:55,600 --> 00:13:59,160 Speaker 1: every single element of the US economy that matters, whether 224 00:13:59,200 --> 00:14:05,360 Speaker 1: it's chemical, industrial processes, looking for oil, even atomic clocks. 225 00:14:05,520 --> 00:14:08,280 Speaker 1: So the way we get our time, the way cash 226 00:14:08,320 --> 00:14:10,920 Speaker 1: machines function, the way you get gas at the pump, 227 00:14:11,400 --> 00:14:14,679 Speaker 1: everything now depends on satellites. What are the things that 228 00:14:14,720 --> 00:14:19,000 Speaker 1: you're paying a specially close attention to Given everything that 229 00:14:19,040 --> 00:14:22,240 Speaker 1: you're describing here, I think I'm really interested in any 230 00:14:22,280 --> 00:14:24,720 Speaker 1: time China puts up a system that could potentially be 231 00:14:24,760 --> 00:14:28,600 Speaker 1: independent of the US, anytime China has a relationship with 232 00:14:28,640 --> 00:14:33,720 Speaker 1: a US satellite company. All of those things are areas 233 00:14:33,720 --> 00:14:35,960 Speaker 1: that I think you'll see the US government look at 234 00:14:36,320 --> 00:14:40,040 Speaker 1: more and more, and really a push from the US 235 00:14:40,120 --> 00:14:43,200 Speaker 1: government to see how far they're going to squeeze industry 236 00:14:43,280 --> 00:14:46,440 Speaker 1: to actually do anything about this. A White House official 237 00:14:46,480 --> 00:14:49,960 Speaker 1: told me that companies need to radically improve the security 238 00:14:50,160 --> 00:14:53,720 Speaker 1: of satellite ground systems, and that they even go to 239 00:14:53,840 --> 00:14:57,480 Speaker 1: companies on occasion and tell them, hey, we've discovered a vulnerability. 240 00:14:57,600 --> 00:14:59,600 Speaker 1: You need to patch this. And they don't want to 241 00:14:59,640 --> 00:15:03,160 Speaker 1: say it a public because that would raise awareness of 242 00:15:03,200 --> 00:15:06,440 Speaker 1: a vulnerability that could be exploited by attackers. They tell 243 00:15:06,480 --> 00:15:10,040 Speaker 1: companies in private, and they say sometimes companies do not 244 00:15:10,200 --> 00:15:12,680 Speaker 1: take that advice and do not patch. And I think 245 00:15:12,720 --> 00:15:15,280 Speaker 1: companies would have just as many criticisms back if they 246 00:15:15,280 --> 00:15:18,160 Speaker 1: were speaking freely of the US government too. And so 247 00:15:18,240 --> 00:15:21,880 Speaker 1: that relationship between government and commercial satellite players has got 248 00:15:21,920 --> 00:15:25,320 Speaker 1: to get if it's to be solved a lot closer. 249 00:15:25,600 --> 00:15:27,640 Speaker 1: They haven't quite got the level of trust that I 250 00:15:27,680 --> 00:15:31,400 Speaker 1: think everyone would want. And there's a problem with classified briefings. 251 00:15:31,600 --> 00:15:34,040 Speaker 1: A lot of this information is classified, and yet a 252 00:15:34,040 --> 00:15:36,680 Speaker 1: lot of the hacks are happening on a commercial sector. 253 00:15:36,920 --> 00:15:39,240 Speaker 1: So really breaching that gap needs a lot more work. 254 00:15:39,880 --> 00:15:42,040 Speaker 1: Kultri in a man saying thanks so much for talking 255 00:15:42,040 --> 00:15:46,840 Speaker 1: with me today, thank you for having me. Let's hear 256 00:15:46,880 --> 00:15:49,760 Speaker 1: now from someone who knows how easy it can be 257 00:15:49,960 --> 00:15:54,560 Speaker 1: to hack a satellite, because he's done it himself. James 258 00:15:54,600 --> 00:15:58,040 Speaker 1: Pervoor tapped into commercial satellites as part of his PhD 259 00:15:58,240 --> 00:16:02,400 Speaker 1: program at Axford Universe. He now works on satellite security 260 00:16:02,640 --> 00:16:06,520 Speaker 1: for the Pentagon. James, let me just start by asking 261 00:16:06,560 --> 00:16:09,400 Speaker 1: you first, how did you become a hacker. I've been 262 00:16:09,480 --> 00:16:12,400 Speaker 1: doing computer security stuff basically since I was a child. 263 00:16:12,560 --> 00:16:15,120 Speaker 1: So when I was like in middle school, I was 264 00:16:15,160 --> 00:16:18,240 Speaker 1: playing around with like shutting down people's computers while they're 265 00:16:18,240 --> 00:16:19,920 Speaker 1: sitting next to me in the lab, that kind of 266 00:16:19,960 --> 00:16:22,880 Speaker 1: like little windows hacking type thing. And I've just always 267 00:16:22,920 --> 00:16:25,800 Speaker 1: been really interested in seeing how things work under the hood. 268 00:16:26,280 --> 00:16:28,840 Speaker 1: And as a hacker, like exploiting things is all about 269 00:16:28,880 --> 00:16:32,640 Speaker 1: like understanding technology behind the scenes, and so that's really 270 00:16:32,680 --> 00:16:35,480 Speaker 1: been super interesting for me. It's just always been like 271 00:16:35,600 --> 00:16:37,200 Speaker 1: figure out how something works and then figure out how 272 00:16:37,240 --> 00:16:39,520 Speaker 1: he can break it. And then you took that kind 273 00:16:39,520 --> 00:16:41,880 Speaker 1: of plane around as a kid much more seriously a 274 00:16:41,960 --> 00:16:46,520 Speaker 1: PhD now from Oxford, and as part of that dissertation, 275 00:16:47,600 --> 00:16:52,200 Speaker 1: you actually were hacking satellites for real to show vulnerabilities. 276 00:16:52,320 --> 00:16:55,160 Speaker 1: Is that right? Yeah, exactly. So. Over the course of 277 00:16:55,200 --> 00:16:58,520 Speaker 1: my PhD at Oxford, I focused on satellite system security, 278 00:16:58,720 --> 00:17:02,280 Speaker 1: and in particularly like radio signals that come to satellites 279 00:17:02,440 --> 00:17:06,159 Speaker 1: from Internet users and like satellite broadband services. When I 280 00:17:06,240 --> 00:17:10,840 Speaker 1: say satellite broadband services, what I really mean is basically 281 00:17:11,080 --> 00:17:13,920 Speaker 1: when you're using a satellite to get Internet access, and 282 00:17:14,000 --> 00:17:16,040 Speaker 1: typically that means that you send a message up to 283 00:17:16,040 --> 00:17:18,720 Speaker 1: the satellite, which is like get me this website, and 284 00:17:18,760 --> 00:17:21,480 Speaker 1: the satellites basically a bent pipe. You can think of 285 00:17:21,480 --> 00:17:25,520 Speaker 1: the satellites as fairly dumb objects. They receive data on 286 00:17:25,520 --> 00:17:27,920 Speaker 1: one antenna and then they take the data they receive 287 00:17:28,000 --> 00:17:30,680 Speaker 1: and send it out on a different antenna, basically, and 288 00:17:31,000 --> 00:17:34,679 Speaker 1: they do no thinking, no processing, at least for Internet satellites. 289 00:17:34,800 --> 00:17:37,080 Speaker 1: So they're just a pipe. You put information in one 290 00:17:37,080 --> 00:17:39,480 Speaker 1: side and it comes out another side, and the only 291 00:17:39,480 --> 00:17:42,959 Speaker 1: difference is when it comes out it covers a huge area. 292 00:17:43,040 --> 00:17:46,440 Speaker 1: And so when you send Internet requests up to a satellite, 293 00:17:46,480 --> 00:17:48,720 Speaker 1: you're just pumping information into this pipe and then it's 294 00:17:48,760 --> 00:17:51,120 Speaker 1: coming out the other side to your internet service provider. 295 00:17:51,119 --> 00:17:53,320 Speaker 1: And when you get a response like a web page 296 00:17:53,320 --> 00:17:56,200 Speaker 1: you've downloaded or a document you've received, it's the same thing. 297 00:17:56,200 --> 00:17:57,840 Speaker 1: The service wrider is putting it into one end of 298 00:17:57,880 --> 00:17:59,400 Speaker 1: the pipe and then it's coming out at the broad 299 00:17:59,520 --> 00:18:02,840 Speaker 1: end to your dish. The interesting thing about satellite services 300 00:18:02,840 --> 00:18:05,240 Speaker 1: is that beam that comes back down to you can 301 00:18:05,320 --> 00:18:07,320 Speaker 1: cover like a third of the Earth's surface, so an 302 00:18:07,359 --> 00:18:10,879 Speaker 1: attacker can be thousands of miles away and getting that information. 303 00:18:11,320 --> 00:18:14,119 Speaker 1: So I bought some gear and pointed at satellites and 304 00:18:14,160 --> 00:18:16,760 Speaker 1: tried to interpret what was going on. And it turns 305 00:18:16,760 --> 00:18:18,840 Speaker 1: out that there's like lots of really interesting and really 306 00:18:18,880 --> 00:18:22,119 Speaker 1: sensitive information in these signals that an attacker with like 307 00:18:22,160 --> 00:18:25,960 Speaker 1: relatively inexpensive equipment can get access to. So you said 308 00:18:25,960 --> 00:18:27,679 Speaker 1: you bought equipment, would you buy I mean, is it like, 309 00:18:27,800 --> 00:18:31,160 Speaker 1: you know, going on Amazon just getting common stuff? Basically, yeah, 310 00:18:31,160 --> 00:18:34,080 Speaker 1: So about four hundred dollars in home television equipment, the 311 00:18:34,160 --> 00:18:36,760 Speaker 1: kind of satellite dish that you'd see on someone's house 312 00:18:36,800 --> 00:18:39,840 Speaker 1: if they had satellite internet service, and then a special 313 00:18:39,840 --> 00:18:42,600 Speaker 1: card that is designed to let you watch satellite TV 314 00:18:42,680 --> 00:18:46,000 Speaker 1: on your computer. But I basically repurposed it to take 315 00:18:46,040 --> 00:18:47,879 Speaker 1: these Internet signals and get them in a format I 316 00:18:47,880 --> 00:18:50,560 Speaker 1: could mess around with. I pointed my dish at satellites 317 00:18:50,600 --> 00:18:53,960 Speaker 1: in geostationary orbit, so that means they're thirty thousand kilometers 318 00:18:53,960 --> 00:18:56,240 Speaker 1: above the Earth's surface and they basically don't move. They're 319 00:18:56,240 --> 00:18:58,200 Speaker 1: always in the same spot in the sky, which makes 320 00:18:58,200 --> 00:19:01,679 Speaker 1: them pretty easy to find and intercept signals from. And 321 00:19:01,800 --> 00:19:05,560 Speaker 1: these were primarily like broadband Internet services, and I was 322 00:19:05,600 --> 00:19:08,120 Speaker 1: able to see the sort of traffic people were sending 323 00:19:08,240 --> 00:19:12,400 Speaker 1: over their satellite Internet connections, So stuff like text messages 324 00:19:12,440 --> 00:19:14,600 Speaker 1: from people who were using in flight Wi Fi services 325 00:19:14,640 --> 00:19:17,960 Speaker 1: when they're on like Transatlantic flights, or things like passengers 326 00:19:17,960 --> 00:19:20,040 Speaker 1: on cruise ships when they were making payments at point 327 00:19:20,080 --> 00:19:23,199 Speaker 1: of sales systems. So also a lot of like passport numbers. 328 00:19:23,280 --> 00:19:26,639 Speaker 1: So when like crews, especially like cargo vessels pull into ports, 329 00:19:26,640 --> 00:19:28,600 Speaker 1: they'll send information about everyone on the ship to the 330 00:19:28,680 --> 00:19:31,880 Speaker 1: port authorities. That's typically over a satellite feed, and so 331 00:19:32,280 --> 00:19:35,359 Speaker 1: it's pretty easy to identify those messages when you're like 332 00:19:35,520 --> 00:19:37,760 Speaker 1: listening to the satellite traffic and just get like a 333 00:19:37,840 --> 00:19:39,800 Speaker 1: list of everyone on the crew and when they were 334 00:19:39,840 --> 00:19:43,040 Speaker 1: born and what their passport number is. Like really concerning 335 00:19:43,119 --> 00:19:46,120 Speaker 1: data to be getting in clear text. Did it surprise 336 00:19:46,200 --> 00:19:49,320 Speaker 1: you how much you were able to get? Yeah, I 337 00:19:49,400 --> 00:19:52,080 Speaker 1: was stunned. I think that a lot of it comes 338 00:19:52,119 --> 00:19:55,080 Speaker 1: from an assumption that you would need much more expensive equipment. 339 00:19:55,240 --> 00:19:58,359 Speaker 1: The gear I used was very unreliable if I wanted 340 00:19:58,400 --> 00:20:01,280 Speaker 1: to use it to actually be a satellite Internet customer 341 00:20:01,400 --> 00:20:03,560 Speaker 1: when it worked, because I was missing a lot of packets, 342 00:20:03,560 --> 00:20:05,600 Speaker 1: there was a lot of corruption. But what I was 343 00:20:05,640 --> 00:20:09,560 Speaker 1: able to do is basically reconstruct enough of the transactions, 344 00:20:09,560 --> 00:20:11,560 Speaker 1: like enough of the data that I could start to 345 00:20:11,600 --> 00:20:14,439 Speaker 1: get interesting information. Because a hacker doesn't need one hundred 346 00:20:14,440 --> 00:20:17,600 Speaker 1: percent reliability to succeed. So the change in the model 347 00:20:17,720 --> 00:20:19,399 Speaker 1: was this idea that you could get away with a 348 00:20:19,440 --> 00:20:22,359 Speaker 1: lot less if you're just trying to be disruptive. So 349 00:20:22,520 --> 00:20:26,160 Speaker 1: here you are hacking these satellite signals and you're doing 350 00:20:26,160 --> 00:20:29,520 Speaker 1: it for academic purposes to show how vulnerable they are. 351 00:20:29,600 --> 00:20:32,600 Speaker 1: But if you were doing it for nefarious reasons to 352 00:20:32,600 --> 00:20:34,679 Speaker 1: try and steal this information, you would have had a 353 00:20:34,680 --> 00:20:36,920 Speaker 1: lot of stuff that could have caused people a lot 354 00:20:36,920 --> 00:20:40,320 Speaker 1: of trouble. Definitely the data that was in there. I'm 355 00:20:40,359 --> 00:20:42,560 Speaker 1: glad that as a security researcher, I was able to 356 00:20:42,640 --> 00:20:44,879 Speaker 1: kind of get to it first and share it with 357 00:20:44,920 --> 00:20:48,760 Speaker 1: the satellite Internet service providers and kind of raise awareness 358 00:20:48,800 --> 00:20:51,359 Speaker 1: about this vulnerability so that they could work towards fixing it. 359 00:20:51,400 --> 00:20:54,640 Speaker 1: Because I think adversaries, when they get access to data 360 00:20:54,680 --> 00:20:57,040 Speaker 1: like this, could cause a lot of harm. So when 361 00:20:57,040 --> 00:21:00,000 Speaker 1: you went to companies like that, what did they say 362 00:21:00,080 --> 00:21:03,000 Speaker 1: they alarmed, did they immediately patch it? It was a 363 00:21:03,080 --> 00:21:06,200 Speaker 1: mix of reactions. There are some companies that were fantastic. 364 00:21:06,440 --> 00:21:09,720 Speaker 1: They were immediately like, thank you for sharing this information, 365 00:21:09,760 --> 00:21:11,840 Speaker 1: We'll get right on fixing it. And I think they 366 00:21:11,880 --> 00:21:14,760 Speaker 1: did end up making improvements to their security. They ended 367 00:21:14,840 --> 00:21:16,959 Speaker 1: up checking what kind of data they were sending. There 368 00:21:16,960 --> 00:21:21,040 Speaker 1: are other companies that either ignored the research, like never responded, 369 00:21:21,200 --> 00:21:23,080 Speaker 1: or there were even some who like threatened to sue us. 370 00:21:23,800 --> 00:21:26,440 Speaker 1: So whole gamut of different things. But I think that's 371 00:21:26,440 --> 00:21:30,760 Speaker 1: just the nature of like offensive security research and vulnerability research, 372 00:21:30,880 --> 00:21:33,200 Speaker 1: is that you kind of play a game where people 373 00:21:33,240 --> 00:21:36,800 Speaker 1: may get very defensive or very hostile to your findings, 374 00:21:36,880 --> 00:21:38,720 Speaker 1: but it's still important to get it out there so 375 00:21:38,880 --> 00:21:41,000 Speaker 1: people can kind of if they want to choose to 376 00:21:41,040 --> 00:21:43,040 Speaker 1: fix things, at least they know what they should be fixing. 377 00:21:43,960 --> 00:21:55,840 Speaker 1: We'll be right back. Now that you've completed your research, 378 00:21:56,000 --> 00:21:59,200 Speaker 1: you have your PhD, you've gone to work with the pentagain, 379 00:21:59,280 --> 00:22:03,080 Speaker 1: what exactly are you doing for them? I work at 380 00:22:03,119 --> 00:22:06,399 Speaker 1: the Chief Digital and Artificial Intelligence Office, which is a 381 00:22:06,440 --> 00:22:08,840 Speaker 1: new office within the Office of the the Secretary of Defense, 382 00:22:09,320 --> 00:22:11,679 Speaker 1: and my agency within that as called the Directorate for 383 00:22:11,720 --> 00:22:14,679 Speaker 1: digital services, And it's a pretty generic name because the 384 00:22:14,800 --> 00:22:18,919 Speaker 1: job is incredibly broad. It's a lot of emergency engineering, 385 00:22:19,000 --> 00:22:22,040 Speaker 1: so like something pops up in the world that needs 386 00:22:22,040 --> 00:22:24,720 Speaker 1: something built, coded, or developed within like forty eight hours, 387 00:22:24,800 --> 00:22:27,720 Speaker 1: and so instead of like going to defense contractors, we 388 00:22:27,760 --> 00:22:30,240 Speaker 1: have like in house engineering expertise who can build that 389 00:22:30,320 --> 00:22:33,000 Speaker 1: kind of emergency tech. So obviously I can't go into 390 00:22:33,040 --> 00:22:35,000 Speaker 1: a ton of detail about all the projects I work, 391 00:22:35,280 --> 00:22:38,680 Speaker 1: but it's a lot of just like really rapid organic 392 00:22:38,760 --> 00:22:42,719 Speaker 1: software development and security work and advisory work for like 393 00:22:43,160 --> 00:22:47,840 Speaker 1: very impactful topics. What attracted you to the penan, I 394 00:22:47,920 --> 00:22:51,760 Speaker 1: think for me, the opportunity to work as a civil 395 00:22:51,760 --> 00:22:55,879 Speaker 1: servant in government is really compelling because you're close to 396 00:22:55,920 --> 00:22:59,639 Speaker 1: the decision makers who are kind of deciding what the future, 397 00:23:00,400 --> 00:23:03,520 Speaker 1: in this case the military will look like. And having 398 00:23:03,520 --> 00:23:05,280 Speaker 1: a seat at that table and having a voice in 399 00:23:05,280 --> 00:23:09,280 Speaker 1: those conversations can be a much bigger impact than simply 400 00:23:09,280 --> 00:23:13,359 Speaker 1: like finding vulnerabilities at a big contractor and then selling 401 00:23:13,359 --> 00:23:16,080 Speaker 1: them off. So for me, that's what really matters, is 402 00:23:16,240 --> 00:23:19,120 Speaker 1: this idea that I could shape a safer future by 403 00:23:19,440 --> 00:23:22,480 Speaker 1: being in the room when those conversations are happening. So 404 00:23:22,600 --> 00:23:25,439 Speaker 1: walk us through how satellites actually work, what are the 405 00:23:25,480 --> 00:23:29,000 Speaker 1: different components, and where are the places that are vulnerable 406 00:23:29,080 --> 00:23:33,359 Speaker 1: to hacking you can break satellite security into. I guess 407 00:23:33,400 --> 00:23:35,439 Speaker 1: there are four domains that I like to think about. 408 00:23:35,880 --> 00:23:39,119 Speaker 1: One is the ground systems, So those are the devices 409 00:23:39,160 --> 00:23:41,479 Speaker 1: that users use to connect to the systems, think like 410 00:23:41,520 --> 00:23:44,719 Speaker 1: a starlink modem or a ground station that's run by 411 00:23:44,720 --> 00:23:47,480 Speaker 1: a satellite service provider to collect data from their satellites. 412 00:23:47,920 --> 00:23:51,159 Speaker 1: And when you're hacking ground systems, typically it's going to 413 00:23:51,200 --> 00:23:53,159 Speaker 1: look a lot like bread and butther hacking, you're going 414 00:23:53,240 --> 00:23:55,680 Speaker 1: to be targeting like the Windows computer that's plugged into 415 00:23:55,680 --> 00:23:59,240 Speaker 1: the satellite antenna and using your Windows malware to exploit it. 416 00:24:00,040 --> 00:24:03,240 Speaker 1: Then there's the communications link, so that's the radio signals 417 00:24:03,240 --> 00:24:05,720 Speaker 1: that go from a ground station to a satellite, and 418 00:24:05,800 --> 00:24:07,720 Speaker 1: that's what I was looking at in my PhD thesis. 419 00:24:07,760 --> 00:24:11,440 Speaker 1: For the most part, that's often like radio signals engineering 420 00:24:11,480 --> 00:24:15,280 Speaker 1: type work and kind of looking at communications security. Then 421 00:24:15,320 --> 00:24:18,879 Speaker 1: there's the bird. So there's the satellite in orbit, and 422 00:24:19,440 --> 00:24:21,520 Speaker 1: there's kind of a zone of trust once you're on 423 00:24:21,560 --> 00:24:24,199 Speaker 1: the satellite. Everything on the satellite trusts everything else in 424 00:24:24,240 --> 00:24:26,879 Speaker 1: the satellite. So if you were like compromise a camera 425 00:24:27,000 --> 00:24:29,480 Speaker 1: on a satellite, you could send instructions to a flight 426 00:24:29,520 --> 00:24:32,960 Speaker 1: controller because they're all plugged into the same like bus, 427 00:24:32,960 --> 00:24:35,040 Speaker 1: which is basically like a wire that sends messages from 428 00:24:35,040 --> 00:24:38,240 Speaker 1: devices to other devices. And so when you're thinking about 429 00:24:38,240 --> 00:24:41,520 Speaker 1: like satellite security, it's often about compromising these embedded systems 430 00:24:41,640 --> 00:24:44,720 Speaker 1: in orbit. And then the last topic area is kind 431 00:24:44,720 --> 00:24:47,560 Speaker 1: of this broader like policy domain in terms of how 432 00:24:47,600 --> 00:24:51,560 Speaker 1: people interact with and regulate satellites. I did some research 433 00:24:51,560 --> 00:24:55,080 Speaker 1: on my PhD on space situational awareness data, for example, 434 00:24:55,080 --> 00:24:58,080 Speaker 1: which is how countries tell each other what space debris 435 00:24:58,200 --> 00:25:00,439 Speaker 1: is out there so we don't like crash into debris 436 00:25:00,560 --> 00:25:03,560 Speaker 1: and cause damage to the space environment. And so I 437 00:25:03,560 --> 00:25:05,480 Speaker 1: looked a lot at like what happens if countries lie 438 00:25:05,520 --> 00:25:08,040 Speaker 1: to each other, How could those lies be detected? And 439 00:25:08,119 --> 00:25:10,440 Speaker 1: that's kind of more ephemeral. There's not like a part 440 00:25:10,480 --> 00:25:12,280 Speaker 1: of the satellite you can touch that is that, but 441 00:25:12,280 --> 00:25:15,840 Speaker 1: it's still an important component of space security. James, which 442 00:25:15,880 --> 00:25:19,399 Speaker 1: of those four areas of vulnerability you're describing out the 443 00:25:19,480 --> 00:25:23,240 Speaker 1: easiest for hackers to pry their way in. I think 444 00:25:23,280 --> 00:25:26,439 Speaker 1: the vast majority of historical attacks on satellites have been 445 00:25:26,480 --> 00:25:30,879 Speaker 1: against either the radio domain primarily jamming attacks, So a 446 00:25:30,880 --> 00:25:34,120 Speaker 1: lot of countries as a mechanism of censorship or protest, 447 00:25:34,280 --> 00:25:36,639 Speaker 1: will jam other people's satellites, and that's been going on 448 00:25:36,720 --> 00:25:40,399 Speaker 1: for decades. And then there's also the ground systems. Because 449 00:25:40,440 --> 00:25:43,359 Speaker 1: there's so much like traditional IT systems with just like 450 00:25:43,800 --> 00:25:47,320 Speaker 1: Windows computers plugged into a satellite antenna. It's easy to 451 00:25:47,359 --> 00:25:49,800 Speaker 1: either accidentally hack them if you're just doing like a 452 00:25:49,840 --> 00:25:53,080 Speaker 1: broad attack, or to find and hire the expertise you 453 00:25:53,080 --> 00:25:56,080 Speaker 1: would need for a more targeted attack against those. So 454 00:25:56,240 --> 00:26:01,560 Speaker 1: what can companies, governments due to satellites actually enhanced the 455 00:26:01,640 --> 00:26:05,520 Speaker 1: security so this sort of thing doesn't happen. I think 456 00:26:05,560 --> 00:26:08,679 Speaker 1: that opening up a little bit to security research is 457 00:26:08,680 --> 00:26:11,719 Speaker 1: a big step in that direction. The industry has gotten 458 00:26:11,720 --> 00:26:14,919 Speaker 1: by for a long time on this assumption that satellites 459 00:26:14,960 --> 00:26:17,800 Speaker 1: are so expensive and so complicated that no one will 460 00:26:17,840 --> 00:26:20,760 Speaker 1: ever be able to hack them, and that has sort 461 00:26:20,760 --> 00:26:25,000 Speaker 1: of been true. But as technology has advanced and satellites 462 00:26:25,000 --> 00:26:28,840 Speaker 1: have become more and more like other Internet of Things devices, 463 00:26:28,880 --> 00:26:32,840 Speaker 1: basically that's getting less true. And there are transferable skills 464 00:26:32,880 --> 00:26:35,719 Speaker 1: hackers might develop that can be applied to satellites, and 465 00:26:35,760 --> 00:26:38,440 Speaker 1: so I don't think the space industry can continue to 466 00:26:38,480 --> 00:26:40,280 Speaker 1: kind of hide in the shadows and get by with 467 00:26:40,480 --> 00:26:43,320 Speaker 1: their easier targets. So no one's going to bother with us, 468 00:26:44,000 --> 00:26:47,000 Speaker 1: And so relying in like open source protocols that can 469 00:26:47,040 --> 00:26:50,520 Speaker 1: be validated at like source code level for their communications, 470 00:26:51,080 --> 00:26:55,480 Speaker 1: and relying on open firmware and operating systems that people 471 00:26:55,520 --> 00:26:58,200 Speaker 1: can test and prove or secure will go a lot 472 00:26:58,240 --> 00:27:01,880 Speaker 1: further than hoping that you're at a proprietary software will 473 00:27:01,920 --> 00:27:05,080 Speaker 1: just never be figured out by an adversary. I think that, like, 474 00:27:05,440 --> 00:27:07,320 Speaker 1: there are tons and tons of people out there who 475 00:27:07,359 --> 00:27:09,399 Speaker 1: would love to hack satellites, who would love to do 476 00:27:09,520 --> 00:27:12,840 Speaker 1: research for free as basically a donation to the world 477 00:27:12,840 --> 00:27:15,160 Speaker 1: to make it more secure because they think hacking satellites 478 00:27:15,280 --> 00:27:17,399 Speaker 1: is cool. Don't think I'm the only person like that 479 00:27:17,440 --> 00:27:19,800 Speaker 1: out there. I've met other people like it. And if 480 00:27:19,800 --> 00:27:23,720 Speaker 1: the space industry gives people the opportunity to contribute within 481 00:27:23,760 --> 00:27:26,199 Speaker 1: the security research community, I think they'll be able to 482 00:27:26,240 --> 00:27:30,200 Speaker 1: make really big progress in securing these platforms. What concerns 483 00:27:30,200 --> 00:27:32,280 Speaker 1: you the most, like, what is the thing? As someone 484 00:27:32,320 --> 00:27:35,399 Speaker 1: who knows how vulnerable these systems can be, makes you 485 00:27:35,440 --> 00:27:39,199 Speaker 1: think this is the thing that makes me worry. For me, 486 00:27:39,320 --> 00:27:43,080 Speaker 1: it's the environment. So most of the repercussions of a 487 00:27:43,119 --> 00:27:46,680 Speaker 1: satellite compromise are like bad. They could be very bad, 488 00:27:46,720 --> 00:27:48,760 Speaker 1: like you could compromise GPS and it could lead to 489 00:27:48,800 --> 00:27:53,520 Speaker 1: like a terrestrial catastrophe. But however bad it is, eventually 490 00:27:53,560 --> 00:27:55,560 Speaker 1: we'll get over it. So I guess one of my 491 00:27:55,680 --> 00:28:00,400 Speaker 1: biggest concerns is less about the virtual effects of hacking satellites, 492 00:28:00,440 --> 00:28:03,480 Speaker 1: stealing data or disabling them, and more about the kinetic 493 00:28:03,520 --> 00:28:07,040 Speaker 1: and physical effects, because those can have a lasting effect 494 00:28:07,040 --> 00:28:09,919 Speaker 1: on the environment. So if a satellite is destroyed an 495 00:28:10,000 --> 00:28:13,560 Speaker 1: orbit in some way, that can have huge environmental repercussions. 496 00:28:13,560 --> 00:28:17,000 Speaker 1: If someone hacks a rocket and causes it to break 497 00:28:17,080 --> 00:28:20,199 Speaker 1: during a launch sequence, for example, then you end up 498 00:28:20,200 --> 00:28:23,080 Speaker 1: with pieces of space debris that are stuck in orbit 499 00:28:23,160 --> 00:28:27,200 Speaker 1: for centuries. They move at literally bullet like speeds, and 500 00:28:27,320 --> 00:28:30,040 Speaker 1: if they crash into other pieces of space debris or 501 00:28:30,720 --> 00:28:33,440 Speaker 1: into each other, they can generate basically to bre cascade 502 00:28:33,640 --> 00:28:36,000 Speaker 1: and block orbit for a long period of time and 503 00:28:36,040 --> 00:28:39,480 Speaker 1: have a lasting detrimental impact on our abilities a species 504 00:28:39,480 --> 00:28:42,240 Speaker 1: to make use of outer space. So when you look ahead, 505 00:28:42,400 --> 00:28:45,720 Speaker 1: do you think satellites become more secure or do you 506 00:28:45,720 --> 00:28:48,360 Speaker 1: think we go through a period of kind of chaos 507 00:28:48,360 --> 00:28:53,040 Speaker 1: and uncertainty before something gets done. I am cautiously optimistic 508 00:28:53,080 --> 00:28:56,200 Speaker 1: that satellites will become more secure. There is a really 509 00:28:56,240 --> 00:28:59,520 Speaker 1: great momentum around satellite security that's formed in the last 510 00:29:00,080 --> 00:29:02,800 Speaker 1: four or five years. We have Defcon, which is a 511 00:29:02,800 --> 00:29:06,040 Speaker 1: big hacker conference in Las Vegas every summer, and they 512 00:29:06,080 --> 00:29:09,320 Speaker 1: have a dedicated track within what they call the Aerospace 513 00:29:09,400 --> 00:29:12,920 Speaker 1: Village to just talk about space security. We have industry 514 00:29:12,920 --> 00:29:17,160 Speaker 1: advisory groups. There's a Space Information Sharing an Advisory Council 515 00:29:17,320 --> 00:29:20,800 Speaker 1: which is formed between like different space industry people to 516 00:29:20,800 --> 00:29:23,400 Speaker 1: talk about cyber threats. And we just have a lot 517 00:29:23,400 --> 00:29:26,360 Speaker 1: of momentum building around space security. And my hope is 518 00:29:26,360 --> 00:29:28,760 Speaker 1: that that momentum is coming at the right time because 519 00:29:29,040 --> 00:29:31,960 Speaker 1: the decisions we make in the next three or four years, 520 00:29:32,000 --> 00:29:34,040 Speaker 1: I think we'll have a big impact in what space 521 00:29:34,040 --> 00:29:37,200 Speaker 1: looks like for the next decade or so. James, is 522 00:29:37,200 --> 00:29:40,000 Speaker 1: there anything that we can do, just as you know, 523 00:29:40,160 --> 00:29:46,600 Speaker 1: people consumers of technology to protect ourselves. Definitely, So when 524 00:29:46,600 --> 00:29:49,440 Speaker 1: you're trying to protect your like satellite, internet signals or 525 00:29:49,440 --> 00:29:52,280 Speaker 1: really any traffic you send over the Internet. I think 526 00:29:52,320 --> 00:29:54,960 Speaker 1: it's important to recognize that once that message you're sending 527 00:29:55,040 --> 00:29:58,080 Speaker 1: leaves your house, you have basically no control over who 528 00:29:58,120 --> 00:30:00,320 Speaker 1: gets to touch it as the gets handed off. I think, 529 00:30:00,320 --> 00:30:02,080 Speaker 1: like you send a letter in the mail, you don't 530 00:30:02,120 --> 00:30:05,120 Speaker 1: know who the postal workers grabbing your letter at each stage. 531 00:30:05,120 --> 00:30:08,840 Speaker 1: Will be same thing with Internet traffic, and so using 532 00:30:09,160 --> 00:30:13,320 Speaker 1: end end encrypted protocols, whether that's using like an encrypted 533 00:30:13,360 --> 00:30:18,520 Speaker 1: chat application or using websites that use t TLS is 534 00:30:18,640 --> 00:30:22,600 Speaker 1: transport layer security. It's a protocol that's used to encrypt 535 00:30:22,720 --> 00:30:24,920 Speaker 1: general like Internet traffic that you would have when you 536 00:30:25,120 --> 00:30:28,040 Speaker 1: visit a website. You'll see it like little lock icon 537 00:30:28,120 --> 00:30:30,640 Speaker 1: in your browser when you're connected to a TLS website, 538 00:30:31,080 --> 00:30:35,120 Speaker 1: and it's like proven with math to be very secure 539 00:30:35,600 --> 00:30:38,280 Speaker 1: against adversaries who are trying to read the content you're sending. 540 00:30:38,560 --> 00:30:40,920 Speaker 1: That's a really great way to stop people like me, 541 00:30:41,400 --> 00:30:44,000 Speaker 1: because even if I got your packets off of a satellite, 542 00:30:44,000 --> 00:30:46,440 Speaker 1: because it happened to get sent that way, I wouldn't 543 00:30:46,440 --> 00:30:48,360 Speaker 1: be able to read the contents of them. I could 544 00:30:48,360 --> 00:30:50,360 Speaker 1: see the outside of the envelope, but if I opened 545 00:30:50,400 --> 00:30:52,760 Speaker 1: it up, it would just be garbage, nonsense, and so 546 00:30:53,280 --> 00:30:56,720 Speaker 1: whenever you can. Using an encrypted communications protocol defends you 547 00:30:56,760 --> 00:30:59,400 Speaker 1: against just a whole mix of attacks, whether it's satellite 548 00:30:59,400 --> 00:31:03,120 Speaker 1: attacks or any other kind of eavesdropping threat. James Pavoor, 549 00:31:03,480 --> 00:31:05,920 Speaker 1: thanks for speaking with me, No problem, great meeting you. 550 00:31:07,280 --> 00:31:09,080 Speaker 1: Thanks for listening to us here at The Big Take. 551 00:31:09,200 --> 00:31:12,600 Speaker 1: It's the daily podcast from Bloomberg and iHeartRadio. For more 552 00:31:12,640 --> 00:31:16,560 Speaker 1: shows from my heart Radio, visit the iHeartRadio app, Apple Podcasts, 553 00:31:16,640 --> 00:31:19,360 Speaker 1: or wherever you listen, and we'd love to hear from you. 554 00:31:19,680 --> 00:31:23,000 Speaker 1: Email us questions or comments to Big Take at Bloomberg 555 00:31:23,000 --> 00:31:26,320 Speaker 1: dot net. The supervising producer of The Big Take is 556 00:31:26,440 --> 00:31:31,600 Speaker 1: Vicky Vigolina. Our senior producer is Katherine Fink. Rebecca Shassan 557 00:31:31,760 --> 00:31:36,320 Speaker 1: is our producer. Our associate producers Sam Gabauer. Phil de 558 00:31:36,400 --> 00:31:40,440 Speaker 1: Garcia is our engineer. Our original music was composed by 559 00:31:40,560 --> 00:31:44,600 Speaker 1: Leo Sidrin. I'm West Kasova. We'll be back tomorrow with 560 00:31:44,680 --> 00:31:45,600 Speaker 1: another Big Take