Aerospace Village - Defcon

Defcon Aerospace Village: A New Era in Security

Once again, Defcon, the annual security conference, was held in Las Vegas, NV. This year, the event moved to a new venue and drew an unofficial count of about 40,000 attendees. As someone who has attended a few times myself, it felt like double the usual crowd. The conference transitioned from its previous three-venue setup to a single event at the Las Vegas Convention Center. This reimagined space allowed many villages to increase in size, opening the door for a new era in the Aerospace Village.

 Interactive Activities and Key Talks

Top interactive activities included the Hack the Drone challenge, TSA "Identify What's in the Luggage," and the Cubesat Simulator. Key talks in the space featured "SPARTA: From Theory to Reality." Notable workshops covered topics such as Small Satellite Modeling and Defender Software, GPS Spoofing (It's About Time, Not Position), and BYOS (Bring Your Own Satellite).

 Innovative Tools and Simulations

Several talks highlighted Nos3, a simulator application for satellite control created by NASA. This open-source project allows users to simulate sending commands to and from satellites. Through simple Docker images, it provides an experience as close to real-life as possible.

One of the more intriguing projects showcased was a tool called Garak. This software enables attackers to perform man-in-the-middle attacks on satellite transmissions. Garak's versatility lies in its ability to define commands and upload definitions for various satellite constellations. While still in its early stages, Garak demonstrates functionality reminiscent of the modern Burp Suite's repeater and interpreter.

SPARTA: From Theory to Reality

One of the most eye-opening talks focused on SPARTA (Satellite Platform for Advanced Research and Threat Assessment). This presentation utilized the Nos3 simulator but delved into a more low-level explanation of attacks on ground station operators. The demonstration showed how an attacker could gain full control of the terminal and execute a man-in-the-middle attack.

Following the successful attack, the presenter demonstrated how an attacker could:

1. Use the simulator platform to upload applications to the simulated satellite

2. Execute commands from the Nos3 command definition list

3. Initiate the OTA (Over-The-Air) process to flash the satellite with entirely new software

4. Fully encrypt the satellite, creating a potential ransomware situation at the satellite level

5. Reboot the entire satellite to factory settings and restore control to its intended operator

 Security Implications for the Space Community

As the space community continues to mature, constellation owners and aspiring owners need to prioritize security from the outset. Key focus areas should include:

1. Multi-factor authentication for operators and end to end encryption

2. Robust identity and access management systems

3. Granular control over who can execute specific commands

While the man-in-the-middle attack was the primary entry point in the demonstration, it's crucial to note that such compromises could occur through various other vectors.

 Conclusion

The Defcon Aerospace Village showcased the rapidly evolving landscape of satellite and space-based security. As our reliance on satellite technology grows, so does the importance of implementing robust security measures. The demonstrations and workshops at Defcon serve as a wake-up call for the industry, highlighting the need for proactive security strategies in the development and operation of satellite systems.