With the Black Hat USA conference ongoing in Las Vegas this week, there's been an equally ongoing supply of new cybersecurity threats and exploitable vulnerabilities unveiled by researchers there.
Researcher Colby Moore from the cybersecurity firm Synack discovered a vulnerability in Globalstar GPS tracking devices, which hackers could exploit in order to intercept or block transmissions, or even corrupt them with false data.
"Fundamentally broken from the get-go"
Globalstar's satellite phone services are not covered by this vulnerability, since those transmissions are encrypted in transit. But Globalstar's location-trackers don't use encryption, opting instead for a security system that frequently switches frequencies and clutters transmission with lots of inconsequential data. In theory, the combined frequency switches and inconsequential clutter should keep the transmissions secure.
But in a phone interview with Reuters, Moore said such systems are “kind of fundamentally broken from the get-go. I ended up figuring out how to decode the data in transit.”
Worse yet, the problem cannot be fixed with software because it's already embedded within the hardware of currently existing devices (although Globalstar could use software to encrypt transmissions and fix these vulnerabilities in whatever hardware it produces from this point forward).
Globalstar's GPS tracking system isn't quite the same thing as the roadmap GPS systems ordinary drivers use to find their way around. The devices are used primarily to track valuable or sensitive items in shipment, such as armored cars, airplanes and boats, though individual people sometimes subscribe to these tracking services as well. If, for example, you're a backwoods hiker planning a camping trip in the remote wilderness, a typical roadmap GPS isn't useful, but a tracking system such as Globalstar's could help rescuers find you if you get lost or injured.
Either way, a hacker planting false data into such a tracking system could cause far more harm (or gain far more illicit profit) than simply making drivers get lost by advising them to take the wrong exit off an Interstate.
The Christian Science Monitor offered one potential scenario: “It's the middle of the night. Police dispatchers receive a frantic call from a shipping company – one of their drivers triggered a silent alarm to indicate thieves were stealing his cargo. But when officers arrive, they don’t find anything or anyone there. That's because, in movie-like fashion, thieves tampered with the satellite signal transmitting the truck's location and sent officers to the wrong location. Ten miles away, at the actual scene of the crime, robbers are moving the cargo into their own truck.”
Although there's no evidence indicating that anyone has already taken advantage of this Globalstar exploit, Moore said his results would be very easy for hackers to replicate, and it's possible that some criminal or government agencies might already be spying on Globalstar's tracking network. It's also possible that other networks besides Globalstar have this same vulnerability, Moore noted, though he is not familiar with those networks.