Software used in satellites the US has accused China of hacking was ripe for upgrade, reports say.
The Landsat-7 and the Terra AM-1 satellites are used to monitor the earth’s climate and terrain. A report on the attacks looked into what the risks would have been if the satellites had been used for other purposes.
Dr Markus Kuhn from Cambridge University told the BBC whilst it is unsure whether the satellites had a “serious security problem”, he argues the attacks are the result of “negligence by its designers or operators.”
“It has long been basic computer science textbook knowledge how to implement “cryptographic end to end message authentication”, a very effective technique to prevent unauthorised parties executing commands on remote devices.”
“This story appears to be little more than someone gaining temporary access to some remote computer that steers a satellite dish,” he continued.
Nottingham Trent University’s Professor John Walker lists the problems of the systems relying on command-and-control from computers based on the ground, which “opens up an opportunity to circumvent security, depending on how it is being applied.”
Nevertheless, Amichai Shulman, Imperva’s Chief Technology Officer, spoke of the need to update security on the satellites.
“This is yet another wake up call for these organisations to gradually abandon their older model and start deploying in-depth layered security into their information systems, much like the commercial organisations do,” he told the BBC.