A hacker used a $25 custom-built tool to hack into SpaceX's Starlink satellite system
- A cybersecurity researcher built a $25 tool that allows access to SpaceX's Starlink satellite dish system.
- They provided the outline for their device on Github for anyone to build.
- SpaceX has responded by improving its software against potential vulnerabilities.
A Belgian researcher, Lennert Wouters, from KU Leuven, demonstrated how he was able to hack into Elon Musk's Starlink satellite dishes at the Black Hat Security Conference held this week in Las Vegas, a report from Wired reveals.
All it took was a $25 hacking tool created by Lennert. And he's making that tool open source for others to use — though he's provided SpaceX with fair warning.
During his presentation on Wednesday, August 10, Wouters detailed the vulnerabilities that allowed him to hack Starlink satellite terminals and create his own custom code.
A $25 device that breaks into Starlink's 'Dishy' system
Space has launched more than 3,000 satellites into low Earth orbit. Customers for the satellite internet service must pay a monthly fee of more than $100 as well as a hardware fee in excess of $500 to obtain the 19-inch wide "Dishy" satellite dish required for using the service.
Wouters developed a custom-made modchip to gain access to Dishy. According to Wired, this custom circuit board is attached to Dishy and it can be fairly easily made using off-the-shelf parts costing roughly $25 in total. Wouters has made the outline for how to build the modchip available on Github.
The custom-built device allows users to access Dishy's software and it can launch an attack that causes a glitch, which hackers access locked parts of the system.
“The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network,” Wouters wrote in the description for his briefing.
"Our attack results in an unfixable compromise of the Starlink [user terminal] and allows us to execute arbitrary code," he continued. "The ability to obtain root access on the Starlink [user terminal] is a prerequisite to freely explore the Starlink network."
SpaceX blocks cyberattacks at 'eye-watering' speed
SpaceX has already replied to Wouters' warning about the flaw in its system by performing a software update that it believes should resolve the issue. However, according to Wouters the only way SpaceX can ensure others won't gain access in a similar way is by creating a new version of Dishy's main chip. It's worth noting that Wouters didn't share his findings to help others hack Starlink satellite dishes. Instead, he hopes it will help the private space firm to improve cybersecurity for its users.
That's not to say SpaceX has a poor track record when it comes to Starlink cybersecurity. In fact, in April a Pentagon official, Dave Tremper, suggested SpaceX was better at blocking Russian cyberattacks than the U.S. government. Tremper said he witnessed firsthand how SpaceX reacted at "eye-watering" speed to a Russian attack on its Starlink satellites. The attack came shortly after SpaceX announced it would provide free access to Starlink internet in Ukraine following the invasion of the country by Russia.