During this year’s DEF CON 26, IOActive’s Security Researchers Ruben Santamarta and Josep Pi Rodriguez discuss vulnerabilities in SATCOM equipment and security flaws in Extreme Networks’ WingOS.
Santamarta builds on his extensive research from 2014 on theoretical scenarios for compromising satellite communication products. During this year’s presentation, he provides proof for accessing vulnerable in-flight aircraft, military bases and maritime vessels.
Rodriguez focuses on vulnerable access points in WingOS, an embedded system used by millions of Motorola devices worldwide. While the research began with a vulnerable access point in aircraft devices, it became apparent that the same system is used in many other industries as well, making those devices also vulnerable and the scale of the vulnerability much greater than the initial scope.
IOActive is working with the affected parties to address these security flaws and vulnerabilities discussed.
Digital fingerprinting, a feature of Lucid Circuit’s Astrum, will help safeguard against these vulnerabilities by providing support for authentication and authorization in silicon. To learn more about Astrum, visit our product page.
For more information about these vulnerabilities, see IOActive’s press release: https://ioactive.com/article/ioactive-reveals-major-satellite-communication-and-operating-system-vulnerabilities-at-black-hat-usa-2018-def-con-26/