Would it take a $25 modchip to hack SpaceX’s worldwide Internet service Starlink?
A Belgian security researcher, Lennert Wouters, was able to hack Starlink’s network as well as its communication links and explore the entire system independently.
Before talking publicly about the hack, he made sure to give Starlink a full report of it, and SpaceX’s response to the hack was nothing short of incredible.
Most of us associate hackers with all kinds of wrong attempts, we all have heard the story of a friend or family member being hacked in some way or the other.
In addition, organizations often fall prey to cyber security hacks and attacks. For example, Samsung was hit by a cyber attack in which some sensitive internal data was stolen.
Given that these attacks occur with increasing frequency, security researchers like Wouters have their hands full, and companies can benefit from these hacks.
Wouters took away a Starlink satellite dish he owned. He then modified it with a custom circuit board, which included a Raspberry Pi microcontroller, electronic switches, flash storage, and a voltage regulator.
Once connected, the tool was able to temporarily short out the system, which gave the router a way into the system.
Wouters described the hack as completely capturing Black Hat, noting that he was able to independently detect it after gaining access to the network.
Wouters presented all of his findings to SpaceX in a responsible way: through its dedicated bug bounty program it actually inducted him into the SpaceX Bug Hunting Hall of Fame, which he now ranks second.
SpaceX probably paid the hacker to find the bug, as that’s the whole point of the program, though the amount is not disclosed and much larger organizations rely on third-party researchers.
Helping them track down bugs and vulnerabilities that emerged from the crack during testing. For example, Apple recently paid a PhD student $100,000 to successfully hack a Mac.
With the exact same title, SpaceX is inviting people to do what Wouters just said that Starlink welcomes security researchers.
The giant goes on to describe Starlink and its impact on the world, especially now visible during the war in Ukraine where Starlink has become one of the sources of connectivity for the few Ukrainian citizens living in the country.
SpaceX congratulated Wouters on the achievement, but also maintained that such hacks have little impact on the network and its users.
“Our goal is to give each part of the system the minimum set of privileges necessary to do its job,” SpaceX said, confirming that a single piece of compromised equipment should not affect the entire network.
SpaceX also notes that it is harder to protect a device to which hackers continue to have uncontrolled physical access, so the search for bugs continues.