Hacking around with COSPAS-SARSAT 406MHz, Aerospace Hacks, and their Growing Importance.

In this talk, I will mainly introduce COSPAS-SARSAT 406MHz system that is used in quasi-global Search-And-Rescure (SAR) operations supported by Satellite-Aided-Tracking (SAT) - to the best of our knowledge this is the first-ever publicly-known work/demo on hacking and exploiting COSPAS-SARSAT 406MHz.

We will also introduce its security weaknesses, the possible threats in the bigger picture, and will demonstrate some of our early results (e.g., spoofing) as well as some the challenges researchers may face when performing such research.

Moreover, we will present some additional bugs and hacks within closely-related fields (e.g., satellite and avionics/aerospace and maritime), for which we have built a cybersecurity test-lab and testbeds (which we will also present).

We will wrap the talk on why these hacks and attacks are dangerous, as well as why it's important to address these as soon as practical.

 

About the Presenter: Andrei Costin

Dr. Andrei Costin is currently a Senior Lecturer/Assistant Professor in Cybersecurity at University of Jyväskylä (Central Finland), with a particular focus on IoT/firmware cybersecurity and Digital Privacy. He received his PhD in 2015 from EURECOM/Telecom ParisTech under co-supervision of Prof. Francilon and Prof. Balzarotti. Dr. Costin has been publishing and presenting at more than 50 top international cybersecurity venues, both academic (Usenix Security, ACM ASIACCS, etc.) and industrial (BlackHat, CCC, HackInTheBox, POC, etc.). He is the author of the first practical ADS-B attacks (BlackHat 2012) and has literally established the large-scale automated firmware analysis research areas (Usenix Security 2014) - these two works are considered seminal in their respective areas, being also most cited at the same time. Dr. Costin is also the CEO/co-founder of Binare.io, a deep-tech cybersecurity spin-off from University of Jyväskylä, focused on innovation and tech-transfer related to (I)IoT cybersecurity/firmware/devices, as well as avionics/aerospace/space cybersecurity.

Previous
Previous

Kubernetes Bakery Attacks : Stealing Cloud Roles 

Next
Next

The Attack you Dreamed of with Simulation