Do you feel safe with your car or phones connection to GPS satellites? Why shouldn’t you be? It is not like there are hackers out there that can hack GPS…Or can they?
We all know that our electronic devices can commute to each other to get from one place to another. This is done by GPS (Global Positioning System). The world’s most modern satellite network known as Globalstar, does not properly defend their GPS satellites. Upon looking deeper into their satellites, we learned there are now layers of encryption settings and there is no security measures to ensure a single direct connection between two devices. Meaning, you may be connected to navigation on your phone, but it is also connected to another phone or GPS system device. A researcher from Synack (Cyber Security firm), Colby Moore, has performed a step-by-step guide on the satellite hack. The reason Moore utilized Globalstar, is because he has already uses this company for an emergency contact signal.
By putting in a few hours of research, Moor was able to reverse-engineer the device and learned the devices registration with the FCC actually contains a ton of information for this hack.
Not only is this little box able to sniff out the satellites traffic and then decode it, but this hack can also obtain the ability to change devices ID. This allows for the attacker to steal a car by disabling the GPS tracker while making appear as if though the car is still travelling.
Moore has reported this problem to the company directly and over 180 days later, he still was unable to get the response he was looking for. Instead, Globalstar responded by stating;
“We take privacy seriously.”
If you stop and think about it, how will such a major corporation upgrade over 650,000 devices worldwide without performing a major upgrade to the devices themselves and then posting a recall on the old devices. Sure a firmware upgrade could work, or maybe it would be just another “firewall” in Moore’s attack box to bypass.
We can see Moore with his “Satellite Hack Box” here;
How much would it cost to build one of these bad gadgets? A lot less than I expected. Moore spent just under $1,000 to build his box and had it working within a matter of weeks. With this little box and a little more computing power and Moore could actually be able to interfere with extremely critical functions of the satellite as well as the communications between the satellite and connected devices.
This means that you can find out where someone is hiding (Providing they have a GPS system on their phone, car, TomTom, etc.), tracking your enemies activities, and even spoof emergency alerts on your friends and family members.
Talk about a pranking stalker!
When we are talking about this flaw, it is said that it is very difficult if not impossible to patch. The existing vulnerability actually leaves the data packets open for interception as well as an attack from anyone. These attacks can happen from our secret governing agencies, hackers, spies, even a well organized crime unit can perform this attack. This means that anyone can get a glimpse of what is going on and where it is happening.
Think you are alone now? We didn’t think so. So that nice little phone you have, it is able to provide your location at any given time and can be intercepted, thus leaving you exposed to the world.