Globalstar location-tracking network vulnerable to hacking – researcher

  • -

Globalstar location-tracking network vulnerable to hacking – researcher

Category : CyberSecurity

Location-tracking devices that communicate with a major satellite network operated by Globalstar Inc can have their transmissions intercepted or mimicked with false data, a U.S. security researcher said on Thursday.

Globalstar, of Covington, Louisiana, has sold hundreds of thousands or millions of the devices, which are widely used for tracking valuable shipments and assets.

The problem is that unlike Globalstar’s satellite phone services, data from the devices is not encrypted in transit, said Synack Inc researcher Colby Moore, who will present his findings at next week’s Black Hat security conference in Las Vegas.

Instead, the system changes frequencies and transmits a great deal of inconsequential data that can be discarded once an attacker figures out the methods involved, as Moore did.

Such systems “are kind of fundamentally broken from the get-go,” Moore said in a phone interview. “I ended up figuring out how to decode the data in transit.” In addition, the system does not make sure that the data is coming from the place it claims.

The flaw is an architectural issue that Moore said would be hard or impossible to patch. New software could be written to encrypt the traffic in future devices, but the technology is already embedded inside popular hardware without that functionality and no clear way to install it.

Article: Reuters

About Author

Tamara Eikelenboom-Kamp

Tamara Eikelenboom-Kamp

Tamara Eikelenboom-Kamp is managing director at Innovice-IT. She is mainly publishing about CyberSecurity. She is working with several specialists based on their knowledge and skills in cyber-security and cyber-safety. The emphasis is on conceptual thinking, developing plans, innovative software or innovative methods. The main activities of Innovice-IT are Cyber Security Consulting, Penetration Testing and Secure Managed Hosting.


Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @POL_Korpschef: „De lokale verankering is essentieel voor het politiewerk. Die verankering moeten we koesteren, want die staat onder dru…

  2. Bas Eikelenboom
    Bas Eikelenboom: RT @teamcymru: #Tor browser fixes bug that allows #JavaScript to run when disabled

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @opensourceac: The Open Source Academy March Meetup has been cancelled. See you next time!

  4. Bas Eikelenboom

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @Miltenburg_14: Sinterklaas helpen gestolen pakjes naar de kinderen terug te brengen #Sinterklaas #dankbaar #blijekinderen @PolitieUtrec