space.com
By Tereza Pultarova published 2 days ago
An AI start-up has found a vulnerability in security software protecting NASA's ground control communications with satellites in space.
"A vulnerability in this software poses a threat to billions of dollars in space infrastructure and the scientific missions they enable."
Communications between Earth and NASA spacecraft were critically vulnerable to hacking for years until an AI found the flaw and fixed it in just four days.
The vulnerability was sniffed out by an AI cybersecurity algorithm developed by California-based start-up AISLE and resides in the CryptoLib security software that protects spacecraft-to-ground communications. The vulnerability could have enabled hackers to seize control over countless space missions including NASA's Mars rovers, according to the cybersecurity researchers.
"For three years, the security system meant to protect spacecraft-to-ground communications contained a vulnerability that could undermine that protection." the AISLE cyber-security researchers wrote in a blog post on the company's website describing the vulnerability. "A vulnerability in this software poses a threat to billions of dollars in space infrastructure and the scientific missions they enable."
The researchers said the vulnerability was found in the authentication system and could have been exploited through compromised operator credentials. For example, the attackers could have gained access to user names and passwords of NASA employees through social engineering, methods such as phishing or infecting computers with viruses uploaded to USB drives and left where personnel could find them.
"The vulnerability transforms what should be routine authentication configuration into a weapon," the researchers wrote. "An attacker … can inject arbitrary commands that execute with full system privileges."
In other words, an attacker could remotely hijack the spacecraft or just intercept the data it is exchanging with ground control.
Fortunately, to gain access to the spacecraft through the CryptoLib vulnerability would require the attackers to, at some point, have local access to the system, which "reduces the attack surface compared to a remotely exploitable flaw," the researchers said in the blog post.
by GPSPATRON and Gdynia Maritime University | GPSPATRON.com
Discover the latest findings on GNSS interference in the Baltic Sea from a joint study by GPSPATRON and Gdynia Maritime University.
Introduction
GNSS interference has become a growing challenge in the Baltic Sea, affecting maritime navigation, aviation, and critical infrastructure. While numerous datasets and services, such as gpsjam.org, spoofing.skai-data-services.com, and flightradar24, report high-altitude GNSS interference based on ADS-B data, there is a significant lack of studies focusing on ground-level interference. Since most critical infrastructure relies on GNSS at ground level, this gap in research leaves many questions unanswered about the real-world impact of interference on essential systems. To bridge this knowledge gap, GPSPATRON and Gdynia Maritime University have established a scientific and technical collaboration aimed at systematically studying GNSS interference at ground level. This partnership combines GPSPATRON’s expertise in real-time GNSS interference monitoring and classification is complemented by the Faculty of Navigation at Gdynia Maritime University’s extensive knowledge of how GNSS spoofing and jamming affect maritime navigation, port security, and vessel operations.
The study, conducted from June to November 2024, utilized GPSPATRON’s proprietary GNSS interference monitoring system, integrating the GP-Probe TGE2-CH3 sensor and the GP-Cloud platform. The GP-Probe TGE2-CH3 is a high-end GNSS signal monitoring device designed to capture full-spectrum GNSS signals and transmit them in real time to GP-Cloud for processing. The sensor collects raw signal data, enabling comprehensive analysis of jamming, spoofing, and other anomalies affecting GNSS performance.
GP-Cloud, GPSPATRON’s cloud-based analytics platform, processes and interprets incoming data, identifying interference patterns, classifying anomalies, and providing real-time visualization. By working in tandem, the GP-Probe continuously streams data, while GP-Cloud applies advanced algorithms to detect disruptions, measure their impact, and generate detailed reports.
The sensor was installed on the Faculty of Navigation building at Gdynia Maritime University, directly on the shoreline at approximately 15 meters above sea level. The accompanying screenshot shows the exact installation location on a map, where detection range circles indicate the estimated distances at which interference sources with different antenna heights could be detected.
GPSPATRON Report - GNSS Interference in the Baltic Sea - Article Ico
The primary goal of this research was to characterize the occurrence, patterns, and potential sources of GNSS interference affecting ground-level infrastructure. Unlike previous studies that relied on ADS-B data from aircraft at high altitudes, this research provided a unique perspective by focusing on low-altitude and ground-based disruptions. Through continuous monitoring and spectral analysis, the study aimed to identify the nature of interference, assess its impact on GNSS accuracy, and explore potential mitigation strategies.
This collaborative effort represents a significant step toward understanding and mitigating GNSS interference threats in the Baltic region. The findings contribute valuable insights to maritime authorities, port operators, and regulatory bodies, highlighting the need for enhanced GNSS monitoring capabilities to protect critical navigation and communication systems.
Key Findings
A total of 84 hours of GNSS interference was detected, confirming persistent disruptions in the region, primarily caused by jamming rather than spoofing.
October recorded the highest interference activity, with six major jamming incidents totaling 29 hours, highlighting an intensified interference pattern.
Two primary interference types were identified:
Multi-constellation jamming, detected throughout June to September, indicating broad-spectrum interference affecting multiple GNSS systems.
Multi-tone interference, first observed in October, suggesting a change in jamming tactics, potentially signaling more sophisticated techniques.
Long-duration interference events exceeding 7 hours were recorded, significantly disrupting GNSS-dependent maritime navigation, port operations, and infrastructure reliability.
Severe degradation in GNSS positioning accuracy was observed during interference events, with errors increasing from the nominal 3–5 meters to over 35 meters, posing safety and operational risks.
No correlation was found between terrestrial GNSS interference and ADS-B-based detections, reinforcing the limitations of relying solely on airborne interference monitoring systems to assess threats to ground-level infrastructure.
Strong indications of mobile maritime jamming sources were identified , with interference signals exhibiting movement patterns consistent with vessels navigating in the Baltic Sea.
