A tale of sea and sky: On the security of maritime VSAT communications
- Submitting institution
-
University of Oxford
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 14417
- Type
- E - Conference contribution
- DOI
-
10.1109/SP40000.2020.00056
- Title of conference / published proceedings
- IEEE Symposium on Security and Privacy
- First page
- 1006
- Volume
- 2020-May
- Issue
- -
- ISSN
- 2375-1207
- Open access status
- Compliant
- Month of publication
- July
- Year of publication
- 2020
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
4
- Research group(s)
-
-
- Citation count
- 0
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper describes a previously unknown vulnerability which enables hackers to eavesdrop on industrial satellite communications. As part of responsible disclosure, we notified businesses (including multiple Fortune 500 members) of data leaks caused by this threat. Additionally, the US FBI released an industry-wide threat alert about our findings to maritime operators (PIN: 20200214-001). The research was subsequently presented at two major industry conferences (BlackHat USA and DEFCON), with attendance exceeding 30,000 people. It also received coverage from popular press outlets including Forbes, Ars Technica, and Heise. We further published a free, open-source tool to mitigate the vulnerability available at: https://github.com/ssloxford/qpep.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -