You are here

Elon Musk’s Starlink praises ethical hacker from Flanders

Lennert Wouters, a PhD student at KU Leuven in Flanders, carried out a successful ethical hacking attack on a satellite dish from Starlink. The American company, which is a satellite internet network operated by Elon Musk’s SpaceX, thanked him for it with a USD 12,000 check. Talk about recognition for top talent from Flanders’ digital and cybersecurity ecosystem!

“Bring on the bugs”

“First of all, we want to congratulate Lennert Wouters on his security research into the Starlink user terminal – his findings […] help us create the best product possible.” With these words of praise, Starlink complimented and thanked the young PhD student from Flanders in a six-page online report inviting security researchers to “bring on the bugs” to help protect the Starlink satellite network.

We find the attack [by Lennert Wouters] to be technically impressive [...] and the first of its kind that we are aware of in our system.

Starlink in a six-page report

Ethical hacking on a budget

By placing thousands of satellites in space, Starlink wants to make high-speed, low-latency internet possible all over the world. But recently Wouters uncovered, for the first time, a security hole in the system’s hardware, using a homemade circuit board that cost around USD 25 to develop. Wouters stripped down a satellite dish he purchased to create the custom board – or modchip – that can be attached to the Starlink dish. In doing so, he also used various low-cost, store-bought components.

It started as a ‘Friday project.’ I didn't know if anything would come out of it.

Lennert Wouters
KU Leuven PhD student

“As a regular user, you can’t talk to a satellite directly,” explains Wouters. “You need to go through the user terminal. So, I first attacked this user terminal by injecting an error. Through the circuit board, I was able to create a short circuit for just 100 nanoseconds. This confused the processor for a short moment, causing it to skip one or more instructions and not perform all the required safety checks. This allowed me to run my own code on the terminal because the system believed the code was created by SpaceX instead of me, enabling me to look further into the terminal.”

Knowing what you’re up against

Wouters, an industrial engineer by training, is currently working on his doctorate in hardware security at COSIC, the KU Leuven research group centered around digital security and cryptography, and which is led by the renowned cybersecurity professor Bart Preneel. “I mainly work on the offensive side: finding leaks in electronics,” says Wouters. “Other colleagues are working on the defensive side and protect systems. But you can't build a solid defense if you don’t know how an attack works.”

More info

Starlink
Reported by
newspaper De Tijd
30 August 2022

More news about Flanders?

  • Regular updates
  • No spam

Interested in doing business in Flanders?

Let us help you!

  • We can introduce you to other companies, banks and regulators
  • We organize site visits to real estate locations
  • We assist with all legal aspects of setting up a business
  • We're an official government agency
  • Our services are completely free
  • We are a team of international experts

Receive our handbook to growing your business in Flanders

  • It's completely free.
  • Get an overview of all incentives relevant to your company.
  • Tax system explained in-depth.
  • Learn how to set up your business quickly.
  • Discover the benefits of Flanders (in addition to the chocolate).

In addition to the ebook, I agree to receive one or two follow-up emails