“First of all, we want to congratulate Lennert Wouters on his security research into the Starlink user terminal – his findings […] help us create the best product possible.” With these words of praise, Starlink complimented and thanked the young PhD student from Flanders in a six-page online report inviting security researchers to “bring on the bugs” to help protect the Starlink satellite network.
We find the attack [by Lennert Wouters] to be technically impressive [...] and the first of its kind that we are aware of in our system.
By placing thousands of satellites in space, Starlink wants to make high-speed, low-latency internet possible all over the world. But recently Wouters uncovered, for the first time, a security hole in the system’s hardware, using a homemade circuit board that cost around USD 25 to develop. Wouters stripped down a satellite dish he purchased to create the custom board – or modchip – that can be attached to the Starlink dish. In doing so, he also used various low-cost, store-bought components.
It started as a ‘Friday project.’ I didn't know if anything would come out of it.
“As a regular user, you can’t talk to a satellite directly,” explains Wouters. “You need to go through the user terminal. So, I first attacked this user terminal by injecting an error. Through the circuit board, I was able to create a short circuit for just 100 nanoseconds. This confused the processor for a short moment, causing it to skip one or more instructions and not perform all the required safety checks. This allowed me to run my own code on the terminal because the system believed the code was created by SpaceX instead of me, enabling me to look further into the terminal.”
Wouters, an industrial engineer by training, is currently working on his doctorate in hardware security at COSIC, the KU Leuven research group centered around digital security and cryptography, and which is led by the renowned cybersecurity professor Bart Preneel. “I mainly work on the offensive side: finding leaks in electronics,” says Wouters. “Other colleagues are working on the defensive side and protect systems. But you can't build a solid defense if you don’t know how an attack works.”
