Major GPS satellite provider Globalstar allegedly doesn’t encrypt its network, leaving it vulnerable to hackers, according to an article in CNN Money Tuesday.
Colby Moore, a researcher with Synack, a firm that specializes in exploitation discovery management, intercepted and decoded unencrypted data from Globalstar. He also found that there were no safeguards to check that data is shared only between real trackers and base stations. With that access, Moore was allegedly able to decode transmissions and create fake GPS data.
Moore will present his findings at the Black Hat hacking conference in Las Vegas next week, to show how the vulnerabilities could spell trouble for companies that rely on location data beamed from GPS trackers to ensure that equipment never goes off course.
“High-tech thieves could steal a freight truck full of precious cargo without setting off alarms,” CNN Money wrote. “Rescuers responding to a sinking cruise ship could be redirected far away from the actual wreckage. Aviation is especially at risk.”
Globalstar did not acknowledge the flaw — or say whether it plans to actually start encrypting its communication.
“This type of situation has never been an issue to date,” company representative Allison Hoffman told CNN Money. Globalstar said it would know if its systems were under attack.
Globalstar’s constellation of Low Earth Orbiting (LEO) satellites picks up signals from over 80% of the Earth’s surface, according to the company.
Featured image: Thinkstock