We Girls Learn Cyber (GLC) researchers recently discovered the lack of authentication mechanisms on a shipping vessel's very small aperture terminal (VSAT) device. VSAT devices are used for satellite communication and support things like Internet connectivity, telecommunications, emergency service, and remote monitoring, all things key for shipping vessels out at sea.
We quickly determined the name, position (latitude and longitude), and heading of the vessel. We also found that unauthenticated users could perform the following actions:
Create an administrator account
Upload files
Upload software
Alter network settings
Export and import configuration files
Change the satellite and modem profiles
Download system logs
We reported our findings to the shipping company and they lets us know that they are going to change their security on this device. They also invited us to test more!
Securing VSAT devices is paramount, especially in domains like shipping, where these systems facilitate vital communication and operational functionalities. Unchecked vulnerabilities in these devices pose substantial risks, potentially compromising vessel location, communication integrity, and operational safety. Our findings show the critical need for heightened security measures to safeguard against unauthorized access and manipulation, ensuring uninterrupted and secure operations crucial for maritime industries' safety and efficiency.
Note: the pictures above are representations of shipping vessels and are not the ones we found a vulnerability on.