Starlink Vulnerability Demonstrated Using $25 Home-made Device

Recently, a cybersecurity researcher demonstrated a vulnerability in the Starlink network using a $25 device made from off-the-shelf parts. What challenges does Starlink face as an internet service, what did the researcher demonstrate, and does this spell disaster for Starlink?

What challenges does Starlink face as an internet service?

Over the past two decades, modern life has quickly become dependent on internet connectivity, whether it is receiving mail, paying for bills, or making changes to personal details. This rapid dependency puts massive amounts of strain on infrastructure, which is why internet service providers have been rushing to install fibre optic cables into every home. 

However, not all homes are located in densely populated areas, and ISPs worldwide have been reluctant to improve their connection quality due to the extraordinarily high costs involved. While government initiatives have focused on trying to provide grants to such houses, there are still millions with extremely poor internet access. 

Starlink (established by SpaceX) was launched to try and provide a solution to this issue by providing internet connectivity via satellites. While satellite internet has existed for decades, the difference between Starlink and other satellite internet services is that Starlink orbits very close to the ground (550KM), which helps to reduce latency, and the use of thousands of orbiting satellites overcomes the challenges of signal reliability. 

However, there are those that believe Starlink may be more of a gimmick than an actual feasible product. To start, the biggest challenge faced by Starlink is the number of satellites needed to run the system for everyone on Earth. Without going into the details (which can be found here), some basic calculations show that the total cost of putting 10,000 Starlink systems in orbit would be approximately $15bn, and such satellites would require replacement every decade. 

Additionally, the goal of 10,000 satellites would only be able to service 300K customers who would have to be spaced out evenly not to overload any one satellite, and a subscription of $99 per month doesn’t generate nearly enough revenue to cover operational costs.

Secondly, Starlink presents numerous issues for astronomers as their high reflectivity, low altitude, and need for heating controls make them highly visible at night. As such, long-exposure photography can quickly show lines across images of where Starlink satellites have orbited. 

Thirdly, the orbiting of thousands of satellites increases the risks of Kessler Syndrome, a chain reaction of satellite destruction whereby an initial collision creates debris that results in additional collisions. Considering that Starlink satellites have shown some degree of failure (approximately 2%), it is likely that one of these can trigger such an event unless protective measures can be brought in (such as satellite capture systems).

Researcher hacks Starlink using $25 home-made device

If the challenges faced by Starlink couldn’t get any worse, a cybersecurity researcher has recently announced how they were able to break into the network with the use of a $25 home-made device. 

Lennert Wouters, a researcher of Belgian origin, manufactured a circuit board that can inject voltage spikes into a Starlink terminal and cause the terminal to glitch, which presents the hacker with root access. From there, the researcher then demonstrated how root access can then be used to explore the entirety of the Starlink network. 

The use of off-the-shelf parts makes the attack particularly difficult to fight against as anyone with a technical background can manufacture their own device. Worse, there is currently no known solution as this hack relies on confusing hardware which cannot be updated. As such, Starlink terminals remain vulnerable to this hardware attack, and only future versions of the terminal can be protected against this attack.

But this isn’t the only instance where Starlink has been attacked. To help Ukraine defend against Russian aggression, Starlink has been providing services over the country to help maintain connectivity, but Russian cyberattacks have targeted Starlink multiple times. While Elon Musk has stated that their attacks have proven futile, the recent revelation of voltage spikes could present issues to the network. 

Does this vulnerability spell disaster for Starlink?

While the security vulnerabilities presented by the Belgian cybersecurity researcher demonstrate new hardware challenges Starlink faces, the economic model of Starlink and its effects on astronomy are far more important to its eventual success. Even the most basic calculations that lean heavily in Starlinks favour do not show that Starlink is an economically viable business model, and the introduction of technologies such as 5G and increased use of fibreoptic could make Starlink obsolete very quickly. 

Additionally, the fact that Starlink terminals require large amounts of energy (approximately 100W) means that it can never be used in remote IoT applications without some kind of base station that then bridges the Starlink connection to a low-energy network such as LoRa. This high energy requirement limits the potential of Starlink for permanent installations (such as homes and offices), while internet satellites in geostationary orbit can be physically larger, serve more simultaneous connections, and have a significantly reduced cost compared to Starlink.

Is Starlink viable as a network technology? If the technology that drives Starlink doesn’t quickly change to adopt new technologies such as inter-satellite laser communication and significantly increased satellite-to-earth bandwidth, then Starlink could fail before the decade’s end.