Security researcher James Pavur demonstrated at the Black Hat security conference how unencrypted satellite communications expose a wide range of sensitive data. Using a readily available satellite dish costing approximately $300, Pavur successfully intercepted data transmissions from his own home, highlighting a significant vulnerability in global communication systems.

Pavur, a PhD candidate at Oxford University, targeted the unencrypted “downlink” transmissions from satellites to ground stations. This method allowed him to eavesdrop on a variety of sensitive information being transmitted in cleartext, without the need for sophisticated or expensive equipment.

Scope of the Intercepted Information

The research uncovered a trove of confidential data from multiple sectors across the globe. Pavur intercepted personal information belonging to individuals traveling on private jets and yachts. He also captured confidential business data, including sensitive information from a major French energy company and a prominent law firm located in the Netherlands.

Furthermore, the intercepted data included credentials for a wind farm’s industrial control system (ICS) in France and sensitive operational information from a large German logistics company. The researcher also accessed data related to a U.S. stock trading algorithm, showcasing the broad economic and infrastructure-related information transmitted without basic security measures like encryption.

The Eavesdropping Methodology

The core of the research was to show the accessibility of satellite eavesdropping. The experiment did not involve hacking or decrypting protected signals. Instead, it focused entirely on listening to unencrypted satellite feeds. By pointing his satellite dish at the sky, Pavur was able to capture the raw data being broadcast from satellites back down to Earth.

The findings presented at Black Hat serve as a real-world example of the risks associated with transmitting sensitive data over satellite links without proper encryption. The research confirmed that this vulnerability allows for the passive interception of a diverse array of private, corporate, and governmental communications.