{"id":394,"date":"2020-05-18T21:47:56","date_gmt":"2020-05-18T19:47:56","guid":{"rendered":"https:\/\/www.spacesecurity.info\/?p=394"},"modified":"2020-05-18T21:47:56","modified_gmt":"2020-05-18T19:47:56","slug":"first-ctf-in-space-with-hack-a-sat-the-us-air-force-launches-a-bug-bounty-and-invites-hackers-to-hack-one-of-their-satellites-in-orbit","status":"publish","type":"post","link":"https:\/\/www.spacesecurity.info\/en\/first-ctf-in-space-with-hack-a-sat-the-us-air-force-launches-a-bug-bounty-and-invites-hackers-to-hack-one-of-their-satellites-in-orbit\/","title":{"rendered":"First CTF in space with Hack-A-Sat: the US Air Force launches a Bug Bounty and invites hackers to hack one of their satellites in orbit"},"content":{"rendered":"
\"\"<\/a>
SpaceX Dragon capsule during its approach to the ISS (Photo credits: NASA)<\/figcaption><\/figure>\n

It was the TechCrunch<\/a> site that revealed the information. The U.S. Air Force will launch a bug bounty program in the form of a CTF (Capture The Flag) whose goal is to hack a real satellite in orbit above the Earth.<\/p>\n

Last year, at the famous Defcon<\/a> cyber security conference, the US Air Force had already asked hackers to hack one of their F-15 fighter planes. And they succeeded! The results, which were not made public, proved to be very interesting according to the organisers.<\/p>\n

It was the first time that hackers were allowed to penetrate US Air Force systems and physically access the F-15 system to look for vulnerabilities.<\/p>\n

The Washington Post<\/a> revealed that in just two days, a team of seven hackers managed to discover several critical vulnerabilities that, if exploited in the real world, could have crippled the aircraft’s systems, causing potentially very serious damage.<\/p>\n

\"\"<\/a>
U.S. Air Force F-15E Strike Eagle (photo cr\u00e9dits : U.S. Air Force – Senior Airman Erin Trowe)<\/figcaption><\/figure>\n

Will Roper, Assistant Secretary of the US Air Force, said at the time: “I left this event thinking that there was a huge national asset in this level of cyber expertise that the US Air Force is sorely lacking”.<\/p>\n

Indeed, for years, the US Air Force has historically kept the security of its systems and technology in absolute secrecy, fearing espionage or sabotage by the enemy. “It was like being stuck in the business practices of the Cold War. But in today’s world, this is not the best security posture,” Roper said.<\/p>\n

Following the success of this first initiative, the US Air Force decided to repeat the experience and call again on security researchers at the Aerospace Village<\/a> of the 2020 Defcon28<\/a>. This time it will involve hacking into a real satellite in orbit, hovering miles above the earth’s surface.<\/p>\n

\"\"<\/a>
Cr\u00e9dits : hachasat.com<\/figcaption><\/figure>\n

Will Roper reminds us that satellites, even if they are far from earth, face real threats. Among these, he cites the possibility of using “anti-satellite” weapons to jam, blind or even prevent devices from communicating with their base stations.<\/p>\n

It is not only the satellites in orbit that are threatened.\u00a0Earth stations and communication links between earth and sky could be as vulnerable as the satellites themselves, Roper said.<\/p>\n

This year’s program is called “Hack-A-Sat<\/a>“, a space security program that involves attacking an actual satellite in orbit and spotting bugs and vulnerabilities that could be exploited by the enemy.<\/p>\n

Teaser vid\u00e9o<\/h2>\n