Unprotected geo-localisation data through ARGOS satellite signals: The risk of cyberpoaching

Biologists often need to rely on satellite transmitters to obtain otherwise inaccessible data on animal movements. This data is critical for the understanding and conservation of endangered species. In parallel, in the cybersecurity world, satellites have often been found to have low level of security, and transmit unprotected sensitive data. A junction of these two worlds could reveal a potential security breach that would present a real danger to already struggling animals. We have investigated one of the most widespread tracking system, ARGOS, to identify potential attack surfaces, with conservation biology in mind. We first describe ARGOS communications and localization mechanisms, from the transmitters to the reception stations. We identify the main threat model as being the possibility to decode the communications. Then, we mention tools already publicly available to receive and reverse-engineer the ARGOS signal. Intercepting this data could greatly facilitate the localization of protected animals for poachers. Then, we briefly discuss two other potential attacks (jamming and injection) that should be further considered. We finally discuss potential solutions to prevent these attacks. It is troubling that by tracking endangered animals for conservation efforts, security issues in the design of the trackers reveals their location and makes them easy prey for poachers.