Biologists often need to rely on satellite transmitters to obtain otherwise inaccessible data on animal movements. This data is critical for the understanding and conservation of endangered species. In parallel, in the cybersecurity world, satellites have often been found to have low level of security, and transmit unprotected sensitive data. A junction of these two worlds could reveal a potential security breach that would present a real danger to already struggling animals. We have investigated one of the most widespread tracking system, ARGOS, to identify potential attack surfaces, with conservation biology in mind. We first describe ARGOS communications and localization mechanisms, from the transmitters to the reception stations. We identify the main threat model as being the possibility to decode the communications. Then, we mention tools already publicly available to receive and reverse-engineer the ARGOS signal. Intercepting this data could greatly facilitate the localization of protected animals for poachers. Then, we briefly discuss two other potential attacks (jamming and injection) that should be further considered. We finally discuss potential solutions to prevent these attacks. It is troubling that by tracking endangered animals for conservation efforts, security issues in the design of the trackers reveals their location and makes them easy prey for poachers.
Unprotected geo-localisation data through ARGOS satellite signals: The risk of cyberpoaching
WISEC 2020, 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, July 8–10, 2020, Linz, Austria (Virtual Conference)
Poster / Demo
© ACM, 2020. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in WISEC 2020, 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, July 8–10, 2020, Linz, Austria (Virtual Conference) http://dx.doi.org/https://doi.org/10.1145/3395351.3401706
PERMALINK : https://www.eurecom.fr/publication/6306