Learning CyberSec One At a Time!(Part-03)

January 28, 2024

image

Hey there folks, Hope it’s been a good day! A little introduction before we start. Welcome back to the series, I haven’t discussed about the overall roadmap of this series and why I’m doing this. This series started as a personal booster for myself, to make myself keep moving and learning. I didn’t thought of writing since I have to keep up with a lot of other things, but I always wanted to educate others and make them aware of the cyber-risks that are always on the verge of happening. So, I took this path! You can expect a lot of things from this series, I may not always deliver banger topics, some may seem boring. But I promise to make you learn a few things along the way by making them interesting. This series will include five topics per each publication, New post will be on 9:00 pm IST everyday. The reason why I’m cutting short on topics is to make you understand them easily rather than dwelling deep into them, it’s easier this way. You can always look-up the things you find interesting.(for the extra details) > Now, that seemed to be forever* isn’t it*? I thought so too. Let’s begin with no further ado.

1.Satellite Security and basic Flaws A satellite is simply a machine that is used to do certain services on the earth’s orbit such as Telecommunications, Space exploration and Internet services (Don’t forget that countries’ use their satellites to spy on their neighboring countries as well). Now It’s a machine, like always any machine that has been invented by humans is bound to be exploited and abused. “But modern Satellites are way secure!” Yes, Partly. The modern satellites are less-prone to attacks, but you ever wondered why? It’s because the satellites’ manufacturers and their group of Affiliated companies do not consent for security researchers to audit them and see for any vulnerabilities. In short, they simply hide their satellites’ architecture away from the world. There’s an old saying “whatever’s hidden, is bound to be explored.” Humans have a keen sense of curiosity, on the other hand hacktivists and cybercriminal groups have a lot more than curiosity. image Photo by NASA on Unsplash Coming to the security, their hardware include power systems, Payload, Communication systems and common computer embedded sensors. While it’s hard to get our hands on it’s hardware(Duh, it’d literally be in space). It’s possible to get into the company’s infra by accessing their internal networks, since they obviously control it remotely(or maybe a magic wand? we never know). It seems interesting but i suggest you not to tinker their systems. 2.Satellite based Cyberattacks As we discussed some basic details above, let’s learn a few more. Cyberattacks include taking full control of the satellite, causing damage to it’s functions(often with a political agenda), Making it crash into nearby satellites and disrupting services(as a means of getting attention). image Photo by NASA on Unsplash The satellites which were launched into the orbit back in the 60s and 70s are still roaming around the earth, they make an attractive target for . attackers. Their architecture and how they work are available freely in the internet. The thing is, We never know what kind of sick hacktivist group lurks around the street’s corner. Some groups are so insane that they don’t do this for money or fame, they do this out of pure will to cause destruction and loss. Seems like a finely brewed recipe for chaos right? I guess so. 3. Real-time Satellite Tracking While satellite tracking sounds a bit sketchy, It’s completely fun and interesting to explore. You may need a cheap antenna from amazon or flipkart, and that’s it after setting up the antenna, go to your balcony and start your hunt. You can use the below resources. image Photo by Andy Holmes on Unsplash Gpredict - satellite tracking application. N2YO - real time satellite tracking and predictions. Satnogs - Open-source global network of satellite ground-stations. Big Thanks to TX and my friends at DefCon for the resources! 4.Perl : a Scripting Language When it comes to scripting languages, I always go for Shell or Python. But i had recently seen the perl language, i won’t say it’s unique or any special other than those two. You should learn it if you’re thinking to bag sysadmin roles. Me? I’m a kind of jack of all trades, so i learn it anyhow. Let’s see the syntax.#!/usr/bin/perl

print”Hack the planet!\n”; # this is a single-line comment

=begin comment
this is a multi-line comment,
you can add many lines here.
=cut

if ($condition)

code to execute if the condition is true

elsif ($another_condition)

code to execute if the previous condition is false

and this condition is true

else

code to execute if no previous conditions are true

Perl is very identical to bash, That’s what i had noticed while looking through it. You may ask “How perl is related to cybersecurity?!!” In my opinion, it’s important to know every scripting language because in future you may be faced with a few lines of code that is very important, in such situations, time will not be our dear friend. 5.Ruby : a Look into it Now, Ruby is another scripting language that is used in system administration and automation. I won’t go into much details let’s see the syntax.#!/usr/bin/ruby -w

puts “Wine and whiskies for the win!“;

This is a single-line comment

=begin
Multiple line
comment.
=end

if condition

code to execute if the condition is true

elsif another_condition

code to execute if the previous condition is false

and this condition is true

else

code to execute if no previous conditions are true

end Pheww, Those are the five things for today. Thanks for dropping by and I’ll see you tomorrow.