Satellites leak the world's secrets: calls, texts, military and corporate data

Using a $185 satellite dish, UCSD and UMD researchers intercepted unencrypted geostationary satellite signals for three years, capturing sensitive data. They accessed T-Mobile users’ calls, texts, and phone numbers, exposing over 2,700 users in nine hours. “It just completely shocked us,” said UCSD professor Aaron Schulman.

In-flight Wi-Fi data from Intelsat and Panasonic systems on ten airlines revealed unencrypted browsing metadata and audio broadcasts. The researchers also captured corporate emails from Walmart’s Mexican subsidiary and ATM communications from Santander Mexico, Banjercito, and Banorte, all transmitted in the clear.

Critical infrastructure was compromised, including Mexico’s Comisión Federal de Electricidad, exposing work orders with customer names and addresses, plus equipment failure details. U.S. and Mexican military communications revealed personnel, equipment, and facility locations, including Mexican military asset tracking for Mil Mi-17 and UH-60 Black Hawk helicopters.

The team’s $800 setup on a La Jolla rooftop accessed 15% of global satellite transponders, highlighting vulnerabilities. “This was not NSA-level resources. This was DirecTV-user-level resources,” said Georgetown’s Matt Blaze. T-Mobile encrypted its data after notification, but some U.S. infrastructure owners have not, risking surveillance or tampering.

Mexican military and law enforcement communications exposed narcotics trafficking intelligence and command center data. The researchers warned affected parties, including CERT-MX, but responses varied. “The information of our customers and infrastructure is not exposed to any vulnerability,” claimed Banorte’s spokesperson, despite evidence.

The study, presented at an ACM conference in Taiwan, suggests intelligence agencies likely exploit these weaknesses. “If they aren't already doing this,” said UCSD’s Nadia Heninger, “then where are my tax dollars going?” The team’s open-source tool, “Don’t Look Up,” may accelerate both exploitation and encryption efforts.