DEF CON hackers compete to hijack a satellite in orbit

Hacking satellites to “secure the final cyberfrontier.”

There’s a lot of windows open on Amie D.D.‘s screen right now — like, an anxiety-inducing, CPU-crushing number of windows: YouTube, TeamViewer, Google Drive, Slack, a virtual machine running Cosmos, and (of course) Discord.

It’s like looking into the brain of a colonial organism: text and voices, flying past lines of white code — the eyes and ears and thoughts of an entire team spread over thousands of miles and time zones.

The software engineer is the namesake of team ADDVulcan, a cosmopolitan collection of hackers spanning hemispheres, from the U.S. to the Philippines.

From their command mission control in Detroit — on the walls, a bat colony of hacker convention badges, a taxi cab-colored banner from Car Hacking Village, a flag of the United Federation of Planets — team ADDVulcan is fighting to win the Space Security Challenge 2020 (a.k.a. Hack-A-Sat), and while the cash prizes are nice, the real target is nothing less than the moon.

Specifically, shooting a photo of the moon.

With a hijacked satellite.

In orbit.

Space: the Final Cyber Frontier

Hack-A-Sat is part of this year’s DEF CON, the famed hacker convention which has been (somewhat ironically) pushed online due to a virus.

Put on by the Air Force and Defense Digital Service (DDS), the game’s premise is simple: it’s Capture the Flag (CTF).

The narrative? Bad actors have taken over a satellite’s ground station, locking the owners out and sending the satellite spiraling. The teams must regain access to the ground station, restore communication, halt the spin, get the payload module back online, and prove control by turning the satellite in orbit, so that it can take a clear and literal moonshot. Simple.

Over 2,000 teams competed for a shot at this challenge in May, chasing flags across a Jeopardy!-like array of contests, accruing points with each capture. In the end, eight were selected to compete in the finals, from August 7-8, where they discovered the moonshot CTF.

The contest is part of a blossoming relationship between the Air Force and the hacker community. Previously, the military’s primary means of cyber defense was simply being fairly inaccessible — “security through obscurity,” as Brett Goldstein, director of the Defense Digital Service (DDS), put it in his keynote.

But now, the Air Force is taking a more proactive approach: opening up systems and hardware to hackers in an attempt to discover vulnerabilities before their adversaries.

“The military is here to learn,” said Will Roper, the Air and Space Forces’ acquisition chief and Goldstein’s keynote companion.

The contest is a premier example of DEF CON’s Aerospace Village in action, says village founder Pete Cooper. Its mission is to get hackers and the various stakeholders — from the worlds of defense, manufacturing, and cybersecurity — together to build the satellite and space security that an increasingly in-orbit future will demand.

“It’s easier to do that if you’ve got really great stuff to bring people to the table and get them excited,” he says — and hacking satellites is a pretty cool carrot. (Cooper, with a background both in cybersecurity and as a fighter jet pilot in the Royal Air Force, is uniquely qualified for his role.)

For Amie and the other members of ADDVulcan, the draw was irresistible. The fact that all the answers will need to be published publicly helped offset concerns about working with the armed forces (and for some of the team members, working with the military of a different nation). It’s not as if the USAF will be garnering secret knowledge for hacking satellites — or other potentially questionable purposes.

“We could be setting a standard for what space security is,” says Amie D.D. “I want the world to be better than I left it, or I want my work to contribute something to someone, or inspire someone enough to do something.”

A myriad of everyday necessities — from GPS to NFL Sunday Ticket to the internet itself — come to us courtesy of satellites. (Not to mention their defense applications, like spying and enforcing arms treaties.) As our reliance on satellites increases, and as the battle over cyberspace bleeds over into actual space, it will be crucial, as Hack-A-Sat’s mythos puts it, to “secure the last cyberfrontier.”

The Finals

From the jump, the finals were a horse of a different color. The last eight hacking teams were not only working with software, like in the qualifying rounds: mini model satellites, called flatsats, added a crucial hardware component. Each team had a personal flatsat to work on, with their solutions then being sent to the competition organizer’s flatsats remotely — a simulacra of the gap from ground to orbit.

With all the flatsats needing to balance their battery power consumption and the time to recharge, the contest could no longer run at all hours — effectively neutralizing ADDVulcan’s ability to pass the baton around the world and have someone, somewhere constantly working on challenges.

Perhaps even more challenging was the shift to a serial challenge structure — problems had to be solved sequentially, so you couldn’t work on multiple issues simultaneously. Each team would have to complete the six challenges in order. But the first team to complete a challenge would flip the hourglass on their competitors, who then had two hours to find their own solution, as the points for solving it dwindled down to zero.

“It threw us off a little bit,” says team lead Will Caruana. Hours of work could be undone, never mind the psychological impact of needing to solve the challenge for no points.

The final challenge rose (literally) above the others: the on-orbit challenge. This required teams to craft a mission plan to be sent to the real satellite, commanding it to rotate and snap a photo of the moon. The teams were judged on how good their mission plan was, as well as how fast they dispatched it. This challenge was pass/fail, and mandatory for the cash prize — Solar Wine, the team who actually scored the most points, failed, costing them the podium.

Six of the final eight teams solved the on-orbit challenge — but only one team’s answer would make it to the heavens.

While ADDVulcan struggled on the scoreboard — their team’s breadth of knowledge and round-the-clock capabilities neutralized by the serial structure — the on-orbit challenge gave them something to cheer about.

“I jumped on that right away,” says Zach “funsized” Pahle.

When the on-orbit challenge window opened, Pahle lept to create a Discord channel dedicated to the real satellite. “All the super-smart dudes in the channel jumped on,” Pahle says. “I was definitely the dumbest in the room, but we had so much fun piecing all those different bits together.”

It paid off: ADDVulcan’s on-orbit solution was accepted.

“We got second most accurate,” Amie D.D. says.

With Solar Wine disqualified from the cash prize, team PFS took the Hack-a-Sat crown, with Poland Can Into Space and FluxRepeatRocket a distant second and third. While a win would have been great — and their code being beamed into orbit even better — all nine members of ADDVulcan Freethink spoke to said they valued most the community they built and the chance to expand their knowledge into computer programs, devices, and fields they’d never explored before (like astrophysics and orbital mechanics).

“It’s a bigger team, it’s more diverse,” says shipcod3, a security operations manager for Bugcrowd in the Philippines. “I really think it’s the coolest team I’ve played with since … ever … I learned a lot.”

The Moonshot

It’s a modest image at first glance, a white circle interrupted by an obtuse angled shadow, a pallid Pac-Man, mid-death throes.

Shot by a camera whipping 35,000km above the Earth, directed not by a space agency but a team of hackers, the moonshot symbolizes Poland Can Into Space’s eponymous goal. And perhaps the rise of a new era of satellite security.

Editor’s note: This article was updated on 8/11/20 to correct a handle; Zach Pahle’s handle is “funsized,” not “funsize.”

We’d love to hear from you! If you have a comment about this article or if you have a tip for a future Freethink story, please email us at [email protected]

T-Minus: How to not die on (the way to) Mars
A breakdown of the five biggest threats to future Mars astronauts and what NASA scientists are doing to overcome each one.
Life on Mars, together
Researchers spent two weeks at the Mars Desert Research Station conducting an analog mission for potential future trips to Mars.
NASA hopes private space companies can rescue its $11 billion Mars rock mission
If this ambitious NASA mission unraveled, scientists would lose their chance to learn much more about the red planet.
T-Minus: New SpaceX fashion, a Mars mystery, and more
Freethink’s weekly countdown of the biggest space news, featuring new spacesuits, a mission to the dark side of the moon, and more.
Boeing’s Starliner spacecraft was set to launch on May 6 — but was delayed again
Boeing’s Starliner launch – delayed again – will be an important milestone for commercial spaceflight if it can manage to launch.
Up Next
voting machines
Subscribe to Freethink for more great stories