Starlink outage over certificate ‘inexcusable’


Elon Musk’s Starlink went down for several hours over an expired digital certificate that machines rely on to work together.

Starlink, a satellite internet constellation operated by SpaceX, experienced severe downtime for several hours on April 8, with users from Melbourne to Seattle complaining about the issue.

“[The issue was] caused by expired ground station cert[ificate]. We’re scrubbing the system for other single-point vulnerabilities,” SpaceX’s CEO Elon Musk said on Twitter after the outage.

ADVERTISEMENT

What Musk meant was that the constellation went down over an expired digital certificate, a so-called “machine identity” enabling devices to trust each and recognize each other.

According to Gregory Webb, CEO of certificate lifecycle management business AppViewX, certificates are the backbone of cybersecurity, providing authentication and encrypted communications.

Furthermore, given the scope and scale of Starlink’s service, allowing one of its digital certificates to expire was “inexcusable,” he added.

Operating with an expired certificate can lead to many problems, including security vulnerabilities. For example, attackers could use the flaw to intercept sensitive information such as payment data.

“If a TLS [Transport Layer Security] certificate expires, the internet-facing application or website will not be secure, trusted or accessible – causing a service outage and potentially worse, an unsecure attack vector,” Webb told Cybernews. “In the case of Starlink, which can be considered a provider of critical infrastructure services, certificate-related outages are inexcusable.”

While SpaceX did not specify the nature of the expired certificate, the likeliest scenario is that the impacted system was an internet application or service. When the “machine identity” expired, the authenticity of the service could not be verified, and systems that relied on it stopped working.

A system outage over a single expired certificate poses severe security concerns since, as Musk put it, it’s a single-point vulnerability. In other words, Starlink’s outage showcased how a single weakness can severely compromise an entire system.

ADVERTISEMENT

“That certificate was tied to a specific internet application or service and would have had no impact on other applications or services with valid certificates, which is why it would be a single-point vulnerability,” Webb said.

However, the problem with digital certificates is that there are so many of them, and in cases of failure developers need to manually check systems to find every expiration date. This can prolong the time an organization needs to remedy the issue.

Moreover, the number of outages caused by expired certificates may increase. While public-trust TLS certificates currently have a 398-day lifespan before they need to be renewed, Google recently proposed reducing this to 90.