Cornell Security

A high-level exploration of RF-layer blind spots, satellite timing dependencies, and their impact on cyber-physical systems.

Overview

​

In November 2025, I delivered my first conference talk at BSides Delaware, titled “When Cyber Meets the Spectrum.”

This presentation explores a side of cybersecurity most defenders rarely consider how RF interference, GNSS spoofing, and satellite timing disruptions can silently affect industrial systems that depend on precise synchronization. Rather than focusing on exploitation, the talk emphasizes awareness, risk understanding, and real-world incidents that highlight why these blind spots matter.

​

Video of the Talk

​

https://bit.ly/bsidesDE25-satsec

What This Talk Covers

 

This session walks through several key themes:

• How modern automation depends on extremely precise timing

• Why satellites play a central role in synchronizing SCADA and ICS systems

• How RF-layer interference can mislead systems before the network stack sees anything

• Real-world examples that highlight RF-driven disruptions

• Why these hybrid attack surfaces don’t fit neatly into traditional security categories

 

The focus is on defensive visibility, not exploit development.

​​

​

Why I Chose This Topic

​

My background in electronics and industrial systems taught me something important: we depend on signals we almost never verify.

Our critical infrastructure is a blend of:

• RF

• Cyber

• Operational technology

• Satellite timing

• Legacy industrial protocols

 
…but we defend them as if they're entirely separate domains. This talk highlights the blind spots created when cybersecurity meets physics, and how subtle disruptions in the spectrum can ripple through SCADA environments with real consequences.

​

Real-World Incidents Discussed (High-Level Only)

 

This presentation referenced several publicly documented events:

​

• Viasat KA-SAT disruption (2022) — a cyberattack that cascaded into physical consequences

• GNSS spoofing in the Baltic region and Eastern Europe — showing how timing-dependent systems react to manipulated signals

• UT Austin GPS spoofing demonstrations — academic research that exposed practical vulnerabilities

• These examples illustrate impacts, not technical exploitation methods.

All content is sourced from publicly available reporting.

Key Takeaways

​

• RF-layer interference can mislead timing-dependent systems without triggering traditional security alerts

• GNSS spoofing is no longer theoretical; it's routinely observed in certain regions

• Satellite communication introduces dependencies that most security teams never model

• Critical infrastructure requires visibility beyond IT and OT layers

• Defenders need cross-domain awareness: cyber, RF, and physical operations together

 

My Role

​

This was my first time speaking at BSides, and I approached it as both a researcher and a practitioner. I wanted to bridge the gap between what defenders see and what is influencing the automated systems we rely on every day. This talk is part of my ongoing work studying satellite cybersecurity, RF-layer interference, and hybrid attack surfaces.

​

Let’s Connect

​

If you’re working on similar problems or researching SCADA, satellites, or RF-layer security, I’d love to connect and collaborate.

LinkedIn: www.linkedin.com/in/norriscornell

​

​