- Review: ‘Sekiro: Shadows Die Twice’ is a cut above the rest 4 Years Ago
- Where do 2020 Democratic candidates stand on healthcare? Today 7:30 AM
- How to (legally) stream live TV on Kodi Today 7:00 AM
- ‘Delhi Crime’ tackles inequality and women’s rights Today 7:00 AM
- How to watch the 2019 STP 500 at Martinsville Speedway for free Today 6:00 AM
- These high school theater kids put on a totally awesome ‘Alien’ play Saturday 3:59 PM
- Behold these photos of Elon Musk, but with Elizabeth Holmes’ eyes Saturday 3:11 PM
- Barbra Streisand gets canceled over remarks about Michael Jackson’s alleged victims Saturday 2:09 PM
- Report: Florida man raped Texas teen after posing as Instagram celeb Saturday 12:14 PM
- Lori Loughlin’s daughters, Olivia and Isabella, could be banned from USC forever Saturday 11:46 AM
- ‘Starfish’ is a heartbreaking tale of BFFs, grief, and apocalyptic alien invasions Saturday 10:35 AM
- How to stream UFC Fight Night 148 for free Saturday 10:00 AM
- The kids are making scantron memes instead of studying Saturday 9:29 AM
- Every installment of Hulu’s ‘Into the Dark,’ ranked Saturday 6:00 AM
- The internet is mocking Robert Mueller’s report deadline Friday 7:53 PM
How hacked satellites could be the next great hardware vulnerability
Hackers are setting their sights high.
If it can be hacked, it gets hacked.
The latest vulnerable computer system is the kind that’s floating in space aboard satellites. Russian hacker group Turla, named after the malware they use, has targeted commercial satellites to harvest data from military and diplomatic sources in the U.S. and Europe, according to Russian security firm Kaspersky Labs.
This is not the first time a satellite has been made vulnerable, according to Kaspersky principal researcher Kurt Baumgartner, but it’s a particularly noteworthy instance.
“In the past, we’ve seen at least three different actors using satellite-based Internet links to mask their operations,” Baumgartner told the Daily Dot. “However, the solution developed by the Turla group is the most interesting and unusual, because the Turla group doesn’t purchase their own satellite links—instead they piggyback on legitimate users’ satellite Internet connections.”
Turla has previously targeted government sites and commercial concerns in China, Russia, and other countries.
According to Dmitri Alperovitch, security firm CrowdStrike’s co-founder and CTO, Turla’s malware came from a “sophisticated Russian government-affiliated” hacker group CrowdStrike called Venomous Bear.
The reason satellites, at least the old ones, are vulnerable, is the simple fact that they do not encrypt their data. Turla targets a terrestrial user who receives data from an Internet provider that uses satellites, then hijacks the satellite’s data stream.
Adam Shostack, security researcher in the Seattle area, offered some simple math for this type of hack:
“I think of this as another story of ‘modern attack tools go through X like a chainsaw through butter.’
X = cars, sniper rifles, lightbulbs, satellites. Substitute in your own value of X. If you’re not threat modeling and following through with modern secure development practices, you’re going to experience this.”
In other words, satellites won’t be the last mind-bending hardware hack. They’re just a point on the threat curve.
Baumgartner agreed. “There are always opportunities for new exploits and vulnerabilities,” he said. “Anything that can provide hidden storage or covert communications has potential to be useful to attackers. Dreaming up something new isn’t difficult, but identifying unusual (advanced persistent threat) techniques in action is very difficult.”
One of the limiting elements of hacking a satellite is the speed. It’s slow in comparison to other types of data streams. Still, the technique could get popular in the future, Baumgartner said, given the low hardware cost.
“It is not the most reliable method for hosting a [command and control] server online” however. “It depends on when the legitimate user of the satellite Internet connection gets online and offline, and the attackers cannot control that.”
Those worried that hackers will grab satellites and send them plummeting toward the White House or Downing Street should probably calm down and watch fewer James Bond movies. Hackers, by and large, want information, money, or both. Supervillain status just isn’t as lucrative.
Illustration by Max Fleishman
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers