- Guy who said he stole drugs from MS-13 now says viral story is fake 4 Years Ago
- Financial service company left 885 million private records exposed online Today 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Today 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Today 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Today 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Today 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Today 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Today 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Today 6:30 AM
- How to watch the Copa del Rey Final online for free Today 5:45 AM
- How to watch the DFB-Pokal final for free Today 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
- QAnon believers link small-town arrest to deep state conspiracy without evidence Friday 1:58 PM
How hacked satellites could be the next great hardware vulnerability
Hackers are setting their sights high.
If it can be hacked, it gets hacked.
The latest vulnerable computer system is the kind that’s floating in space aboard satellites. Russian hacker group Turla, named after the malware they use, has targeted commercial satellites to harvest data from military and diplomatic sources in the U.S. and Europe, according to Russian security firm Kaspersky Labs.
This is not the first time a satellite has been made vulnerable, according to Kaspersky principal researcher Kurt Baumgartner, but it’s a particularly noteworthy instance.
“In the past, we’ve seen at least three different actors using satellite-based Internet links to mask their operations,” Baumgartner told the Daily Dot. “However, the solution developed by the Turla group is the most interesting and unusual, because the Turla group doesn’t purchase their own satellite links—instead they piggyback on legitimate users’ satellite Internet connections.”
Turla has previously targeted government sites and commercial concerns in China, Russia, and other countries.
According to Dmitri Alperovitch, security firm CrowdStrike’s co-founder and CTO, Turla’s malware came from a “sophisticated Russian government-affiliated” hacker group CrowdStrike called Venomous Bear.
The reason satellites, at least the old ones, are vulnerable, is the simple fact that they do not encrypt their data. Turla targets a terrestrial user who receives data from an Internet provider that uses satellites, then hijacks the satellite’s data stream.
Adam Shostack, security researcher in the Seattle area, offered some simple math for this type of hack:
“I think of this as another story of ‘modern attack tools go through X like a chainsaw through butter.’
X = cars, sniper rifles, lightbulbs, satellites. Substitute in your own value of X. If you’re not threat modeling and following through with modern secure development practices, you’re going to experience this.”
In other words, satellites won’t be the last mind-bending hardware hack. They’re just a point on the threat curve.
Baumgartner agreed. “There are always opportunities for new exploits and vulnerabilities,” he said. “Anything that can provide hidden storage or covert communications has potential to be useful to attackers. Dreaming up something new isn’t difficult, but identifying unusual (advanced persistent threat) techniques in action is very difficult.”
One of the limiting elements of hacking a satellite is the speed. It’s slow in comparison to other types of data streams. Still, the technique could get popular in the future, Baumgartner said, given the low hardware cost.
“It is not the most reliable method for hosting a [command and control] server online” however. “It depends on when the legitimate user of the satellite Internet connection gets online and offline, and the attackers cannot control that.”
Those worried that hackers will grab satellites and send them plummeting toward the White House or Downing Street should probably calm down and watch fewer James Bond movies. Hackers, by and large, want information, money, or both. Supervillain status just isn’t as lucrative.
Illustration by Max Fleishman
Curt Hopkins has over two decades of experience as a journalist, editorial strategist, and social media manager. His work has been published by Ars Technica, Reuters, Los Angeles Times, and San Francisco Chronicle. He is the also founding director of the Committee to Protect Bloggers, the first organization devoted to global free speech rights for bloggers