Hackers spread viruses to satellites - exposing serious technological vulnerabilities
Thank you for choosing Automatic Translation. Currently we are offering translations from English into French and German, with more translation languages to be added in the near future. Please be aware that these translations are generated by a third party AI software service. While we have found that the translations are mostly correct, they may not be perfect in every case. To ensure the information you read is correct, please refer to the original article in English. If you find an error in a translation which you would like to bring to our attention, it would help us greatly if you let us know. We can correct any text or section, once we are aware of it. Please do not hesitate to contact our webmaster to let us know of any translation errors.
Hackers managed to get into the systems of satellite operators, telecom companies and defense companies, the US based Symantec security company announced today.
According to Symantec, the hackers are based in China.
The affected parties are in the United States and Southeastern Asia, and according to Symantec, the intent seems to have been government spying, snapping up both military and civil data traffic.
What´s very unusual about this attack was that the hackers left behind a virus in systems that control satellites, which could give them the ability to move the satellites or stop the data traffic that passes through them.
The malicious software has been removed, Symantec states.
The company also says it has has shared its discoveries with authorities in the United States and relevant Southeast Asian countries.
“Disruption to satellites could leave civilian as well as military installations subject to huge (real world) disruptions,” said Vikram Thakur, technical director at Symantec. “We are extremely dependent on their functionality.”
Satellites are critical to phone links and some internet traffic as well as mapping and positioning data.
Symantec, based in Mountain View, California, described its findings to Reuters exclusively ahead of a planned public release. It said the hackers had been removed from infected systems.
Symantec said it has already shared technical information about the hack with the US Federal Bureau of Investigation and Department of Homeland Security, along with public defence agencies in Asia and other security companies. The FBI did not respond to a request for comment.
Thakur said Symantec detected the misuse of common software tools at client sites in January, leading to the campaign’s discovery at unnamed targets. He attributed the effort to a group that Symantec calls Thrip.