The US-based satellite industry has been targeted by a Chinese-linked hacking group, according to new research by Symantec. The hacking campaign apparently targeted command and control systems.
Targets include at least two US-based satellite companies, a Defense Department contractor and a geospatial imaging technology firm. The attackers use a combination of open-source and custom-built hacking tools to steal credentials, navigate across networks and create additional remote backdoors. Symantec said while the hacking group, dubbed “Thrip” by analysts, did access some of the companies’ networks, attacks were blocked by Symantec software.
“We could see based on where they were spending their time and effort that they were really trying to go after this satellite company,” DiMaggio told CyberScoop. “They were enumerating directories, manually looking for very specific things like this one software program and the command and control for the satellites … it was much more careful than scanning. They were going after total access, going after the backend databases of these systems as well. Most of the computers at the company didn’t touch the satellites, so they were quite focused.”
The satellite industry has a history of providing secure solutions and leading in areas like encryption, access control and overall system hardness. And there is the fact that a satellite network is essentially a single hop, with the router thousands of miles up in space. That provides inherent physical security like no other network, when it comes to malicious intent.
But the migration from closed proprietary systems to open standards and interoperability with terrestrial IP networks means satellite is as big a target as any earth-bound network. These recent hacking attempts show the importance of network security, something that Uplogix customer in satellite take advantage of. Beyond always being able to reach remote gear over an out-of-band channel, Uplogix customers benefit from the same high security as our customers in the military and financial industries.