EU, UK, US Directly Accuse Russia Of Hacking ViaSat Satellites
from the easily-avoidable dept
For literally more than a decade researchers warned that global satellite telecommunications networks were vulnerable to attack. These attacks vary in nature but several allowed an intruder miles away to both intercept and disrupt satellite communications. In 2020 hackers again clearly demonstrated how these perpetually unresolved vulnerabilities were putting millions of people at risk.
Fast forward to 2022 and a major hack of Viasat’s satellite systems caused (gasp) massive problems for tens of thousands of users. The attack on Viasat’s KA-SAT satellite system, suspected at the time to be the work of the Russian government, was aimed at disrupting Ukraine communications in the lead up to war. But, as such attacks often do, it also managed to impact a very large chunk of Europe.
This week, the EU and UK formally accused Russia of the attack, pointing out that it occurred exactly one hour before the country invaded Ukraine:
“The European Union and its Member States, together with its international partners, strongly condemn the malicious cyber activity conducted by the Russian Federation against Ukraine, which targeted the satellite KA-SAT network, operated by Viasat.”
The full press release formally accuses Russia of several other attacks during the invasion, including the 13 January defacements of Ukrainian government websites, and the deployment of Whispergate malware. After it was released the US put out its own statement also directly blaming Russia.
There’s no limit of telecom infrastructure vulnerabilities (including those routinely exploited by the United States) we’ve addressed too little, too late. The SS7 flaw, for example, has been exploited for years by global intelligence agencies and criminals (assuming you see the two segments independently) despite repeated complaints by security experts.
Instead of taking these warnings seriously and genuinely shoring up overall privacy and security (be it a telecom network or election system), U.S. policymakers and the broader discourse brain trust spent several years… hyperventilating about TikTok.
Filed Under: eu, hacking, privacy, russia, satellite, security, telecom, uk, ukraine
Companies: viasat
Comments on “EU, UK, US Directly Accuse Russia Of Hacking ViaSat Satellites”
why fix?
Something you already use.
Rather point at things that arnt the way we want, then to fix the things that are Used for things we like.
Re:
Do you update your desktop/laptop’s OS?
Re: Re:
The problem with Windows 8+ is that every update represents a downgrade. Better off with Windows 7 despite the lack of support because you know that you legally purchased software will keep working even if it never phones home. And yes, I recognise the existence of other OSes, but Chrome constantly has problems of one form or another, and Linux is not that widely popular yet.
Keep in mind that SS7 and many satellites were developed during a time when the USA and allies were actively trying to suppress encryption. Some current insecurities may be partially due to this history. The GCHQ knew in 1973—two years before SS7 was started—about what was publically disclosed in 1977 as the RSA cryptosystem. While location-tracking was not a concern back then, we know that mobile phone encryption was intentionally weakened due to government meddling (though ended up much weaker than they probably intended).
One could imagine an alternate history where the spooks said “hey, our communications are gonna be routed via these protocols, as will the potentially blackmail-worthy private communications of our employees and government officials… so maybe we should carefully review everything and tell them how to secure it”. Alas, they seem to have done the exact opposite, and I don’t think we’re done seeing the consequences—nor will we be, with all the terrible new anti-encryption proposals.
Now, now. Not all criminals are global intelligence agencies. Very few of them are that bad. The rest, I’m certain, are all respectable businesspeople and such.