EU, UK, US Directly Accuse Russia Of Hacking ViaSat Satellites

from the easily-avoidable dept

For literally more than a decade researchers warned that global satellite telecommunications networks were vulnerable to attack. These attacks vary in nature but several allowed an intruder miles away to both intercept and disrupt satellite communications. In 2020 hackers again clearly demonstrated how these perpetually unresolved vulnerabilities were putting millions of people at risk.

Fast forward to 2022 and a major hack of Viasat’s satellite systems caused (gasp) massive problems for tens of thousands of users. The attack on Viasat’s KA-SAT satellite system, suspected at the time to be the work of the Russian government, was aimed at disrupting Ukraine communications in the lead up to war. But, as such attacks often do, it also managed to impact a very large chunk of Europe.

This week, the EU and UK formally accused Russia of the attack, pointing out that it occurred exactly one hour before the country invaded Ukraine:

“The European Union and its Member States, together with its international partners, strongly condemn the malicious cyber activity conducted by the Russian Federation against Ukraine, which targeted the satellite KA-SAT network, operated by Viasat.”

The full press release formally accuses Russia of several other attacks during the invasion, including the 13 January defacements of Ukrainian government websites, and the deployment of Whispergate malware. After it was released the US put out its own statement also directly blaming Russia.

There’s no limit of telecom infrastructure vulnerabilities (including those routinely exploited by the United States) we’ve addressed too little, too late. The SS7 flaw, for example, has been exploited for years by global intelligence agencies and criminals (assuming you see the two segments independently) despite repeated complaints by security experts.

Instead of taking these warnings seriously and genuinely shoring up overall privacy and security (be it a telecom network or election system), U.S. policymakers and the broader discourse brain trust spent several years… hyperventilating about TikTok.

Filed Under: , , , , , , , ,
Companies: viasat

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “EU, UK, US Directly Accuse Russia Of Hacking ViaSat Satellites”

Subscribe: RSS Leave a comment
5 Comments
Anonymous Coward says:

Re: Re:

The problem with Windows 8+ is that every update represents a downgrade. Better off with Windows 7 despite the lack of support because you know that you legally purchased software will keep working even if it never phones home. And yes, I recognise the existence of other OSes, but Chrome constantly has problems of one form or another, and Linux is not that widely popular yet.

Anonymous Coward says:

There’s no limit of telecom infrastructure vulnerabilities (including those routinely exploited by the United States) we’ve addressed too little, too late. The SS7 flaw, for example

Keep in mind that SS7 and many satellites were developed during a time when the USA and allies were actively trying to suppress encryption. Some current insecurities may be partially due to this history. The GCHQ knew in 1973—two years before SS7 was started—about what was publically disclosed in 1977 as the RSA cryptosystem. While location-tracking was not a concern back then, we know that mobile phone encryption was intentionally weakened due to government meddling (though ended up much weaker than they probably intended).

One could imagine an alternate history where the spooks said “hey, our communications are gonna be routed via these protocols, as will the potentially blackmail-worthy private communications of our employees and government officials… so maybe we should carefully review everything and tell them how to secure it”. Alas, they seem to have done the exact opposite, and I don’t think we’re done seeing the consequences—nor will we be, with all the terrible new anti-encryption proposals.

Anonymous Coward says:

“The SS7 flaw, for example, has been exploited for years by global intelligence agencies and criminals (assuming you see the two segments independently)…”

Now, now. Not all criminals are global intelligence agencies. Very few of them are that bad. The rest, I’m certain, are all respectable businesspeople and such.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...