Posted on June 20, 2018 at 11:31 PM
Hackers from China have launched a new hacking campaign that allowed them to successfully hack into various telecommunication companies, defense contractors, as well as satellite operators. They even managed to hack the computers that are controlling the satellites above the US and Asia. Researchers believe that the hackers’ goal was to spy on various nations and eavesdrop on civilian and military communications alike.
Chinese hackers take control of satellites
According to security researchers from Symantec Corp, a hacking group that is based in China managed to pull off a groundbreaking feat. Through a new hacking campaign, attackers managed to get to various defense contractors, satellite operators, as well as telecommunications companies. Their targets were located in Southeast Asia, as well as in the US.
Symantec claims that the group’s efforts were driven by goals revolving around national espionage. One of the goals was possibly the interception of communications, which include the military, and civilian communications alike.
The group believed to be responsible is the one that Symantec has named Thrip. Despite the fact that capabilities that this group has demonstrated are quite rare, it is still possible that someone can be capable of doing this. So far, the researchers did not manage to determine whether or not any communications were taken.
The even more disturbing part of the whole ordeal includes the hack of various satellites. This is a serious problem since the hackers easily could have changed the satellites’ positions. If they managed to do so, a large disruption in data traffic would be unavoidable. Both the military and the civilian communications and data traffic would suffer greatly, according to Symantec’s technical director, Vikram Thakur.
Thakur also stated that everyone is very dependable on the functionality of these satellites, which is why this intrusion is most concerning. After all, satellites are one of the most important aspects when it comes to maintaining the phone and internet networks, as well as data mapping and positioning. Luckily, in one of the interviews, Symantec disclosed that the hackers have been removed from the systems before causing any irreparable damage.
Furthermore, the firm has already shared all of their findings with the Department of Homeland Security, as well as with the FBI. Additionally, they even contacted Asia’s public defense agencies, and even other security firms.
Thrip is back, and more dangerous than ever
As for Thrip, this is a group that was first identified back in 2013. Since then, the group has maintained a certain level of activity and has even vanished completely once. It obviously used this period of inactivity to create new tools and strategies.
The researchers have yet to release information regarding how the group even managed to hack these systems. What is currently known is that they used fake emails in the past, which usually contained malicious links or infected attachments. This time, however, the group moved through servers directly, which made it harder for the security to detect the intrusion.
For now, Symantec decided to avoid blaming China’s government for the attack, but it did say that the attackers are clearly based in this country.