A group of sophisticated Russian-speaking hackers is exploiting commercial satellites to siphon sensitive data from diplomatic and military agencies in the United States and in Europe as well as to mask their location, a security firm said in a new report.
The group, which some researchers refer to as Turla, after the name of the malicious software it uses, also has targeted government organizations, embassies and companies in Russia, China and dozens of other countries, as well as research groups and pharmaceutical firms, said Stefan Tanase, senior security researcher at Kaspersky Lab, a Moscow-based cybersecurity firm with analysts around the world.
Turla has used this technique for at least eight years, which reflects a degree of sophistication and creativity generally not seen among advanced hacker groups, Tanase said.
“For us, it was very surprising,” he said in a phone interview from Bucharest, Romania. “We’ve never seen a malicious operation that hijacked satellite” connections to obtain data and to cover its tracks. “This is the first group that we believe has done it. It allows you to achieve a much greater level of anonymity.”
View full story