China-based espionage campaign targets satellite in the US2018-06-21 11:51 by Daniela
A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defence contractors and telecommunications companies in the United States and South-east Asia, cyber-security organisation Symantec announced.
Symantec noticed the attacks in January, when the company's security software triggered an alert at a "large telecoms operator" in Southeast Asia. During the incident, the group was attempting to install a piece of malware on the victim's network, which exposed the hackers' tactics to Symantec researchers. The researchers believe this is a cyber espionage by a group called Thrip, located in mainland China.
"Espionage is the group's likely motive, but given its interest in compromising operational systems, it could also adopt a more aggressive, disruptive stance should it choose to do so," Symantec researchers wrote.
"Perhaps the most worrying discovery we made was that Thrip had targeted a satellite communications operator. The attack group seemed to be particularly interested in the operational side of the company, looking for and infecting computers running software that monitors and controls satellites. This suggests to us that Thrip's motives go beyond spying and may also include disruption," wrote Security Response Attack Investigation Team.
Satellites are critical to phone and some internet links as well as mapping and positioning data.
Read more -here-