Tuesday, Oct 20, 2020 | Last Update : 06:12 AM IST

195th Day Of Lockdown

Maharashtra1443409114960338084 Andhra Pradesh7192566588755981 Karnataka6406615157829286 Tamil Nadu6088555529389653 Uttar Pradesh4031013468595864 Delhi2827522506135401 West Bengal2603242287555017 Odisha222734190080912 Kerala204242131048772 Telangana1992761701091163 Bihar178882164537888 Assam169985139977655 Gujarat1332191132403417 Rajasthan1288591077181441 Haryana1237821059901307 Madhya Pradesh117588932382207 Punjab107096840253134 Chhatisgarh9856566860777 Jharkhand7770964515661 Jammu and Kashmir69832495571105 Uttarakhand4533233642555 Goa3107125071386 Puducherry2548919781494 Tripura2412717464262 Himachal Pradesh136799526152 Chandigarh112128677145 Manipur9791760263 Arunachal Pradesh8649623014 Nagaland5768469311 Meghalaya5158334343 Sikkim2707199431 Mizoram178612880
  Technology   In Other news  20 Jun 2018  China-based campaign breached satellite, defence companies: Symantec

China-based campaign breached satellite, defence companies: Symantec

REUTERS
Published : Jun 20, 2018, 10:11 am IST
Updated : Jun 20, 2018, 10:11 am IST

Symantec says the effort appeared to be driven by national espionage goals, like the interception of military and civilian communications.

Other security analysts have also recently tied sophisticated attacks to Chinese groups that had been out of sight for awhile, and there could be overlap. (Photo: Pixabay)
 Other security analysts have also recently tied sophisticated attacks to Chinese groups that had been out of sight for awhile, and there could be overlap. (Photo: Pixabay)

A sophisticated hacking campaign launched from computers in China burrowed deeply into satellite operators, defence contractors and telecommunications companies in the United States and southeast Asia, security researchers at Symantec Corp said on Tuesday.

Symantec said the effort appeared to be driven by national espionage goals, such as the interception of military and civilian communications.

 

Such interception capabilities are rare but not unheard of, and the researchers could not say what communications, if any, were taken. More disturbingly, in this case, the hackers infected computers that controlled the satellites, so that they could have changed the positions of the orbiting devices and disrupted data traffic, Symantec said.

“Disruption to satellites could leave civilian as well as military installations subject to huge (real world) disruptions,” said Vikram Thakur, technical director at Symantec. “We are extremely dependent on their functionality.”

Satellites are critical to phone and some internet links as well as mapping and positioning data. Symantec, based in Mountain View, California, described its findings to Reuters exclusively ahead of a planned public release. It said the hackers had been removed from infected systems.

 

Symantec said it has already shared technical information about the hack with the US Federal Bureau of Investigation and Department of Homeland Security, along with public defence agencies in Asia and other security companies. The FBI did not respond to a request for comment.

ADVERTISING

Thakur said Symantec detected the misuse of common software tools at client sites in January, leading to the campaign’s discovery at unnamed targets. He attributed the effort to a group that Symantec calls Thrip, which may be called different names by other companies.

Thrip was active from 2013 on and then vanished from the radar for about a year until the last campaign started a year ago. In that period, it developed new tools and began using more widely available administrative and criminal programs, Thakur said.

 

Other security analysts have also recently tied sophisticated attacks to Chinese groups that had been out of sight for awhile, and there could be overlap. FireEye Inc in March said that a group it called Temp.Periscope reappeared last summer and went after defence companies and shippers. FireEye had no immediate comment on the new episode.

It was unclear how Thrip gained entry to the latest systems. In the past, it depended on trick emails that had infected attachments or led recipients to malicious links. This time, it did not infect most user computers, instead of moving among servers, making detection harder.

Following its customary stance, Symantec did not directly blame the Chinese government for the hack. It said the hackers launched their campaign from three computers on the mainland. In theory, those machines could have been compromised by someone elsewhere.

 

Symantec provides the most widely used paid security software for consumers and an array of higher-end software and services for companies and public agencies.

Tags: symantec, hackers, satellite