Russian-speaking hackers have been using commercial satellites to mask malware attacks on western military and governmental networks in an escalation that has high-level security staff worried.
A report from Kaspersky Lab claims that the group behind the Ouroboros malware (also known as Snake or Turla) has been using commercial satellites to access hidden receiving stations in Africa and the Middle East
Only one way to stop it
"Using a cloned modem makes it harder for ISPs to block the traffic since it would impact legitimate users," added Ian Pratt, CEO and co-founder, Bromium, an endpoint protection and security firm. "The miscreants can simply switch to cloning a different legitimate user's device."
"Strong authentication of access modems using a key unique to each device is the only way to block this kind of attack, but can only realistically be done for new deployments," he said.
With governmental organisations, embassies and firms in Russia, China and a dozen other countries targeted plus research groups and medical firms, the security community is right to be worried about this method of spreading malware.