Hackers force Russian military satellite operator offline

Ryan Daws

Source Link

A group of unidentified hackers has taken credit for targeting prominent Russian satellite communications operator Dozor-Teleport.

The network disruption caused by the cyberattack impacted critical services utilised by energy companies, as well as the country’s defense and security services.

The attack was perpetrated by an organisation claiming to be affiliated with the Wagner Group, a group of mercenaries financed by the Russian military that staged a coup last month before its commander, Yevgeny Prigozhin, called it off and fled to Belarus.

Despite the hacker group’s claims of affiliation with the Wagner Group, doubts have emerged regarding their authenticity. The absence of any mention of the attack on the Wagner Group’s official Telegram channel adds to this scepticism.

Whether the group’s affiliation claims are real or not, the impact of their work certainly is.

⚠️ Confirmed: Metrics show a disruption to satellite internet provider Dozor-Teleport which supplies Russia's FSB, Gazprom, Rosatom and military installations; the incident comes amid a wave of cyberattacks by a group claiming affiliation with Wagner PMC 🛰️📉 pic.twitter.com/rSoRyUFsWm— NetBlocks (@netblocks)June 29, 2023Click to accept marketing cookies and enable this content

The hackers caused damage to satellite terminals and compromised confidential data stored on Dozor’s servers. They released 700 files, including documents and images, on a leak site and a newly established Telegram channel.

One document suggests an agreement granting Russian security services access to subscriber information from Amtel Svyaz, although the authenticity of these files remains unverified.

Dozor-Teleport confirmed the attack. While there’s now been a significant restoration of services, the Russian operator estimates that it will take several weeks to fully repair the network and replace equipment.

This cyberattack on Dozor-Teleport marks the second significant breach of a satellite telecommunications service provider, following the attack on Viasat during Russia’s invasion of Ukraine which also impacted wind turbines in Germany.

However, Viasat’s network is much larger, and only a portion of its routers experienced disruption. The similarities between these incidents have raised concerns about the vulnerability of satellite communication systems and their potential exploitation in future cyber warfare.

As the investigation into the cyberattack on Dozor-Teleport unfolds, the incident highlights the vulnerabilities of satellite communication systems and the potential risks to national security.