Cyberattacks by GhostSec on satellites could completely change the world
The group’s capabilities threaten global critical infrastructure.
Cybersecurity professionals are concerned about a new wave of attacks on satellite systems and industrial controllers linked to geopolitical conflicts.
In addition, GhostSec announced the first ever ransomware attack on an industrial router. RTU. Researchers at Claroty confirmed the group’s ability to encrypt this type of router, which demonstrates SCADA functionality and supports industrial RS-232 and RS-485 serial interfaces.
In September 2022, the GhostSec group stated that compromised 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations. The GhostSec hackers posted a video demonstrating a successful login to the admin panel and reported that they could use it to change the chlorine and pH levels in the water.
Experts from Cyble Research Intelligence Labs expressed concerns about possible consequences if hacktivists, cybercriminals or government hackers gain access to the infrastructure of industrial control and monitoring systems, such as ICS (Industrial Control System) and SCADA (Supervisory Control And Data Acquisition) used in the space industry to ensure national and public security.
This makes key sectors such as government, military, telecommunications, energy and transportation, which rely heavily on satellite modems, particularly vulnerable to espionage or sabotage attacks.