Cyber attack on satellite systems: what is SiegedSec fighting for?
Network Robin Hoods or cybercriminals – this will be shown by the US investigation.
SiegedSec hacker group stated about attacks on satellite receivers and industrial control systems. Hackers paid special attention to the United States, where confirmation of gender identity is prohibited. Previously, the attackers claimed that they were carrying out attacks in response to discrimination against sexual minorities and abortion bans in the United States.
SiegedSec members claim they carried out a “unique attack on the supply chain” that allowed them to manage the accounts of several companies that monitor satellite receivers, VSAT, VOIP services, and others. Halliburton, ShellHelix Energy and Oceaneering.
Among the targets attacked were Trimble netR9 satellite receivers, which are often used with security disabled or standard credentials. Some of these receivers are believed to be used on offshore oil rigs.
Screenshot of SiegedSec’s post Telegram
Note that with the help Shodan you can find about 1374 receivers, however some of them are decoys. The screenshot published by the hackers showed a map with points located near the coast of Texas, where a large number of oil and gas facilities are concentrated. In addition, Helix Energy provides services to the marine energy industry.
According to the hackers, the main target of the attack was ITC Global, a company specializing in the supply of satellite and other devices. The group said that the interaction with ITC Global is not limited to the simple deletion of accounts, but the hackers did not elaborate on the details.
The perpetrators emphasized that they “focus more on the message than the money.” Their goal is not to make money, but to achieve a certain reaction. According to the cybercriminals themselves, in most cases they “just want to have fun and destroy something.”
SiegedSec announced this week that carried out cyberattacks on government websites in five US states , including websites related to the judiciary, social services, and the police. According to the hackers, they launched all their attacks in response to the prohibition of abortion and gender identification at the state level.
In addition to the listed incidents, the SiegedSec hackers on June 23 attacked the government of Fort Worth in Texas . The attackers published part of the documents on their Telegram channel and explained their act as a kind of opposition to state policy.
Past attacks SiegedSec
Since its founding in February 2022, the SiegedSec group has received classified data, emails, data from at least 30 different companies. The cybercriminals posted the stolen data on various hacker forums, but did not use ransomware or sell the stolen data for profit.
Among the group’s many targets are India’s news portal NewsVoir, a company Atlassianas well as the government of Colombia. Because some of the affected companies are small businesses, there have been few public announcements about the SiegedSec attacks, and perhaps even less about the group’s work.
Currently, an investigation has been initiated in the United States against the SiegedSec group in order to find out the true motives of the group and identify its members.