Hackers are so good at what they do that they can sometimes go undetected for years before anyone notices them tampering with or stealing information. It’s now 2015 but according to a new report, a Russian Spy Group called Turla has managed to secretly hack satellite IP addresses since 2007.
“If you’re A state-sponsored hacker siphoning data from targeted computers, the last thing you want is for someone to locate your command-and-control server and shut it down, halting your ability to communicate with infected machines and steal data,” said Wired.
“So the Russian-speaking spy gang known as Turla have found a solution to this—hijacking the satellite IP addresses of legitimate users to use them to steal data from other infected machines in a way that hides their command server.”
According to the report Turla is a covert cyber-espionage group that is allegedly sponsored by the Russian Government. They have been in operation for more than a decade and have target a slew of government agencies in over 40 countries. It’s one of the more largely successful groups who have managed to fly years under the radar without being detected.
“The Turla gang uses a number of techniques to infect systems and steal data, but for some of its most high-profile targets, the group appears to use a satellite-based communication technique to help hide the location of their command servers, according to Kaspersky researchers,” reported Wired.
“Ordinarily, hackers will lease a server or hack one to use as a command station, sometimes routing their activity through multiple proxy machines to hide the location of the command server. But these command-and-control servers can still often be traced to their hosting provider and taken down and seized for forensic evidence.”
The article also states that it’s not a first time offense for the group when it comes to using satellite connections. The main concern is that if hacking teams such as Turla continue to use these methods of hacking, it makes things much harder for law enforcement to find and shut down the command servers, according to the report.
Read the full story.