Vostok Satellite Company reports that communications services provided by their Vostok 1 satellite have been interrupted by a ransomware attack. “Our mobile satellite service has been interrupted by a new ransomware variant called SatWurm,” Valentina Tereshkova, spokesperson for Vostok Satellite, explained, “The satellite appears to be fully functional, but the transmission targeting controls are not allowing outgoing traffic to reach their intended recipient.”
The Brooklyn based company recently began offering mobile satellite service via their new software-defined satellite service. The satellite is able to use lower powered transmissions because the transmitter is more narrowly focused and targeted at the receiver’s location. Vostok 1 was launched on April 12th, 2021.
Vostok Satellite announced that they are currently negotiating with the SatWurm controllers to return control of the satellite system. The unnamed attacker is reportedly asking 10 Bitcoin ($239,315) for removing the malware.
General Turgidson, Director of the National Critical Infrastructure Security Operations Center (CI-SOC), confirmed that they were working with Vostok Satellite. “We do not recommend that victims pay ransoms, but I understand why someone might take that approach to return their systems to full control,” Turgidson explained.
A technician with CI-SOC who is not authorized to talk to the press told me that the investigation as to how the attack gained control of the system would not be able to make much headway until they were able to access the control logs on the satellite. “The Vostok targeting controls are based upon information sent to the satellite by the customer ground stations,” she explained, “We suspect that the attack was initiated through those channels.”
No comments:
Post a Comment