One Article Review
| Source |  Reversemode |
|---|---|
| Identifiant | 8654607 |
| Date de publication | 2023-02-10 11:06:16 (vue: 2025-03-07 20:12:10) |
| Titre | Terminaux de Satcom attaqués en Europe: une analyse plausible. SATCOM terminals under attack in Europe: a plausible analysis. |
| Texte | ------Update 03/12/2022Reuters has published new information on this incident, which initially matches the proposed scenario. You can find the update at the bottom of this post.------February 24th: at the same time Russia initiated a full-scale attack on Ukraine, tens of thousands of KA-SAT SATCOM terminals suddenly stopped working in several european countries: Germany, Ukraine, Greece, Hungary, Poland...Germany\'s Enercon moved forward and acknowledged that approximately 5800 of its wind turbines, presumably those remotely operated via a SATCOM link in central Europe, had lost contact with their SCADA server. In the affected countries, a significant part of the customers of Eutelsat\'s domestic broadband service were also unable to access Internet. From the very beginning Eutelsat and its parent company Viasat, stated that the issue was being investigated as a cyberattack. Since then, details have been scarcely provided but few days ago I came across a really interesting video in the following tweet.In the video, the Commander General Michel Friedling confirms that the incident was originated by a cyberattack. However, he also provides a key detail that has the potential to turn a boring DDoS scenario, as some initially pointed out, into something much more interesting: "the terminals have been damaged, made inoperable and probably cannot be repaired" Based on the information publicly available and my experience researching into SATCOM terminals I\'ll try to present a plausible explanation for such a destructive attack. IntroductionPlease note that this is merely a speculative exercise, although backed by a realistic technical reasoning...anyway probably I\'m totally wrong.Back in 2014 and then in 2018 I presented at BlackHat USA two different papers mainly focused on evaluating the security posture of multiple SATCOM terminals, by uncovering a plethora of vulnerabilities and real-world scenarios across different sectors. Within these papers the reader can find an introduction to the SATCOM architecture, threat scenarios and some technical terms that will be used during this blog post.2014 - A Wake-Up call for SATCOM Security |
| Notes | ★★★★ |
| Envoyé | Oui |
| Condensat | scenarioswe 2 3 a at despite for from however https://www i introductionplease last please the this 03/12/2022https://www 03/12/2022reuters 069 0day 11/according 2014 2018 2022 240 240mhz*2 24th: 300km 5800 9201 terminal a writeup of ability about abused abusing access according account achieve acknowledged across addition advisory affected after against agency ago airborne aircraft alarms all allowed allowing also although analysis analysis:1 antenna any anyway apparently approach approximately architecture are area aspects assembly assess attack attackers attacking attacks available aviation back backbone backed based beams bear been beginning behave behind being below berlin between bgan blackhat blog boring both bottom bought broadband buck but call came can candidates: cannot cases center central certain certainly chance channels charge civil claimed close closest coincidentally collateral com/telecom/2013/10/04/axiros com/world/europe/exclusive coming command commander commands commercial communications company company axiros completely complying comprised compromise/spoof compromised conclusionmy configuration configurations configured confirms connected connectivity contact contents context control controlling convinced corrupting could countries countries: coverage covering customers cyberattack damage damaged days ddos ddosa deep demod depends deployed deployment derived designed destructive detail details devices diameter didn different directions directly disabling discussing disruption distributed divided documented does domestic don dozens drive dumped during each earth elaborated element enable enable/disable enercon engineered enough europe europe: european eutelsat evaluating even exercise experience explained explanation explanatory exploit exploitable exploitation exploited exposed fact facts feasible feature/0day february fiber finally find firmware first fixed fixed: focused following following tweet forces forcing forward found four fpga frequencies friedling from fry full gateway gateways general geographical geographically german germany ghz got greece ground had handles happened has have herein highly how however hughes hungary icap idu ignore image immediately impact impacted implemented important improper incident including independently indications indoor information infrastructure initially initiated inmarsat inoperable instance intended intentional interconnected interesting interesting: internet introduction invasion investigated involve involves involving issue italy its just key kind kms know known last least legitimate leverage likely link located location locked logic lost lot made main mainly maintains malicious managed management mappings maritime match: matches may maybe means merely messages mhz michel military mind misconfiguration modem modemwhat modify modifying month more moreover moved much multiple mystery neither network network/ new noc nor not note now nsa number obviously occured odu of:1 one only operated operations operators opposite order originally originated other out outdoor over pages papers params parent part particular parts passing payload performed permanent permanently picture piece plausible please plethora pointed pointing points poland polarizations pop possible post posture potential power presence present presented presumably pretty prevent previous privileged probably probes produce propagated properly proposed proprietary protecting protocol provide provided provider provides providing publicly published pulsean radiator reader reading real realistic reality really reasoning receive redundant referenced released an remotely rendered rendering repaired represents request required requires requiring research research researcher researching rest result resulting return reuters reverse rf/em ring running russia russian sabotage same sat sat infrastructure we satcom satellite satellitetoday say scale scarcel |
| Tags | Vulnerability Threat Technical Commercial |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.