Ukrainian intelligence claims Russian hackers are targeting Elon Musk's Starlink network
Ukraine's main counter-intelligence agency is claiming that hackers sponsored by Russia's intelligence services
are deliberately targeting Elon Musk's Starlink satellite network.
The Ukrainian
State Security Service (SBU) recently published a report detailing how the GRU, Russia's main military intelligence agency,
is allegedly creating custom malware to try and spy on Ukrainian troop movements using Starlink satellites. (Related:
Space Force to launch network of SPY SATELLITES to counter growing Chinese and Russian space capabilities.)
Starlink, developed by Musk's company SpaceX, operates a network of thousands of satellites that beam wireless internet across the world. Musk launched several of his satellites over Ukraine at the beginning of Russia's special military operation in the country to provide Ukrainians with the internet. Now, Ukrainian commanders have become heavily reliant on the space infrastructure to communicate across vast distances on the frontlines.
According to the SBU, experts within the intelligence service claim to have discovered malicious software on Ukrainian tablet devices that were captured by the Russians before later being recovered from the battlefield.
The SBU claims leaving infected devices such as smartphones, tablets or even USB sticks lying around in the hope that they are picked up and used is a common method of spreading malware.
Some of the malware samples found by SBU's cyber experts were allegedly designed to gather information about
connections to the Starlink system.
"This was very interesting malware," explained Illia Vitiuk, head of the SBU's Cybersecurity Department in an interview with
NPR. "It gave them the possibility to get the configurations of Starlink, so in the end they could understand the location" of specific military units.
Vitiuk continued by noting that, if Russian military forces know the specific location of certain military units, they can use that information to then target them with artillery, drones or missiles.
"But the thing is, we have thousands of Starlinks here in Ukraine, and there are alternatives … you cannot hit it with a missile or artillery shell, every Starlink," said Vitiuk, claiming that Russia may try to target Starlink satellites directly to prevent them from being used by Ukraine.
Vitiuk's statements are confirmed by the SBU's report on the discovery of the malware. The technical report claims that the purpose of the hacking attempts "is to gather data from the Starlink satellite system."
Ukraine claims GRU hacker group responsible for creation of satellite-hacking malware
The malware, one of five different types of information-stealing software found on the tablets, bore the hallmarks of the creation of the SandWorm hacker gang.
The
Government Communications Headquarters, the United Kingdom's main signals intelligence unit, has previously claimed that SandWorm is the Unit 74455 of the GRU.
"The malware suite discovered by Ukraine's SBU used a compromised device's Starlink connection to track Ukrainian armed forces," noted Tony Adams, a researcher with the Counter Threat Unit of the Atlanta-based cybersecurity firm Secureworks. "If successful, this attack could have yielded extremely useful operational intelligence for Russian battlefield commanders, a goal undoubtedly on the GRU's punch list."
Hackers from SandWorm have reportedly been extremely active both during and before the beginning of Russia's special military operation in Ukraine in February 2022. The group reportedly attacked the Ukrainian energy sector, the global economy and other high-value targets.
This is also not the first time that
cyber warfare operations have affected the ongoing conflict. In December 2022, Russian hackers broke into Ukrainian military email accounts to deliver convincing phishing emails in an attempt to compromise their access to Delta, a military platform developed by Ukraine and regularly used by commanders to track Russian troops using Starlink and other gathered intelligence.
Before this, in the summer of 2022, Russian hackers created a fake version of the Delta website to trick legitimate users into providing their credentials.
Learn more about the ongoing conflict in Ukraine at
UkraineWitness.com.
Watch this mirrored clip from the YouTube Channel "Military Tube Today" reporting how the Russian Armed Forces recently destroyed a Starlink satellite system communications kit utilized by the Ukrainian Armed Forces
using radio-controlled kamikaze drones.
This video is from the channel
The Prisoner on Brighteon.com.
More related stories:
Russian electronic warfare systems are successfully disabling "sophisticated" US-supplied Ukrainian weapons.
China has put hundreds of satellites in orbit to target U.S., as Space Force commander reveals Beijing's horrific plan for America.
SpaceX dumps Ukraine; prevents "weaponization" of satellite communications system.
Russia could target American commercial satellites if US continues to use them to aid Ukraine.
Space war brewing? Russia threatens to destroy Starlink satellites.
Sources include:
DailyStar.co.uk
Telegraph.co.uk
NPR.org
Brighteon.com