Cybersecurity experts are raising concerns about a recent surge in attacks targeting satellite systems and industrial controllers, often associated with geopolitical conflicts.
GhostSec‘s Cyber Siege: Industrial Ransomware & PLC Breach
Furthermore, GhostSec has reportedly carried out a groundbreaking ransomware attack on an industrial RTU router, an incident validated by Claroty researchers. This attack showcased the group’s proficiency in encrypting such routers, known for their SCADA capabilities and support for RS-232 and RS-485 industrial serial interfaces.
During September 2022, GhostSec asserted responsibility for infiltrating 55 Berghof programmable logic controllers (PLCs) utilized by Israeli entities. The group showcased their breach through a video demonstration of a successful login to the administrator panel, implying their capability to manipulate chlorine and pH levels in water systems.
Fearful of potential ramifications, experts from Cyble Research Intelligence Labs are sounding the alarm over the risk of hacktivists, cybercriminals, or state-sponsored hackers obtaining access to the infrastructure of industrial control and monitoring systems, including ICS (Industrial Control System) and SCADA (Supervisory Control And Data Acquisition) used in the space industry, endangering national and public safety.
This vulnerability has put critical sectors, including government, military, telecommunications, energy, and transportation, at significant risk, especially those heavily reliant on satellite modems, making them susceptible to espionage or sabotage attacks.