US satellite network compromised by Russian APT operations

Russian state-sponsored threat operation Fancy Bear, also known as APT28, was noted by the Cybersecurity and Infrastructure Security Agency to have infiltrated the network of a U.S. satellite communications provider with U.S. critical infrastructure clients, CyberScoop reports. Fancy Bear was discovered by CISA researchers within the satellite's network earlier this year, with CISA incident response analyst MJ Emanuel noting that the attackers were able to explore the network months prior to being discovered. Such an attack indicates Russia's interest in disrupting the space economy as evidenced by its attack against U.S. telecommunications firm Viasat which took down internet services in Ukraine prior to being invaded. Satellite security has never been more vulnerable, said Johns Hopkins University professor Gregory Falco, who attributed the space industry's inconsistent security approach to a lack of standards that would ensure the necessary defenses. "All of these satellite telcos are a freaking nightmare when it comes to security posture," Falco added.