Dr Strangebug

It would seem that in 2011, hacking went up in the world – literally, with the DroneBug Malware entering the scene in November 2011, and then with the revelation that a hack had been carried out targeting a Satellite. Two scenarios which are also very similar in many ways, and I am wondering just what the ramifications will be in the longer term.

With the DroneBug, what was so very interesting about that particular case was the fact that, whilst the malware in question was not aggressively targeting the apparatus, and was allowing the Drones to operate, it was thus considered  a nuisance and so was allowed to fly with the operational infected drones. However, let’s think what these little buzz machines are used for – the gathering of intelligence from the ground, for onward transmission. So is it not feasible that they could be having some real-time conversation with some higher flying bird – is it conceivable that the communications could be of interest to someone – or why else would an attacker bother with this high tech model aircraft? The reason why it is so improbable that the presence of such a piece of code would seem to have been tolerated!

But, for now at least, let us not get over focused on the military aspect of satellites. Satellites  are also  of course of equal importance to many large global corporates who utilise uplink, and downlink capabilities to support their business operations on a daily basis, utilising commercial SatCom as beyond the Cloud extended networked environments. In fact here I can personally attest to this, as I myself have been involved in projects looking to drive Business Continuity Programmes to secure global mission critical communications, and believe me it is a very complex world – not just as far as round the globe segmented networking diagrams are concerned, but more the case understanding the sky-to-ground implications of ‘logically’ taking down, and bringing back up such a massive interconnected, distance based, clock-owning world. In fact, as I recall on one particular occasion during a BC/DR testing phase, so sever were the issues and challenges, the Big Red test button never did get pressed – the risks were far to extensive – let alone the cost of recovery.

But then getting back to the case in hand, let us consider the threat. Multiplying the security implications of compromise, by the number of tin-cans floating above us in the sky, the probability of some form of another challenging fashionable hack occurring again is, in my opinion, high. But it has been suggested, or inferred for many years that these systems were impregnable. However, notwithstanding they are controlled by their radio associated uplinks, it is down on the ground where there are the opportunities of a SCADA moment to occur, in which command-and-control systems could suffer incursion.  Or maybe being impacted with some strange new Hacker, Hacktivists, or even a CyberWar Stuxnet type bug, developed with the same profile of operability, but this time focusing on a very different target. Is it not in the interest of either the ‘Blue’ or ‘Red’ side of the Kinetic Theatres of War to take out the opposition’s eyes and ears? Would not such a tool in the kit bag of the Cyber Armoury of a Super Power, or a fledgling power who have aspirations on bigger things be a must have!

Comment on this blog