If you’re like me, when you read that Russian hackers had hacked a satellite to conceal their movements, you probably thought, “bullshit,” and then turned the page, right? Hackers don’t really do those things in real life. They seriously don’t —most hackers conform to about four methodologies. This makes sense, as criminals are much like the rest of us. No one wants to put in much more than the bare minimum required to get paid, right? Somewhere in that remaining ten percent of hacks, however, there are still things that manage to astonish me.
The reason to hack a satellite has to do with botnets. Botnets — armies comprised of millions of infected computers — are hard to kill. In order to kill a botnet, you have to track down its command and control servers – the nodes that control the infected hordes. It’s a classic anti-zombie strategy: shoot for the head.
This is much easier said than done, however, as the owners of these elusive networks tend to hide their servers across international borders and jurisdictions. Botnets have been taken down, mostly through a coalition formed of Interpol, various state-level investigative services, and ISPs. Interestingly enough the tip of this particular spear is none other than Microsoft.
So, here to make life that much more difficult for those of us who don’t want our computers to be lobotomized and used for global crime, is Turla, the Russian hacking group from paragraph one. They’ve obviated the problem of being hunted down by Microsoft and their ilk by hijacking the IP addresses of satellite internet users. They’re so good at this that it took eight years for people to even realize that they were doing this, and investigators still have no idea where Turla’s servers are actually located.
How were Turla able to conceal their tracks for so long? Well, there’s evidence to suggest that they’re sponsored by the Russian government. See? Just like James Bond.