Federal prosecutors charged a UK teenager with conspiracy to commit computer fraud and other crimes in connection with the network intrusions of 47 US companies that generated more than $115 million in ransomware payments over a three-year span.
A criminal complaint unsealed on Thursday (PDF) said that Thalha Jubair, 19, of London, was part of Scattered Spider, the name of an English-language-speaking group that has breached the networks of scores of companies worldwide. After obtaining data, the group demanded that the victims pay hefty ransoms or see their confidential data published or sold.
Bitcoin paid by victims recovered
The unsealing of the document, filed in US District Court of the District of New Jersey, came the same day Jubair and another alleged Scattered Spider member—Owen Flowers, 18, from Walsall, West Midlands—were charged by UK prosecutors in connection with last year’s cyberattack on Transport for London. The agency, which oversees London’s public transit system, faced a monthslong recovery effort as a result of the breach.
Both men were arrested at their homes on Thursday and appeared later in the day at Westminster Magistrates Court, where they were remanded to appear in Crown Court on October 16, Britain’s National Crime Agency said. Flowers was previously arrested in connection with the Transport for London attack in September 2024 and later released. NCA prosecutors said that besides the attack on the transit agency, Flowers and other conspirators were responsible for a cyberattack on SSM Health Care and attempting to breach Sutter Health, both of which are located in the US. Jubair was also charged with offenses related to his refusal to turn over PIN codes and passwords for devices seized from him.
Enlarge/ Complex space systems like the International Space Station could be vulnerable to hackers.
If space systems such as GPS were hacked and knocked offline, much of the world would instantly be returned to the communications and navigation technologies of the 1950s. Yet space cybersecurity is largely invisible to the public at a time of heightened geopolitical tensions.
Cyberattacks on satellites have occurred since the 1980s, but the global wake-up alarm went off only a couple of years ago. An hour before Russia’s invasion of Ukraine on February 24, 2022, its government operatives hacked Viasat’s satellite-Internet services to cut off communications and create confusion in Ukraine.
Most people are unaware of the crucial role that space systems play in their daily lives, never mind military conflicts. For instance, GPS uses signals from satellites. GPS-enabled precision timing is essential in financial services where every detail—such as time of payment or withdrawal—needs to be faithfully captured and coordinated. Even making a mobile phone call relies on precise coordination of time in the network.
Besides navigation for airplanes, boats, cars, and people, GPS is also important for coordinating fleets of trucks that transport goods to stock local stores every day.
Earth-observation satellites are “eyes in the skies” with a unique vantage point to help forecast the weather, monitor environmental changes, track and respond to natural disasters, boost agricultural crop yields, manage land and water use, monitor troop movements, and much more. The loss of these and other space services could be fatal to people vulnerable to natural disasters and crop failure. They could also put global economics and security at serious risk.
Enlarge/ Many satellites are crucial for tracking natural and human activity on Earth.
Factors in play
In our report, we identified several factors that contribute to the increasing threat of space cyberattacks. For instance, it’s important to recognize that the world is at the start of a new space race.
Because space is so remote and hard to access, if someone wanted to attack a space system, they would likely need to do it through a cyberattack. Space systems are particularly attractive targets because their hardware cannot be easily upgraded once launched, and this insecurity worsens over time. As complex systems, they can have long supply chains, and more links in the chain increase the chance of vulnerabilities. Major space projects are also challenged to keep up with best practices over the decade or more needed to build them.
And the stakes are unusually high in space. Orbital trash zips around at speeds of 6 to 9 miles per second and can easily destroy a spacecraft on impact. It can also end space programs worldwide given the hypothesized Kessler syndrome in which the Earth is eventually imprisoned in a cocoon of debris. These consequences weigh in favor of space cyberattacks over physical attacks because the debris problem is also likely to affect the attacker.
Moreover, given critical space infrastructure and services, such as GPS, conflicts in space can spark or add more fuel to a conflict on Earth, even those in cyberspace. For instance, Russia warned in 2022 that hacking one of its satellites would be taken as a declaration of war, which was a dramatic escalation from previous norms around warfare.
