Russia hacked a satellite network just before the invasion of Ukraine

United States, United Kingdom and European Union accuse Russia to be responsible for a cyberattack on the KA-SAT satellite network, operated by Viasat. This hack took place just before the invasion of Ukraine by Russia, to sabotage Ukrainian communications.

Disabled satellites to facilitate the invasion of Ukraine

This cyberattack therefore took place in February 2022. By targeting this network of satellites, the Russian government has triggered blackouts across Europe, just hours before Russia launched its invasion of Ukraine. In a joint declaration, the Western States specify that “The European Union and its Member States, together with its international partners, strongly condemn the malicious cyberattack carried out by the Russian Federation against Ukraine”.

In the same category

Moscow's Red Square in Russia - Facebook

Russian May 9 celebrations disrupted by multiple hacks

While the primary target of this attack was obviously the Ukrainian government and its military, which rely heavily on satellite communications, the attack also had an impact on the communications of thousands of customers Viasat in Ukraine and tens of thousands of customers across Europe. In Germany, this cyberattack, for example, disconnected remote access to 5,800 wind turbines, which depended on Viasat technologies for remote monitoring and control.

Western countries accuse Russia

According to Viasat, “the cyberattack damaged tens of thousands of endpoints that cannot be repaired at this time”. For its part, the European Union considers that this cyberattack on satellites unacceptable and that this is a new example of the “irresponsible behavior of Russia”. Member States are considering new sanctions and the introduction of measures to “prevent, discourage, deter and respond to such malicious behavior”.

This incident is the result of a new strain of Russian malware called “AcidRain”. This malware was designed to wipe vulnerable modems remotely. Viasat confirmed to cybersecurity researchers who studied the attack that their results were consistent with those of the analysis conducted by the company. The researchers noted similarities between AcidRain and VPNFilter, a piece of malware used in 2018, attributed at the time to Russian military intelligence by the FBI. Behind this malware is the Fancy Bear group, or APT28.

hackers backed by the Kremlinbehind the attacks on the World Anti-Doping Agency in 2019, when it said it wanted to undertake tests on Russian athletes.

ttn-4