The United States, the United Kingdom and the European Union accuse Russia of being responsible for a cyber attack on the KA-SAT satellite network operated by the company Viasat. This hacking took place just before the invasion of Ukraine by Russia, in order to sabotage Ukrainian communications.
Satellites out of order to facilitate the invasion of Ukraine
This cyber attack took place in February 2022. By targeting this network of satellites, the Russian government triggered blackouts all over Europe just hours before Russia launched its invasion of Ukraine. In a joint statement, the Western states said that “the European Union and its member states, as well as its international partners, strongly condemn the malicious cyber attack by the Russian Federation against Ukraine.”.
Russian May 9 celebrations disrupted by several hacks
While the main target of this attack was obviously the Ukrainian government and its army, which rely heavily on satellite communications, the attack also affected the communications of thousands of customers of Viasat in Ukraine and tens of thousands of customers within Europe. In Germany, for example, the cyberattack disconnected remote access to 5,800 wind turbines, which relied on Viasat’s technologies for remote monitoring and control.
Western countries blame Russia
According to the company Viasat, “the cyberattack damaged tens of thousands of terminals that cannot be repaired at this time.”. For its part, the European Union believes that this cyberattack on satellites is unacceptable and that it is a new example of the “irresponsible behavior of Russia”. The member states are considering new sanctions and the implementation of measures to “prevent, deter, dissuade, and respond to such malicious behavior.”.
This incident is the result of a new strain of Russian malware called “AcidRain”. This malware was designed to remotely wipe vulnerable modems. Viasat confirmed to cybersecurity researchers who investigated the attack that their findings were consistent with those of the analysis conducted by the company. The researchers noted similarities between AcidRain and VPNFilter, a malware used in 2018, attributed at the time to Russian military intelligence by the FBI. Behind this malware is the Fancy Bear group, or APT28.
Hackers supported by the Kremlin, behind the attacks on the World Anti-Doping Agency in 2019 at the time when it had declared that it wanted to undertake tests on Russian athletes.