US satellite operator says ongoing cyberattack at the start of war in Ukraine affected tens of thousands of customers

Bestinau got that-

It’s the most detailed public account yet of one of the war’s most sweeping hacks. US officials are investigating the incident as a possible Russian state-sponsored cyberattack, CNN previously reported.

The hackers not only flooded the satellite modems of Viasat, a California-based company, with traffic to take them offline, but also used “destructive commands” to overwrite important data on the modems, Viasat said in its report — a sign of how determined the hackers were to disrupt services in Ukraine.

The hack took place on February 24, when the Russian military launched their attack on Ukraine. A leading Ukrainian cyber official, Victor Zhora, called the March 15 hack “a huge loss of communication in the very beginning of the war”.

Reuters reported on the Viasat findings for the first time on Wednesday.

Viasat has been working hard in recent weeks to respond to the hack. It has shipped nearly 30,000 modems to customers to get them back online, the company said Wednesday.

“The nature of these and other ongoing attacks that we routinely see is dynamic, and we are constantly updating our tools and solutions to ensure the network is stable and secure,” a Viasat spokesperson told CNN.

The US government is still investigating the hack.

“We have no attribution to share at this time and are watching this closely,” National Security Council spokesman Saloni Sharma said in an email on Wednesday. “As we have said, we are concerned about the apparent use of cyber operations to disrupt communications systems in Ukraine and across Europe and affect businesses and individuals’ access to the Internet.”

Viasat hired US cybersecurity firm Mandiant to investigate the incident. Mandiant did not immediately respond to a request for comment.

The hack affected residential modems on Viasat’s KA-SAT satellite network, Viasat said Wednesday. “This cyberattack did not affect Viasat’s directly managed mobility or government users on the KA-SAT satellite,” the company added.

“Unsurprisingly, the effects of the attack were not limited to residential Viasat customers on Ukrainian soil,” Brian Kime, vice president at cybersecurity firm ZeroFox, told CNN. Collateral damage occurs in all wars and had this been orchestrated by Putin’s government and successfully targeting Viasat’s government and military clients, there could easily have been a similar impact on non-Ukrainian clients, including NATO members. “

The battle for communications during the war in Ukraine has made satellite owners and other telecommunications providers a prime target for hacking.

Triolan, an internet service provider with customers in key Ukrainian cities, said on March 10 that a cyber attack had disrupted service and blamed “the enemy” in a clear reference to Russia.

For their part, Ukrainian officials have encouraged volunteer hackers to target Russian organizations involved in the war.

Leave a Comment