Cyber Attacks are common throughout all of the internet, no matter how small or large the target. Additionally, this is also an efficient tactic used in military forces.
They could be used to block communications in the target country, steal funds from the other military or even cause mass shutdown in IT Network infrastructure.
In this blog we will go over the most recent Cyber Attack on Ukraine, specifically, on Viasat.
Details of the Cyber Attack
This is the most recent Cyber Attack on Ukraine. It occurred on the 24th of February- approximately one hour before Russia launched its major invasion of Ukraine. The NCSC assesses that Russia was almost certainly responsible for the attack.
Specifically, the attack disrupted broadband satellite internet access. Furthermore, the attack disabled modems that communicate with Viasat Inc’s KA-SAT satellite network, which supplies internet access to tens of thousands of people in Ukraine and Europe. This implies that the impacts of this attack aren’t limited to just Ukraine.
Although the primary target is believed to have been the Ukrainian military, other customers were affected. Personal/commercial internet users and Wind farms in central Europe and internet users also suffered from this attack.
The Cyber Attack itself
Researchers from SentinelLabs believe that the attack was the result of a new strain of wiper malware called “AcidRain”.
The design of this malware was to remotely erase vulnerable modems and routers. Because of this, we believe that the purpose of this attack was to cause service disruption, instead of stealing data.
On the 24th February 2022, high volumes of focused, malicious traffic were detected from several SurfBeam2 and SurfBeam 2+ modems which were physically located within Ukraine.
This confirms the Cyber Attack type as a targeted Denial of Service attack. This made it difficult for many modems to remain online.
Now we know the motive behind the attack and the details on how it was orchestrated, next we will examine the impacts of this Cyber Attack.
Impacts
As previously mentioned, the attack also affected personal and commercial users in Ukraine and beyond. This included a loss of internet access and disruptions to systems in the energy sector. Some reported that their internet access was offline for more than two weeks.
In addition, around a third of 40,000 subscribers of another satellite internet service provider in Europe were affected.
Overall, this attack impacted several thousand customers located in Ukraine and tens of thousands of other fixed broadband customers across Europe.
Not only does this imply many people suffered from this service disruption, but also businesses too. We speculate that this was an attempt from Russia to weaken Ukraine’s communications and loosen their control on the country before the invasion.
Mitigation
On the other hand, Viasat worked with Skylogic to implement several mitigation and recovery actions to restore network stability since the attack.
Luckily, the network was largely stabilized within hours and fully stabilized within several days.
Lastly, since the attack, Viasat has worked with its distributors to restore service to all customers whose modems were rendered inoperable.
Viasat has already shipped nearly 30,000 modems to distributors to bring customers back online as quickly as possible.
Conclusion
There’s no doubt that Cyber Attacks like these only highlight the danger and possible impacts of the many threats on the internet.
This is why at Solutions 4 IT, we commonly highlight the importance of a business investing in their Cyber Security.
This concludes our blog on the Viasat Cyber Attack in Ukraine. We hope you have found this blog informational. Be sure to keep up-to date with our latest IT News and Knowledgebase article releases. Thank you for reading.
