The Five Eyes nations comprising Australia, Canada, New Zealand, the U.K., and the U.S., along with Ukraine and the European Union, formally pinned Russia for masterminding an attack on an international satellite communication (SATCOM) provider that had “spillover” effects across Europe.
The cyber offensive, which took place one hour before the Kremlin’s military invasion of Ukraine on February 24, targeted the KA-SAT satellite network operated by telecommunications company Viasat, crippling the operations of wind farms and internet users in central Europe.
Viasat, in late March, disclosed that it had shipped nearly 30,000 modems to distributors to restore service to customers whose modems were rendered unusable.
“This cyber-attack had a significant impact causing indiscriminate communication outages and disruptions across several public authorities, businesses, and users in Ukraine, as well as affecting the several E.U. Member States,” the Council of the European Union said.
Calling it a deliberate and unacceptable cyberattack, the nations pointed fingers at Russia for its “continued pattern of irresponsible behavior in cyberspace, which also formed an integral part of its illegal and unjustified invasion of Ukraine.”
The U.S. State Department said the digital assaults against commercial satellite communications networks were orchestrated to disrupt Ukrainian military command-and-control capabilities during the invasion.
An analysis from cybersecurity firm SentinelOne published last month revealed that the intrusion aimed at Viasat involved the use of a data-wiping malware dubbed AcidRain that’s designed to remotely sabotage tens of thousands of vulnerable modems.
Furthermore, the discovery unearthed similarities between AcidRain and “dstr,” a third-stage wiper module in VPNFilter, a botnet malware previously attributed to Russia’s Sandworm group.
Besides the Viasat attacks, Australia and Canada also blamed the Russian government for targeting the Ukrainian banking sector in February 2022, COVID-19 vaccine research and development in 2020, and interfering in Georgia’s 2020 parliamentary elections.
The attribution comes as Ukraine has been at the receiving end of a number of destructive attacks directed at public and private sector networks since the start of the year, launched as part of Russia’s “hybrid” warfare strategy in concert with ground warfare.
The U.K.’s National Cyber Security Centre (NCSC) noted that Russian military intelligence agencies were “almost certainly” involved in the deployment of WhisperGate wiper malware and the defacements of several Ukrainian websites in January 2022. Read more: https://bit.ly/3PhUpTo
You can also read this: Ukraine Warns of Cyberattack Aiming to Hack Users’ Telegram Messenger Accounts