US and the EU Accuse Russia of Hacking into Satellite Modems in Ukraine

US and the EU accuse Russia of hacking into satellite modems in Ukraine

The European Union (EU) formally accused Russia of organizing a cyberattack against satellite Internet modems in Ukraine on February 24, barely one hour before Russia attacked Ukraine.

Viasat’s consumer-oriented satellite internet service, KA-SAT, was the focus of the attack.

According to Viasat, it affected thousands of Ukrainian clients and tens of thousands of other broadband consumers across Europe.

The satellite internet disruption also knocked out modems that controlled some 5,800 wind turbines across Germany.

Viasat revealed a week after the incident that the satellite modems targeted were deleted using Acid Rain data-destroying malware.

Russia is behind the KA-SAT cyberattack, according to the European Union and the United Kingdom.

“The European Union, its Member States, and international partners strongly condemn the Russian Federation’s malicious cyber activity targeting Viasat’s satellite KA-SAT network,” said Josep Borrell Fontanelles, EU High Representative for Foreign Affairs and Security Policy and Vice-President of the European Commission.

“This cyberattack had a massive impact, causing widespread communication failures and disruptions across multiple Ukrainian government organizations, businesses, and individuals, as well as affecting other EU Member States.”

The UK Foreign, Commonwealth and Development Office also issued a statement today alleging Russia of being behind the February 24 cyberattack on Viasat modems in Ukraine.

According to the UK’s news release, “new UK and US intelligence reveals Russia was behind an operation targeting commercial communications company Viasat in Ukraine.”

“Today’s news comes as cyber security leaders from the Five Eyes, the EU, and international partners gather in Newport for the NCSC’s Cyber UK conference to discuss the world’s cyber dangers,” said the NCSC.

The US government is likely to issue a statement later today

The US government said in March that it was investigating the Viasat hack as a probable Russian state-sponsored cyberattack, though the Biden administration has yet to release a joint statement with its European allies.

The US National Security Agency (NSA) also stated at the time that an inter-agency and allied effort was underway to “assess the scope and severity of the incident,” which involved Ukrainian intelligence.

CISA and the FBI issued a joint advisory following the incident, warning US entities of “possible risks” to SAT COM networks in the US and around the world.

“This terrible cyberattack is just another illustration of Russia’s long trend of irresponsible cyber conduct,” Fontanelles continued.

“Such action, including that of the Russian Federation, runs opposed to all UN Member States’ expectations of responsible State behavior and intentions in cyberspace.”

Update: Following the publication of this story, the US Department of State issued a statement blaming Russia for the cyberattack on Viasat internet modems in Ukraine (also updated the title to match this update).

The US is sharing publicly today, in support of the European Union and other partners, its assessment that Russia launched cyberattacks against commercial satellite communications networks in late February to disrupt Ukrainian command and control during the invasion, with spillover effects into other European countries. Very small aperture terminals throughout Ukraine and Europe were deactivated as a result of the activities. There are tens of thousands of terminals outside of Ukraine that support wind turbines and give Internet services to private users, among other things. – US State Department

Source

Share this on

Facebook
LinkedIn
Twitter
Pinterest
Email
WhatsApp
Telegram
Skype