Loading AI tools
Cyber attack on US communications compoany Viasat From Wikipedia, the free encyclopedia
The Viasat hack was a cyberattack against the satellite internet system of American communications company Viasat which affected their KA-SAT network. The hack happened on the day of Russia's invasion of Ukraine.[1] Only the broadband customers were targeted.
This article's lead section contains information that is not included elsewhere in the article. (April 2023) |
On February 23, 2022, hackers targeted a VPN installation, in a Turin management center, which provided network access to administrators and operators. The hackers gained access to management servers that gave them access to information about company’s modems. After a few hours, the hackers gained access to another server that delivered software updates to the modems which allowed them to deliver the wiper malware AcidRain.[2]
On 24 February, 2022, the day Russia invaded Ukraine, thousands of Viasat modems went offline.[3] The attack caused the malfunction in the remote control of 5,800 Enercon wind turbines in Germany and disruptions to thousands of organizations across Europe.[4]
On 31 March, 2022, SentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen announced the discovery of a new wiper malware codenamed AcidRain designed to permanently disable routers.[5] Viasat later confirmed that the AcidRain malware was used during the 'cyber event'.[6] AcidRain shares code with VPNFilter, a 2018 cyber operation against routers attributed to the Russian military by the FBI.[7]
On 10 May, 2022, the European Union condemned the attack targeting Viasat's KA-SAT network as a Russian operation.[8]