The U.S., European Union and Great Britain have officially laid blame for the Viasat cyberattack on Russia.
The attack took place in the hours before the Russian invasion of Ukraine. While aimed at Ukrainian users, including their military, it affected the U.S., EU and UK users too.
The announcement reads:
This unacceptable cyberattack is yet another example of Russia’s continued pattern of irresponsible behavior in cyberspace, which also formed an integral part of its illegal and unjustified invasion of Ukraine,”
Such behavior is contrary to the expectations set by all UN Member States, including the Russian Federation, of responsible State behavior and the intentions of States in cyberspace.
Viasat is a U.S. company that provides satellite internet to civilians and government customers. It provides a range of home and small business internet, aviation and defense services and supporting services around connectivity.
One Viasat customer is the Ukrainian military.
For obvious reasons, Russia wanted to disrupt their access to communications and satellite broadband. That’s why they attacked the Viasat network on 24 February 2022, just hours before the invasion.
Unfortunately, there was collateral damage across the European Union with thousands of users cut off from the internet.
Apparently, windfarms across central Europe also lost communications with their control, which just added to the disruption.
According to releases, the attack utilized the ‘AcidRain’ malware that completely wipes devices connected to the network. Viasat said this had rendered thousands of devices useless although the core network and satellites where not damaged in the attack. Despite it being a while ago now, the scale of the damage caused has meant some customers are still without internet.
Routers have to be completely replaced. As there are estimated to be tens of thousands of them, it will take some time to replace them all. Replacements are flowing out though. Viacom said they have shipped over 30,000 so far with more to follow.
This isn’t the first time Russia has attacked Ukraine using cyber. They also used the Whispergate malware to deface Ukrainian government websites early in the war.
There were fears the Russian GRU, the organization in charge of hacking, would do more damage. So far, they haven’t been able to, that we know of.
The UK and U.S. governments have worked with Ukraine since Crimea to train them sufficiently to defend against Russian cyber-aggression.
It seems that is working, or mostly working, so far.