Jump to content

Main menu Navigation ●Main page ●Contents ●Current events ●Random article ●About Wikipedia ●Contact us ●Donate Contribute ●Help ●Learn to edit ●Community portal ●Recent changes ●Upload file

●Create account ●Log in ●Create account ● Log in Pages for logged out editors learn more ●Contributions ●Talk

(Top) 1 Events 2 References 3 External links

Viasat hack

Add links ●Article ●Talk ●Read ●Edit ●View history Tools Actions ●Read ●Edit ●View history General ●What links here ●Related changes ●Upload file ●Special pages ●Permanent link ●Page information ●Cite this page ●Get shortened URL ●Download QR code ●Wikidata item Print/export ●Download as PDF ●Printable version Appearance From Wikipedia, the free encyclopedia

This article's lead section contains information that is not included elsewhere in the article. If the information is appropriate for the lead of the article, this information should also be included in the body of the article. (April 2023) (Learn how and when to remove this message)

The Viasat hack was a cyberattack against the satellite internet system of American communications company Viasat which affected their KA-SAT network. The hack happened on the day of Russia's invasion of Ukraine.^[1] Only the broadband customers were targeted.

Events

[edit]

On February 23, 2022, hackers targeted a VPN installation, in a Turin management center, which provided network access to administrators and operators. The hackers gained access to management servers that gave them access to information about company’s modems. After a few hours, the hackers gained access to another server that delivered software updates to the modems which allowed them to deliver the wiper malware AcidRain.^[2]

On 24 February, 2022, the day Russia invaded Ukraine, thousands of Viasat modems went offline.^[3] The attack caused the malfunction in the remote control of 5,800 Enercon wind turbines in Germany and disruptions to thousands of organizations across Europe.^[4]

On 31 March, 2022, SentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen announced the discovery of a new wiper malware codenamed AcidRain designed to permanently disable routers.^[5] Viasat later confirmed that the AcidRain malware was used during the 'cyber event'.^[6] AcidRain shares code with VPNFilter, a 2018 cyber operation against routers attributed to the Russian military by the FBI.^[7]

On 10 May, 2022, the European Union condemned the attack targeting Viasat's KA-SAT network as a Russian operation.^[8]

References

[edit]

^ Mott, Nathaniel (2022-03-12). "Report: NSA Investigates Viasat Hack That Coincided With Ukraine Invasion". PCMag. Archived from the original on 2023-04-07. Retrieved 2023-04-07.

^ Greig, Jonathan (11 August 2023). "NSA, Viasat say 2022 hack was two incidents; Russian sanctions resulted from investigation". therecord.media. Retrieved 2024-03-06.

^ Burgess, Matt (23 March 2022). "A Mysterious Satellite Hack Has Victims Far Beyond Ukraine". Wired. ISSN 1059-1028. Archived from the original on 2024-01-27. Retrieved 2024-07-17.

^ Sheahan, Maria; Steitz, Christoph; and Rinke, Andreas (2022-02-28). Murray, Miranda and Baum, Bernadette (eds.). "Satellite outage knocks out thousands of Enercon's wind turbines". Reuters. Archived from the original on 2023-04-08. Retrieved 2023-04-07.

^ Goodin, Dan (31 March 2022). "Mystery solved in destructive attack that knocked out >10k Viasat modems". Ars Technica. Archived from the original on 26 March 2023. Retrieved 7 April 2023.

^ Guerrero-Saade, Juan Andres (31 March 2022). "AcidRain: A Modem Wiper Rains Down on Europe". SentinelLabs. Archived from the original on 2024-01-15. Retrieved 2023-04-07.

^ "Justice Department Announces Actions to Disrupt Advanced Persistent Threat 28 Botnet of Infected Routers and Network Storage Devices". U.S. Department Of Justice. 23 May 2018. Archived from the original on 19 April 2023. Retrieved 7 April 2023.

^ "Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union". Council of the EU. 10 May 2022. Archived from the original on 2024-01-28. Retrieved 2023-04-07.

External links

[edit]

KA-SAT Network cyber attack overview - from Viasat

Hacking in the 2020s

← 2010s

Timeline

2030s →

Major incidents

2020	BlueLeaks Twitter account hijacking European Medicines Agency data breach Nintendo data leak United States federal government data breach EasyJet data breach Vastaamo data breach
2021	Microsoft Exchange Server breach Ivanti Pulse Connect Secure data breach Colonial Pipeline ransomware attack Health Service Executive ransomware attack Waikato District Health Board ransomware attack JBS S.A. ransomware attack Kaseya VSA ransomware attack Transnet ransomware attack Epik data breach FBI email hack National Rifle Association ransomware attack Banco de Oro hack
2022	Ukraine cyberattacks Red Cross data breach Anonymous and the Russian invasion of Ukraine Viasat hack DDoS attacks on Romania Costa Rican ransomware attack LastPass vault theft Shanghai police database leak Grand Theft Auto VI content leak
2023	Munster Technological University ransomware attack Evide data breach MOVEit data breach Insomniac Games data breach Polish railway cyberattack British Library cyberattack
2024	XZ Utils backdoor Kadokawa and Niconico

Groups

Individuals

Major vulnerabilities
publicly disclosed

SMBGhost (2020)
Thunderspy (2020)
PrintNightmare (2021)
FORCEDENTRY (2021)
Log4Shell (2021)
Account pre-hijacking (2022)
Retbleed (2022)
Downfall (2023)
LogoFAIL (2023)
Reptar (2023)
Terrapin (2023)
GoFetch (2024)

Malware

2020

2021

Predator

2022

Retrieved from "https://en.wikipedia.org/w/index.php?title=Viasat_hack&oldid=1235088634" Categories: ●2022 in computing ●Cyberattacks ●Hacking in the 2020s ●February 2022 crimes in Europe ●Russian–Ukrainian cyberwarfare Hidden categories: ●Articles with short description ●Short description matches Wikidata ●Wikipedia introduction cleanup from April 2023 ●All pages needing cleanup ●Articles covered by WikiProject Wikify from April 2023 ●All articles covered by WikiProject Wikify ●This page was last edited on 17 July 2024, at 16:36 (UTC). ●Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. ●Privacy policy ●About Wikipedia ●Disclaimers ●Contact Wikipedia ●Code of Conduct ●Developers ●Statistics ●Cookie statement ●Mobile view