![]() |
This article's lead section contains information that is not included elsewhere in the article. If the information is appropriate for the lead of the article, this information should also be included in the body of the article. (April 2023) (Learn how and when to remove this message)
|
The Viasat hack was a cyberattack against the satellite internet system of American communications company Viasat which affected their KA-SAT network. The hack happened on the day of Russia's invasion of Ukraine.[1] Only the broadband customers were targeted.
On February 23, 2022, hackers targeted a VPN installation, in a Turin management center, which provided network access to administrators and operators. The hackers gained access to management servers that gave them access to information about company’s modems. After a few hours, the hackers gained access to another server that delivered software updates to the modems which allowed them to deliver the wiper malware AcidRain.[2]
On 24 February, 2022, the day Russia invaded Ukraine, thousands of Viasat modems went offline.[3] The attack caused the malfunction in the remote control of 5,800 Enercon wind turbines in Germany and disruptions to thousands of organizations across Europe.[4]
On 31 March, 2022, SentinelOne researchers Juan Andres Guerrero-Saade and Max van Amerongen announced the discovery of a new wiper malware codenamed AcidRain designed to permanently disable routers.[5] Viasat later confirmed that the AcidRain malware was used during the 'cyber event'.[6] AcidRain shares code with VPNFilter, a 2018 cyber operation against routers attributed to the Russian military by the FBI.[7]
On 10 May, 2022, the European Union condemned the attack targeting Viasat's KA-SAT network as a Russian operation.[8]
Hacking in the 2020s
| |||||||
---|---|---|---|---|---|---|---|
Major incidents |
| ||||||
Groups |
| ||||||
Individuals |
| ||||||
Major vulnerabilities publicly disclosed |
| ||||||
Malware |
|