The US and European Union on Tuesday said Russia was responsible for a cyberattack in February that crippled a satellite network in Ukraine and neighboring countries, disrupting communications and a wind farm used to generate electricity.
The February 24 attack unleashed wiper malware that destroyed thousands of satellite modems used by customers of communications company Viasat. A month later, security firm SentinelOne said an analysis of the wiper malware used in the attack shared multiple technical similarities to VPNFilter, a piece of malware discovered on more than 500,000 home and small office modems in 2018. Multiple US government agencies attributed VPNFilter to Russian state threat actors.
Tens of thousands of modems taken out by AcidRain
“Today, in support of the European Union and other partners, the United States is sharing publicly its assessment that Russia launched cyber attacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the invasion, and those actions had spillover impacts into other European countries,” US Secretary of State Antony Blinken wrote in a statement. “The activity disabled very small aperture terminals in Ukraine and across Europe. This includes tens of thousands of terminals outside of Ukraine that, among other things, support wind turbines and provide Internet services to private citizens.”