Russia’s cyber war on Ukraine

Less than an hour before Russian troops invaded Ukraine, hackers targeted the ground infrastructure of U.S. satellite company Viasat, partially blocking internet access in Europe

Viasat Inc.’s satellite KA-SAT is orbiting at 11, 265km/h – in sync with Earth’s rotation

2 KA-SAT: Malware does not damage satellite, but uses its 82 spot beams that cover Europe with high-speed internet

3 Beams picked up by thousands of satellite dishes
                                                                                                      Spot beam
    
1 Feb 24, 2022, VPN: Malware to attack Ukraine uploaded via virtual private network in Italy

4 MODEMS: Malware destroys some 45,000 satcom modems with junk data, wiping main flash memory clean

Mar: Viasat traces wiper malware to Eutelsat/Skylogic management network server in Turin.
American cybersecurity company SentinelOne finds AcidRain malware contains code named ukrop,
possibly for Ukraine Operation

Apr: Viasat replaces some 30,000 SurfBeam modems to bring customers back online

May 10: U.S. State Department, UK’s National Cyber Security Centre and Council of the European Union accuse Russia’s GRU military intelligence agency of attack

Sep: Russian diplomat Konstantin Vorontsov warns that commercial satellites used to support enemy militaries may also become
“a legitimate target for retaliation”
            

Sources: Bloomberg, CrowdStrike, IOActive, MIT Technology Review, Viasat © GRAPHIC NEWS