Post by account_disabled on Sept 12, 2023 9:20:21 GMT
When Russia invaded Ukraine on February 24, 2022, it not only launched a ground attack but also launched a space attack on Ukraine's data connections. On March 30, 2022, satellite service provider Viasset announced that “KA-SAT’s consumer satellite broadband services were partially disrupted as a result of a multifaceted and intentional cyberattack on Viasset’s KA-SAT network.” “He said.
ⓒ Getty Images Bank
According to Viaset, the cyberattack affected thousands Phone Number List of customers in Ukraine and tens of thousands of other fixed broadband customers across Europe. Remote monitoring and control of 5,800 wind turbines with a total capacity of 11 GW owned by Germany's Enercon were also affected.
The threat actor launched a supply chain attack using the KA-SAT management mechanism to distribute wipers designed for modems and routers,” said Sentinel Labs’ post-attack report. “These wipers overwrite critical data within the modem’s flash memory, resulting in the modem becoming inoperable and requiring reinstallation/update or replacement,” he concluded. It added that the wiper in question was AcidRaid, “ELP MIPS malware aimed at wiping data from modems and routers.”
There is a possibility of civilian casualties
According to a statement from a Viaset official via email, Viasset has never confirmed whether it is accurate to characterize this as a “supply chain attack” and claimed that there is no evidence that it was a supply chain attack.
According to the Cyber Threat section of the CyberPeace Institute website, the attack “primarily affected Ukrainian civilians who did not have access to reliable information provided by the government during the conflict. “Recovery times varied; some people were without internet for two weeks.”
Regarding this, Craig Miller, Viasat government systems representative, said, “Viasat worked with operators to implement immediate updates to stabilize the network and defend against additional tactics. By leveraging its in-house cyber expertise and capabilities, Viasat was able to maintain the safety and security of the majority of KA-SAT users and initiate a rapid operational response to get users affected by the network outage back online as quickly as possible. “He said.
Every spaceship has vulnerabilities
Space-based communications satellites provide a wide range of services to academic, business, commercial, government, and military users, as well as satellite broadband. Therefore, to provide these services, control software mounted on satellites, data links between satellites and earth base stations, ground-based data networks and equipment such as modems that connect to them all act as attack points and become attractive targets for hackers.
While the Viasat KA-SAT malware attack was clearly aimed at blocking Ukrainian civilians' access to the Internet, cyberattacks involving space-based data systems are very diverse. Randall K. Nichols, vice chair of the Self-Healing Systems Branch of the Institute of Electrical and Electronics Engineers (IEEE), said, “The widespread impact on commercial and military assets initially resulted in disruption of GNSS/GPS navigation signals and the need for more powerful systems. “I thought it was a satellite communication attack caused by signal forgery, which was a threat,” he said.
“From an IT perspective, any spacecraft that needs navigation support… “It is essentially a Supervisory Control and Data Acquisition (SCADA) system that carries with it all vulnerabilities and is exposed to various IT/cyber/system threats,” he explained.
“Cyberattacks against space assets and services have clearly increased, with government and commercial networks defending against threats every day,” Miller said. But the environment that everyone is working in today is different than it was 5, 10, 15 years ago. Attacks from all kinds of enemies are becoming more frequent and sophisticated. So government and commercial networks must adapt their defenses to prepare for this.
ⓒ Getty Images Bank
According to Viaset, the cyberattack affected thousands Phone Number List of customers in Ukraine and tens of thousands of other fixed broadband customers across Europe. Remote monitoring and control of 5,800 wind turbines with a total capacity of 11 GW owned by Germany's Enercon were also affected.
The threat actor launched a supply chain attack using the KA-SAT management mechanism to distribute wipers designed for modems and routers,” said Sentinel Labs’ post-attack report. “These wipers overwrite critical data within the modem’s flash memory, resulting in the modem becoming inoperable and requiring reinstallation/update or replacement,” he concluded. It added that the wiper in question was AcidRaid, “ELP MIPS malware aimed at wiping data from modems and routers.”
There is a possibility of civilian casualties
According to a statement from a Viaset official via email, Viasset has never confirmed whether it is accurate to characterize this as a “supply chain attack” and claimed that there is no evidence that it was a supply chain attack.
According to the Cyber Threat section of the CyberPeace Institute website, the attack “primarily affected Ukrainian civilians who did not have access to reliable information provided by the government during the conflict. “Recovery times varied; some people were without internet for two weeks.”
Regarding this, Craig Miller, Viasat government systems representative, said, “Viasat worked with operators to implement immediate updates to stabilize the network and defend against additional tactics. By leveraging its in-house cyber expertise and capabilities, Viasat was able to maintain the safety and security of the majority of KA-SAT users and initiate a rapid operational response to get users affected by the network outage back online as quickly as possible. “He said.
Every spaceship has vulnerabilities
Space-based communications satellites provide a wide range of services to academic, business, commercial, government, and military users, as well as satellite broadband. Therefore, to provide these services, control software mounted on satellites, data links between satellites and earth base stations, ground-based data networks and equipment such as modems that connect to them all act as attack points and become attractive targets for hackers.
While the Viasat KA-SAT malware attack was clearly aimed at blocking Ukrainian civilians' access to the Internet, cyberattacks involving space-based data systems are very diverse. Randall K. Nichols, vice chair of the Self-Healing Systems Branch of the Institute of Electrical and Electronics Engineers (IEEE), said, “The widespread impact on commercial and military assets initially resulted in disruption of GNSS/GPS navigation signals and the need for more powerful systems. “I thought it was a satellite communication attack caused by signal forgery, which was a threat,” he said.
“From an IT perspective, any spacecraft that needs navigation support… “It is essentially a Supervisory Control and Data Acquisition (SCADA) system that carries with it all vulnerabilities and is exposed to various IT/cyber/system threats,” he explained.
“Cyberattacks against space assets and services have clearly increased, with government and commercial networks defending against threats every day,” Miller said. But the environment that everyone is working in today is different than it was 5, 10, 15 years ago. Attacks from all kinds of enemies are becoming more frequent and sophisticated. So government and commercial networks must adapt their defenses to prepare for this.