Security News > 2022 > March > Viasat shares details on KA-SAT satellite service cyberattack
US satellite communications provider Viasat has shared an incident report regarding the cyberattack that affected its KA-SAT consumer-oriented satellite broadband service on February 24, the day Russia invaded Ukraine.
Today's incident report comes after the KA-SAT satellite network - "Used intensively by the Ukrainian military" - was affected by a cyberattack that triggered satellite service outages in Central and Eastern Europe.
"Ultimately, tens of thousands of modems that were previously online and active dropped off the network, and these modems were not observed attempting to re-enter the network," Viasat explained.
Viasat says the attackers took down the customers' residential modems by breaching the management network and issuing management commands to overwrite the devices' flash memory, rendering them unable to reconnect to the network but not bricking them altogether.
"Subsequent investigation and forensic analysis identified a ground-based network intrusion by an attacker exploiting a misconfiguration in a VPN appliance to gain remote access to the trusted management segment of the KA-SAT network," Viasat added.
"The attacker moved laterally through this trusted management network to a specific network segment used to manage and operate the network, and then used this network access to execute legitimate, targeted management commands on a large number of residential modems simultaneously."