Viasat spills on the Russian attack, warns of continued risks

2022-03-30 16:45

It turns out the only thing Russian forces needed to knock thousands of Ukrainian satellite broadband customers offline was a misconfigured VPN. Viasat, whose Ukrainian satellite broadband service was knocked offline the day Russia invaded Ukraine, said its analysis of the attack revealed a poorly configured VPN appliance was used by the attacker to access the trusted management section of the KA-SAT satellite network.

"These destructive commands overwrote key data in flash memory on the modems, rendering the modems unable to access the network, but not permanently unusable," Viasat said today.

That's timely given what an unnamed Viasat representative told Reuters: The attacks are still happening.

While Viasat has resisted the attacks so far, the official said the attackers continue to adapt to their mitigations and defenses.

The investigation is ongoing, and Viasat said elsewhere it was leaving out some specifics, but it believes the attacks were designed to interrupt service.

Viasat's analysis of modems that were affected by the attack found no evidence of hardware damage, software or firmware tampering or supply-chain interference.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/30/viasat_spills_on_russian_attack/

#attack #russian

News URL

Related news