• F1: Qatar GP 2023 interactive (Interactive)
  • SCIENCE: Future supercontinent could wipe out humans (Graphic DUE Sep 27, 14:00GMT)
  • MILITARY: Risks of African coups (Graphic DUE Sep 27, 15:00GMT)
  • BUSINESS: Rare dinosaur “Barry” up for auction (Graphic DUE Sep 27, 16:00GMT)
  • CRICKET: ICC Cricket World Cup 2023 team guide (Graphic DUE Sep 27, 17:00GMT)
  • SPACE: Jupiter’s moon hosts key ingredient to life (Graphic DUE Sep 27, 17:00GMT)
  • For full details of graphics available/in preparation, see Menu -> Planners
 Russischer Cyber Krieg infographic
Grafik zeigt die bekannten Folgen der Events durch den russischen Cyber- angriff in der Ukraine.


Russischer Cyber Krieg gegen die Ukraine

By Duncan Mil

March 3, 2023 - Weniger als eine Stunde vor Einmarsch russischer Truppen in die Ukraine, haben Hacker die Boden-Infrastruktur der Satellitenfirma Viasat angegriffen, konnten teilweise Internetanschlüsse in Europa blockieren.

The 2023 CrowdStrike Global Threat Report, released this week, highlights the use of AcidRain malware which appeared explicitly designed to disrupt Viasat satellite communications network segments providing internet connectivity to Ukraine.

In what might have been an unintended spillover effect, at least three internet service providers across Europe were also affected, resulting in outages for tens of thousands of customers and the disruption of around 5,800 wind turbines operated by Enercon in Germany.

Researchers have confirmed that the attacker entered AcidRain malware through a vulnerable virtual private network or VPN controlled by Skylogic in Turin, Italy. VPN software only allows authorised users to join a company’s internal network remotely.

From there, the malware moved into one of Viasat’s crown jewels, “the trusted management segment of the KA-SAT network,” according to a report released by Viasat.

Although the KA-SAT was not itself damaged, the attacker sent commands to thousands of modems via the satellite’s 82 spot beams received by satellite dishes around Europe.

Once in the ground network, the AcidRain malware attacked the flash memory of Viasat’s SurfBeam modems. As a result, some 45,000 modems and routers were flooded with junk data, wiping out the flash memory. By April, Viasat shipped 30,000 replacement modems to bring customers back online.

CrowdStrike reports that Russia’s cyber
operations against Ukraine continue, but with a marked reduction in capability, likely reflecting a lack of planning beyond the Kremlin’s expectations of a short military conflict.

PUBLISHED: 03/03/2023; STORY: Graphic News