The European Union and UK are officially blaming the Russian government for the Feb. 24th hack that targeted satellite internet provider Viasat.
On Tuesday, both the EU and UK condemned the Kremlin for the cyber attack, which caused internet outages for thousands of Viasat customers across Europe.
In response, the EU is mulling whether to punish Russia. “The European Union, working closely with its partners, is considering further steps to prevent, discourage, deter and respond to such malicious behaviour in cyberspace,” the governing body said.
The hack occurred an hour before Russia began its invasion of Ukraine, according to the UK. The goal was to shut down satellite internet access for Ukraine’s military. However, the ensuing hack also ensnared consumer and commercial customers, including wind farm operators in Europe.
The EU didn’t elaborate on the evidence linking Russia to the hack on Viasat. But the UK cited an analysis from its National Cyber Security Centre, which found that it was “almost certain Russia was responsible.” The US also contributed intelligence suggesting the Kremlin was behind the attack, the UK added.
Security researchers have uncovered the malware likely responsible for causing the disruption at Viasat. Dubbed AcidRain, the malware is designed to erase data from modems and routers, and has similarities with another malware strain that’s been connected to Russian state-sponsored hackers, according to the security firm SentinelOne.
In the meantime, the EU is concerned the continent could suffer a similar incident in the future, citing how Russia continues to bombard Ukraine with destructive malware attacks.
“Cyberattacks targeting Ukraine, including against critical infrastructure, could spill over into other countries and cause systemic effects putting the security of Europe’s citizens at risk,” the EU said.
Recommended by Our Editors
Viasat didn’t immediately respond to a request for comment. But the US company has previously said the hackers exploited a misconfigured VPN device to access its network. The ensuing cyber attack then caused the shutdown of tens of thousands modems across Europe.
To restore the network, Viasat has been releasing over-the-air updates to the affected modems. It’s also shipped 30,000 new modems to distributors to help bring customers back online.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.