Malicious update anchored worst cyberattack of war
A malicious software command that immediately crippled tens of thousands of modems across Europe anchored the cyberattack on a satellite network used by Ukraine's government and military just as Russia invaded, the satellite owner disclosed Wednesday.
The owner, U.S.-based Viasat, issued a statement providing details for the first time of how the most serious known cyberattack of the Russia-Ukraine war unfolded. The wide-ranging attack affected users from Poland to France, getting quick notice by knocking off remote access to thousands of wind turbines in central Europe.
Viasat would not say who it believed was responsible for the attack when asked separately by The Associated Press. Ukrainian officials blame Russian hackers.
The Viasat attack, coming just as Russia was launching its invasion, was considered at the time by many a harbinger of serious cyberattacks that could extend beyond Ukraine. Such attacks haven't yet materialized, though security researchers say the most impactful war-related cyber operations are likely occurring in the shadows, focused on intelligence-gathering.
A free-for-all of lesser attacks, many apparently carried out by volunteers, have been launched against both Russia and Ukraine. A persistent drumbeat of malicious hacking that Ukrainian officials and cybersecurity researchers blame on Russia-affiliated attackers has plagued Ukraine throughout the more than monthlong conflict.
One of the most serious hacks largely knocked off line the internet and cellular service of a major telecommunications company that serves the military, Ukrtelecom, for most of Monday. Wednesday, Google said it had identified a state-backed Russian hacking group engaged in a credential-phishing campaign targeting the militaries of multiple Eastern European countries and a NATO think tank.