A denial-of-support (DoS) attack on a main satellite comms supplier on the working day of Russia’s invasion hit tens of thousands of buyers in Ukraine and elsewhere, the agency has uncovered.
Viasat said the “multifaceted and deliberate” cyber-attack took the the greater part of its thousands of Ukrainian customers offline, although the network was “largely stabilized within just hours” and totally stabilized in just a number of days.
It commenced when some hijacked modems and other buyer products within Ukraine commenced firing high volumes of specific destructive targeted visitors, building it hard for authentic modems to keep on being on line.
Even though defenders labored to pressure the destructive modems offline, other folks joined the network to carry on the attack about the future numerous hours, Viasat described.
“Subsequent investigation and forensic investigation determined a ground-based network intrusion by an attacker exploiting a misconfiguration in a VPN equipment to get distant entry to the trusted management phase of the KA-SAT network,” the provider explained.
“The attacker moved laterally by means of this trusted administration network to a distinct network phase utilized to take care of and function the network, and then made use of this network access to execute legitimate, qualified management commands on a significant variety of household modems concurrently. Precisely, these harmful commands overwrote crucial information in flash memory on the modems, rendering the modems unable to access the network, but not completely unusable.”
Viasat reported the afflicted modems could be fully restored through a factory reset and that it has no proof that firmware was compromised. Even so, the organization has been pressured to reissue almost 30,000 modems to distributors to provide buyers back again on the net.
There is also no evidence to advise that the firm’s KA-SAT satellite or supporting ground infrastructure was compromised in the attack.
Some parts of this article are sourced from:
www.infosecurity-journal.com