Deep Dive – Russia GRU Viasat Hack

The evolution of cyber warfare infographic

Find Threat Talks on

Russia GRU Viasat Hack

Ethan Hunt is known for doing the impossible. Mostly by blowing things up with his team.

What if he and his team spoke Russian and on the onset of the invasion of Ukraine, they brought down control of 5.800 wind turbines in Germany? Does this sound impossible? Not when your credentials are compromised.

The reality of this attack was that this was just an effect of another attack vector: installing compromised firmware on 40.000 modems connected to the Viasat network. Essentially blowing them up, as Ethan does best.

What can we learn from this attack?

For this Deep Dive into the Russia GRU Viasat attack, join Lieuwe Jan Koning, Rob Maas and Luca Cipriano to find out what strategies were used and how you can best prepare for and counter this kind of attack.

 

Infographic

For a complete overview of the Russia GRU Viasat Hack, download the infographic.

Your cybersecurity experts

Lieuwe Jan Koning

Co-Founder and CTO ON2IT Group

Luca Cipriano

Threat Intel Specialist ON2IT

Rob Maas Field CTO

Rob Maas

Field CTO ON2IT

Episode details

On February 24, 2022, just hours before Russia’s invasion of Ukraine, a significant cyberattack targeted Viasat’s KASAT satellite network.

This attack, attributed to the Russian GRU, involved the deployment of the AcidRain wiper malware, which rendered thousands of Viasat modems and routers inoperable by erasing their data and rebooting them. The attack had widespread implications, disrupting both military and civilian communications.

In this Deep Dive into the Russia GRU Viasat Hack we talk you through how the attackers initially gained access to the Viasat network, gained access to the management servers and ultimately used AcidRain and a volumetric DDoS attack.

 

Show notes Threat Talks episode #31

  • A detailed analysis of the attack’s strategies
  • Practical advice and countermeasures, even with leaked credentials

 

Don’t mis the next episode of Threat Talks

Enter the dynamic world of cybersecurity and stay on to it!
Subscribe to our Spotify channel.

The evolution of cyber warfare infographic