May 11, 2022

The U.S. and EU said on Tuesday that Russia was responsible for the cyberattack on a satellite network in Ukraine and neighboring countries.

During the attack, which took place on February 24, the attackers unleashed the wiper malware that destroyed thousands of satellite modems used by customers of the communications company Viasat.

“Today, in support of the European Union and other partners, the United States is sharing publicly its assessment that Russia launched cyberattacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the invasion, and those actions had spillover impacts into other European countries. The activity disabled very small aperture terminals in Ukraine and across Europe. This includes tens of thousands of terminals outside of Ukraine that, among other things, support wind turbines and provide Internet services to private countries,” U.S. Secretary of State Antony Blinken wrote in a statement.

A month after the cyberattack, security firm SentinelOne claimed that research had shown that the wiper malware used in the attack bore several technical similarities to VPNFilter.

VPNFilter was discovered on more than 500,000 home and small office modems in 2018. Several U.S. agencies attributed VPNFilter to Russian state threat actors.

The sources for this piece include an article in Arstechnica.