War in Ukraine: Attack on Ka-Sat 9A – Economy

On February 24, at two minutes past five in the morning, Ukrainian time, the modems broke down. Several devices used by the Ka-Sat satellite network to provide Internet access to the Ukrainian military and police, among others, have turned against their own network. They overloaded the system and tens of thousands of modems lost contact with the network. “Large amounts of targeted malicious traffic” emanated from the special infected modems that were “physically located in Ukraine” – it was a hacking attack. This is stated in the report of the American company Viasat, that the satellite Sat Ka 9A Opera. Satellite Internet is of particular interest to business users in remote regions that do not have access to good land lines but rely on a fast network. For the same reasons, it is especially valuable in war.

Viasat has now revealed details of the incident, which appears to have been an early act of war. Because in the early hours of February 24, almost simultaneously with the hack, Russia’s attack on Ukraine began. Evidently, a special military operation was being carried out on the devices that connect the earth and the sky. Ukraine began its defense with significant communication problems between its armed forces and authorities.

It can be assumed that Viasat has coordinated the release of the details with the US secret service NSA, which has been investigating the incident for weeks. Since the incident became known in early March, experts have suspected that this could not be a coincidence. the Washington Post had reported a week ago, citing anonymous US officials, that the US secret services were suspicious of Russia’s military foreign intelligence service GRU, but the US government avoided publicly placing blame. According to Viasat, the goal of the attack was probably not to steal data, but simply to “disrupt service.”

The attack also caught Enercon, Germany’s largest manufacturer of wind turbines. The manufacturer announced in early March that 5,800 of its systems in Germany were no longer accessible online. The wind turbines continued to function, but could no longer be remotely monitored or repaired. Therefore, technicians had to travel to the systems at great expense. “Our service has reintegrated 90 percent of the wind turbines affected by the interruption of satellite communication into remote monitoring and remote maintenance. 1,156 wind farms are back online and communication is still interrupted at 138 wind farms,” ​​said a spokesperson for Enercon for the SZ. “A connection to the Russian war of aggression is suspected, and the interruption of communication with the plants is considered collateral damage.” Since the invasion, the Federal Office for Information Security has been warning that German infrastructure could be damaged if attacks from Ukraine “spread out”. In an interconnected world, hacker attacks are often not limited to the actual country of destination.

Viasat has to replace 30,000 modems

But who disrupted the satellite network when the attack on Ukraine began? There are also new details on this question. Analysts at IT security firm Sentinel One took a closer look at malware used by attackers to disable modems. Therefore, it is a cleaner that removes data, as an analysis by Sentinel One shows. Experts have dubbed the software “Acid Rain”. They noted similarities to another digital tool used by hacking groups like Sandworm and Fancy Bear, which professionals and the US government attribute to the GRU. According to Sentinel, the use of acid rain “is possibly the most significant cyber attack in the current Russian invasion of Ukraine.” Viasat confirmed the Sentinel One findings of US website Techcrunch.

This is not yet definitive proof that Russia was behind the attack, but one fact is now clear: At the same time as the tank and missile attack, a satellite network that also supplies Ukraine was deliberately crippled, using similar technology. to previous Russian intelligence actions. . If the suspicion against Russia is confirmed, the attack on Sat Ka also refute the previously widespread assumption that Vladimir Putin refrained from major IT operations in his attack on the neighbor and relied unilaterally on physical warfare.

Victims of hacking, intentional and unintentional, must now adapt. According to Viasat, it has shipped 30,000 new modems to customers whose old devices had failed.


Leave your vote

Leave a Comment

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.