Thursday, November 21, 2024

HomeCyberSecurityNovel variant of wiper linked to Viasat attack during Ukraine war raises...

Novel variant of wiper linked to Viasat attack during Ukraine war raises new fears

Dive Brief:

  • Security researchers are warning about a novel variant of the AcidRain wiper, which was used to disrupt satellite communications during Russia’s invasion of Ukraine, according to a blog post released Thursday by SentinelLabs
  • The discovery of the new variant, dubbed AcidPour, coincides with the disruption of multiple telecom networks in Ukraine, which have been offline since March 13.
  • The AcidPour variant has capabilities beyond that of AcidRain, raising fears that embedded devices are at risk, including IoT, networking, large storage and even industrial control systems devices running Linux x86 distributions, according to SentinelLabs.

Dive Insight:

The Ukraine invasion led to major concerns about malicious cyber activity being used to target critical infrastructure in NATO member countries, including the U.S. U.S. authorities repeatedly warned about the potential of state-linked actors using cyber to disrupt key industries in the West, including energy providers, communications, military contractors and other industries.  

The U.S. State Department in May 2022 joined European officials in condemning the malicious cyberthreat activity on Russia, which used wipers, DDoS and other methods to interfere with Ukraine’s systems at the start of the war in February 2022. 

The attacks disrupted thousands of satellite broadband customers in Ukraine and tens of thousands of fixed broadband customers across Europe. The KA-SAT network, which was disrupted by the 2022 attacks, operated on behalf of Viasat by Skylogic, a subsidiary of Eutelsat.  

The White House warned in 2022 about possible retaliatory cyberattacks against U.S. targets in retaliation for economic sanctions imposed during the war. 

The advent of AcidPour shows that Russia-linked actors are continuing to evolve their tactics and capabilities, according to SentinelLabs researchers. 

“The intent is to perhaps impact Ukrainian operations at an even larger scale than the previous iteration and continue to disrupt key infrastructure and communication abilities for their targets,” said Tom Hegel, principal threat researcher, via email. 

The White House in 2023 launched an effort to focus cyber resilience efforts on space, as concerns grew about the ability of malicious attacks against satellite communications and other critical technologies. 


Source link

Bookmark (0)
Please login to bookmarkClose
RELATED ARTICLES
- Advertisment -spot_img

Most Popular

Sponsored Business

- Advertisment -spot_img