Officials in the United States and Ukraine had long believed that Russia was responsible for the cyberattack on Viasat, but had not form...
Officials in the United States and Ukraine had long believed that Russia was responsible for the cyberattack on Viasat, but had not formally “attributed” the incident to Russia. While US officials reached their conclusions long ago, they wanted European nations to take the lead, as the attack had significant repercussions in Europe but not the United States.
Statements released on Tuesday did not name a particular Russian-sponsored hacking group to have orchestrated the attack, an unusual omission as the United States has regularly revealed information about the specific intelligence services responsible for the attacks, in part to demonstrate their visibility in the Russian government. .
“We have and will continue to work closely with law enforcement and relevant government authorities in the ongoing investigation,” Viasat spokesman Dan Bleier said. Mandiant, the cybersecurity firm hired by Viasat to investigate the matter, declined to comment on its findings.
But researchers at the cybersecurity firm SentinelOne thought that the Viasat hack was probably the work of the GRU, the Russian military intelligence unit. The malware used in the attack, known as AcidRain, shared significant similarities with other malware previously used by the GRU, SentinelOne the researchers said.
Unlike its predecessor, the malware known as VPNFilter and designed to destroy specific computer systems, AcidRain was created as a versatile tool that could easily be used against a wide variety of targets, the researchers said. In 2018, the Justice Department and the Federal Bureau of Investigation said the Russian GRU was responsible for creating the VPNFilter Malware.
The AcidRain malware is “a very generic solution, in the scariest sense of the word,” said Juan Andres Guerrero-Saade, senior threat researcher at SentinelOne. “They can take this tomorrow and if they want to launch a supply chain attack against routers or modems in the United States, AcidRain would work.”
US officials have warned that Russia could carry out a cyberattack on US critical infrastructure and urged companies to strengthen their online defenses. The United States has also helped Ukraine detect and respond to Russian cyberattacks, the State Department said.
COMMENTS