Behind the Hack: "Ukraine + Viasat"

Target: The Ukrainian government and Viasat (a U.S.-based company)
Date of attack: February 24, 2022
 
Quick take: In the hours immediately before Russia invaded Ukraine on February 24, Ukrainian satellite systems went dark. The systems were operated by California-based Viasat, a global provider of satellite communications services. While the attack appeared to be intended to cut off Ukrainian military communications, it led to an Internet blackout for thousands of people and disrupted the operation of wind turbines in Germany. 
Why it matters: U.S. officials believe the Viasat attack was launched by Russia’s Main Intelligence Directorate, or GRU, and it was one of many cyberattacks that struck Ukraine before and during the invasion. Less than two weeks before Russian forces poured across the border, the Ukrainian defense ministry, army, and two of the country’s largest banks were hit by a major distributed denial-of-service (DDoS) attack.  
The Viasat attack has significant implications for governments and companies around the world. First, it’s a stark reminder that we’ve entered an era of cyberwarfare in which companies everywhere are on the front lines – Russia was able to knock out Ukrainian communications by attacking an American company. Second, as a New York Times report about the attack explained, the “Viasat hack revealed a weak point in an essential service that was exploited by Russian hackers without much technical sophistication.” This means the same method could be deployed against many other critical infrastructure providers (as well as companies in other industries and sectors) in the U.S. and Europe. And third, the attack itself quickly caused collateral damage in other countries – yet another dangerous consequence of cyberwarfare. 
We’ve got a hack for that: NINJIO is focused on the threat posed by acts of cyberwarfare – particularly to companies, which are often targeted directly as part of broader cyberattacks from hostile governments. In our forthcoming State of Cyberwarfare report, we examine how state-sponsored cyberattacks are becoming more frequent and destructive, the increasing collaboration between governments and cybercriminal organizations, and the sectors that are particularly at risk (such as critical infrastructure). 
There are many ways for companies to protect themselves – and the country – from state-sponsored cyberattacks. These methods include: the development of engaging and consistent cyber awareness training; organizational alignment around cybersecurity; and stronger relationships with government agencies, law enforcement, and other companies to share data about potential attacks and develop joint strategies for responding to them.