Guerrero-Saade, who has spearheaded the investigation into AcidRain, says that where previous malware used by the Russians has been closely attacked, AcidRaid is more of a universal weapon.
“What’s extremely concerning about AcidRaid is that they’ve disabled all security checks,” he says. “With previous wipers, the Russians were careful to only run on specific devices. Now those security checks are gone, and they’re brute force. They have an ability that they can reuse. The question is, what attack in the supply chain will we use.” see you next time?”
The attack has proved typical of Moscow’s “hybrid” war strategy, experts say. It was launched in concert with the ground invasion. That exact kind of coordination between Russian cyber operations and military forces has been seen at least six times, according to research from Microsoft, underscoring the emerging role of cyber in modern warfare.
“Russia’s coordinated and destructive cyber-attack before the invasion of Ukraine demonstrates that cyber-attacks are actively and strategically used in modern warfare, even if the threat and consequences of a cyber-attack are not always visible to the public,” said the Danish minister. of Defense, Morten Bødskov. , said in a statement. “The cyber threat is constant and evolving. Cyber attacks can wreak havoc on our vital infrastructure, with fatal consequences.”
In this case, damage spilled over from Ukraine, affecting thousands of internet users and internet-connected wind farms in Central Europe. And the implications are even greater: Viasat is working with the US military and its partners around the world.
“Obviously the Russians made a mess of it,” Guerrero-Saade said. “I don’t think they wanted that much splash damage and got the European Union involved. They gave the EU a pretext to react by having 5,800 German wind turbines and others affected around the EU.”
Just hours before AcidRain began its destructive work against Viasat, Russian hackers used another wiper, called HermeticWiper, against Ukrainian government computers. The playbook was eerily similar, except that instead of satellite communications, the targets were Windows machines on networks that, in those early hours of the invasion, would be important for the Kiev government to mount effective resistance.