Officials in the United States and Ukraine have long believed that Russia was responsible for the cyberattack on Vyasat, but have not officially “linked” the incident to Russia. U.S. officials reached their conclusion long ago, they wanted European countries to lead, because the attack sang significant songs in Europe but not in the United States.
Statements released Tuesday shut down the naming of a specific Russian-sponsored hacking group for organizing the attack, an unusual omission because the United States regularly discloses information on the special services of the intelligence agencies responsible for the attack, in order to demonstrate its visibility to the Russian government. .
“We have worked closely with relevant law enforcement and government authorities as part of the ongoing investigation and will continue to do so,” said Dan Blair, a spokesman for Vyasat. Mandiant, a cybersecurity firm hired by Viasat to investigate the matter, declined to comment on the results.
But researchers at the cybersecurity firm Sentinelone believe that the Vyasat hack was probably the work of the Russian military intelligence unit GRU. The malware used in the attack, known as AcidRain, has significant similarities to other malware previously used by GRU, Sentinelone researchers say.
Unlike its predecessor malware, known as VPNFilter and designed to destroy specific computer systems, AcidRain was developed as a versatile tool that works against a variety of targets, the researchers said. In 2018, the Justice Department and the Federal Bureau of Investigation stated that Russia GRU was responsible for creating VPNFilter malware.
Juvenile Andres Guerrero-Sade, a lead threat researcher at SentinelOne, says acidine malware is “a very common solution in the most terrifying sense of the word.” “They can take it tomorrow and, if they want to attack a supply chain in the United States against routers or modems, Acidrain will work.”
U.S. officials have warned that Russia could launch cyber-attacks against critical U.S. infrastructure and called on companies to strengthen their online defenses. The State Department says it has helped Ukraine identify and respond to Russian cyber-attacks.