Misconfigured VPN behind destructive Viasat attack

By

Tens of thousands of replacement modems ready to ship.

A misconfigured virtual private networking (VPN) appliance allowed attackers access to Viasat's trusted management network to issue commands that knocked thousands of customer modems offline, the wholesale satellite provider said.

Misconfigured VPN behind destructive Viasat attack

In an incident post-mortem, Viasat said the attack saw modems being disconnected from its KA-SAT network via legitimate management commands that overwrote data in the flash memory of the devices.

Although the modems can be fully restored via a factory update, Viasat and its supplier Skylogic have shipped nearly 30,000 replacement modems to distributors, as the fastest way to get them back online.

The attack took place on February 24, and was detected as high volumes of malicious traffic emanated from the company's supplied SurfBeam2, SurfBeam 2+ modems, and other customer premises equipment located within Ukraine.

A Viasat consumer-oriented service partition, Tooway, was struck, but the company says it has not seen evidence that the destructive attack went any further than that.

The satellite provider said government users were not affected by the attack, and its network was fully stabilised within several days.

Viasat and Skylogic declined to publish further technical details such as the nature of the VPN appliance misconfiguration, citing unspecified mitigation actions taken to restore network stability and to prevent similar attacks.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?