Russia was behind the cyber attack in the run-up to war in Ukraine, the investigation finds

Officials in the United States and Ukraine have had time he believed that Russia was responsible for the cyber attack on Viasat, but had not formally “attributed” the incident to Russia. Although US officials reached their conclusions a long time ago, they wanted European nations to take the lead, as the attack had significant repercussions in Europe but not the United States.

The statements released on Tuesday stopped before naming a particular Russian-sponsored hacker group for orchestrating the attack, an unusual omission as the United States routinely disclosed information about the specific intelligence services responsible for the attacks, in part to prove its visibility in the Russian government.

“We have and will continue to work closely with law enforcement and relevant government authorities as part of the ongoing investigations,” said Dan Bleier, spokesman for Viasat. Client, the cybersecurity firm Viasat hired to investigate the matter, declined to comment on its findings.

But the researchers of the cybersecurity company Sentinel One he believed that the hacking of Viasat was probably the work of GRU, the Russian military intelligence unit. The malware used in the attack, known as AcidRain, shared significant similarities with other malware previously used by GRU. Sentinel One the researchers said.

Unlike its malware predecessor, known as VPNFilter and was created to destroy specific computer systems, AcidRain was created as a multipurpose tool that could easily be used against a wide variety of targets, the researchers said. In 2018, the Department of Justice and the Federal Bureau of Investigation said that the Russian GRU was responsible for creating the VPN Filter malware.

AcidRain malware is “a very general solution, in the scariest sense of the word,” said Juan Andres Guerrero-Saade, one of SentinelOne’s lead threat researchers. “They can get it tomorrow, and if they want to do a supply chain attack on routers or modems in the US, AcidRain would work.”

US officials warned that Russia could carry out a cyber attack on US critical infrastructure and urged companies to strengthen their online defenses. The United States also helped Ukraine detect and respond to Russian cyber attacks, the State Department said.