������̳

A team of ������̳ student researchers have broken down how hackers implemented cyberattacks as a new weapon of war during Russia’s invasion of Ukraine in a recently published paper.

“Invisible Battlefields: Analyzing the Viasat Attack and its Broader Applications” breaks down how hackers attacked a Ukrainian communications satellite just one hour before Russia launched its full-scale military operation on the country. The cyberattack crippled Ukrainian military communications, power grids, and internet access.

Arsheen Kazi (M.S. ITM 2nd Year), Samreen Kazi (M.S. ITM 2nd Year), and Saloni Bhosale (CYF 2nd Year) published their work in Sciendo last month.

“On the surface level, it looked like a simple technical disruption, but the more we investigated it, the more we realized that it was a classic case of how cyberattacks can be used as strategic tools when dealing with real-world conflicts,” Arsheen Kazi says. “It happened just one hour before the invasion of Ukraine by Russian forces, and the fact that one small piece of malware could disable the entire satellite connectivity not only in Ukraine but all across Europe was both fascinating and alarming. It was the perfect amalgamation of cybersecurity, geopolitics, and critical infrastructure.”

The cyberattack on the Viasat KA-SAT satellite was a coordinated element of Russia’s military strike on Ukraine, the researchers conclude in their paper. The hackers used “AcidRain” malware to break the satellite system and disrupt Ukrainian military communications and operations, shut down civilian access to the internet, and knocked out wind turbines as far west as Germany.

“Investigating the Viasat attack helped us grasp the broader scope of cyberattacks, how malicious attackers exploit critical vulnerabilities in communication networks, the kill chain of an advanced persistent threat, and the role of nation-state actors,” Samreen Kazi says. “All of these technical details gave us a much clearer picture of how cyberweapons are designed and delivered.”

The hackers broke into the satellite’s servers by exploiting a weakness in the virtual private network (VPN) that helped guard access to them. The hackers were then able to access the satellite’s capabilities to send the malware to shut down modems that operated Ukrainian military communications.

“We started recognizing patterns, and the deep importance of patching known vulnerabilities, the dangers of insecure VPNs, and how malware can go far beyond digital damage and can have some grave real-world consequences,” Bhosale says. “It was eye-opening to study the anatomy of a real attack, beginning from reconnaissance and all the way to its execution, while at the same time thinking critically about how it could have been prevented.”

The students say their classroom experience made them well-prepared to conduct this research challenge, as they had learned about key concepts such as VPN vulnerabilities, malware delivery methods, and network infrastructure.

“The thing that really made a difference, though, would be Professor [Maurice] Dawson’s teaching style,” Arsheen Kazi says. “He emphasized the need for real-world application and encouraged us to think critically rather than just memorizing facts. That approach was beneficial as it helped us stay curious and ask deeper questions during the research process, and it made tackling a complex case like this one feel much more manageable.”

Photo (left to right): Samreen Kazi, Saloni Bhosale, and Arsheen Kazi who published their research examining how Russia hacked a satellite network before invading Ukraine.