DDoS in the Realm of Cyberspace
An hour before the invasion, malicious traffic was detected emerging from several SurfBeam2 and SurfBeam 2+ modems and/or associated customer premise equipment (CPE) physically located within Ukraine. The modems were allegedly serviced by a Eutelsat subsidiary, Skylogic, which was in charge for managing a partition of the KA-SAT overall network, specifically BAP1 and BAP2. Ruben Santamarta’s research allegedly revealed that at the time of the attack, Skylogic counted on Fortinet for VPN services, which suffered a cyberattack from the Russian group “Groove” in 2021, leading to the leak of almost half a million credentials of VPN appliances. Despite Fortinet developing and releasing a patch to the uncovered vulnerability, it is presumed that Skylogic had not deployed it at the time...