A group of student researchers from Illinois Institute of Technology has analyzed the use of cyberattacks as a weapon during Russia’s invasion of Ukraine. Their findings were published in a recent paper titled “Invisible Battlefields: Analyzing the Viasat Attack and its Broader Applications.”
The research team, consisting of Arsheen Kazi and Samreen Kazi, both second-year master’s students in Information Technology and Management, and Saloni Bhosale, a second-year student in Cyber Forensics, examined how hackers targeted a Ukrainian communications satellite shortly before the Russian military operation began. The attack severely disrupted military communications, power grids, and internet access across Ukraine.
Arsheen Kazi said, “On the surface level, it looked like a simple technical disruption, but the more we investigated it, the more we realized that it was a classic case of how cyberattacks can be used as strategic tools when dealing with real-world conflicts. It happened just one hour before the invasion of Ukraine by Russian forces, and the fact that one small piece of malware could disable the entire satellite connectivity not only in Ukraine but all across Europe was both fascinating and alarming. It was the perfect amalgamation of cybersecurity, geopolitics, and critical infrastructure.”
The paper concludes that the cyberattack on the Viasat KA-SAT satellite was part of Russia’s broader military strategy. The hackers deployed “AcidRain” malware to disable satellite systems, which led to interruptions in Ukrainian military operations and civilian internet services. The attack also affected wind turbines as far away as Germany.
Samreen Kazi explained, “Investigating the Viasat attack helped us grasp the broader scope of cyberattacks, how malicious attackers exploit critical vulnerabilities in communication networks, the kill chain of an advanced persistent threat, and the role of nation-state actors. All of these technical details gave us a much clearer picture of how cyberweapons are designed and delivered.”
The team found that hackers gained access to satellite servers by exploiting vulnerabilities in virtual private networks (VPNs). This allowed them to deploy malware that shut down modems supporting Ukrainian military communications.
Saloni Bhosale noted, “We started recognizing patterns, and the deep importance of patching known vulnerabilities, the dangers of insecure VPNs, and how malware can go far beyond digital damage and can have some grave real-world consequences. It was eye-opening to study the anatomy of a real attack, beginning from reconnaissance and all the way to its execution, while at the same time thinking critically about how it could have been prevented.”
The students credited their classroom experiences for preparing them for this research. They highlighted lessons on VPN vulnerabilities and network infrastructure as particularly useful.
Arsheen Kazi added about their instructor’s influence: “The thing that really made a difference, though, would be Professor [Maurice] Dawson’s teaching style. He emphasized the need for real-world application and encouraged us to think critically rather than just memorizing facts. That approach was beneficial as it helped us stay curious and ask deeper questions during the research process, and it made tackling a complex case like this one feel much more manageable.”
A photo accompanying their publication shows Samreen Kazi, Saloni Bhosale, and Arsheen Kazi.