US government officials told The Washington Post that in late February, the Russian military was responsible for a cyber attack on a European satellite internet service that affected Ukrainian military communications.
The hack affected the KA-SAT satellite broadband network, which is owned by Viasat, an American satellite communications company. On February 24, the day the Russian invasion of Ukraine began, the KA-SAT network was hit by disruptions affecting Ukraine and surrounding regions in Europe. A few days later, Viasat blamed the outage on a “cyber event,” but did not release any further details.
While Ukrainian officials have not fully disclosed the impact, the outage is believed to have caused significant communications breakdowns early in the war.
The NSA is said to be collaborating on an investigation with Ukrainian intelligence services, but no official results have been released. However, anonymous officials told the Post that US intelligence analysts have now concluded that Russian military hackers were behind the attack.
A confirmation request sent by The Verge to the Cybersecurity and Infrastructure Security Agency (CISA) had not received a response at the time of publication.
Viasat officials told Air Force Magazine that the attack was carried out by a compromise of the system that manages customer satellite terminals, and only affected customers of the KA-SAT network, a smaller broadband provider that Viasat bought last year from French satellite operator Eutelsat.
At the start of the conflict, commentators feared that Russia could launch widespread and destructive cyber attacks. While one perspective holds that such attacks have not materialized, the slow release of additional information lends credence to the suggestion that many attacks took place in the shadows.
In the wake of the hack, CISA and the FBI issued a joint cybersecurity advisory to satellite communications providers, warning the agencies that the agencies were aware of potential threats to U.S. and international networks, and advising companies to immediately address any indications of malicious activity. report.
As the war in Ukraine continues — and US opposition to Russia grows in the form of sanctions — the Biden administration has been warning more and more seriously about the possibility of Russian cyber-attacks on US infrastructure.
On Monday, President Biden advised US companies to take additional precautions against hacking, citing “evolving intelligence” Russia was preparing to attack the US with cyber attacks. Subsequently, the Justice Department on Thursday released charges against four Russians accused of mounting state-sponsored cyberattacks on the US, publicly releasing details of a highly sophisticated hacking campaign that involved supply chain software compromise and spear-phishing scams. campaigns against thousands of employees of companies and US government agencies.