WASHINGTON — The U.S., Canada and European powers this week blamed Russia for a February cyberattack that disrupted internet service for tens of thousands of people in the critical moments that preceded the latest invasion of Ukraine.
The Feb. 24 attack on Viasat Inc., a California-based provider of high-speed satellite broadband services and secure networking systems covering military and commercial markets worldwide, was meant to cripple Ukrainian command and control as Russian forces advanced, U.S. and U.K. officials said May 10. The attack spilled over, impacting wind farms and internet users in central Europe as well.
U.S. Secretary of State Antony Blinken on Tuesday condemned the hack, describing Russia’s alleged belligerence in cyberspace as “irresponsible” and “destructive.” A statement from the European Union similarly described the attack as “unacceptable” and “indiscriminate.”
The bloc said it would consider additional steps to “prevent, discourage, deter and respond to such malicious behavior in cyberspace.”
While the U.S. and others did not tie the digital assault to any one specific element of the Russian government, Estonia pinned the blame on Russia’s infamous intelligence directorate, known as GRU.
“These cyberattacks run counter to international law and, therefore, we are unequivocally condemning them,” Estonian Foreign Minister Eva-Maria Liimets said in a statement. “The timing of this attack on 24 February, when a wide-scale military attack against Ukraine began, is significant and shows once again that cyberattacks are an integral part of how Russia wages war.”
Moscow has historically denied such operations.
The explicit attribution is the result of new intelligence, according to the U.K. Foreign, Commonwealth and Development Office, and comes as allied cyber leaders meet in Newport, South Wales, for a conference on shared threats.
“This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine, which had significant consequences on ordinary people and businesses in Ukraine and across Europe,” U.K. Foreign Secretary Liz Truss said in a statement.
Viasat on Tuesday said it recognized “international governments have identified who they believe to be responsible for the cyberattack on the KA-SAT network” and pledged to continue working closely with relevant law enforcement and governmental authorities as part of the investigation.
The company in March told C4ISRNET the attack did not affect U.S. government customers and did not jeopardize customer data. Its core network infrastructure and gateways were also not compromised.
Viasat furnishes satellite and networking capabilities, among other services, to the U.S. military. In January 2020, the company announced it had won a $90 million Air Force contract to provide specialized Link 16 radios.
The National Security Agency in 2018 authorized Viasat to open the use of its radios to members of Five Eyes, an intelligence cooperative comprising Australia, Canada, New Zealand, the U.K. and the U.S., C4ISRNET previously reported.
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its NNSA — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.