UK blames Russia for satellite internet hack at start of war

Russia was behind a cyber-attack targeting American commercial satellite internet company Viasat, UK and US intelligence suggests.

The attack began about an hour before Russia invaded Ukraine, on 24 February.

It caused outages for several thousand Ukrainian customers – and affected windfarms and internet users in Central Europe.

Officials have long believed Russia was to blame but lacked the evidence to say so publicly.

Viasat provides high-speed satellite broadband to commercial and military customers.

The company has previously said “tens of thousands of terminals” were damaged beyond repair, in the cyber-attack, though its core network infrastructure and the satellite itself remained unscathed.

Now, a joint announcement by the EU, UK, US and other allies confirms long-held suspicions the primary target was the Ukrainian military.

And the UK’s National Cyber Security Centre said it was “almost certain” Russia was behind the attack.

The war in Ukraine has seen the most sustained offensive of cyber-operations one country has launched against another, a British intelligence official says.

Some were surprised there was not more evidence of destructive attacks when the invasion began.

But it has taken time for a fuller picture to emerge – such as this major attack on satellite communications now linked to Russia.

Directly in support of military operations, this attack also spilled over to other countries.

So far though, Russia has not launched wider attacks against Western targets.

And one reason we may not have seen the scale of destructive activity inside Ukraine that some predicted, the intelligence official says, is Russia’s offense came up against a country that had worked hard on its defences and could see off many of the attacks.

Russian military intelligence – the GRU – had been involved in the 13 January defacements of Ukrainian government websites and attacks using a type of destructive malware called Whispergate in the same month, it added.

Whispergate was deployed in the months before the conflict, against organisations in Ukraine, in an effort to “to destroy computer systems and render them inoperable”, according to the US Cybersecurity and Infrastructure Security Agency.

The UK has already sanctioned the GRU, after a nerve-agent attack in Salisbury, Wilts, left one person dead and several others seriously ill.

Foreign Secretary Liz Truss said in a statement accompanying the announcement: “This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe.”