Western intelligence sources have confirmed to Reuters that a broad cyberattack disrupted Viasat broadband satellite internet services in and around Ukraine. Though sources declined to say who carried out the attack (or, at least, definitively make an attribution), the timing gives us some hints. The cyberattack began when Russian missiles started flying into Ukraine and forces started pouring over the border.
The report sheds more light on Viasat KA-SAT outages across Europe, which were first publicly revealed at the end of February. The breach is of particular interest to the NSA, French cyber agency ANSSI, and Ukrainian intelligence officials because Viasat has inked deals with Western militaries (including Ukraine’s armed forces and various intelligence services).
- Viasat’s internet services could be defined as dual-use technology—which means they could have a target painted on their back in wartime.
- “Traditional land-based radios only reach so far. If you’re using modern smart systems, smart weapons, trying to do combined arms maneuvers, then you must rely on these satellites,” a former coder for US Special Operations Command (SOCOM) told Reuters.
What we now know
Tens of thousands of Viasat satellite terminals in Europe went dark following an attack that started between 5am–9am on Feb. 24. More than two weeks later, “some” modems “remain offline,” resellers and European telco execs told Reuters.
One issue? In-situ repairs.Shipping over-the-air software updates may not be sufficient to restore service on some compromised devices. Many will reportedly require reprogramming by a technician on-site or at a repair shop. And some need to be physically swapped out.
What next? When pinged by Reuters for comment, Viasat referred to the outages as a “deliberate, isolated, and external cyber event” and says it’s working to restore connectivity ASAP. Viasat has contracted Mandiant to probe the breach, Reuters reports. (FYI, Mandiant has been in headlines recently because Google agreed to acquire the cybersecurity firm in a ~$5.4B deal.)
+ Want more? Payload recommends reading Reuters’ extensive investigation in full. Also, check out this SpaceNews writeup with a US general’s congressional testimony on how LEO megaconstellations could prove more resilient to jamming and hacking.