Report: Western Intelligence Agencies Probing Viasat European Outages

ViaSat-1. Artist's rendering via Viasat.
ViaSat-1. Artist’s rendering via Viasat.

Western intelligence sources have confirmed to Reuters that a broad cyberattack disrupted Viasat broadband satellite internet services in and around Ukraine. Though sources declined to say who carried out the attack (or, at least, definitively make an attribution), the timing gives us some hints. The cyberattack began when Russian missiles started flying into Ukraine and forces started pouring over the border.

The report sheds more light on Viasat KA-SAT outages across Europe, which were first publicly revealed at the end of February. The breach is of particular interest to the NSA, French cyber agency ANSSI, and Ukrainian intelligence officials because Viasat has inked deals with Western militaries (including Ukraine’s armed forces and various intelligence services). 

  • Viasat’s internet services could be defined as dual-use technology—which means they could have a target painted on their back in wartime. 
  • “Traditional land-based radios only reach so far. If you’re using modern smart systems, smart weapons, trying to do combined arms maneuvers, then you must rely on these satellites,” a former coder for US Special Operations Command (SOCOM) told Reuters. 

What we now know

Tens of thousands of Viasat satellite terminals in Europe went dark following an attack that started between 5am–9am on Feb. 24. More than two weeks later, “some” modems “remain offline,” resellers and European telco execs told Reuters. 

One issue? In-situ repairs.Shipping over-the-air software updates may not be sufficient to restore service on some compromised devices. Many will reportedly require reprogramming by a technician on-site or at a repair shop. And some need to be physically swapped out. 

What next? When pinged by Reuters for comment, Viasat referred to the outages as a “deliberate, isolated, and external cyber event” and says it’s working to restore connectivity ASAP. Viasat has contracted Mandiant to probe the breach, Reuters reports. (FYI, Mandiant has been in headlines recently because Google agreed to acquire the cybersecurity firm in a ~$5.4B deal.)

+ Want more? Payload recommends reading Reuters’ extensive investigation in full. Also, check out this SpaceNews writeup with a US general’s congressional testimony on how LEO megaconstellations could prove more resilient to jamming and hacking.

Related Stories

Congress Reveals Russia’s Possible Nuclear ASAT Plans

Congress was thrown into a frenzy yesterday amid reports that Russia is working on a space-based nuclear capability that could target satellites in LEO.


The State of National Security Space Policy 2024

It’s time for the four-year-old Space Force to move out of the establishment phase and work through what it really means to conduct military operations in orbit, including translating 30,000-foot doctrine to the tactical level, according to two former defense officials.


Report: DoD Needs Better Plan to Partner With Allies In Orbit

A lack of cohesiveness across the US space enterprise is getting in the way of cooperation with allies, according to a report released this week by RAND. 


Space Force Earns a ‘Marginal’ Grade From Heritage Foundation

The Space Force is not currently able to offer troops the real-time operational intelligence from space that would be required during a potential conflict conflict with an adversary like China, according to a report from the Heritage Foundation.