Russia was behind the cyberattack against a satellite internet network servicing Ukraine in February 2022, just hours befor the invasion of Ukraine began, it has been confirmed by Western governments.
As Ukrainian troops battle the Russians on the ground, a full cyber-offensive against the Eastern-European nation continues and is said to be ramping up.
The February incident saw commercial satellite operator Viasat experience a partial outage of its KA-SAT network in Europe as a result of a “multifaceted and deliberate cyber-attack.”
Viasat has previously explained that the incident was a denial-of-service attack which made it difficult for many modems to remain online.
Billionaire and technology mogul, Elon Musk, has supplied his SpaceX’s Starlink satellite internet since the beginning of the war to Ukraine in an effort to bolster the nation’s communications capabilities but he recently has commented that Russian jamming is ramping up.
Become a Cyber Security Hub member and gain exclusive access to our upcoming digital events, industry reports and expert webinars
“Starlink has resisted Russian cyberwar jamming & hacking attempts so far, but they’re ramping up their efforts,” Musk said in a twitter post.
In March, Musk remarked that Starlink had resisted all hacking and jamming attempts.
Many cyber security commentators agree that Starlink has been pivotal in keeping Ukraine online.
“Starlink is helping enormously, however Ukraine’s government, like the majority only have superficial security,” Andrew Jenkinson, group CEO at CIP, told CS Hub.
He pointed to the IP address of the National Security and Defense Council of Ukraine’s website – 188.8.131.52 – being flagged as Not Secure.
Ukraine has been seen to thwart some of the recent cyber-attacks coming its way. In April the nation confirmed that it had carried out urgent measures in response to a security incident related to a targeted cyber-attack on its energy facilities.
However, Jenkinson said he is unsure if Ukraine has seen true success in its cyber defenses. “They were totally exposed and exploitable and as the attached IP address above shows, they still are.”
Unleashing cyber war
Russia, along with China, Iran and North Korea, is infamous for its cyber-criminal activities.
Charles Denyer, an Austin-based cybersecurity and national security expert, told CS Hub he does not believe that Russia’s Valdimir Putin has unleashed cyberwarfare to its full potential in the Ukraine and has instead focused on traditional warfare.
Denyer said that so far, Ukraine has done a “good job” of protecting its critical infrastructure against cyber-attacks.
In a March article for IISS, Principal at the SecDev Group and senior fellow at Canada’s Centre for International Governance Innovation, Rafal Rohozinski, wrote, “Prior to the conflict, Ukraine was one of the best-prepared countries in the world in terms of cyber defense”.
Ukraine has withstood two attacks against its critical infrastructure and destructive malware including NotPetya.
Putin has Russia’s Foreign Intelligence Service of the Russian Federation (SVR), the Main Directorate of the General Staff (GRU), the Federal Security Service (FSB), the Federal Protective Service (FSO), the GRU’s cyber military Unit 26165, Unit 74455 (more commonly known as Sandworm), the Internet Research Agency and others all involved in cyber-criminal activities.