Russian government hackers have been linked to an attack on a satellite communications company at the start of the invasion of Ukraine.

Businesses and individuals using routers made by Viasat, an American business that provides broadband-speed satellite internet connections, were knocked offline on 24 February.

The same day that Russia‘s armed forces poured into Ukraine, wiper malware inside Viasat customers’ routers was detonated, rendering them effectively useless.

The attack had considerable spillover, including affecting 5,800 wind turbines in Germany operated by Enercon that used Viasat routers for remote monitoring and control.

Viasat said: “While most users were unaffected by the incident, the cyber attack did impact several thousand customers located in Ukraine and tens of thousands of other fixed broadband customers across Europe.”

Now, researchers at cyber security company SentinelOne have assessed with medium confidence that this malware shares developmental similarities with other cyber tools that the US has attributed to the Russian government.

SentinelOne cautions that its analysis is inconclusive.

Ukraine war: UK’s nuclear power status being reinforced by Russian invasion, top MoD official says

Ukraine war: Putin playing chicken with the West over gas sales – and the stakes are high for both sides

Ukraine war: Kyiv mayor Vitali Klitschko says it is ‘a big privilege for every man’ to defend Ukraine and warns Russian soldiers to ‘go away’

Western officials analysing the attack

Western officials have told Sky News that they are closely analysing the incident.

They added that while they were not yet ready to formally attribute the attack to Russia, it was consistent with their expectations about cyber operations being used to complement Russia’s military manoeuvres.

US intelligence analysts have concluded that Russian government hackers were behind the attack, according to The Washington Post, but no formal and public attribution has yet been made.

Sky News understands that there was no impact inside the UK and so Britain’s security services will not be leading any attribution efforts, although they would support those efforts where they have any evidence to do so.

The Russian government has consistently denied involvement in cyber attacks it has been accused of by the US and allies.

Viasat now replacing affected modems

Viasat said on Wednesday that it was “working closely” with wholesale distributors to bring customers back online.

“Because of the wholesale nature of the business, Viasat does not typically transact directly with end-users. Instead the distributors work directly with end-customers and can identify those affected to provide support for restoring service.”

The company said that new modems are being provided as the most efficient way to restore service.

“Viasat has already shipped tens of thousands of replacement modems to distributors and is ready to ship additional modems as needed,” it added.

Related posts:

Don’t bank on summer of freedom as scientists predict third COVID wave at height of holiday season Siri appears to leak Apple special event planned for 20 April Human cells grown in monkey embryos triggers ‘Pandora’s box’ ethical concerns Hermit crabs ‘sexually excited’ by toxins from plastic pollution T-Mobile confirms more than 40 million customers’ data stolen in ‘sophisticated cyberattack’ Tesla Bots may be the latest in a long line of Elon Musk claims that haven’t come to fruition Anton Ferdinand warns of suicide risk among footballers as he slams social media firms for ‘inaction’ over racism Our heartbeats synchronise while we’re listening to stories, researchers find Peloton speaks out on shock Sex And The City character’s death while riding its bike Elon Musk named Time magazine’s 2021 Person of the Year NASA probe ‘touches the sun’ in landmark spaceflight Facebook in the UK being sued for billions over claims users’ data was exploited