Another attack occurred on Feb. 24, the day that Russia invaded Ukraine, when hackers knocked Viasat offline. The attack flooded modems with malicious traffic and disrupted internet services for several thousand people in Ukraine and tens of thousands of other customers across Europe, Viasat said in a statement. The attack also spilled over into Germany, disrupting operations of wind turbines there.
Viasat said that the hack remained under investigation by law enforcement, U.S. and international government officials and Mandiant, a cybersecurity firm that it hired to look into the matter, and it did not attribute the attack to Russia or any other state-backed group.
But senior U.S. officials said all evidence suggested Russia was responsible, and security researchers at SentinelOne said the malware used in the Viasat attack was similar to code that has been linked to the G.R.U. The United States has not formally named Russia as the source of the attack but is expected to do so as soon as several allies join in the analysis.
In late March, a cyberattack again disrupted communications services in Ukraine. This time, the attack focused on Ukrtelecom, a telephone and internet service provider, knocking the company’s services offline for several hours. The attack was “an ongoing and intensifying nation-scale disruption to service, which is the most severe registered since the invasion by Russia,” according to NetBlocks, a group that tracks internet outages.
Ukrainian officials believe that Russia was most likely responsible for the attack, which has not yet been traced to a particular hacking group.
“Russia was interested in cutting off communication between armed forces, between our troops, and that was partially successful in the very beginning of the war,” said Victor Zhora, a top official at Ukraine’s cybersecurity agency, the State Service of Special Communications and Information Protection. Ukrainian officials said Russia had also been behind attempts to spread disinformation about a surrender.
In the United States, officials fear similar cyberattacks could hit critical infrastructure companies. Some executives said they hoped the federal government would offer funding for cybersecurity.