Pierluigi Paganini
March 29, 2022
On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. According to global internet monitor service NetBlock, real-time network data showed connectivity collapsed to 13% of pre-war levels.
The attack caused the most severe destruction observed since the invasion of the country by Russia.
— NetBlocks (@netblocks) March 28, 2022
Update: Ukraine's national internet provider Ukrtelecom has confirmed a cyberattack on its core infrastructure.
Real-time network data show an ongoing and intensifying nation-scale disruption to service, which is the most severe registered since the invasion by Russia. https://t.co/syej0wABYO
“Today, the enemy launched a powerful cyberattack against Ukrtelecom’s IT infrastructure,” reads a statement issued by the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine.
Yurii Shchyhol, Chairman of the State Service of Special Communication and Information Protection, announced that the attack was foiled and that the company resumed its services.
“to preserve its network infrastructure and to continue providing services to Ukraine’s Armed Forces and other military formations as well as to the customers, Ukrtelecom has temporarily limited providing its services to the majority of private users and business-clients,” the SSSCIP added.
“The specialists from the SSSCIP Ukraine promptly reacted to the situation, due to which the attack was repelled. And now Ukrtelecom has an ability to begin restoring its services to the clients,” the statement said.
Telecommunication services and companies are particularly exposed to cyber attacks during the conflict.
Last week, FBI, CISA, and the European Union Aviation Safety Agency (EASA) warned of possible threats to international satellite communication (SATCOM) networks.
In early March, Orange confirmed that “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France were offline following a “cyber event” that took place on February 24 at Viasat, the US giant satellite operator that provides services to the European carriers.
Around one-third of 40,000 subscribers of the bigblu satellite internet service in Europe, in Germany, France, Hungary, Greece, Italy and Poland, were impacted by the same cyber event.
After the incident, VIASAT announced on Wednesday that the “cyber event” had caused a “partial network outage” for customers “in Ukraine and elsewhere” in Europe who rely on its KA-SAT satellite.
VIASAT and international intelligence agencies investigated the incident, the NSA told CNN that it’s “aware of reports of a potential cyber-attack that disconnected thousands of very small-aperture terminals that receive data to and from a satellite network.”
VIASAT confirmed that the incident was caused by a “deliberate, isolated and external cyber event” and added that its network is still facing problems as confirmed by Netblocks.
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Ukraine)
[adrotate banner=”5″]
[adrotate banner=”13″]
