According to a US spy agency, an investigation into a Russian attempt to sabotage the Internet during the war on Ukraine

Sources said that Western intelligence agencies are investigating a cyber attack by unknown hackers that disrupted access to the Internet via broadband satellites in Ukraine in conjunction with the Russian war on it, according to a Reuters report.

Analysts from the US National Security Agency, the French government cybersecurity organization ANSSI, and Ukrainian intelligence are assessing whether remote sabotage of the satellite Internet provider's service was the work of Russian state-backed hackers preparing for the battlefield by attempting Cut off communications.

The digital raid on the satellite service began on February 24 between 5 and 9 a.m. Ukrainian time, just as Russian forces began entering, launching missiles, and striking major Ukrainian cities including the capital, Kyiv.

The consequences are still being investigated, but the satellite modems of tens of thousands of customers in Europe have failed, according to an official at the US telecommunications company Viasat, which owns the affected network.

Hackers have disabled modems (spreader service) that connect to Vyasat's KA-SAT satellite, which provides Internet access to some customers in Europe, including Ukraine.

ISPs told Reuters that even after more than two weeks, some remained offline.

It appears to be one of the most significant wartime cyberattacks so far disclosed publicly that has intrigued Western intelligence, because Physat acts as a defense contractor for both the United States and several allies.

Government contracts reviewed by Reuters show that KA-Sat provided Internet access to Ukrainian army and police units.

The digital raid on the satellite service began on February 24 (Shutterstock)

Pablo Brewer, a former technician for US Special Operations Command (SOCOM), said cutting off satellite internet could impede Ukraine's ability to fight Russian forces.

"Traditional terrestrial radios are the only way of communication so far, but if you're using modern smart systems, smart weapons, and you're trying to do joint weapons maneuvers, you have to rely on these satellites," Breuer added.

The Russian embassy in Washington did not immediately respond with a letter seeking comment, as Moscow has repeatedly rejected allegations that it was involved in cyberattacks.

Modem turned on

Vyasat said - in a statement - that the outage experienced by customers in Ukraine and elsewhere was caused by a "deliberate, isolated and external cyber event", but it has not yet provided a detailed and general explanation for what happened.

"The network is stable and we are restoring service and activating stations as quickly as possible," company spokesman Chris Phillips said in an email, adding that the company prioritizes "critical infrastructure and humanitarian aid."

According to Jaroslav Strycki, who runs the Czech telecommunications company INTV, the affected modems appear to be out of order.

A misconfiguration in the "management section" of the satellite network allowed hackers to remotely access modems, disabling them, a Visa official said.

He said most of the damaged devices would need to be reprogrammed either by an on-site technician or a repair depot, and that some would have to be replaced.

Physat hired US cybersecurity firm Mandiant, which specializes in tracking state-sponsored hackers, to investigate the breach, according to two people familiar with the matter.

Over the past several years, Ukraine's military and security services have procured many different communications systems operating over the Vyasat network, according to contracts published on ProZorro, Ukraine's transparency platform.