IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Five Eyes and US governments finally confirm Russia was behind Ukrainian government, Viasat cyber attacks

NCSC detailed the government-level attribution process at CYBERUK 2022 and why it took so much longer to assign blame compared to the private sector

The UK, US, and EU have confirmed today that they have assigned attribution for cyber attacks on Ukrainian infrastructure in the early stages of the Ukraine war to Russia after a lengthy attribution process.

Senior leaders at the National Cyber Security Centre (NCSC) said the attribution process involves meeting a 95-100% confidence threshold and this is why the official attribution was delayed.

Five Eyes and EU intelligence suggests with confidence that the attacks on Ukrainian government websites on 13 January, which involved the deployment of the Whispergate destructive ‘wiper’ malware, and a 24 February attack on global communications company Viasat, can be attributed to the Russian military intelligence service (GRU).

The latter attack is seen as the most significant example of the spillover effects of cyber warfare that many experts in the cyber security industry feared would take place in the early stages of the conflict.

The attack on Viasat took place one hour before the official invasion of Ukraine and was originally attributed to Russia by cyber security company SentinelLabs in March after Russian cyber attacks rendered many of the company’s modems inoperable.

The aftershock of the attack was felt across Europe with wind farms experiencing disruptions as well as individual internet users experiencing outages.

Official attribution took longer given the higher threshold of confidence Five Eyes and EU governments must meet in order to go public with their assessments, but today officials said the degree of confidence is classified as ‘almost certain’ - the highest level of confidence.

“For us to be saying ‘almost certain’ that, for us, is a very high bar,” said Paul Chichester, director of operations at the NCSC. “This implies a much deeper understanding of the actor, how they did it, their motivation, and intent.”

Related Resource

The Total Economic Impact™ of IBM Security MaaS360 with Watson

Cost savings and business benefits enabled by MaaS360

Whitepaper cover with title and green square graphic to rightFree Download

GCHQ director Sir Jeremy Fleming said in his speech opening today’s CYBERUK conference that attribution is important so threat actors cannot act without impunity - a sentiment echoed by NCSC CEO Lindy Cameron at a press conference held later at the event.

“This is clear and shocking evidence of a deliberate and malicious attack by Russia against Ukraine which had significant consequences on ordinary people and businesses in Ukraine and across Europe,” said Liz Truss, foreign secretary.

“We will continue to call out Russia’s malign behaviour and unprovoked aggression across land, sea, and cyberspace, and ensure it faces severe consequences.”

The announcement coincides with the first day of the NCSC’s annual CYBERUK event which has seen the ongoing conflict in Ukraine form a key theme of discussions. 

“The UK has already sanctioned the GRU after their appalling actions in Salisbury, and has frozen more than £940 billion worth of bank assets and £117 billion in personal net worth from oligarchs and their family members who fund Putin’s war machine,” said the Foreign, Commonwealth and Development Office.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download


What is cyber warfare?

What is cyber warfare?

20 May 2022

Most Popular

Why convenience is the biggest threat to your security

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022