Attribution of Russia’s Malicious Cyber Activity Against Ukraine
Antony J. Blinken, Secretary of State
The United States is joining with allies and partners to condemn Russia’s destructive cyber activities against Ukraine. In the months leading up to and after Russia’s illegal further invasion began, Ukraine experienced a series of disruptive cyber operations, including website defacements, distributed denial-of-service (DDoS) attacks, and cyber attacks to delete data from computers belonging to government and private entities – all part of the Russian playbook. For example, the United States has assessed that Russian military cyber operators have deployed multiple families of destructive wiper malware, including WhisperGate, on Ukrainian Government and private sector networks. These disruptive cyber operations began in January 2022, prior to Russia’s illegal further invasion of Ukraine and have continued throughout the war.
Today, in support of the European Union and other partners, the United States is sharing publicly its assessment that Russia launched cyber attacks in late February against commercial satellite communications networks to disrupt Ukrainian command and control during the invasion, and those actions had spillover impacts into other European countries. The activity disabled very small aperture terminals in Ukraine and across Europe. This includes tens of thousands of terminals outside of Ukraine that, among other things, support wind turbines and provide Internet services to private citizens.
As nations committed to upholding the rules-based international order in cyberspace, the United States and its allies and partners are taking steps to defend against Russia’s irresponsible actions. The U.S. Government has developed new mechanisms to help Ukraine identify cyber threats and recover from cyber incidents. We have also enhanced our support for Ukraine’s digital connectivity, including by providing satellite phones and data terminals to Ukrainian government officials, essential service providers, and critical infrastructure operators. We praise Ukraine’s efforts—both in and outside of government—to defend against and recover from such activity, even as its country is under physical attack.