An unknown group of hackers has claimed responsibility for an attack that disrupted services at leading Russian satellite communications provider Dozor-Teleport.
The cyberincident affected critical services used by energy companies as well as Russia’s defense and security agencies, creating widespread network outages and operational disruption.
The attackers say they are affiliated with the Wagner Group, a private military company that recently made headlines after its brief mutiny and the subsequent flight of its leader, Yevgeny Prigozhin, to Belarus.
However, questions remain about the hackers’ claimed affiliation. The Wagner Group’s official Telegram channel did not acknowledge the attack, adding to doubts about the veracity of the claim.
Regardless of whether the attackers are formally connected to Wagner, the consequences of the operation were tangible and significant.
⚠️ Confirmed: Metrics show a disruption to satellite internet provider Dozor-Teleport which supplies Russia’s FSB, Gazprom, Rosatom and military installations; the incident comes amid a wave of cyberattacks by a group claiming affiliation with Wagner PMC 🛰️📉 pic.twitter.com/rSoRyUFsWm
— NetBlocks (@netblocks) June 29, 2023
According to the attackers, they damaged satellite terminals and accessed confidential data stored on Dozor-Teleport’s systems. They published roughly 700 files—documents and images—on a leak site and through a newly created Telegram channel.
One of the released files appears to be an agreement that would grant Russian security services access to subscriber information from Amtel Svyaz. The provenance and authenticity of the leaked documents have not been independently verified.
Dozor-Teleport confirmed it was targeted. While many services have been restored, the operator warned that full recovery will take several weeks due to network repairs and equipment replacement.
This incident is the second major breach reported against a satellite telecommunications provider in recent years, following the high-profile attack on Viasat during Russia’s invasion of Ukraine. That earlier operation also had wider effects, including impacts on wind turbines in Germany.
Although Viasat’s network is considerably larger and only some routers were affected, the similarities between the two incidents underline the vulnerability of satellite communications infrastructure and the potential for such systems to be exploited in future cyber conflicts.
As the investigation into the Dozor-Teleport attack continues, the event draws attention to the strategic risks posed by compromised satellite links and the importance of strengthening cybersecurity measures for critical communications networks.
(Photo by Michael Dziedzic on Unsplash)
Interested in learning more about cybersecurity and cloud technologies from industry experts? Consider attending Cyber Security & Cloud Expo, held in Amsterdam, California, and London, where leading professionals discuss trends, threats and solutions in enterprise security.
Explore other upcoming enterprise technology events and webinars hosted by TechForge through their events listings.