top of page

Russian hackers continue to target Ukraine’s largest communications company

19/01/2024

Russian hackers have been thwarted in their latest attempts to launch more damaging cyberattacks on Kyivstar, the largest telecommunications company in Ukraine.


In December, Kyivstar was the target of an attack seen as “the largest cyberattack in the telecom industry” with the UK intelligence service saying the cyberattack on the mobile operator was likely to be the largest-scale hacker attack since Russia's invasion of Ukraine.


In the most recent incident earlier this month, cyber specialists of the Security Service of Ukraine (SSU) helped repel a wave of new Russian cyberattacks on Kyivstar.


Ilia Vitiuk, head of the Cyber Security Department of the SSU, gave details of the most recent attacks saying: "After a large-scale hack, we prevented a number of attempts to cause even greater damage to the operator. The enemy planned to strike several times in a row in order to leave people without communication for as long as possible. In this way other operators might not be able to withstand a long-term overload of their networks."


Vitiuk said the most serious attack had caused "catastrophic" damage and was aimed at inflicting a psychological blow and gathering intelligence and was “ a big message, a big warning, not only to Ukraine, but for the whole Western world to understand that no one is actually untouchable.”


He revealed the attack had destroyed "almost everything," including thousands of virtual servers.


During the outage, there was no mobile communication, mobile and home Internet prompting an investigation by Ukraine's state cybersecurity agency (SSSCIP). However, the investigation was hampered by the fact the attack destroyed Kyivstar’s infrastructure with Sandworm, a cyber warfare unit of Russia's military intelligence, linked to the incident.


A year ago, Sandworm infiltrated a Ukrainian telecom operator, but was detected by Kyiv because the SSU was in Russian systems. The SSU believes the hackers could have stolen personal information, located phones, intercepted SMS messages, and possibly stolen Telegram accounts.


"Kyivstar is the biggest of Ukraine's three main telecoms operators and there are some 1.1 million Ukrainians who live in small towns and villages where there are no other providers," added Vitiuk.


The outage also caused problems with Ukraine’s ATMs and POS terminals, and the air raid warning system went down in many cities. A Kyivstar spokesperson said the company is working closely with the SSU to investigate the attack and will take all necessary measures to eliminate future risks.


According to Vitiuk, since the beginning of the full-scale invasion, the Security Service has withstood almost 9,000 cyberattacks on state resources and objects of critical infrastructure of Ukraine.


W Denis Europe arranges comprehensive insurance for EEA based businesses, large and small, including, Data Protection Infringement Cover, Cyber, Errors & Omissions, Directors & Officers Liability and much more. For more information, or a quotation, please contact W Denis Europe:


Eastern Europe

Vida.Jarasiunaite@wdenis.eu


Southern Europe

Christos.Hadjisotiris@wdenis.com


Western Europe &/or elsewhere worldwide

Mark.Dutton@wdenis.com

bottom of page