Russian hackers who shut down Kyivstar had penetrated the company’s internal system months before the attack and likely had access to a variety of users’ personal data, said Illia Vitiuk, the cybersecurity chief of the Security Service of Ukraine (SBU), in an interview with Reuters published on Jan. 4.
Ukraine came under a massive cyberattack on Dec. 12, which targeted Kyivstar, the largest telecommunications provider, and one of the country’s most important banks, Monobank. People across the country reported internet and network outages, as well as issues with air raid alerts.
A Russian hacker group called Solntsepek claimed responsibility for the attack against Kyivstar in a statement published on Telegram on Dec. 13.
Vitiuk said that he was “pretty sure” the attack was carried out by Sandworm, a unit of Russia’s military intelligence (GRU), which the SBU has linked to Solntsepek.
Kyivstar CEO Oleksandr Komarov said that hackers had managed to break through the company’s cyber security measures through the compromised account of an employee.
The company has denied that any computers or servers had been destroyed. Kyivstar also claimed that subscribers’ personal data remained safe.
Vitiuk refuted that assertion, saying that the attack wiped “almost everything,” which included servers. He added that it was likely one of the first examples of a hacking attack that “completely destroyed the core of a telecoms operator.”
Since the hackers had access to Kyivstar servers since May 2023 and full access since November, they could likely have been able to “steal personal information, understand the locations of phones, intercept text messages and perhaps steal Telegram accounts with the level of access they gained.”
The attack did not impact Ukraine’s military, Vitiuk said, because it has a different cybersecurity configuration and does not rely on private telecoms providers.
He added that it was important not to underestimate the threat posed by such attacks, noting that Kyivstar is a wealthy company with highly developed cybersecurity systems.
“This attack is a big message, a big warning, not only to Ukraine but for the whole Western world to understand that no one is actually untouchable,” Vitiuk said.
A complete investigation on how the hackers managed to penetrate Kyivstar’s cybersecurity is still ongoing, he said, including analyzing the possibility that there was someone on the inside who assisted in the attack.
Read also: Ukraine war latest: 230 Ukrainians freed from Russian captivity in large-scale prisoner exchange
We’ve been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.
EMEA Tribune is not involved in this news article, it is taken from our partners and or from the News Agencies. Copyright and Credit go to the News Agencies, email [email protected] Follow our WhatsApp verified Channel
