Cybersecurity Chief Claims Hackers Had Access To Kyivstar For Months
Cybersecurity chief claims hackers had access to Kyivstar for months. Illia Vitiuk, the head of the Security Service of Ukraine's (SBU) cybersecurity department, provided exclusive insights into the cyberattack targeting Kyivstar, Ukraine's largest telecoms operator.
Author:Hajra ShannonReviewer:Paula M. GrahamJan 04, 20241K Shares83.8K Views
Cybersecurity chief claims hackers had access to Kyivstar for months. Illia Vitiuk, the head of the Security Service of Ukraine's (SBU) cybersecurity department, provided exclusive insights into the cyberattack targeting Kyivstar, Ukraine's largest telecoms operator.
The attack, spanning from at least May of the preceding year, caused disruptions for approximately 24 million users for several days starting on December 12. This incident is being considered one of the most significant cyber threats since Russia's invasion of Ukraine nearly two years ago.
Vitiuk underscored the gravity of the attack, describing it as a "major warning" not just for Ukraine but for the entire Western world. He pointed out that Kyivstar, being a prosperous private company with substantial investments in cybersecurity, experienced "catastrophic" damage in what is now considered the first instance of a destructive cyberattack that "annihilated the core of a telecoms operator."
According to the SBU's investigation, the hackers likely began their attempts to breach Kyivstar as early as March, gaining full access by at least November. Vitiuk expressed worries about potential data theft, phone location tracking, SMS message interception, and potential Telegram account compromise due to the hackers' extensive access.
While the attack significantly impacted Kyivstar's operations, leading to temporary service disruptions and the wiping of virtual servers and PCs, Vitiuk highlighted that Ukraine's military, utilizing distinct algorithms and protocols, experienced minimal impact from the incident.
In response to difficulties brought about by the destruction of the Kyivstar infrastructure, Vitiuk suggested that the Russian military intelligence cyberwarfare unit known as Sandworm was probably responsible for the cyberattack. He referenced a previously undisclosed incident involving Sandworm penetrating a Ukrainian telecoms operator a year ago.
Vitiuk acknowledged the complexities of attributing the attack to specific actors but pointed to a group called Solntsepyok, believed to be linked to Sandworm, claiming responsibility for the incident. The SBU thwarted over 4,500 major cyberattacks on Ukrainian governmental bodies and critical infrastructure last year, highlighting an ongoing threat to the country's cybersecurity.
“„This attack is a big message, a big warning, not only to Ukraine but for the whole Western world to understand that no one is untouchable.- Illia Vitiuk
On December 20, Kyivstar's CEO, Oleksandr Komarov, announced that all services had been fully restored nationwide. Vitiuk praised the SBU's incident response efforts in successfully restoring the systems.
Conclusion
The attack on Kyivstar, coinciding with Ukrainian President Volodymyr Zelenskiy's visit to Washington, where he sought continued aid from the West, remains a significant cybersecurity concern. Uncertainties persist regarding the motivations behind the choice of the attack date.
Jump to
Hajra Shannon
Author
Paula M. Graham
Reviewer
Latest Articles
Popular Articles