On December 12 [4], Kyivstar [1] [2] [3] [4] [5] [6] [7] [8], Ukraine’s largest mobile network operator [4] [6] [7], experienced a powerful cyberattack believed to be of Russian origin. This attack resulted in a temporary shutdown of its cellular and internet services [4], impacting over 24 million subscribers [8]. The incident has raised concerns about the ongoing war with Russia and the potential involvement of Russian special services.

Description

Kyivstar’s cyberattack occurred on December 12, causing a technical failure and disrupting phone and internet services for its 24 million subscribers. The attack, believed to be of Russian origin [5], affected both Ukraine and areas where people have fled due to Russia’s invasion [8]. It resulted in the loss of mobile phone and internet service in some regions [8], disabling early-warning air raid systems and shutting down bank machines.

Kyivstar’s CEO [1] [2] [5] [6], Oleksandr Komarov [2] [5] [6], attributed the attack to the ongoing war with Russia but did not specify the responsible Russian body [6]. The Ukrainian intelligence service [8], the SBU [8], is investigating the possibility of Russian involvement and has opened criminal investigations into the incident [8]. The company’s IT infrastructure has been partially destroyed [6], and two databases containing customer data have been damaged [6]. However, subscribers’ personal data has not been compromised.

Kyivstar is diligently working to restore communication as soon as possible and is cooperating with law enforcement. The financial impact of the attack is still being assessed [6]. Other Ukrainian institutions [6], including Monobank and major financial institutions [6], have also reported being targeted by hackers [7].

Despite the attack [1] [8], emergency services’ mobile numbers are still functioning normally [4]. Kyivstar is expected to resume operations within four or five hours [4]. The incident is one of the largest cyberattacks against a Ukrainian company since Russia’s invasion last year [3]. It has had a heavy impact on the capital and other major cities [3], affecting both mobile and fixed-line services [3]. Kyivstar has been a target of cyberattacks from Russia since the invasion began [3].

Conclusion

The cyberattack on Kyivstar has had significant impacts, disrupting cellular and internet services for millions of subscribers and disabling critical systems such as early-warning air raid systems. The incident highlights the ongoing war with Russia and the potential involvement of Russian special services. It also raises concerns about the vulnerability of Ukrainian institutions to cyberattacks.

Efforts are underway to restore communication and investigate the attack, with the Ukrainian intelligence service conducting criminal investigations. The financial impact of the attack is still being assessed [6]. Additionally, other Ukrainian institutions have reported being targeted by hackers, indicating a broader threat to the country’s cybersecurity.

Moving forward, it is crucial for Kyivstar and other Ukrainian companies to enhance their cybersecurity measures to mitigate future attacks. The incident serves as a reminder of the ongoing cyber threats faced by Ukraine and the need for continued vigilance in protecting critical infrastructure and customer data.

References

[1] https://www.cnn.com/2023/12/12/europe/ukraine-cyber-attack/index.html
[2] https://techcrunch.com/2023/12/12/ukraine-largest-mobile-operator-kyivstar-downed-by-powerful-cyberattack/
[3] https://www.politico.com/news/2023/12/12/telecom-internet-russia-ukraine-cyberattack-00131301
[4] https://www.rferl.org/a/ukraine-cyberattack-phone-network/32727275.html
[5] https://news.yahoo.com/russian-cyberattack-shuts-down-ukraine-155702445.html
[6] https://www.abc.net.au/news/2023-12-13/ukraine-cyber-attack-knocks-out-service/103221438
[7] https://www.infosecurity-magazine.com/news/ukraine-kyivstar-hacked-war-russia/
[8] https://www.bostonglobe.com/2023/12/12/world/cyberattack-hits-kyiv-knocking-out-phone-internet-service/