- A massive cyber-attack has left millions of Ukrainians without mobile and internet services for a second day, disrupting the country’s main telecommunications operator, Kyivstar
- Kyivstar CEO Oleksandr Komarov described the attack as “well-planned and professional”, resulting in a significant hit on the company’s infrastructure and forcing the physical disconnection of Kyivstar from the network
- A Russian hacker collective called Solntsepek has claimed responsibility for the attack, citing Kyivstar’s support of the Armed Forces of Ukraine as the reason for the attack
On Tuesday, more than half of Ukraine’s population, some 24.3 million people, woke up to find themselves without any mobile signal, causing issues such as the inability to access air raid alerts and information on Russian attacks. Shops were no longer able to process credit card payments, many ATMs were non-functional, and automatic street lighting control in Lviv also failed.
Kyivstar, the country’s main telecommunications operator, quickly identified the cause as a cyber-attack. CEO Oleksandr Komarov explained to Kyiv Post, “It was a well-planned and professional attack from all perspectives – not only from the cyber angle but also from the telecoms perspective. It’s an enormous hit on the infrastructure.” Technicians later discovered a perimeter vulnerability which had been exploited by the hackers.
In terms of the extent of the damage, Komarov stated that the attack had significantly damaged the company’s IT infrastructure, to the point where they had to physically disconnect Kyivstar from the network. The company’s priority following the attack is to fix the issues and ensure no vulnerabilities are left open during the recovery process.
A Russian hacker collective called Solntsepek took responsibility for the attack via a post on social media platform Telegram, stating that they attacked Kyivstar because the company provides communication services to the Armed Forces of Ukraine, as well as government agencies and law enforcement agencies in the country. However, Kyivstar denied the group’s claim that they had destroyed large quantities of computers and servers.
Kyivstar’s spokesman, Volodymyr Fityo, reported that the Armed Forces’ operations have not been impacted by the attack. Despite the inconvenience for civilians, the military was not significantly affected.
Komarov suggested a number of potential triggers for the attack, including the company’s exit from Russia, its patriotic stance, its critical infrastructure status, and the recent visit to the US by President Zelensky.