The spy chief of Ukraine, Illia Vitiukexplained this Thursday, 4, that Russian hackers infiltrated into the Ukrainian telecommunications giant's systems for months Kievstar since May last year. According to the Portal news agency, the breach would have been responsible for the disruption of services that the company provided to 24 million users in the country from December 12 to 19.
“This attack is a big message, a big warning, not only for Ukraine but for the entire Western world to understand that no one is truly untouchable,” Vitiuk warned, adding that the operator has invested heavily in cybersecurity .
The spy chief claimed that the Russian group wiped out “almost everything” under the company's control, in the first attack in the country's history that completely destroyed “the core of a telecom operator.” Although there is only evidence of last May's invasion, Vitiuk believes that the criminals tried to take control of Kyivstar before March 2023.
According to him, the Security Service of Ukraine (SBU) assumed that hackers would have been able to steal personal data, locate phones, intercept SMS messages and possibly infiltrate Telegram accounts. Vitiuk said Ukrainian intelligence helped Kyivstar restore its systems within days and fend off new cyberattacks.
Continued after advertisement
+ Russia and Ukraine carry out the largest prisoner exchange since the start of the war
Threat concerns
Kyivstar is the country's largest telecommunications operator and the only one providing services to 1.1 million Ukrainians. In view of the Russian threat, fear overwhelmed customers and led to long queues when exchanging cell phone SIM cards. In addition to accessing users' private data, the group also blocked companyprovided ATMs with internet connectivity and prevented air raid sirens from operating in some regions.
Despite widespread fears, Vitiuk assured Portal that Ukrainian forces, which have been at war with Russia since February 2022, were not affected by the attack because they were working with “different algorithms and protocols.”
Continued after advertisement
+ Russia again accuses Kiev of attacking its territory with missiles and drones
History of Invasions
The massive destruction of Kyivstar's cyber infrastructure made it difficult to advance the investigation, but the spy chief said he was “almost certain” the intrusion was the work of Sandworm, a cyber warfare unit of Russian military intelligence associated with other attacks related to Ukrainian systems. . He assumes that the Solntsepyok team, which claimed responsibility for the crime, is connected to the unit.
Vitiuk also revealed that Sandworm also hacked a second local operator, without providing further details. However, the breakin was immediately contained by SBU agents who were inside the Russian systems.
Continued after advertisement
To date, the SBU has thwarted more than 4,500 attacks on Ukrainian government infrastructure and facilities in the last twelve months.