Kyivstar, the leading Ukrainian telecommunications operator, fell victim to a stealthy attack, uncovering the presence of Russian hackers in its networks since May 2023. The inflicted damage has been substantial.
Amidst Russia’s invasion of Ukraine, which unfolds in the skies and on land, an intense cyber battle is also underway, with Moscow inflicting significant harm on its adversary. Following the neutralization of several surveillance cameras in Kiev, which were under Russian surveillance in recent days, the head of Ukrainian cyber espionage acknowledged that hackers had breached the system of Kyivstar, the country’s largest operator.
A meticulously planned cyber assault
The attack, initially reported last month, was actually launched last spring. A group operating under the name Solntsepyok claimed responsibility for the malicious act and was identified as the entity that breached Kyivstar’s computer system in May 2023. The hacker collective is affiliated with Russia and the Sandworm group, which has previously caused extensive damage in Ukraine, exhibiting a strong inclination for espionage and data theft, particularly in the energy sector.
Illia Vitiuk, the head of cybersecurity at the Ukrainian Security Service (SBU), emphasized the sophistication of the attack, stating that the assailants likely gained full access as early as November.
The attack was meticulously planned over months, devastating the core infrastructure of the operator. Although Kyivstar managed to restore most of its operations, it refrained from disclosing specifics about how Russian hackers infiltrated its network.
Russian hackers led to the destruction of thousands of servers and computers
Authorities assure that, at this stage, no subscriber’s personal data has been compromised, although the cyberattack destroyed thousands of servers and computers within the company. While Kyivstar was initially hesitant to confirm the severity of the incident, the operator has restored its operations while remaining silent about the details of the compromise. This intrusion underscores the necessity for constant vigilance against state-sponsored cyber threats.
This revelation surfaces as the SBU recently discovered and neutralized two online surveillance cameras hacked by Russian intelligence services. These cameras were utilized to spy on the defense forces and critical infrastructure of Kiev.
The persistent threat demonstrates the intent of hostile actors to target various strategic sectors, highlighting the significance of national cybersecurity and Western cooperation. The memory of the cyberattack that struck Viasat in February 2023, disrupting the KA-SAT satellite network and Ukrainian command and control, hasn’t faded. Now, it’s Kyivstar’s turn to strive to recover from this devastating attack.