Ukraine’s Largest Mobile Operator Kyivstar Takes Down Due to Massive Cyberattack

Given that many people in the nation rely on phone alerts to notify them of approaching Russian bombardments, the disruption could be dangerous.

The biggest mobile operator in Ukraine reported that millions of people were unable to access its services on Tuesday morning due to a potent cyberattack.

According to Kyivstar, the company, the attack also impacted internet access, and it was “unclear” when service would be restored. In a nation where many people depend on phone alerts to inform them of approaching Russian bombardments, the disruption presents a genuine risk.

Oleksandr Komarov, the head of Kyivstar, stated in a video statement, “We are working to eliminate the consequences of this attack to restore communication as soon as possible,” stressing that user privacy had not been jeopardized.

Although there was no immediate claim of responsibility and Mr. Komarov did not state clearly who was behind the attack, the implication was obvious.

He declared, “There are many dimensions to the war with Russia, and cyberspace is one of them.”

The S.B.U., the domestic intelligence agency of Ukraine, declared that it would look into the matter and that one of its main lines of inquiry would be whether or not the hack was the result of “Russian special services.”

Authorities in Sumy, a city in northern Ukraine that Russia has regularly bombarded, issued a warning on Tuesday morning regarding an issue with the air alarm system.

The regional military administration of Sumy released a statement stating that “the notification system will not work temporarily.”

According to research from the cybersecurity group NetBlocks, connectivity for Kyivstar users fell from nearly 100% to about 12% on Tuesday morning. Both fixed-line and mobile services were impacted.

Simultaneously, Monobank, a major financial institution in Ukraine, announced that it had also been the target of hackers. Although it was initially unclear if the same hackers were responsible for both attacks, their effects were felt by many. Some people in the western city of Lviv were unable to withdraw cash from ATMs, and public transportation systems’ departure boards were down.

To allow customers to roam on another provider if their service was disrupted, Ukrainian telecom companies teamed up following Russia’s full-scale invasion. However, operators reported that Tuesday’s nationwide roaming program was also down.

The Ukrainian military uses mobile data and smartphones extensively for coordination and communication, particularly for encrypted messaging services. Even though Ukraine has access to other cellular providers and the military makes extensive use of the Starlink satellite, it’s probable that in some locations the Kyivstar outage impacted the troops’ ability to coordinate.

Experts claim that since the invasion in February 2022, attacks on Ukrainian telecom companies have occurred on multiple occasions, including Tuesday. These attacks are believed to be a part of a larger campaign.

According to a report released in February by Google’s Threat Analysis Group, users in Ukraine were the target of Russian government-backed hackers more than any other nation in 2017.

The investigation concluded that although these attackers appear to be primarily focused on the Ukrainian government and military institutions, there is also evidence of a strong focus on vital infrastructure, public utilities, and the media and information space in the campaigns we interfered with.

Microsoft issued a warning in March alleging that new cyberattacks against Ukraine’s government buildings and infrastructure were being planned by a hacker collective linked to the Russian government.

Kyivstar’s Service Outage Rocks Ukraine’s Telecommunications

The strongest cyberattack that Kyivstar, the biggest mobile network provider in Ukraine, has reported experiencing has momentarily disrupted its internet and cellular service. Owned by the publicly traded mobile telecoms operator Veon in Amsterdam, the business is now attempting to resume operations and has promised to reimburse clients for any inconvenience caused.

Kyivstar released a press release saying, “We are working to repair the outage and cooperating with law enforcement bodies.” Additionally, the business guaranteed customers that their personal information was secure.

The outage also caused air raid sirens in the northeastern city of Sumy to malfunction.

The local military authorities declared that they would notify the local population of any impending drone or missile strikes by sending out police and emergency vehicles.

The main bank in Ukraine, PrivatBank, reported that several cash machines were not functioning and may be “unstable” or “have no connection”.

The Ukrainian Security Service has initiated an investigation (SBU).

“One of the versions currently being investigated by SBU investigators is that the Russian special services may be behind this hacker attack,” the SBU stated in a statement.

Russia has not responded, and no one has assigned blame as of yet.

Earlier, Kyivstar said that the “illegal interference” was the reason it had called in law enforcement.

Oleksandr Komarov, the general director of the company, seemed to imply that Russian actors might also be at fault.

“The war with Russia has many dimensions and one of them is in cyberspace,” he stated.

He continued, “We are working to restore communication as soon as possible,” and assured the impacted customers of reimbursement.

According to the operator, no one’s private information was stolen.

In February 2022, Russia initiated a full-scale invasion of Ukraine, and the conflict is currently well into its second year.

Veon, the parent company with Dutch domicile, announced that it would collaborate with Kyivstar on “additional security measures” to avert such occurrences.

Separately, the military intelligence of Ukraine asserted that it had recently conducted a cyberattack against the federal tax system of Russia.

“During the special operation, military intelligence of Ukraine managed to break into one of the well-protected key central servers of the federal tax service,” according to a Telegram statement.

It stated that the fourth day of Russian efforts to resume services had now passed.



from Virtualattacks https://ift.tt/YJK3R1M

Comments