Ukraine’s biggest mobile network operator has suffered a cyber attack connected to its ongoing conflict with Russia. Kyivstar, which has more than half of Ukraine’s population as mobile subscribers, said earlier this week that it had been targeted by a “powerful hacker attack” that knocked internet access and mobile communications and damaged IT infrastructure. It also disrupted air raid alert systems in parts of Kyiv.
The company’s CEO Oleksandr Komarov said the attack was a result of the war with Russia, reported Reuters. “War is also happening in cyber space. Unfortunately, we have been hit as a result of this war,” he told national television. “(The attack) significantly damaged (our) infrastructure, limited access, we could not counter it at the virtual level, so we shut down Kyivstar physically to limit the enemy’s access.”
Russian hacktivist group Killnet claimed responsibility for the attack via a statement on the Telegram messaging app, but did not provide evidence to support its claims.
In a Facebook post, Kyivstar said it was investigating the issue with law enforcement agencies and was “working to eliminate the consequences and restore communications” as soon as possible. The incident has been reported to Ukrainian state services, it added.
“The most important thing is that, as of now, the personal data of subscribers has not been compromised. Our team will definitely compensate those subscribers who had no connection or could not use our services,” the firm said. “Yes, our enemies are cunning. But we are ready to face any challenges, overcome them and continue working for Ukrainians.”
In a post on X (formerly Twitter), internet monitoring company NetBlocks wrote: “The cyber attack on Ukraine’s Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to air raid alert network and banking sector as work continues to restore connectivity.”
“Cyber attacks are geopolitical, there is no doubt about it. When thinking about the theatre of war, communications are always a critical target,” commented Bobby Cornwell, threat detection expert at cyber security company SonicWall. “If an attacker can confuse different parties, it will eventually stir up chaos. Cutting off the cellular phones which are used in the battlefield due to lack of other types of communications, can cause troops to be misinformed/misguided, or vulnerable.”
There’s an overlooked aspect that often escapes many people’s thoughts – access to the telecom infrastructure, he said. “While hacking can dismantle communication networks, what if the hacker’s aim isn’t to disrupt but to camouflage their true goal? Imagine a scenario where a threat actor infiltrates a telecom company’s computer systems with a trojan horse, gaining access to phone telemetry.” Threat actors could exploit compromised phones to pinpoint their location and launch targeted attacks, he added. “This is not far-fetched, it’s an unfortunate reality of an ever-evolving cyber threat landscape.”
Russia is upping its cyber offensive, shifting its tactics to target western critical national infrastructure (CNI) and increasing its use of hacktivism, according to new research from cyber security firm Cyjax. The Cyber Winter of Discontent report analyzes the conflict in Ukraine and predicts how Russia may conduct cyber military activity over the coming winter.
It found that Russia is facing a crisis of resources and manpower and, with Ukraine receiving a steady supply of defensive weapons and technology from the West, Russia may struggle to effectively deploy malware against its CNI at scale. As such, analysts believe that Russia may turn its attention to more cost-effective tactics outside of the region in an effort to disrupt supply chains and deter the West from supplying its ally.
Cyjax has observed several hacktivist groups increasing in activity including UserSec, SiergedSec, NoName057, Anonymous Sudan, AnonymousRussia and Killnet. The firm has also detected many pro-Kremlin hacktivist collectives switching their targeting away from Ukraine to attacks on organizations based in Israel and those countries supporting it.
“The West’s support to Ukraine’s cyber defenses has stagnated Russian attacks, putting Russia in a difficult position as it struggles to find resources for a cyber and kinetic attack,” said Roman Faithfull, cyber intelligence Lead at Cyjax. “Thus far, Russia’s cyber warfare against Ukraine CNI hasn’t paid off which is why it makes sense that it would turn its attention to western CNI to induce war fatigue and disrupt supply chains.”
This week, the UK’s Joint Committee on the National Security Strategy warned of the catastrophic ransomware risk faced by UK CNI, with the lack of planning for such an incident meaning that the entire country is essentially being held “hostage to fortune.” Earlier this month, an international cyber security advisory from multiple governments accused the Russian FSB of carrying out a spear-phishing campaign against the UK, US and allies.
Join the global cyber security online community
With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.
With more than 140,000 members, Cyber Security Hub is the vibrant community connecting cyber security professionals around the world.
BlackCat/ALPHV ransomware group leaked photos of what appears to be stolen passports, contact lists,…
Hackers stole information on all users of Okta’s customer support system
The Canadian government has disclosed a data breach after contractor hacks exposed information datin…
Data breach exposed includes Social Security numbers, information on physical and mental health cond…
US federal agencies are revealed to be the latest victims of hacking group Clop
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC
Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.
