iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Ukraine’s largest telecommunications service provider, Kyivstar, has been brought down by a major cyber attack, disabling network coverage and internet access for its subscribers, as well as bringing down the website.
The telco services over half of Ukraine’s population in its 24.3 million mobile subscribers alone, alongside an additional 1.1 million home internet customers.
Kyivstar first issued a warning regarding the outage, citing a “technical failure” on its network, and said that its specialists were working on restoring services.
However, hours later, it confirmed that the outage was the result of a cyber attack.
“This morning, we were the target of a powerful hacker attack,” the telco wrote on X (formerly Twitter).
“It caused a technical failure, as a result of which services are temporarily unavailable.”
Kyivstar also confirmed that it is working to resolve the issue and mitigate further damage and that it has informed law enforcement of the incident.
Following this, the Security Service of Ukraine (SSU or SBU) has said that it has engaged criminal proceedings under eight articles of the Criminal Code of Ukraine.
The SSU also alleges that Russia may be to blame for the attack.
“One of the versions currently being investigated by SBU investigators is that the Russian special services may be behind this hacker attack,” it said.
Since the breach, the Killnet ransomware group has claimed responsibility for the attack. In a post on its Telegram, Killnet has said that it launched the attack to test the capabilities of a new partnership it has with another group called Deanon Club.
"Today we are back. An attack was carried out on Ukrainian mobile operators, as well as on some banks," it wrote.
"Today we were just testing what our new colleagues are capable of..."
The two groups reportedly first joined forces in February to form a sort-of cybercrime supergroup called Infinity Team. Both groups appear to be pro-Russian, and have unconfirmed ties with Russian government and security and intelligence.
Infinity Team has its own forum and marketplace, on which it sells stolen resources and services such as DDoS. It has also been observed requesting donations from its followers.
Kyivstar called out its enemies in its announcement, saying that its commitment was to servicing the people of Ukraine.
“Yes, our enemies are treacherous. But we are ready to face any difficulties, overcome them and continue to work for Ukrainians.”
The telco has iterated that, fortunately, no personal data belonging to subscribers has been compromised. It also added that it would be compensating those who were unable to use its services.
“We sincerely apologise for the temporary inconvenience and thank you for your understanding,” it added.
Kyivstar’s commitment to compensating its customers is a major contrast with Australian telco Optus, which has been critiqued for its lack of compensation following the outage it suffered last month.
The outage, which came a year after the company suffered one of the largest cyber attacks Australia has ever seen, affecting 9.7 million people, lasted approximately 12 to 13 hours, leaving customers without access to its network.
While Optus announced basic compensation, which included additional data for its customers, the telco was heavily criticised for not financially compensating those unable to operate their businesses due to the outage.
On top of this, Optus suffered yet another outage yesterday (12 December), which left thousands of Victorian customers without the ability to make calls.
The company said this was a result of two separate issues that happened at the same time.
Services have since returned to normal.
Updated 13/12/2023 to add the Killnet claim and information regarding Deanon Club and Infinity Team.
Be the first to hear the latest developments in the cyber industry.
