The cyber assault, linked to the Sandworm cyber warfare unit of Russian military intelligence, caused a disruption in Kyivstar’s services, affecting more than 24.3 million customers and leading to a loss of phone reception.
In December, a cyberattack on Kyivstar, Ukraine’s major telecom giant, was revealed by Ukraine’s Head of Cybersecurity, Illia Vitiuk. The attack, linked to the Russian military intelligence cyberwarfare unit Sandworm, had severe consequences, disrupting Kyivstar’s services and leaving over 24.3 million customers without phone reception. The impact extended beyond the telecom company, affecting banks and leaving Ukrainians in the eastern war zone without connectivity.
Vitiuk emphasized the extensive damage caused by the cyberattack, wiping out a significant amount, including virtual servers and PCs. The attribution to Sandworm, a state-sponsored Russian military intelligence cyberwarfare unit with a history of attacks in Ukraine, adds gravity to the situation.
Kyivstar CEO Oleksandr Komarov acknowledged in a December video statement that the conflict between Ukraine and Russia extends into cyberspace, highlighting the evolving nature of warfare. The revelation that hackers had infiltrated Kyivstar’s system since at least May 2023, potentially gaining full access by November, underscores the sophistication and prolonged operational strategies of the attackers. This raises concerns about critical infrastructure’s vulnerability to cyber threats, emphasizing the urgent need for robust cyber security measures and highlighting the involvement of state-sponsored cyber warfare units in such attacks.