The largest Ukrainian mobile operator Kyivstar has resumed providing all basic services to its customers following a large-scale hacker attack, the company’s press service reported.
“The company’s specialists worked non-stop to swiftly restore subscribers’ ability to use all communication services throughout Ukraine and abroad after the largest hacker attack in the history of the global telecommunications market,” the message reads.
Kyivstar also extended its gratitude to all customers, partners, state authorities, and particularly the Security Service of Ukraine (SBU) for “continuing to support and believe in us during such a critical situation.”
As compensation, the company is canceling the plan fee for all its users.
Additionally, Kyivstar is allocating Hr.100 million ($3.8 million) for the needs of the Armed Forces of Ukraine (AFU).
“In social networks, we saw many proposals to redirect personal compensation of subscribers to help the Armed Forces. We decided not to choose between compensation or donations,” Oleksandr Komarov, the company’s CEO, said.
Kyivstar promises to provide information about the target of allocated funds later.
Yesterday morning, Kyivstar subscribers complained about the lack of communication and the inability to check the status of their account. They also said that other services in the application did not work.
Later, however, the operator said it had remedied the communication difficulties. Kyivstar communications director Hanna Zakharash emphasized that this failure was not due to a new cyberattack but the residual consequences of fixing the previous one.
On the morning of Dec. 12, some 24.3 million people in Ukraine – over half the country’s population – found themselves without any mobile signal, a serious issue in a country where many rely on mobile phones for air raid alerts and information on Russian attacks.
Additionally, shops throughout the country were unable to process credit payments, many ATMs could not function and even the automatic control of street lighting in Lviv failed.
It soon became clear that Kyivstar had been the victim of a cyber-attack, and upon further investigation, the scale and seriousness of the damage became apparent.
Kyivstar CEO Oleksandr Komarov, told Kyiv Post: “It was a well-planned and professional attack from all perspectives – not only from the cyber angle but also from the telecoms perspective.
As for how the attack was achieved, Komarov said technicians had discovered “a perimeter vulnerability that was used by hackers.”
The scale of the damage was massive. In an earlier interview with Ukrainian TV, Komarov said Kyivstar’s IT infrastructure was “significantly damaged” and as the attack could not be countered virtually, they “physically disconnected Kyivstar from the network.”
The next day the company announced it had partially restored some fixed-line communications.
Obviously, Russia is the main suspect, and the scale of that attack almost certainly indicates it was a state actor. A security source told Reuters that data cable interception showed “a lot of Russian-controlled traffic directed at these networks.”
Ukraine’s SBU opened a criminal investigation and sent agents to the company’s offices. “The special services of the Russian Federation may be behind this hacker attack,” the SBU said.
A Russian hacker collective called Solntsepek claimed responsibility, saying in a post on Telegram: “We, the Solntsepek hackers, take full responsibility for the cyber-attack on Kyivstar.
“We attacked Kyivstar because the company provides communications to the Armed Forces of Ukraine, as well as government agencies and law enforcement agencies of Ukraine.”
The group also claimed to have destroyed a large number of computers and servers but Kyivstar in a statement denied that this was true.
You can also highlight the text and press Ctrl + Enter