WORLD
A+
A-
Reuters: Russian hackers were inside Ukraine telecoms giant for months
04 January 2024 15:29
Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a "big warning" to the West, Ukraine's cyber spy chief told Reuters.
The hack, one of the most dramatic since Russia's full-scale invasion nearly two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from December 12.
In an interview, Illia Vitiuk, head of the Security Service of Ukraine's (SBU) cybersecurity department, disclosed exclusive details about the hack, which he said caused "disastrous" destruction and aimed to land a psychological blow and gather intelligence.
"This attack is a big message, a big warning, not only to Ukraine but for the whole Western world to understand that no one is actually untouchable," he said. He noted Kyivstar was a wealthy, private company that invested a lot in cybersecurity.
The attack wiped "almost everything", including thousands of virtual servers and PCs, he said, describing it as probably the first example of a destructive cyberattack that "completely destroyed the core of a telecoms operator."
During its investigation, the SBU found the hackers probably attempted to penetrate Kyivstar in March or earlier, he said in a Zoom interview on December 27.
"For now, we can say securely, that they were in the system at least since May 2023," he said. "I cannot say right now, since what time they had ... full access: probably at least since November."
The SBU assessed the hackers would have been able to steal personal information, understand the locations of phones, intercept SMS messages and perhaps steal Telegram accounts with the level of access they gained, he said.
A Kyivstar spokesperson said the company was working closely with the SBU to investigate the attack and would take all necessary steps to eliminate future risks, adding: "No facts of leakage of personal and subscriber data have been revealed."
Vitiuk said the SBU helped Kyivstar restore its systems within days and repel new cyber attacks.
"After the major break there were a number of new attempts aimed at dealing more damage to the operator," he said.
Kyivstar is the biggest of Ukraine's three main telecoms operators and there are some 1.1 million Ukrainians who live in small towns and villages where there are no other providers, Vitiuk said.
People rushed to buy other SIM cards because of the attack, creating large queues. ATMs using Kyivstar SIM cards for the internet ceased to work and the air-raid siren - used during missile and drone attacks - did not function properly in some regions, he said.
He said the attack had no big impact on Ukraine's military, which did not rely on telecom operators and made use of what he described as "different algorithms and protocols".
"Speaking about drone detection, speaking about missile detection, luckily, no, this situation didn't affect us strongly," he said.
A Kyivstar spokesperson said the company was working closely with the SBU to investigate the attack and would take all necessary steps to eliminate future risks, adding: "No facts of leakage of personal and subscriber data have been revealed."
Vitiuk said the SBU helped Kyivstar restore its systems within days and repel new cyber attacks.
"After the major break there were a number of new attempts aimed at dealing more damage to the operator," he said.
Kyivstar is the biggest of Ukraine's three main telecoms operators and there are some 1.1 million Ukrainians who live in small towns and villages where there are no other providers, Vitiuk said.
People rushed to buy other SIM cards because of the attack, creating large queues. ATMs using Kyivstar SIM cards for the internet ceased to work and the air-raid siren - used during missile and drone attacks - did not function properly in some regions, he said.
He said the attack had no big impact on Ukraine's military, which did not rely on telecom operators and made use of what he described as "different algorithms and protocols".
"Speaking about drone detection, speaking about missile detection, luckily, no, this situation didn't affect us strongly," he said.
Caliber.Az
Views: 329
editor@caliber.az
+994 55 444-88-98
Азербайджан, Баку, ул. Низами, 203, Af Business House, 5-й этаж