Ukraine’s biggest mobile network operator was hit on Tuesday by what appeared to be the largest cyber attack of the war with Russia so far, knocking out mobile and internet services for millions and the air raid alert system in parts of Kyiv region.
Kyivstar has 24.3 million mobile subscribers – more than half of Ukraine’s population – as well as over 1.1 million home internet subscribers.
Its CEO Oleksandr Komarov said the attack was “a result of” the war with Russia, although he did not say which Russian body he believed to be responsible, and that the company’s IT infrastructure had been “partially destroyed”.
“War is also happening in cyber-space. Unfortunately, we have been hit as a result of this war,” he told a national television broadcast.
Ukraine’s SBU intelligence agency told Reuters one of the possibilities it was investigating was that of a cyber-attack conducted by Russian security services.
Russia’s foreign ministry did not immediately respond to a request for comment.
Komarov said it was unclear when Kyivstar would be able to restore connection.
“(The attack) significantly damaged (our) infrastructure, limited access, we could not counter it at the virtual level, so we shut down Kyivstar physically to limit the enemy’s access,” Komarov said.
STATE ACTOR
A source close to Ukraine’s cyber defence also said that Russia was suspected to be the source of the attack, but no specific group had been identified.
“It’s definitely a state actor,” said the source, who asked not to be identified because of the delicacy of the issue, adding that data cable interception showed “a lot of Russian controlled traffic directed at these networks.”
“There’s no ransom. It’s all destruction. So it’s not a financially motivated attack,” said the source.
Ukrainian officials said that air raid alert systems in more than 75 settlements in the central Kyiv region were affected by the cyber attack.
Kyivstar, owned by Amsterdam-listed mobile telecoms operator Veon VON.AS, said in a statement on Facebook that it was working to repair the outage and was cooperating with law enforcement bodies.
Veon said it was also investigating the attack and it could not yet quantify the financial impact.
Komarov said two databases containing customer data had been damaged and were currently locked.
“The most important thing is that the personal data of users has not been compromised,” Kyivstar said in its statement, promising to compensate customers for loss of access to services.
Separately, the co-founder of Monobank, a major Ukrainian payment system, said in a social media post that his company was currently suffering a distributed denial of service (DDoS) attack, but that everything was “under control”. He subsequently said that attack had been fought off.
Representatives of PrivatBank and Oschadbank, two major Ukrainian financial institutions, told media outlet Hromadske that part of their ATM machines and card terminals had been affected by the Kyivstar outage.
Ukrainian state bodies and companies have often accused Russia of orchestrating cyber attacks against them in the past.
(Reuters)