Ukraine’s largest mobile network operator has suffered a cyberattack linked to its ongoing conflict with Russia. Kyivstar, which has more than half of Ukraine’s population as mobile subscribers, said earlier this week that it had been targeted by a “powerful hacker attack”, which affected Internet access and mobile communications and disrupted IT infrastructure. Damaged the structure. It also disrupted air raid warning systems in parts of Kyiv.
According to the report, the company’s CEO Oleksandr Komarov said that the attack was a result of the war with Russia. reuters“There is a war taking place in cyber space also. Unfortunately, we have been affected as a result of this war,” he told national television. “(The attack) caused significant damage to our infrastructure, limited access, we could not counter it at the virtual level, so we closed Kyivstar physically to limit the enemy’s access.”
Russian hacktivist group Killnet claimed responsibility for the attack via a statement on the Telegram messaging app, but did not provide evidence to support its claims.
Customers’ personal data will not be compromised
In a Facebook post, Kyivstar said it was investigating the issue with law enforcement agencies and was “working to eliminate the consequences and restore communications” as quickly as possible. It said the incident had been reported to Ukrainian state services.
“Most importantly, so far, customers’ personal data has not been compromised. Our team will definitely compensate those customers who had no connection or could not use our services,” the firm said. “Yes, our enemies are cunning. But we are ready to face any challenges, overcome them, and continue working for Ukrainians.”
In a post on “It has been reported that the network and banking sector should be raided while continuing the work to restore connectivity.”
Cyberattacks are often geopolitical
“Cyber attacks are geopolitical, there is no doubt about that. When thinking about theater of war, communications is always an important goal,” commented Bobby Cornwell, threat detection expert at cybersecurity company SonicWall. “If an attacker can confuse different parties, it will eventually lead to chaos. Shutting down cellular phones used on the battlefield may put soldiers at risk of being misinformed/misled or unsafe due to the lack of other forms of communication.’
That said, there is an overlooked aspect that is often lost on many people’s minds – access to telecommunications infrastructure. “Although hacking can destroy communications networks, what if the hacker’s objective is not to disrupt but to conceal his real goal? Imagine a scenario where a threat actor infiltrates a telecom company’s computer systems with a Trojan horse, and gains access to phone telemetry. Threat actors can take advantage of compromised phones to trace their location and launch targeted attacks, he said. “This is not a far-fetched idea, it is an unfortunate reality of the constantly evolving cyber threat landscape.”
Russia’s winter cyber attack
Russia is stepping up its cyberattacks, changing its tactics to target Western critical national infrastructure (CNI) and increasing its use of hacktivism, according to new research from cybersecurity firm Cyzax. The Cyber Winter of Discontent report analyzes the conflict in Ukraine and predicts how Russia might conduct cyber military activity in the coming winter.
It found that with Russia facing a crisis of resources and manpower and Ukraine receiving a steady supply of defensive weapons and technology from the West, Russia would need to effectively deploy large-scale malware against its CNI. You may have to struggle. As such, analysts believe Russia may focus its attention on more cost-effective strategies outside the region in an effort to disrupt supply chains and prevent the West from supplying its ally.
Cyjax has observed an increase in activity from several hacktivist groups, including UserSec, SerZSec, Noname057, Anonymous Sudan, AnonymousRussia, and Killnet. The firm has also detected several pro-Kremlin hacktivist groups that are shifting their focus from Ukraine to attacks on Israel-based organizations and the countries that support them.
“The West’s support for Ukraine’s cybersecurity has deterred Russian attacks, putting Russia in a difficult position as it struggles to find resources for cyber and kinetic attacks,” said Roman Faithful, cyber intelligence lead at Cyjax. Is.” “So far, Russia’s cyber warfare against Ukraine CNI has yielded no results, which is why it makes sense that it would turn its attention to Western CNI to cause battle fatigue and disrupt supply chains “
This week, the UK Joint Committee on National Security Strategy warned of the devastating ransomware risk faced by UK CNI, saying a lack of planning for such an event means the entire country is essentially being held “hostage to fate”. Used to be. Earlier this month, an international cybersecurity advisory to several governments accused the Russian FSB of conducting a spear-phishing campaign against the UK, US and allies.
