Russian hackers breached "Kyivstar" security through an employee's account
The cyber attack on the national operator "Kyivstar" was a result of an employee's account being compromised. "Kyivstar" CEO Oleksandr Komarov announced this on the telethon on December 13, NV reports.
According to him, the hackers managed to access the company's infrastructure through this account, thus breaching the company's defenses.
This shows, said Komarov, that even the most protected infrastructure can be affected.
He explained that "Kyivstar" uses cutting-edge security technology from global suppliers.
According to him, since the start of Russia's full-scale invasion, the operator has repelled about 500 "more or less serious" cyberattacks. However, any organization can have people who "help direct Russian missiles, so to speak, or give away their passwords," the CEO added.
As the IMI reported, the mobile operator "Kyivstar" suffered a large-scale outage in the morning of December 12. Users cannot make calls, send messages, or check their account. They also have no Internet access and can not log into the "Kyivstar" app. The company's website is down.
"Kyivstar" reported an intense cyber attack that caused the technical failure.
Due to the problems with "Kyivstar", some PrivatBank POS terminals, ATMs and self-service terminals may be unstable or have no connection.
There are technical issues with the mobile operator Vodafone's app.
Monobank suffered a massive DDoS attack, reported the bank's co-founder Oleh Horokhovsky.
The large-scale Kyivstar outage led to some Oschadbank ATMs, POS terminals and information and payment terminals being out of function.
In Sumy, Kharkiv and part of Kyiv oblast, the "Kyivstar" outage resulted in the air raid alert system not working.
Oleksandr Komarov, "Kyivstar" CEO, has said that the company's IT infrastructure was partially destroyed by the hacker attack.
The Security Service of Ukraine has opened a case regarding the cyber attack on "Kyivstar". One of the theories currently being under investigation is that the Russian special services may be behind the hacker attack.
The SBU also claims that the Russian hacker group Solntsepek, which claimed responsibility for the cyberattack on "Kyivstar", is a unit of the General Directorate of the Russian Armed Forces' General Staff.
According to dev.ua, "Solntsepek" previously claimed responsibility for the attacks on Suspilne, Channel 24, "Gordon", various providers and the Ministry of Community and Territorial Development. According to the media outlet, this group may have ties the elite GRU hacker unit Sandworm, which works for the Kremlin.
According to the State Special Communications Service, "Kyivstar" subscribers were blocked from accessing national roaming in order not to overload other mobile operator networks.
"Kyivstar" assured that despite the outage that occurred after the hacker attack on December 12, subscriber information and personal data are safe.
Help us be even more cool!