Ukraine’s top mobile operator, Kyivstar, has been hit by what appears to be the largest cyberattack since Russia launched its war on the country in February 2022. The attack, which knocked out services and damaged IT infrastructure, is believed to be aimed at destruction and disruption. In addition to putting millions of people in danger of not receiving alerts of potential Russian air assaults, it also disrupted the air raid alert systems in parts of Kyiv. Despite the attack, Kyivstar’s CEO, Oleksandr Komarov, stated that the personal data of users had not been compromised.
While no specific group has been identified, Russian hacktivist group Killnet claimed responsibility for the attack. However, they did not provide evidence to support their claim. Ukrainian officials and a source close to the country’s cyber defense agency suspect that Russia is the source of the attack, with the possibility of involvement from Russian security services. Kyivstar is working to restore its services, with fixed-line services partially restored already. The company hopes to fully restore all services by Wednesday.
The attack not only affected the mobile network but also disrupted air raid alert systems in more than 75 settlements in the Kyiv region, where millions of Ukrainians rely on phone alerts to warn them of possible Russian air attacks. As a result, the Ukrainian military was not affected by the outage. Some individuals rushed to connect to other network providers, highlighting the impact on people’s day-to-day lives.
Kyivstar’s CEO suggested that the attack may have been aimed at disrupting President Volodymyr Zelenskiy’s visit to the United States, aggravating energy blackouts, or impacting the morale of Ukrainians. Ukraine’s state bodies and companies have frequently accused Russia of orchestrating cyberattacks against them in the past.
The cyberattack on Kyivstar underscores the ongoing conflict between Ukraine and Russia, not only in physical warfare but also in cyberspace. The attack serves as a reminder of the increasing vulnerability of critical infrastructure and the need for heightened cybersecurity measures to mitigate such threats.