A hacker group calling itself Solntsepek, which has strong ties to Russia’s infamous Sandworm hackers, has claimed responsibility for a cyberattack on Ukrainian telecom company Kyivstar. The group, previously linked to Russia’s GRU military intelligence agency, has a history of launching disruptive cyberattacks against various targets in Ukraine. The recent attack on Kyivstar resulted in the blocking of essential services and disrupted communications for millions of users. While the Ukrainian government and cybersecurity experts have not officially attributed the attack to any specific group, Solntsepek’s claim and its association with Sandworm suggest their involvement.
According to Ukraine’s Computer Emergency Response Team (CERT-UA), the attack on Kyivstar resulted in the blocking of vital services within the company’s technology network. Kyivstar’s CEO, Oleksandr Komarov, acknowledged the significant damage to the company’s infrastructure, stating that they were unable to counter the attack at a virtual level, leading to the decision to physically shut down Kyivstar to restrict the hacker’s access. Komarov emphasized that cyberwarfare is a real threat and that Kyivstar fell victim to it.
Although the Ukrainian government and cybersecurity experts have not officially identified the responsible group, Solntsepek, in a post on Telegram, claimed responsibility for the cyberattack on Kyivstar. The hacker group stated that they destroyed thousands of computers, servers, and cloud storage systems belonging to Kyivstar. Their motivation for targeting the company stems from its provision of communication services to the Ukrainian Armed Forces and other government and law enforcement agencies.
Solntsepek, known to be a front for the Sandworm hacker group within Russia’s GRU, has been previously involved in similar incidents, according to John Hultquist, the head of threat intelligence at cybersecurity firm Mandiant. Hultquist noted that Sandworm has a consistent focus on this type of disruptive activity. While the Ukrainian government and cybersecurity experts continue their investigations, Solntsepek’s claim further strengthens the suspicion that Sandworm played a role in this cyberattack.
The attack on Kyivstar serves as another reminder of the ongoing cyber threats faced by governments, organizations, and individuals. The disruptive nature of these attacks highlights the need for robust cybersecurity measures and constant vigilance. As the investigation unfolds, it is crucial to identify and hold accountable those responsible for such malicious acts, ensuring that necessary steps are taken to prevent future cyber disruptions.
In the face of emerging cyber threats, it is essential for companies, governments, and individuals to prioritize their cybersecurity practices to safeguard their systems and data. The interconnectedness of our digital world requires constant efforts to stay one step ahead of malicious actors. By investing in robust cybersecurity measures and maintaining awareness of evolving threats, we can mitigate the risks and protect ourselves from devastating cyberattacks.