January 4, 2024 at 02:39PM
Russian hackers targeted Ukraine’s largest telecom provider, Kyivstar, in December 2023. They wiped thousands of servers and computers, causing a massive internet outage for its 25 million subscribers. Ukrainian authorities suspect the involvement of the Russian military-linked group, Solntsepek, known for attacking Ukrainian telecom targets since May 2023. Military communications largely remained unaffected due to different security protocols.
Key takeaways from the meeting notes are:
1. Russian hackers targeted Kyivstar, Ukraine’s largest telecommunications service provider, in a cyberattack, causing significant disruptions to its services and network infrastructure.
2. The attack, which occurred in December, resulted in the wiping of thousands of virtual servers and computers and had a notable impact on the civilian population, although it did not significantly disrupt military communications due to Ukraine’s Defense Forces employing different algorithms and communication protocols.
3. The cyberattack was claimed by Russian hackers from the Solntsepek group, believed to be linked to the Sandworm Russian military hacking group.
4. Sandworm, a Russian military intelligence unit, has been confirmed to be behind the December attack on Kyivstar, as well as other cyberattacks targeting Ukrainian telecom operators and ISPs.
5. A report from Ukraine’s Computer Emergency Response Team (CERT-UA) revealed that Russian Sandworm hackers breached the networks of 11 Ukrainian telecom service providers since May 2023, causing service interruptions and deploying scripts to make recovery more challenging.