January 5, 2024 at 03:27AM
Ukrainian authorities reported a cyber attack by the Russian state-sponsored group Sandworm, which breached telecom operator Kyivstar’s systems, leading to service disruption for millions. A Russia-linked hacking group, Solntsepyok, claimed responsibility. The attack wiped out data from thousands of servers, and the Security Service of Ukraine suspects the attackers had access since at least May 2023.
Summary of Meeting Notes:
– Ukrainian cybersecurity authorities disclosed that the Russian state-sponsored threat actor Sandworm penetrated telecom operator Kyivstar’s systems, leading to a powerful hacker attack last month. This disrupted mobile and internet services for millions of customers.
– The Russia-linked hacking group Solntsepyok claimed responsibility for the breach and is associated with the GRU.
– Solntsepyok has a history of disruptive cyber attacks, including targeting energy sector companies and allegedly hacking surveillance cameras in Kyiv.
– Illia Vitiuk, head of the SBU’s cybersecurity department, stated that the attack wiped out nearly everything from thousands of virtual servers and computers, posing a significant threat to the telecom operator’s infrastructure.
– Kyivstar, despite restoring its operations, is uncertain about how the threat actor accessed its network and has denied claims of personal data compromise.
– The SBU revealed that Russian intelligence agencies allegedly hacked surveillance cameras in Kyiv to spy on defense forces and critical infrastructure.