Russian hackers have been inside Ukrainian telecoms company Kyivstar's system since at least May of last year, causing the most severe cyberattack on Ukrainian networks.
Approximately 24 million users could not access services offered by Ukraine's largest telecom operator for several days starting on December 12 due to the severe attack.
Vitiuk mentioned that Kyivstar was a well-funded private business with significant cybersecurity investments.
The SBU discovered throughout its investigation that the hackers most likely tried to access Kyivstar in March or earlier.
Vitiuk declared that he was pretty sure Sandworm, a cyber warfare unit of Russian military intelligence connected to cyberattacks in Ukraine and other countries, was responsible for the operation.
The SBU suspected a group known as Solntsepyok of having ties to Sandworm, and they claimed responsibility for the attack.
Investigators are still trying to figure out how Kyivstar was compromised and what kind of trojan horse malware was used to get in.
They also mentioned that it might have been phishing, an insider assisting out, or something else entirely.
The samples of that malware had been found and were being examined.
Further, the firm was closely collaborating with the SBU to look into the incident and that it would take all necessary precautions to limit future risks.
Oleksandr Komarov, the CEO of Kyivstar, announced on December 20 that all of the business's services had been fully restored across the nation.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 08 Jan 2024 14:20:04 +0000