Sandworm hacker group behind cyber attack on Kyivstar – Security Service of Ukraine
The hacker group Sandworm, which is a regular unit of Russian military intelligence, was behind the cyber attack on the Ukrainian mobile operator Kyivstar at the end of December 2023, Head of the Security Service of Ukraine’s (SBU) cybersecurity department Illia Vitiuk said in an interview with Reuters.
“The SBU helped Kyivstar restore its systems within days and to repel new cyber attacks. After the major break, there were a number of new attempts aimed at dealing more damage to the operator,” the SBU press service quoted Vitiuk on its Telegram channel on Thursday.
According to the head of the department, the enemy planned to strike several times in a row, seeking to leave people without communication for as long as possible. “In this case, other operators might not be able to withstand a prolonged overload of their networks,” he said.
Vitiuk said that the SBU continues to investigate the case of a large-scale hack of Kyivstar under several articles of the Criminal Code of Ukraine.
“Currently, cyber specialists of the Security Service are already examining individual samples of malicious software used by the enemy. The attack was diligently prepared for many months,” the head of the SBU department said.
Vitiuk confirmed that the hacker group Sandworm, a regular unit of Russian military intelligence and has previously repeatedly carried out cyber attacks on Ukrainian targets, including telecom operators and Internet providers, is behind this attack. He also emphasized that this cyber attack had a significant impact on civilians but did not have a serious effect on military communications, since the Defense Forces use different algorithms and communication protocols.
In general, according to Vitiuk, since the beginning of the full-scale invasion, the SBU has detected about 9,000 cyber attacks on government resources and critical infrastructure facilities in Ukraine.
