Ransomware

Kyivstar Cyberattack And The $90 Million Recovery Efforts

The was not an isolated incident but rather part of a broader pattern of cyber aggression.

by Ashish Khaitan May 21, 2024 in Firewall Daily, Cybersecurity News Reading Time: 3 mins read 0

586 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

Ukraine's leading mobile operator, Kyivstar, is facing the aftermath of last year's cyberattack. In December 2023, the telecom provider faced, what is described by the CEO as, the “biggest infrastructure in the world”, which left several operations down. 

CEO Oleksandr Komarov revealed the impact on Kyivstar's growth trajectory, stating, “Before the cyberattack, we were moving with an increase of 11%-12% quarter-on-quarter in 2023. The cyberattack ate up about 3% of annual growth.” While specifics on the affected growth aspects were not provided, Komarov emphasized the significant setback faced by the company.

Kyivstar Cyberattack Update

According to Reuters, the $90 Million allocation is earmarked for repairing infrastructure damage, fortifying the system against future breaches, and implementing a loyalty program for clients. Kyivstar, a subsidiary of Amsterdam-listed Veon, boasts 24.3 million mobile subscribers and over 1.1 million home internet subscribers, highlighting its significant presence in the Ukrainian telecommunications market.

The cyberattack on Kyivstar was not an isolated incident but rather part of a broader pattern of cyber aggression. According to Illia Vitiuk, the head of Ukraine's cybersecurity department, Russian hackers had infiltrated Kyivstar's infrastructure months before the December attack. 

The attack, attributed to the Russian state-controlled hacker group Sandworm, left a trail of destruction, wiping out crucial network functions and disrupting services for an extended period.

The Technical Details of the Kyivstar Cyberattack

Vitiuk's assessment suggests that the attackers may have gained full access to Kyivstar's network as early as November 2023, indicating a prolonged period of vulnerability. The attack's severity prompted concerns about potential data theft, interception of communications, and the compromise of sensitive information.

While Kyivstar maintains that no personal or subscriber data was leaked, the incident highlights the grave cybersecurity risks faced by telecommunications operators. The attack's objectives, according to Vitiuk, extended beyond mere disruption, aiming to deliver a psychological blow and gather intelligence. He emphasized the attack's significance as a warning to the Western world, highlighting the escalating cyber threats posed by state-sponsored actors.

Despite the challenges posed by the cyberattack, Kyivstar remains committed to restoring normalcy and strengthening its cybersecurity posture. The allocation of substantial resources highlights the company's determination to overcome the aftermath of the attack and safeguard its operations against future threats.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button