"Prepared for many months": Russia again struck the "Kyivstar" - SBU (video)

Russian hackers wanted to deprive Ukrainians for a long time, because in case of success, other operators could not withstand the overload of networks. The attack was made possible by the similarity of Kyivstar's infrastructure and the Russian Beline operator. The Security Service of Ukraine helped the National Mobile Operator "Kyivstar" to repel new attacks of hackers, which occurred after a large -scale failure in work on December 12, 2023.

The Head of the SBU Cyber ​​Security Department Ilya Vituk told this in an interview with the International Reuters Agency, published on January 4. In conversation with journalists, he noted that after a lot of hacking, a number of new attempts were made to cause even more harm to the operator. "The enemy was expecting a few blows in a row to leave people for a long time.

According to him, the SBU continues to investigate the large -scale "evil" of Kyivstar under several articles of the Criminal Code of Ukraine. "Currently, the Cyberfachivs of the Security Service are already exploring individual samples of harmful software used by the enemy. The attack has been carefully preparing for many months," - said the head of the SBU Cybersecurity Department.

Ilya Vityuk also commented on the first major attack on Kyivstar, which happened on December 12, 2023 and affected about 24 million users for several days. According to him, hackers sought to strike a psychological blow and gather intelligence. Moreover, according to the information received from the SBU, Russian hackers have been in the system of the Ukrainian telecommunications giant "Kyivstar" at least from May last year.

"At this time, we can say with certainty that they have been in the system at least May 2023. I cannot say now what time they had . . . full of access: probably at least November," said the Head of Cybersecurity Department agencies. - Currently, the Cyberfhachivs of the Security Service are already exploring individual samples of harmful software used by the enemy. The attack has been carefully preparing for many months.

" According to the SBU, with this level of access, hackers could steal personal information, find out the location of phones, intercept SMS and may have stolen Telegram accounts. In addition, the attack destroyed almost everything, including thousands of virtual servers and computers. Also, because of the attack, people rushed to buy other SIM cards, creating large queues.

ATMs used by Kyivstar SIM cards have stopped working for internet access, and the sirone of air alarm used during missile attacks and drones did not work properly in some regions. However, Ilya Vityuk said that the attack had no great influence on the Armed Forces of Ukraine, which did not depend on communication operators. "If we talk about the detection of drones, if we talk about the detection of missiles, fortunately, this situation did not have a strong influence on us," he said.

Vityuk added that he was practically sure that the cyber fall on Kyivstar has made a Sandworm group, a Cyberwar Unit of Russian military intelligence, which was connected with cyberrataks in Ukraine and other countries. He explained that the attack on Kyivstar could have been facilitated by the similarity between him and the Russian Beline mobile operator, which was created on a similar infrastructure.

Recall that after breaking the Russian hackers of the mobile operator "Kyivstar" Cyberexpert called on all subscribers to change passwords. He argued that hackers can access Ukrainians' accounts on social networks and then use them against military personnel. We also wrote that Kyivstar has declared compensation for subscribers.