«This is the biggest hacker attack on the telecom infrastructure in the world,» Kyivstar told the details of the disconnection
-
13:11, 13 December, 2023
Kyivstar believes that on December 12, a hacker attack was carried out on the company, the likes of which have not yet occurred in the telecommunications industry in the world.
Oleksandr Komarov, the company's president, told about this in an interview with Ukrainian Forbes.
«In fact, this is the largest hacker attack on the telecom infrastructure in the world. There were no successful attacks of this scale. And, let's be honest, there aren't many countries that Russia has attacked,» he said.
However, the company cannot say whether Russia was the organizer of this attack. Oleksandr Komarov told the details of what happened on the morning of December 12.
«At 5:26, atypical network behavior began. All of our focus was on restoring the network, which began to operate with major disruptions. All this created an incredible number of anomalies in these systems. We were focused on this because it seemed to us that this problem was either in the switching system or in the transport network. At 6:30 in the morning came the realization that this was a super-powerful hacker attack on the network core and infrastructure. And that all these steps, which began at 5 in the morning, were more of a distraction than aimed at actually laying down the company's radio network,» he said.
The president of the company explained that the core of the network consists of several elements: a virtual network that works on top of the physical network, and also the IT infrastructure. On Tuesday morning, the cascading fall of a large number of elements of this infrastructure began.
«To put it simply, the client databases did not respond to the network's request for the client's profile and services. And the services began to automatically shut down,» he said.
Oleksandr Komarov added that the company has versions of how exactly the network was attacked, but this is the subject of an investigation by law enforcement agencies.
«There are basic versions that we are working on. They are important to prevent such a plan incident during the recovery process. In order to damage the network so much, there must have been certain movements within the network. One way or another, but the perimeter was violated,» Kyivstar noted.
Oleksandr Komarov told why he had to «turn everything off».
«The decision was made in real time. When you realize that you have an open perimeter of the company and you need to close it, because every minute is more destruction. It was necessary to do this to reduce the impact, but it was already big and is quite big,» he said.
Currently, Kyivstar has no confirmation whether any data remained in the hands of the hackers, as experts did not see any atypical traffic behavior. The basic version is that the goal is infrastructure destruction, damage to the country's critical infrastructure.
«We are at war. I understand that the real front is taking place in the Zaporizhzhia, Donetsk, Kharkiv, and Kherson regions. But one way or another, the country is in a state of war. We have been under pressure from cyber threats since 2014. This is not the first attempt to penetrate the perimeter of the country's telecom operator, but, unfortunately, this attempt was successful,» Oleksandr Komarov said.
We would like to remind you that today, December 12, a major failure occurred in the work of the operator Kyivstar. Users have reported a lack of connection, the Internet, and the operator's website is also not working. In particular, the failure affected the operation of bank terminals and the notification system.
Later, Kyivstar stated that the cause of the large-scale disruption in work was a powerful hacker attack, but assured that the personal data of customers is safe. On the evening of December 12, the Kyivstar company announced that it had partially resumed the operation of fixed communication services (with stationary equipment).
The Kyivstar company cannot yet name the exact terms of the restoration of communication, but the process has already begun.