Russian hackers infiltrated Ukraine telecoms giant

A Russian hacking of a Ukraine telco is a "big warning" to the West, Ukraine's cyber spy chief says. (AP PHOTO)

Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May 2023 in a cyber attack that should serve as a "big warning" to the West, Ukraine's cyber spy chief says.

The hack, one of the most dramatic since Russia's full-scale invasion almost two years ago, knocked out services provided by Ukraine's biggest telecoms operator for some 24 million users for days from December 12.

In an interview, Illia Vitiuk, head of the Security Service of Ukraine's (SBU) cybersecurity department, disclosed exclusive details about the hack, which he said caused "disastrous" destruction and aimed to land a psychological blow and gather intelligence.

"This attack is a big message, a big warning, not only to Ukraine but for the whole Western world to understand that no one is actually untouchable," he said.

He noted Kyivstar was a wealthy, private company that invested a lot in cybersecurity.

The attack wiped "almost everything", including thousands of virtual servers and PCs, he said, describing it as probably the first example of a destructive cyber attack that "completely destroyed the core of a telecoms operator".

During its investigation, the SBU found the hackers probably attempted to penetrate Kyivstar in March or earlier, he said in a Zoom interview on December 27.

A Russian rocket attack on Kyiv
Ukraine thwarted some 4500 cyber attacks on government bodies and critical infrastructure in 2023.

"For now, we can say securely, that they were in the system at least since May 2023," he said. 

"I cannot say right now, since what time they had ... full access - probably at least since November."

The SBU assessed the hackers would have been able to steal personal information, understand the locations of phones, intercept SMS messages and perhaps steal Telegram accounts with the level of access they gained, he said.

A Kyivstar spokesperson said the company was working closely with the SBU to investigate the attack and would take all necessary steps to eliminate future risks, adding: "No facts of leakage of personal and subscriber data have been revealed."

Vitiuk said the SBU helped Kyivstar restore its systems within days and repel new cyber attacks.

"After the major break there were a number of new attempts aimed at dealing more damage to the operator," he said.

Kyivstar is the biggest of Ukraine's three main telecoms operators and there are some 1.1 million Ukrainians who live in small towns and villages where there are no other providers, Vitiuk said.

He said the attack had no big impact on Ukraine's military, which did not rely on telecoms operators and made use of what he described as "different algorithms and protocols".

Vitiuk said he was "pretty sure" the attack was carried out by Sandworm, a Russian military intelligence cyberwarfare unit that has been linked to cyber attacks in Ukraine and elsewhere.

Russia's defence ministry did not respond to a written request for comment on Vitiuk's remarks.

The SBU thwarted , Vitiuk said.more than 4500 major cyber attacks on Ukrainian governmental bodies and critical infrastructure last year

A group called Solntsepyok, believed by the SBU to be affiliated with Sandworm, said it was responsible for the attack.

Samples of that malware have been recovered and are being analysed.

Kyivstar CEO Oleksandr Komarov said on December 20 that all the company's services had been fully restored throughout the country. 

Vitiuk praised the SBU's incident response effort to safely restore the systems.

Why the hackers chose December 12 was unclear, he said, adding: "Maybe some colonel wanted to become a general." 

with AP

License this article

What is AAPNews?

For the first time, Australian Associated Press is delivering news straight to the consumer.

No ads. No spin. News straight-up.

Not only do you get to enjoy high-quality news delivered straight to your desktop or device, you do so in the knowledge you are supporting media diversity in Australia.

AAP Is Australia’s only independent newswire service, free from political and commercial influence, producing fact-based public interest journalism across a range of topics including politics, courts, sport, finance and entertainment.

What is AAPNews?
The Morning Wire

Wake up to AAPNews’ morning news bulletin delivered straight to your inbox or mobile device, bringing you up to speed with all that has happened overnight at home and abroad, as well as setting you up what the day has in store.

AAPNews Morning Wire
AAPNews Breaking News
Breaking News

Be the first to know when major breaking news happens.


Notifications will be sent to your device whenever a big story breaks, ensuring you are never in the dark when the talking points happen.

Focused Content

Enjoy the best of AAP’s specialised Topics in Focus. AAP has reporters dedicated to bringing you hard news and feature content across a range of specialised topics including Environment, Agriculture, Future Economies, Arts and Refugee Issues.

AAPNews Focussed Content
Subscription Plans

Choose the plan that best fits your needs. AAPNews offers two basic subscriptions, all billed monthly.

Once you sign up, you will have seven days to test out the service before being billed.

AAPNews Full Access Plan
Full Access
AU$10
  • Enjoy all that AAPNews has to offer
  • Access to breaking news notifications and bulletins
  • Includes access to all AAPNews’ specialised topics
Join Now
AAPNews Student Access Plan
Student Access
AU$5
  • Gain access via a verified student email account
  • Enjoy all the benefits of the ‘Full Access’ plan at a reduced rate
  • Subscription renews each month
Join Now
AAPNews Annual Access Plan
Annual Access
AU$99
  • All the benefits of the 'Full Access' subscription at a discounted rate
  • Subscription automatically renews after 12 months
Join Now

AAPNews also offers enterprise deals for businesses so you can provide an AAPNews account for your team, organisation or customers. Click here to contact AAP to sign-up your business today.

SEVEN DAYS FREE
Download the app
Download AAPNews on the App StoreDownload AAPNews on the Google Play Store