2023 Kyivstar cyberattack

The 2023 Kyivstar cyberattack was a significant cyber incident targeting Kyivstar, Ukraine's largest telecommunications provider, on December 12, 2023. The attack caused widespread disruption to mobile and internet services across Ukraine and is considered one of the most impactful cyberattacks on civilian infrastructure during the ongoing Russo-Ukrainian War.[1][2]

Background

[edit]

Kyivstar is a leading Ukrainian telecommunications company, providing mobile and internet services to approximately 24.3 million mobile subscribers and over 1.1 million home internet users. The company is a subsidiary of VEON, an Amsterdam-based multinational telecommunications services company.[3]

Attack

[edit]

On December 12, 2023, Kyivstar experienced a massive cyberattack that disrupted its mobile and internet services nationwide. The attack also affected critical services, including air raid warning systems in Kyiv and Sumy regions.[2][4] Ukrainian authorities attributed the attack to Sandworm, a hacker group linked to Russia's military intelligence agency, the GRU. The group Solntsepek, associated with Sandworm, claimed responsibility for the attack, stating they had destroyed Kyivstar's computers, servers, and cloud infrastructure .[5]

Impact

[edit]

The cyberattack had significant consequences. Millions of Kyivstar customers lost access to mobile and internet services, affecting both personal and business communications.[1] The disruption extended to essential services, including air raid alert systems, compromising public safety during ongoing military conflicts.[4]

Response

[edit]

Ukraine's Security Service (SBU) initiated an investigation into the cyberattack, gathering evidence for potential prosecution. The International Criminal Court also began examining alleged Russian cyberattacks on Ukrainian civilian infrastructure as possible war crimes, marking a significant development in international law regarding cyber warfare .[6][7]

Aftermath

[edit]

Kyivstar undertook extensive recovery efforts, investing $90 million in infrastructure repairs and enhancing cybersecurity measures to prevent future incidents.[3]

See Also

[edit]

References

[edit]
  1. ^ a b "Russian hackers infiltrated Ukrainian telecom giant months before cyberattack". therecord.media. Retrieved June 1, 2025.
  2. ^ a b admin (February 21, 2024). "Russian hacker claims responsibility for massive cyberattack in Ukraine". NTT Security - EN. Retrieved June 1, 2025.
  3. ^ a b "Kyivstar Cyberattack And The $90 Million Recovery Efforts". The Cyber Express. May 21, 2024. Retrieved June 1, 2025.
  4. ^ a b "Ukraine faces heavy attack from air and cyberspace while Zelenskyy in US presses for more funding". AP News. December 12, 2023. Retrieved June 1, 2025.
  5. ^ Greenberg, Andy. "Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Ukrainian Telecom". Wired. ISSN 1059-1028. Retrieved June 1, 2025.
  6. ^ "SBU: Ukraine gathers evidence for ICC on Russian GRU hackers behind Kyivstar cyberattack". The Kyiv Independent. April 4, 2024. Retrieved June 1, 2025.
  7. ^ Deutsch, Anthony; Berg, Stephanie van den; Pearson, James; Pearson, James (June 14, 2024). "Exclusive: ICC probes cyberattacks in Ukraine as possible war crimes, sources say". Reuters. Retrieved June 1, 2025.
Retrieved from "https://en.wikipedia.org/w/index.php?title=2023_Kyivstar_cyberattack&oldid=1293786582"