Ukraine’s Biggest Telco Hit By “Powerful” Cyberattack

The war in Ukraine is clearly shifting to cyberspace as news is filtering out that Ukraine’s biggest telco has been hit by a “Powerful” cyberattack:

Ukraine’s state-owned telecommunications company Ukrtelecom experienced a disruption in internet service on Monday after a “powerful” cyberattack, according to Ukrainian government officials and company representatives.

The incident is the latest hacking attack against Ukrainian internet services since Russian military forces invaded in late February.

“Today, the enemy launched a powerful cyberattack against Ukrtelecom’s IT-infrastructure,” said Yurii Shchyhol, chairman of the State Service of Special Communication and Information Protection of Ukraine. “The attack was repelled. And now Ukrtelecom has an ability to begin restoring its services to the clients.”

“Currently, the attack is repulsed, the provision of services is gradually resumed,” said Ukrtelecom spokesperson Mikhail Shuranov.

Toby Lewis, Darktrace’s Global Head of Threat Analysis provided me with this analysis:

In what is being dubbed ‘World War Wired,’ it is no surprise that Russian cyber-attackers have targeted a major Ukrainian internet provider. Yet, while there has been some disruption to the ISP’s traffic, internet connectivity and cellular networks are largely still operable across the country. This attack has not achieved its desired level of disruption.

A lot of the discussion has focused on Russia’s offensive cyber power, but not enough time has been spent talking about Ukraine’s strong defense. Since the infamous 2015 cyber-attack on the Ukrainian power grid, Ukraine has made significant efforts to build up cyber-defenses, particularly around its critical infrastructure, and ensure resilience in future attacks. This strategy should come as no surprise to global cyber-defenders. Some intelligence even indicates alleged covert operations involving United States military personnel and private-sector engineers throughout 2021 to protect Ukraine against expected cyber-intrusions from Russian-sponsored proxies.

With little information available about the apparent DDoS attack on Ukrtelecom, the provider appears to be prioritizing critical infrastructure and managing disruption through their incident response. Like other Ukrainian organizations facing the threat of Russian cyber-aggression since 2015, it has had no choice but to develop effective cyber-defenses.

The era of they hybrid war is upon us. Which means that we will likely see more of this in Ukraine and beyond in the coming days or weeks. Thus it means that we all need to be prepared to deal with these attacks when they arrive.

Leave a Reply

%d bloggers like this: