Security News > 2024 > January > Sandworm's Kyivstar attack should serve as a reminder of the Kremlin crew's 'global reach'

Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar.

The telco did not immediately respond to The Register's inquiries, but a Kyivstar spokesperson said it was working with the SBU to investigate the attack, and added that "No facts of leakage of personal and subscriber data have been revealed."

Private-sector threat analysts told The Register that the attack is significant in that it wasn't only used for espionage purposes, but also for hybrid warfare.

This military surveillance, combined with the psychological effects of cutting off Ukrainians' phone and internet services for days, shows that Russia will continue to use offensive cyber attacks to augment the kinetic war, according to Adam Meyers, head of Counter Adversary Operations at CrowdStrike.

Solntsepek previously claimed to be behind the Kyivstar attack, and CrowdStrike tracks Sandworm as VooDoo Bear.

"A serious, successful attack on telecoms like this should be especially disconcerting for Americans as Chinese operators have been targeting the sector in this country recently for similar purposes," he told The Register.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/05/sandworm_kyivstar_hack/