Ukrainian army’s Internet service provider victim of a major cyberattack

A Ukrainian internet service provider used by the country’s military suffered a massive cyberattack on Monday, Ukrainian officials said, fueling fears that Russia intends to use more dangerous digital weapons as the war drags on in his second month.

The attack on Ukrtelecom PJSC has been described by some experts as one of the most damaging cyberattacks since the Russian invasion of Ukraine on February 24. At around 3:30 p.m. ET on Monday, Ukrainian officials said they had repelled the attack and the company could restore services, according to a statement from Ukraine’s State Communications and Information Special Protection Service, which is responsible for cybersecurity in the country.

The statement from the Ukrainian cyber agency did not specify who was responsible for the cyberattack. Security experts said Russian-linked hackers had launched a variety of cyberattacks against financial services companies, internet service providers and government agencies since February, on the eve of the February 24 invasion and after.

Russia has denied any involvement in cyberattacks.

Ukrtelecom claims to be the largest provider of fixed telephony services in Ukraine. It is the seventh-largest internet service provider in the country, said Doug Madory, director of internet analytics at network monitoring firm Kentik Inc.

Ukrainian residents consider the aftermath as Russian missiles continue to hit kyiv, Kharkiv and other cities across the country. Another round of ceasefire talks is expected to begin in Turkey on Tuesday. Photo: Anastasia Vlasova/Getty Images

Ukrtelecom’s ability to connect to the internet to provide services to customers began to decline around 5 a.m. ET and gradually declined throughout the day on Monday, according to data from the Outage Detection and Analysis Project. Internet from the Georgia Institute of Technology, which monitors Internet outages. Within five hours, the business was almost completely offline, Madory said.

After the attack began, the company began limiting service to the majority of its commercial and residential customers to preserve the capability of its military customers, SSSCIP said.

As of 4:30 p.m. ET, about 8% of the Ukrtelecom networks that Georgia Tech’s Internet Outage Project measures were online.

Ukrtelecom did not return messages seeking comment, but the company acknowledged the service outages in a post on its Facebook page on Monday and said it was working to restore stable service as soon as possible.

The disruption was confirmed by several groups that monitor internet traffic. Netblocks, an internet observatory that has tracked previous outages in Ukraine, said on Twitter that network data showed “a continued and escalating nationwide service disruption, which is the most severe on record since the Russian invasion.”

Cybersecurity experts and US officials were surprised by the lack of major disruptive or destructive cyberattacks during the conflict in Ukraine, as Russia is widely considered to have some of the most capable state-sponsored hacking groups in the world. , and Moscow has previously been blamed for launching cyberattacks that have disrupted Ukraine’s government, power grid and financial services.

Malicious cyber activity has largely been limited to website outages and the limited deployment of so-called erasing malware, which can destroy computer files. Still, US officials are increasingly concerned that Moscow could lash out at Ukraine or the West in response to its battlefield struggles and punitive US sanctions. and Europe.

Last week, President Biden said evolving intelligence suggested Russia was exploring options to target the United States with cyberattacks.

Write to Robert McMillan at and Dustin Volz at

Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8

Leave a Comment