Though the attack was considered severe and far-reaching, a senior Ukrainian government official said they have contained the incident. He also added that Ukrtelecom can begin restoring its services.
Ukrtelecom Connectivity Dropped to 13% of Pre-war Levels
Ukrtelecom provides telephone and internet services across Ukraine. According to reports, it claims to be the “largest fixed-line operator” in the country. At one time, it was a state-backed national service provider. The company has since gone private, and the country now has a competitive internet market. On Monday, NetBlocks tweeted that Ukrtelecom was facing a major internet disruption with connectivity dropping to 13% of pre-war levels. According to Forbes, Ukrtelecom only acknowledged the incident on Facebook while responding to customer comments. When Forbes reached out to the company on Facebook, it received an automated response reading as follows: “Currently, there are difficulties in using the internet service from Ukrtelecom. Our specialists are doing everything possible to resolve this issue as soon as possible. Due to the abnormal load and problems with internal systems, the operators of the contact center and Facebook cannot process customer requests.” In a subsequent tweet, NetBlocks said that Ukretelecom confirmed that it faced a cyber attack on its core infrastructure. “Real-time network data show an ongoing and intensifying nation-scale disruption to service, which is the most severe registered since the invasion by Russia,” NetBlocks added.
Threat Neutralized, Ukretelecom to Begin Restoring Services
Victor Zhora, deputy head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP), told Forbes that the government was looking into the attack. At the time, Zhora said it was unclear if Ukrtelecom faced a distributed denial of service (DDoS) attack, or “a deeper, more sophisticated intrusion.” Subsequently, SSSCIP claimed that it had neutralized the attack, and Ukrtelecom would start restoring its services. However, they would remain limited as a precautionary measure, and to serve the country’s armed forces. “In order to preserve its network infrastructure and to continue providing services to Ukraine’s Armed Forces and other military formations as well as to the customers, Ukrtelecom has temporarily limited providing its services to the majority of private users and business-clients,” the SSSCIP tweeted.
Ukraine Faces Growing Cyberattacks, But Most Unsuccessful
Ukraine’s Computer Emergency Response Team (CERT) said last week that the country faced 60 different cyberattacks. Of these, only four targeted telecom or tech companies. A majority of the attacks were against government bodies, military, and law enforcement. Most of the cyberattacks aimed to gather information. However, the agency also tracked a series of “wiper” attacks. Their purpose was to destroy information on certain targeted computers across various entities. “Despite the growing number of attacks, most of them reach no success,” the CERT added. “Even those that are successful, almost have no impact on the work of the critical infrastructure.” Cyberattacks are currently considered “grey zone” attacks in the realm of warfare. This means that they are not considered an act of war, or spur a war response. As a result, many countries which do not have friendly relationships often engage in certain types of cyberattacks, like DDoS attacks. If you found this story interesting, we recommend checking out our detailed article on DDoS attacks.