“A large-scale cyberattack hit Ukraine on Tuesday, crippling Kyivstar, the country’s largest mobile phone provider, and knocking out service to more than 24 million subscribers both in the war-ravaged country and abroad, where millions have fled Russia’s invasion. In some parts of the country, the loss of mobile phone and internet service cut off early-warning air raid systems used to alert citizens of imminent Russian missile and drone strikes. The cyberstrike also shut down some bank machines.” (via The Washington Post)
If you would like more context on this matter, please consider Khatuna Mshvidobadze, a professorial lecturer of cyber security at the George Washington University. Her areas of expertise include cyber intelligence & forensics, cyber operations, critical infrastructure protection, information management and cyber policy.
Her presentations on “Russian Cyber Threats” have been presented at FBI Headquarters and field offices, U.S. Department's of Homeland Security, Defense, and Justice, as well as for the U.S. Defense Intelligence Agency and the Office of the U.S. Secretary of Defense, among other various American private companies, think tanks, institutions and associations. She also has been deputy director of the Information Center on NATO in Georgia and Adviser to the Office of the Minister of Defense of Georgia.
"Apparently coinciding with Ukrainian President Volodymyr Zelenskiy’s arrival on Washington’s Capitol Hill, Russian cyber attacks on Ukraine have intensified,"Mshvidobadze says.
"Of course, attacks on Ukrainian critical infrastructure from Russian state sponsored hacking groups are nothing new.But since the February 24, 2022 full-scale invasion, cyber attacks, some coordinated with kinetic attacks, have intensified. Notable is the prevalence of wiper malware, which not only disrupts the targeted function, but wipes data from the system.
A recent attack on major telecommunication company Kyivstar shut down mobile communications for over 24 million mobile and over more than 1 million Internet subscribers.
According to Kyivstar 'the personal data of subscribers is not compromised.' The opposite is claimed by the Russian hacking group Solntsepyok, which claimed responsibility for the attack on its Telegram channel. Previously, Ukraine’s State Service of Special Communications and Information Protection linked Solntsepyok to the Sandworm hackers, the Advanced Persistent Threat (APT) group of the GRU, Russian military intelligence. The notorious Sandworm group previously caused multiple blackouts on Ukrainian power grids.
The group posted screenshots displaying how it accessed Kyivstar’s servers, bragging 10,000 computers and 4,000 servers destroyed in the attacks. The primary motivation for the Russian hackers was to disrupt communications during wartime, to make it impossible for people to receive raid alerts, to create chaos, and to debilitate communications of the Ukrainian Armed Forces and security forces."
If you would like to speak with Prof. Mshvidobadze, please contact GW Media Relations Specialist Cate Douglass at [email protected].
-GW-
