ISP of Ukraine’s army in a major cyber attack

Ukrainian officials said the country’s military-used internet service provider came under a massive cyber attack on Monday, raising fears that Russia intends to use more dangerous digital weapons as the war drags into its second month.

Some experts have described the attack on Ukrtelecom PJSC as among the most damaging cyber attacks since the Russian invasion of Ukraine on February 24. Around 3:30 p.m. ET on Monday, Ukrainian officials said they had repelled the attack, and that the company could restore services, according to a statement from Ukraine’s State Service for Special Communications and Information Protection, which is responsible for the country’s cybersecurity.

The statement of the Ukrainian Electronic Agency did not say who was responsible for the cyber attack. Security experts said that Russian-linked hackers have launched a variety of cyber attacks against financial services companies, Internet service providers and government agencies since last February, in the run-up to and after the February 24 invasion.

Russia has denied involvement in cyber attacks.

Ukrtelecom says it is Ukraine’s largest landline service provider. Doug Madhuri, Director of Internet Analysis at Kentik Inc. To monitor networks, it is the seventh largest Internet service provider in the country.

Ukrainian residents are surveying the fallout as Russian missiles continue to strike Kyiv, Kharkiv and other cities across the country. Another round of ceasefire talks is scheduled to start on Tuesday in Turkey. Photo: Anastasia Vlasova / Getty Images

Ukrtelecom’s ability to connect to the Internet to provide services to customers began declining around 5 a.m. ET and gradually declined throughout Monday, according to data from the Georgia Institute of Technology’s Internet Outage Analysis and Analysis Project, which monitors internet outages. Within five hours, Madhuri said, the company was almost completely offline.

After the offensive began, the company began limiting service to the majority of its corporate and consumer customers to maintain capacity for its military customers, SSSCIP said.

As of 4:30 PM ET, about 8% of the Ukrtelecom networks measured by the Georgia Tech Internet Outage Project were online.

Ukrtelecom did not respond to messages seeking comment, but the company acknowledged the outage in a Monday post on its Facebook page, and said it was working to restore stable service as soon as possible.

The outage was confirmed by multiple groups monitoring Internet traffic. said Netblocks, the internet observatory that has tracked past outages in Ukraine on Twitter Network data showed “a persistent and intense nationwide disruption to the service, the most severe on record since the invasion by Russia.”

Cyber ​​security experts and US officials have been surprised by the lack of major or disruptive cyber attacks during the conflict in Ukraine, where Russia is widely seen as home to some of the world’s most capable state-sponsored hacking groups, and has previously been blamed On Moscow at it. The cyber attacks disrupted the government, power grid and financial services in Ukraine.

Malicious cyber activity has largely been limited to downtimes in websites and limited dissemination of so-called swabs malware, which can destroy computer files. However, US officials have grown increasingly concerned that Moscow may attack Ukraine or the West in response to its battlefield conflicts and punish US and European sanctions.

Last week, President Biden said there was an intelligence development indicating that Russia is exploring options to target the United States with cyberattacks.

write to Robert Macmillan at Robert.Mcmillan@wsj.com and Dustin Volz at dustin.volz@wsj.com

Copyright © 2022 Dow Jones & Company, Inc. all rights are save. 87990cbe856818d5eddac44c7b1cdeb8