A “powerful” cyberattack has hit Ukraine’s national telecommunications company, Ukrtelecom. Described as the most severe cyberattack since the start of the Russian invasion in February, it has sent the company’s services across the country down.
Victor Zhora, deputy head of the State Service for Special Communications and Information Protection, confirmed to Forbes that the government was investigating the attack. He said it’s not yet known whether Ukrtelecom has yet been hit by a distributed denial of service (DDoS) attack or a deeper, more sophisticated intrusion.
The attack has only been acknowledged by Ukrtelecom in responses to customer comments on Facebook. In one, it responded to a customer by saying that services were down as a result of a “powerful cyber attack of the enemy.” When Forbes messaged Ukrtelecom over Facebook, an automated response was provided, reading, “Currently, there are difficulties in using the internet service from Ukrtelecom. Our specialists are doing everything possible to resolve this issue as soon as possible.
“Due to the abnormal load and problems with internal systems, the operators of the contact center and Facebook can not process customer requests.”
NetBlocks, which tracks internet downtimes across the world, found Ukrtelecom had been dealing with a disrupted service since this morning, “collapsing to 13% of pre-war levels.”
Alp Toker, director of NetBlocks, told Forbes that the “gradual loss of connectivity was a giveaway that it wasn’t a power or cable cut.” He’d tweeted that the attack was the most significant since Russia’s invasion.
“The new attack has cut deep into Ukraine’s connectivity at nation scale and with extended duration and impact,” he told Forbes. “Unlike the spate of cuts and outages in the most heated conflict zones, this one has struck the country’s national operator at its core and they appear to be struggling to mitigate the incident.”
Ukrtelecom, which claims to be the “largest fixed line operator in Ukraine,” hadn’t immediately responded to a request for comment at the time of publication.
While the cyberwar side of the Russian invasion of Ukraine has been more muted than most expected, it has been ongoing. Telecoms companies have been subjected to heavy cyberattacks but have for the most part avoided any serious deleterious effects. As Forbes had previously reported, a smaller internet provider, Triolan, had suffered a breach that saw hackers reset some of its systems to factory settings, hinting at a deep breach of the network.
Last week, Ukraine’s Computer Emergency Response Team (CERT) revealed statistics showing the country had been subjected to 60 different cyberattacks. It said 11 had targeted government and local authorities, with eight hitting military and law enforcement. Just four had hit telecoms and other tech companies. The majority of those cyberattacks focused on information gathering, though a series of “wiper” attacks aimed at destroying data on targeted computers have been launched across Ukrainian entities.
“Despite the growing number of attacks, most of them reach no success. Even those that are successful, almost have no impact on the work of the critical infrastructure,” the CERT found.
Ukraine’s telecoms companies are also having to keep the internet up in the face of rocket strikes. As a Forbes profile revealed, they were going into bombarded cities, from Kharkiv to Okhtyrka, during the quieter hours to replace and fix equipment.
READ MORE: Ukraine’s Engineers Battle To Keep The Internet Running While Russian Bombs Fall Around Them