In the largest cyberattack since Russia’s invasion in February 2022, Ukraine’s leading mobile network operator, Kyivstar, faced severe disruptions.

The attack, which targeted over half of Ukraine’s population, resulted in service outages and damage to IT infrastructure, critically impairing the delivery of air raid warnings. Kyivstar’s CEO linked the attack directly to the ongoing war with Russia. Services were expected to be restored by Wednesday, with fixed-line services already partially reinstated.

Suspected state-sponsored attack: Ukraine’s cyber defense sources suspect Russia as the perpetrator, characterizing the attack as state-sponsored and aimed at destruction rather than financial gain.

The assault on Kyivstar is believed to be designed to create chaos, potentially linked to Ukrainian President Zelenskiy’s visit to the U.S. The attack impacted over 75 settlements in the Kyiv region, disrupting air raid alert systems and forcing reliance on loudspeaker announcements.

In response, Kyiv residents turned to alternative network providers for connectivity.

Broader impact and responses: The cyberattack’s impact extended beyond Kyivstar, affecting major Ukrainian financial institutions like Monobank, PrivatBank, and Oschadbank, with reports of ATM and card terminal disruptions.

Kyivstar, part of the Amsterdam-listed Veon, is collaborating with law enforcement in their investigations. While the financial ramifications remain unclear, this incident adds to a series of alleged Russian cyberattacks against Ukraine, including a significant disruption at the start of the war impacting satellite internet modems across Europe.