Ukrainian hackers, operating under the banner of the IT Army, executed a distributed denial-of-service (DDoS) attack on Russian internet providers in regions of Ukraine occupied by Russia. Their target included Miranda-media, Krimtelekom, and MirTelekom. These attacks temporarily disrupted services, including cellular networks, phone calls, and internet connectivity. The hackers claim these actions are aimed at impeding enemy military communication in the occupied territories, emphasizing the ongoing cyber warfare in the region.
Furthermore, Miranda-media and other affected operators were able to restore about 80% of their services, primarily for law enforcement agencies, government organizations, and socially significant services. It was noted that the DDoS attacks were strategically planned by cybercriminals. DDoS attacks work by overwhelming targeted systems with excessive, unwanted traffic, rendering them inoperable.
Additionally, this incident is part of a larger conflict between Ukraine and Russia, which escalated after Russia occupied parts of eastern Ukraine and the Crimean peninsula. Russia disconnected Ukraine’s telecommunications infrastructure in these areas and rerouted internet traffic through Russian networks. Ukraine has strongly criticized these actions, claiming that they aim to establish Russian propaganda as an uncontested source of information.
Ukraine’s IT Army has a history of targeting Russian internet operators, particularly in Crimea, with similar attacks earlier in October. They believe that isolating the peninsula’s infrastructure is vital for its eventual liberation and to hinder military supplies.
In a broader context, telecommunications providers in Ukraine are frequently targeted by Russian hackers. Ukraine’s Security Service, known as the SBU, has reported previous attempts by Russia to breach the country’s telecom operators. Successful penetration could lead to eavesdropping and interception of communications, making cybersecurity a top priority. Moreover, if one of the providers were to go offline, it would overload the remaining two, further emphasizing the importance of robust cybersecurity measures.
