Ukrainian Cybersecurity authorities have announced that the Russian state-sponsored hacking group, Sandworm, had access to the systems of the telecom operator Kyivstar since at least May 2023. The incident, which was described as a „powerful hacker attack,“ was first reported last month and resulted in the interruption of mobile and internet services for millions of customers. The group Solntsepyok, which has links to the GRU, took responsibility for the breach soon after. Sandworm is known for orchestrating disruptive cyber attacks, including targeting energy sector companies in Denmark. The head of Ukraine’s Security Service, Illia Vitiuk, stated that the attack completely destroyed the core of Kyivstar, wiping out thousands of servers and computers. The attack was carefully planned over several months, with the hackers having full access since at least November. Kyivstar has restored its operations and claims that there is no evidence of compromised personal data. The method used by the threat actor to penetrate the network is still unknown. This development comes after it was revealed that the SBU took down two online surveillance cameras allegedly hacked by Russian intelligence agencies in Kyiv. These cameras allowed the adversary to remotely control, adjust the viewing angles, and connect them to YouTube to capture visual information.