KYIV (Reuters) -Ukraine's top mobile phone operator, Kyivstar, started restoring voice services to some clients on Wednesday after its networks were knocked out by a major cyber attack, Kyivstar CEO Oleksandr Komarov said, with data and other services to follow.
The company, which provides services to more than half of Ukraine's population, sustained "huge" damage during the attack on Tuesday, Komarov told Reuters, calling it "the biggest cyber attack on telco infrastructure in the world".
"The current situation in Kyivstar is extremely difficult. I am quite confident that this is a well-planned, long-term focused attack on Ukrainian critical infrastructure," Komarov said in an interview.
Kyivstar provides mobile, Internet and other services to about 24 million private consumers and is also a vital backbone for thousands of private businesses and many digitised state services.
Hundreds of experts and dozens of institutions are involved in a major effort to restore services to millions given the level of damage.
"We will not turn on the voice (services) all over the country at the same time. We will go step by step to make sure that the services which were rebuilt work stably, that they can withstand the load and we can move on to restore mobile internet services," Komarov said.
Two Russian groups have claimed responsibility for the attack. Reuters could not immediately verify the authenticity of the claims and Moscow has not commented.
Russia has been targeting Ukraine's critical infrastructure since it invaded in February 2022, with hundreds of missiles and drones frequently striking power, grain, and port facilities.
HUNDREDS OF ATTACKS
Komarov said that Kyivstar had withstood hundreds of serious cyber attacks since the start of the war, which is now in its 22nd month.
"It was not the first attack. The number of attacks since the beginning of the invasion has grown exponentially."
Tactics were changing and varied from distributed denial of service (DDoS) attacks to attempts to penetrate networks or use Kyivstar's infrastructure in occupied territories to penetrate its systems.
Komarov, speaking separately on national television, said the attack "breached our defences. It happened because an account pool was compromised ... that's under investigation.
"The Kyiv star example shows that even the most secure infrastructure can be breached. This is a very real thing."
Ukraine's SBU security service has launched an investigation into the attack and Kyivstar was collaborating closely, Komarov said.
Kyivstar, owned by Amsterdam-listed mobile telecoms operator Veon, had average daily revenue of about 100 million hryvnias ($2.7 million) but its services have been knocked out for two days already.
Veon issued a statement saying that the company's voice services were being restored and rejecting suggestions on social media that customer data had been compromised.
Many of Kyivstar's clients also bought sim cards from other operators to remain connected and Komarov said the return process "would not be immediate".
However, the company was committed to restoring its services.
"We have all the resources, we are moving forward, moving carefully," Komarov said.
(Additional reporting by Stefania Bern; Editing by Ron Popeski, Kirsten Donovan and Sandra Maler)