Immediately after the cyber attack on the Kyivstar core network, which disabled the entire infrastructure of the largest operator in Ukraine (with 24.1 million subscribers), Ukrainians remembered the “national roaming” service, which allows you to switch between operators without changing SIM cards and tariffs. but it didn’t work.

Initially, it was believed that the “national roaming” service, created just for such cases, does not work due to a hacker attack, which is called the largest in the entire history of the telecom infrastructure not only in Ukraine, but in the world in general. Now it turned out that the service was deliberately limited. The National Center for Operational-Technical Management of Telecommunications Networks (NCU), which belongs to the structure of the State Service for Special Communications and Information Protection of Ukraine (State Special Communications Service), issued the relevant order at the behest of the SBU. The department, which is currently investigating the incident together with the SBU and other law enforcement agencies, explained this forced step by the need to avoid overloading the networks of other operators.

In order to avoid overloading the networks of other operators, at the request of the SBU, the National Center for Operational and Technical Management of Telecommunications Networks issued an order to temporarily block the national roaming service for Kyivstar subscribers.

according to the official statement of the State Special Communications

As a result, during December 12, queues lined up near Vodafone and lifecell stores almost like for new iPhones near Apple stores at the start of sales, the corresponding service of buying an eSIM from monobank ended very quickly (in a matter of minutes, customers issued 1,000 eSims (another 5,000 stood in line), after which the service “went down”, Gorokhovsky told Telegram). Vodafone’s sites and support (the operator reported doubling its site traffic and tripling its app) and lifecell’s sites and support were also down, with their networks holding up but experiencing major disruptions in some locations. By the way, the My Vodafone program is still not working, as is ordering an eSIM on the lifecell website.

As for “Kyivstar”, it is still too early to draw conclusions, because there is almost no concrete data about the attack (and this is not surprising, given the circumstances). In an interview with the Ukrainian Forbes, the company’s president, Oleksandr Komarov, said that it was a super-powerful hacker attack on the core network (core network responsible for processing traffic between users and services) and infrastructure, which began at 5:26 a.m. with a set of measures to distract WARNING. The attack itself was carefully planned and well organized. It was only at 6:30 a.m. that the company’s specialists realized the scale and turned off the network to minimize the negative impact. Today, hackers of the Russian game took responsibility for the cyber attack on Kyivstar.

“Kyivstar” refutes reports of encryption of hard drives and assures that the systems where all subscriber information and personal data of subscribers are stored were not affected and remain completely safe. On the other hand, the dark web is full of personal data of Ukrainians – for example, from the previously stolen database of PrivatBank.

As of 20:00 on December 12, “Kyivstar” partially resumed the operation of fixed home Internet services. During December 13, the operator plans to restore the fixed Internet for the rest of the households, as well as start the launch of mobile communication and Internet services. Provided that everything will be according to plan and new problems will not arise in the process. “Kyivstar” mentions “a very high level of uncertainty”, given the scale and complexity of network restoration work (connections are not made automatically, but manually through appropriate verification), including a thorough check for potential hostile software and conditional backdoors left by hackers. Therefore, “Kyivstar” does not give any guarantees regarding the terms and is not in a hurry to assess the damages yet.