A
PROJECT REPORT
ON
“Security Measures for Telecommunication
company handling sensitive data”
DIPLOMA IN COMPUTER ENGINEERING
BY
Miss. Daund Rajeshwari Rohidas (21)
Under the guidance of
Mr.V.S.DHANDE
DEPARTMENT OF COMPUTER ENGINEERING SANJIVANI RURAL
EDUCATION SOCIETY’S SANJIVANI K.B.P. POLYTECHNIC,
KOPARGAON-423603
2024
Mr.V.S.DHANDE MR.G.N.JORVEKAR
(Subject Teacher) (H.O.D)
1
� SANJIVANI K. B. P. POLYTECHNIC, KOPARGAON
Department of Computer Technology
CERTIFICATE
This is certify that the project work entitled
“Security Measures for Telecommunication company handling sensitive data”
Submitted By-
Daund Rajeshwari Rohidas (21)
Is a Bonafide work carried under the supervision of Prof. V.S.DHANDE and it is
submitted towards the partial fulfillment of the requirement of MSBTE, Mumbai for
the award of Diploma in Computer Technology
Mr.V.S.DHANDE MR.G.N.JORVEKAR
(Subject Teacher) (H.O.D)
Date: / /2024 Place: Kopargaon
2
� ACKNOWLEDGEMENT
First and foremost, we, express my deep sense of gratitude, and sincere and deep sense
of appreciation to project Guide Mr. V.S. Dhande, Department of Computer
Technology, Sanjivani K.B.P. Polytechnic Kopargaon. Your availability at any time
throughout the year, valuable guidance, option, view, comments, critics,
encouragement, and support tremendously boosted this project work.
Lots of thanks to Mr. G.N. Jorvekar, head of Department Computer Technology
Department, for providing us the best support we ever had. We like to express my
sincere gratitude to Mr. A.R.Mirikar , principal Sanjivani K.B.P. Polytechnic,
Kopargaon for providing a great platform to complete the project within the schedule
time. We are also thankful to all the faculty members, the Computer Technology
Department, Sanjivani K.B.P. Polytechnic, and Kopargaon for giving comments for the
Improvement of work, encouragement and help during completion of the project.
Last but not the least, we should say thanks from the bottom of our hearts to my Family
and Friends for their never-ending love, help, and support in so many ways through all
this time.
Thank you so much.
Daund Rajeshwari Rohidas (21)
DIPLOMA IN,
COMPUTER TECHNOLOGY,
SANJIVANI K.B.P POLYTECHNIC,
KOPARGAON.
3
� Micro Project Proposal
1.0 Aim of the Micro-Project:
1. Identify vulnerabilities in the company's infrastructure.
2. Propose robust security measures to safeguard sensitive data.
3. Enhance the company's incident response plan.
4. Evaluate the impact of implemented security measures.
2.0 Course Outcomes Addressed:
A. Identify risks related to Computer security and Information hazard in various situations.
B. Apply user identification and authentication methods.
C. Apply cryptographic algorithms and protocols to maintain Computer Security.
D. Apply measures to prevent attacks on network using firewall.
E. Maintain secured networks and describe Information Security Compliance standards.
➢ Action Plan:
Sr. No Details of Activity Planned To Start Planned Finish
Date
1 Searched On Topic/ 15/02/24 15/02/24
Information Provided
2 Collecting Information 18/02/24 18/02/24
Required To Make Project
3 Start Making Project 21/02/24 21/02/24
4 Making Report Part A and B 23/02/24 23/02/24
5 Submission Of Report Part / /
➢ Resources required:
Sr.
No. Name of Resource Specification Qty.
1 Hardware Resource Lenovo (i5, RAM 64GB) 01
2 Software Resource Windows 10 01
3 Any Other Resource Internet -
4
� Part B
1.0 Brief Description
The cyber attack on Kyivstar, Ukraine’s largest telecom operator, stands out as a highly impactful and
unprecedented incident. Unfolding over several days starting on December 12, the attack disrupted
services for around 24 million users, destroying the core infrastructure – a first-of-its-kind destructive
cyber assault on a telecoms operator. Illia Vitiuk, the Head of SBU’s cybersecurity, disclosed that the
hackers known as the Russian military unit Sandworm had a dual objective. Their goals encompassed
delivering a psychological blow, gathering intelligence, and potentially stealing personal information
through diverse communication channels.
2.0 Aim of Micro Project:
The aim of the micro project is to analyze the security measures implemented by telecommunication
companies handling sensitive data, using the Kyivstar, Ukraine’s largest telecom operator incident as
a case study. This includes understanding the security protocols, identifying weaknesses, and
proposing improvements to prevent similar breaches in the future.
3.0 Course Outcomes Integrated
A. Identify risks related to Computer security and Information hazard in various
Situations
B. Apply user identification and authentication methods.
C. Apply cryptographic algorithms and protocols to maintain Computer Security.
D. Apply measures to prevent attacks on network using firewall.
4.0 Actual Procedure Followed.
1. Collection of Resources and idea
2. Studying The Given Case
3. Submission of the report
6.0 Outputs of the Micro-project
• The micro project delivered an analysis report detailing the Kyivstar, Ukraine’s largest
telecom operator breach, with actionable recommendations for technical and procedural
enhancements.
• A security strategy proposal outlined implementation steps, supported by training
materials for employee awareness.
• An incident response plan provided guidelines for detecting and mitigating security
incidents. Documentation and policies were provided to support implementation.
• These outputs equipped telecom companies with tools to enhance data security and
resilience against cyber threats.
5
�7.0 Skills Developed/Learning Outcomes of this Micro-Project:
• Enhanced Understanding of Network Security Principles: Gain insight into real-world
cybersecurity incidents and defense strategies.
• Advanced Analytical and Research Skills: Develop the ability to critically analyze complex
cybersecurity incidents and evaluate information from diverse sources.
• Strengthened Problem-Solving Abilities: Cultivate skills in identifying security
vulnerabilities and proposing effective countermeasures.
• Improved Communication and Presentation Skills: Develop the capacity to convey
technical information effectively to various audiences.
• Hands-on Experience with Security Protocols and Tools (Optional): Gain practical
experience in implementing security controls and testing their effectiveness.
• Independent Project Management Skills: Develop skills in managing all aspects of the
project independently, including research, analysis, and presentation.
6
� INTRODUCTION
“ Kyivstar: Ukraine’s largest telecom operator”
The cyber attack on Kyivstar, Ukraine’s largest telecom operator, stands out as a highly
impactful and unprecedented incident. Unfolding over several days starting on
December 12, the attack disrupted services for around 24 million users, destroying the
core infrastructure – a first-of-its-kind destructive cyber assault on a telecoms operator.
Illia Vitiuk, the Head of SBU’s cybersecurity, disclosed that the hackers known as the
Russian military unit Sandworm had a dual objective. Their goals encompassed
delivering a psychological blow, gathering intelligence, and potentially stealing
personal information through diverse communication channels.
The response to the attack involved a collaborative effort between the SBU and Kyivstar
to restore systems swiftly, preventing further damage. The incident underscored the
significant impact on Ukrainians, with disruptions like ATM and air-raid siren
malfunctions. It highlights the critical interconnectivity of infrastructure and the urgent
need for enhanced cybersecurity measures. The Kyivstar intrusion highlights the need
for preemptive steps to guard against similar future occurrences and serves as a sobering
reminder of the constantly changing and persistent cyber threats faced by multinational
locations.
7
� Who Done The Attack ?
There's no confirmed evidence to pinpoint the culprit. Here's what we know:
(as per the report):
Vitiuk, head of the Security Service of Ukraine's (SBU) said he was "pretty sure" it
was carried out by Sandworm, a Russian military intelligence cyberwarfare unit that
has been linked to cyberattacks in Ukraine and elsewhere.
A year ago, Sandworm penetrated a Ukrainian telecoms operator, but was detected by
Kyiv because the SBU had itself been inside Russian systems, Vitiuk said, declining to
identify the company. The earlier hack has not been previously reported.Russia's
defence ministry did not respond to a written request for comment on Vitiuk's remarks.
Vitiuk said the pattern of behaviour suggested telecoms operators could remain a target
of Russian hackers. The SBU thwarted over 4,500 major cyberattacks on Ukrainian
governmental bodies and critical infrastructure last year, he said “A group called
Solntsepyok, believed by the SBU to be affiliated with Sandworm, said it was
responsible for the attack”.Vitiuk said SBU investigators were still working to establish
how Kyivstar was penetrated or what type of trojan horse malware could have been used
to break in, adding that it could have been phishing, someone helping on the inside or
something else.
➢ What happened?
According to a Recorded Future News report, Oleksandr Komarov explained at. Kyiv
cybersecurity conference how the attack was possible and why it had such a significant
impact.It turns out the attackers managed to compromise an employee account
somehow, then they used their newfound access to slowly work their way up until they
reached Active Directory. At this point, they had full access to the systems. Because of
the destructive effects of the attack, one working theory was that the attackers started to
work from the inside, but it looks like that's not the case.
"There isn't sufficient evidence to suggest that the network was compromised from the
inside. We've seen how hackers navigated through the network, escalating their
privileges. If they had an insider, it could have been done much more quickly," said Illia
Vitiuk, head of the Department of Cyber and Information Security of the SSU, during
the same conference.
Kyivstar's CEO also explained that one of the attackers' goals was to destroy physical
infrastructure, meaning that more than 100,000 base transceiver stations could have
been damaged.
8
�➢ Unresolved Questions
1. Who was responsible? (Claims made but unconfirmed)
➢ How Pentesting Could Have Prevented this Attack?
The Kyivstar attack serves as a reminder of how vital robust Pentesting services are to
protecting businesses against evolving cyber threats. To find shortcomings in an
employer’s cybersecurity posture, VAPT involves mimicking real-world worldwide
attacks and methodically evaluating systems for vulnerabilities. The Kyivstar attackers
exploited numerous device vulnerabilities, evading detection for an extended period.
This emphasizes the importance of regular pentesting to proactively identify and block
potential access points for malicious actors.
Thorough pentesting in the Kyivstar incident could have identified and fixed access
points exploited by Sandworm, reducing the cyberattack’s severity and preventing
damage to the middle telecom infrastructure.
The increasing importance of enterprises on digital infrastructures and networked
technologies means that investing in pentesting becomes a crucial component of a
holistic cybersecurity strategy. Routine testing not only uncovers vulnerabilities but also
keeps firms ahead of evolving cyber threats.
9
�➢ The Impact Of The Kyivstar cyber Attack:
As far as the impact of the Kyivstar cyber attack is concerned, it’s worth mentioning
that the attack caused severe damage to the operator’s infrastructure. Commenting on
the matter, the Chief Executive at Kyivstar, in a video message, stated, “We could not
counter it at the virtual level, so we shut down Kyivstar physically to limit the enemy’s
access”. In addition, the cyber security incident at Kyivstar also had a transitional impact
on its consumers.
Many users choose to switch network providers, given that no additional contracts are
required in Ukraine, and the costs are highly affordable. Reports have mentioned that
Vodafone, the second largest telecom operator in Ukraine saw a 30% increase on their
network on the day of the Kyivstar cyber attack. A statement made by Vodafone with
regards to the increase reads, “The company’s engineers work to maintain network
availability for all subscribers in such conditions.”
In addition, the Kyivstar cyber attack also had a transitional impact on PrivatBank – the
largest state-owned bank in Ukraine. The financial institution said that their banking
functionalities, ATMs, and point-of-sale (POS) terminals were impacted as they relied
on using Kyivstar sim cards. Monobank, another Ukrainian financial institution,
reported suffering from a distributed denial-of-service (DDoS) attack.
10
� Learned From Case Study-
1. Be Prepared: Stay updated with security measures and have plans in place to
respond to cyber threats before they happen.
2. Teamwork Matters: Collaboration between different groups like businesses,
governments, and cybersecurity experts is key to fighting cybercrime
effectively.
3. Secure Your Gadgets: Make sure your smart devices have strong security
features to prevent them from being used in attacks.
4. Backup Plans: Have backup systems ready to keep things running smoothly even
if there's an attack.
5. Know the Basics: Train everyone in your organization to spot potential security
risks and how to respond to them.
6. Stay Alert: Keep an eye on your systems for any unusual activity, and have a plan
for what to do if you spot something suspicious.
7. Trust No One: Don't automatically trust anyone or anything online. Always
verify before giving access or sharing sensitive information.
8. Keep Learning: Cyber threats are always changing, so make sure to keep learning
about new risks and how to protect against them.
11
� Conclusion
The cyber attack on Kyivstar, Ukraine’s largest telecommunications operator,
emphasized the substantial cost of data loss, accounting for 43% of the total expenses.
SBU’s cybersecurity head, Illia Vitiuk, revealed exclusive details, issuing a warning to
Ukraine and the broader Western world. The attack in December revealed
vulnerabilities in the IT infrastructure, leading to severe disruptions. The telecom sector
is vulnerable because of its historical background, interconnected communities, and
ignorance. Some examples of cyber risks include DDoS attacks, cloud-related issues,
insider threats, and flaws in the delivery chain. The incident highlights the pivotal role
of pentesting in defending against cyber attacks. It also emphasizes the necessity of
adopting proactive cybersecurity measures to ensure resilience.
Reference
• https://therecord.media/russians-infiltrated-kyivstar-months-before
• https://www.kelacyber.com/5-questions-and-answers-about-the-
kyivstar-attack/
• https://thehackernews.com/2023/12/major-cyber-attack-paralyzes-
kyivstar.html?m=1
12
