The SSU provides comprehensive counterintelligence protection of the state’s information and cyber security.

The SSU’s priorities in this area are:

• combating cyber terrorism and cyber espionage
• investigation of cyber incidents and cyberattacks on government electronic information resources
• countering enemy special information operations

In wartime, cyber security requires special focus, as the enemy combines military operations with cyberattacks.

Statistics indicate an increase in russian cyberattacks: while in 2020 the SSU recorded almost 800 cyberattacks and in 2021 – 1 400; in 2022 their number more than tripled rising to 4 500.

The targets for russian intelligence services in Ukrainian cyberspace are the energy sector, critical infrastructure, logistics, military facilities, decision-making centres, government databases, state registers, and mass media.  

The adversary is also targeting Ukraine’s digital transformation. Therefore, the SSU’s cyber units provide counterintelligence protection of electronic communications and the IT area.

To strengthen collective cyber security, the SSU works closely with colleagues from EU and NATO member states and communicates with IT experts from around the world.

In addition to cyberattacks, russian intelligence services are increasing the intensity of their info- and psyops. These operations aim to discredit Ukraine’s foreign and domestic policies, undermine international support for Ukraine, divide our society and sow panic. The fakes generated by the kremlin regime are massively spread by the russian-controlled media outlets, politicians, and bloggers.

Protecting Ukraine’s information space, the SSU’s cyber units have shut down dozens of bot farms and blocked numerous anti-Ukrainian YouTube channels. Hundreds of online agitators disseminating enemy fakes and narratives have been detained and prosecuted.

Thanks to the resources now available to Ukraine, it is possible not only to repel cyberattacks and block destructive efforts in the information domain, but also to attack the aggressor.

In the first days of the war, the SSU Cyber Security Department created an important tool to fight against the enemy – the @stop_russian_war_bot Telegram bot. Citizens use it to provide intelligence on movement of enemy troops. Thanks to these messages, hundreds of pieces of russian military equipment were destroyed and several russian generals were eliminated.

Later, the chatbot was expanded: now people can pass information on collaborators through this tool. Over the year, Ukrainians sent over 100,000 messages to the @stop_russian_war_bot.