Protection of Information and Cyber Domain

The SSU provides comprehensive counterintelligence protection of the state’s information and cyber security.

The SSU’s priorities in this area are:

  • prevention, detection, stopping and investigating criminal offences against peace and security of humanity in cyberspace
  • counterintelligence, operational and search measures to combat cyber-terrorism and cyber-espionage
  • countering cybercrime, the consequences of which may pose a threat to the state’s vital interests
  • investigation of cyber incidents and cyberattacks on state electronic information resources and critical information infrastructure
  • counteracting to information operations against Ukraine, which are aimed at undermining the constitutional order, violating Ukraine’s sovereignty and territorial integrity, and aggravating the socio-political and socio-economic situation.

In wartime, cyber security requires special focus, as the enemy combines military operations with cyber influence.

Statistics indicate an increase in russian cyberattacks: while in 2020 the SSU recorded almost 800 cyberattacks and in 2021 – 1 400; in 2022 their number more than tripled rising to 4 500.

The targets for russian intelligence services in Ukrainian cyberspace are the energy sector, critical infrastructure, logistics, military facilities, decision-making centres, government databases, state registers, and mass media.

The adversary is also targeting Ukraine’s digital transformation. Therefore, the SSU cyber units provide counterintelligence protection of electronic communications and the IT area.

To strengthen collective cyber security, the SSU works closely with colleagues from EU and NATO member states and communicates with IT experts from around the world.

In addition to cyberattacks, russian intelligence services are increasing the intensity of their info- and psyops. These operations aim to discredit Ukraine’s foreign and domestic policies, undermine international support for Ukraine, divide our society and sow panic. The fakes generated by the kremlin regime are massively spread by the russian-controlled media outlets, politicians, and bloggers.

Protecting Ukraine’s information space, the SSU cyber units have shut down dozens of bot farms and blocked numerous anti-Ukrainian YouTube channels. Hundreds of online agitators disseminating enemy fakes and narratives have been detained and prosecuted.

Thanks to the resources now available to Ukraine, it is possible not only to repel cyberattacks and block destructive efforts in the information domain, but also to attack the aggressor.

In the first days of the war, the SSU Cyber Security Department created an important tool to fight against the enemy – the @stop_russian_war_bot Telegram bot. Citizens use it to provide intelligence on movement of enemy troops. Thanks to these messages, hundreds of pieces of russian military equipment were destroyed and several russian generals were eliminated.

Later, the chatbot was expanded: now people can pass information on collaborators through this tool. Over the year, Ukrainians sent over 100,000 messages to the @stop_russian_war_bot.

News on the topic

All news