KYIV — Ukraine’s efforts to combat Russian military strategies are being increasingly augmented by the effective utilization of cyber intelligence, says Illia Vitiuk, the nation’s leading cyber and information security official.
On Thursday, Vitiuk, who oversees cybersecurity within the Security Service of Ukraine (SBU), revealed that Ukrainian hackers have been actively infiltrating Russian computer systems to gain insights into the Kremlin’s military objectives, troop movements, and methods of circumventing Western sanctions.
One notable example shared by the SBU involved intelligence pertaining to Russia’s attempt to secure thousands of microchips for Iranian Shahed drones, which are weaponized against Ukraine, through third-party countries. “Thanks to collaboration with our allies, we successfully halted this delivery,” Vitiuk elaborated at Kyiv’s iForum conference.
Ukrainian cybersecurity specialists leverage open-source intelligence prior to breaching enemy networks, discerning essential details like infrastructure, IP addresses, and operating systems to understand how to exploit potential weak points and infiltrate their devices.
“In this digital era, cyber intelligence enables us to obtain highly classified enemy information,” Vitiuk remarked. “In days gone by, such data would necessitate the risky and labor-intensive recruitment of a spy within the enemy’s territory.”
Pictured from left: Yanina Korniienko, Slidstvo.info investigative journalist; Artem Starosiek, Molfar open-source intelligence agency CEO; Illia Vitiuk, SBU’s head of cybersecurity. Image: Daryna Antoniuk / The Record
Leaked documents from Russia are also playing an integral role in these efforts, such as the recent successful leak from MosgorBTI, a Russian website that compiles data on Moscow property owners. Vitiuk remarked, “We now have intelligence on properties owned by key Russian figures in politics, military, and special services.”
Vitiuk declined to reveal the identity of the hacking group behind the MosgorBTI incident, stating, “Those responsible for cyberattacks against Russia will be identified post-conflict.”
The Telegram Connection Chatbots on the Telegram messaging platform provide another dimension of intelligence for Ukraine.
Early in the conflict, the Ukrainian government introduced these bots to prompt citizens to report information on Russian military operations, identify conspirators, and notify of traitors aiding Russian missile targeting. According to Vitiuk, this information has been instrumental in the destruction of hundreds of enemy equipment units.
Russia’s cyber espionage against Ukraine has also been relentless. At the conflict’s onset, Russian hackers employed wipers to dismantle Ukrainian systems. More recently, they have turned to malware to extract information from private communication channels, Yurii Shchyhol, the head of Ukraine’s State Service of Special Communications and Information Protection of Ukraine (SSSCIP), told Recorded Future News.
Earlier this week, Ukraine’s security agencies foiled an attempted breach by Russian government-affiliated hackers into the Ukrainian military’s battlefield management system, an attack aimed at acquiring sensitive details about military operations, positions, and equipment, according to the SBU.