Ukraine's Security Service has blocked more than 14,000 large-scale cyberattacks targeting government agencies and critical infrastructure since Russia's full-scale invasion began, the Security Service of Ukraine reported.
Volodymyr Karastelov, head of the SBU's Cybersecurity Department, disclosed the figures in the documentary film "Ukraine's Cyber Shield." The department simultaneously counters specialized Russian cyber units and affiliated hacker groups while neutralizing information-psychological operations directed at both Ukraine and partner states, he said.
In 2025 alone, SBU cyber specialists repelled over 3,000 attacks, Karastelov noted. Most aimed to disable digital services or destabilize strategically important enterprises in the energy, transport, and defense sectors.
"DKIB confronts the enemy on several fronts simultaneously. First, this is counteracting specialized units of the Russian Federation, as well as hacker groups connected with them. They regularly attack Ukraine and during the full-scale invasion, the SBU repelled over 14,000 such attempts," Karastelov said in the documentary.
The SBU unit prevents enemy penetration into government and military networks, counters DDoS attacks, phishing campaigns, cyber espionage, and digital terrorism.
Karastelov emphasized that Ukraine's approach extends beyond defense. "It's important that we not only defend ourselves. The SBU and our brothers-in-arms from the Defense Forces conduct systematic proactive operations in enemy digital space. Ukraine strikes the enemy very painfully, but we cannot disclose details about this now," he said.
Russia continues aggressive cyber operations across Europe. Poland's energy sector nearly lost power in late 2025 after a series of Russian cyberattacks, according to Poland's Minister of Digitalization Krzysztof Gawkowski. The European Commission reports that similar operations occur daily, targeting critical infrastructure including energy, banking, and healthcare systems.
In November 2025, the United States recorded a Russian cyberattack on municipal infrastructure. Hackers accessed networks of an American engineering company working with contractors in water supply, transportation systems, and emergency services. The breach compromised information about internal processes and access levels related to critical infrastructure management.
