Ukrainian National Police
| Primary URL | Location | Industry | cyberpolice[.]gov[.]ua |
Country
Ukraine
|
Government - National
|
|---|
Profile
The Ukrainian Cyber Police operates as the specialised cybercrime division of the Ukrainian National Police, focusing on the prevention, detection, and investigation of digital offences committed against individuals, businesses, and state institutions within Ukraine. Its core mission involves analysing cyber threats such as spear‑phishing campaigns, website intrusions, and malware deployments, and coordinating technical responses to mitigate their impact. The unit collects and preserves digital evidence from compromised systems, network logs, and malicious artefacts to support forensic examinations and judicial proceedings. It works closely with other law‑enforcement bodies, prosecutors, and international partners to attribute attacks to threat actors and to share intelligence on emerging tactics. Its jurisdiction covers the entire territory of Ukraine, serving all sectors that rely on networked information systems, including finance, energy, telecommunications, and government administration.
While public sources do not disclose specific staffing numbers or budget figures, the Ukrainian Cyber Police has been repeatedly cited in high‑profile incidents that illustrate its operational reach and technical competence. Notable examples include the attribution of a 2021 Russian‑linked spear‑phishing effort that used fraudulent tax warnings to deliver RemoteUtilities malware. The unit also responded to a 2020 intrusion that temporarily disabled the National Police website, leading to the publication of inaccurate information on regional police department pages. In 2017 it analysed the NotPetya attack, which used compromised updates of widely used tax software to distribute destructive malware disguised as ransomware, causing billions in damages across Ukraine and abroad. These cases demonstrate the unit’s ability to conduct forensic analysis, trace malicious infrastructure across multiple countries, and produce public attributions that align with international cybersecurity assessments. As a constituent part of the Ukrainian National Police, it ultimately reports to the Ministry of Internal Affairs and operates under the legal framework governing law‑enforcement agencies in the state, granting it authority to execute search warrants, seize digital evidence, and cooperate with judicial authorities in prosecuting cybercrime.
