Ukrainian National Police

The Ukrainian Cyber Police, also known as the UCP or Ukrainian National Police cyber unit, operates as a specialised law‑enforcement division focused on preventing, detecting, and investigating cybercrime within Ukraine. Its core responsibilities include analysing malicious online activity, attributing attacks to threat actors, and coordinating responses to incidents that target government institutions, private enterprises, and critical infrastructure. The unit works closely with other national police branches, international cybersecurity organisations, and judicial authorities to gather evidence, pursue prosecutions, and issue public warnings about emerging threats. By maintaining a presence in the Ukrainian National Police hierarchy, it leverages the broader police mandate to enforce cyber‑related legislation and support victims of digital offences. Its operational scope extends to monitoring phishing campaigns, malware distribution, ransomware events, and unauthorized access attempts that affect Ukrainian networks. The unit also contributes to national cyber‑defence strategies by sharing threat intelligence and advising on protective measures for both public and private sectors.

Distinguishing attributes of the Ukrainian Cyber Police stem from its direct involvement in high‑profile incidents that have shaped Ukraine’s cyber threat landscape, such as the attribution of a large‑scale spear‑phishing campaign to Russian threat actors in June 2021 and the investigation of the NotPetya‑style attack in June 2017 that used compromised tax software updates. These cases demonstrate the unit’s capability to conduct forensic analysis, link malware to known threat groups, and communicate findings to both domestic and international audiences. The unit’s regulatory role is rooted in its status as part of the Ukrainian National Police, which places it under the authority of the Ministry of Internal Affairs and aligns its actions with national legal frameworks governing cybercrime. While the provided sources do not disclose specific personnel numbers, budget figures, or subsidiary relationships, they confirm that the Ukrainian Cyber Police functions as an integral, government‑operated component of Ukraine’s law‑enforcement apparatus dedicated to safeguarding the nation’s digital environment.