Cybersecurity Fundamentals: How service members can protect themselves from enemy cyberattacks

In modern warfare, digital technologies are integral to military operations. Smartphones, tablets, and other internet-connected devices are widely used, even at the frontlines. In such a context, ensuring proper cybersecurity is vital to safeguard both personal data and unit-wide information.

Enemy cyber units deliberately target the data of Ukrainian service members. They continuously refine their attack methods, develop new malicious software, and devise intricate social engineering tactics. Their goal is to access valuable information that could undermine mission success and jeopardize the lives of service members.

“Cyber hygiene should be a daily routine, just like cleaning weapons or checking gear. Careful scrutiny of suspicious messages, ensuring regular software updates, and using strong passwords are essential skills for protecting against most cyber threats,” said Kateryna Chernohorenko, Deputy Minister of Defence for Digital Development.

The Ministry of Defence outlines the most common cyberattack methods targeting service members, how to recognize them, protect oneself and loved ones, and where to report cyber incidents.

What should you know about cybersecurity?

Cybersecurity encompasses a series of protocols and actions to safeguard personal information and devices from malicious actors. It combines technological solutions with disciplined user behavior in digital environments.

In a military context, cybersecurity is paramount. Leaked data on unit locations, movement routes, or available weapon systems can have catastrophic consequences. Therefore, understanding the fundamentals of cyber defense is essential for every service member.

The enemy continually adapts and refines their methods, making even experienced users susceptible to cyberattacks.  Constant vigilance and critical thinking when processing digital information are key to maintaining security.

Phishing: How to avoid ‘taking the bait’

Phishing is one of the most common forms of cyberattacks, designed to steal sensitive information through deception and manipulation. The method’s name—borrowed from “fishing”—aptly describes how cybercriminals cast bait and wait for a victim to take the hook.

A typical phishing attempt targeting service members may come in the form of a message seemingly from a commander or military authority prompting to use immediate action—for example: “Update your data in the DELTA system immediately or you will lose access,” “The unit is compiling supply distribution lists—please fill out the form,” or “Unauthorized access to your account detected—update your password now.” Scammers may also disguise themselves as representatives of civilian organizations, such as banks or postal operators.

Such messages typically include a link to a website that closely resembles the legitimate one but is, in fact, a fake. Entering login or banking details on these fake sites sends the information straight to cybercriminals, who can then access your social media, messengers, or banking apps.

The enemy actively targets messenger accounts frequently used by the military. If attackers gain access to your Signal or WhatsApp, they can spread phishing links to your contacts and infiltrate group chats containing sensitive information.

To protect against phishing attacks:

• Always verify the URL of a website before entering personal information. Pay close attention to small changes in spelling (for instance, "diia.org.ua" instead of "diia.gov.ua").
• Do not click on links from suspicious messages. It is safer to enter the official website address in your browser manually.
• If you receive a suspicious message from a bank or government agency, contact them directly using their official contact details.
• Never scan QR codes from unverified sources, as this could result in losing access to your messenger accounts.

For more details on how to counter phishing attacks and other threats, follow the link.

Malicious software: Hidden threats

Malicious software (viruses) refers to programs designed to damage devices, steal data, or gain unauthorized access. Unlike phishing, which requires user interaction, a virus can operate autonomously and often remains undetected for extended periods.

For the military, viruses pose a particular threat as they can:

• Intercept GPS coordinates and transmit location data to the enemy.
• Activate the microphone and camera without the user's awareness.
• Copy photos, messages, and contacts.
• Access files that may contain tactical information.

Malware often spreads through phishing messages with attachments and infected flash drives. Even regular Word or PDF documents, Excel files, images, and videos can harbor malicious code. Another common technique is the use of fake applications that mimic legitimate software.

To protect against malicious software:

• Only install apps from official sources such as the App Store, Google Play, or verified developer websites.
• Make sure your operating system and apps are constantly updated to the latest versions. The majority of updates incorporate patches to address known vulnerabilities.
• Never open attachments from unknown senders. If you receive a file from a known contact without expecting it, verify its authenticity by contacting the sender through a different channel.
• Use trusted antivirus software and scan your devices regularly.

For detailed instructions on how to protect your personal devices from hacking and malware, follow the link.

Password security: robust protection against hacking

Strong passwords are the cornerstone of digital security. However, many users neglect this critical aspect, opting for simple combinations or reusing the same password across multiple services. Malicious actors actively exploit these vulnerabilities.

Common methods of password compromise include:

• Automated hacking—malicious actors attempt to crack passwords using brute-force techniques or precompiled lists of common combinations, enabling them to quickly find the correct one.
• Interception on unsecured networks—this risk is heightened when using public Wi-Fi, where data can be easily intercepted.
• Exploitation of data from previous breaches—if a password is stolen from one service and reused elsewhere, attackers will attempt to access all associated accounts.

Military personnel must adhere to heightened password security standards:

• Create unique passwords with a minimum length of 15 characters, incorporating uppercase and lowercase letters, numbers, and special characters.
• Avoid reusing the same password across different services.
• Avoid incorporating personal information, such as birth dates, names of family members, or military unit identifiers, into passwords.
• Enable two-factor authentication for all critical accounts. This adds an additional layer of security by requiring a secondary verification factor, typically a code generated by a dedicated application.
• Use password managers such as 1Password or LastPass to store and generate strong password combinations securely.

It is crucial to remember that one-time verification codes must never be disclosed to third parties, even if they assert they represent banks or government agencies.

For further details on creating a strong password and securing messenger accounts, please follow the link.

Where to report cyber incidents

If you become a cyberattack victim or suspect fraudulent activity, it is critical to notify the appropriate authorities immediately. Prompt reporting can not only help resolve the issue but also prevent the further spread of the threat.

In case of a compromise of personal data unrelated to official duties, immediately change your passwords and submit a report to the Cyber Police Department of the National Police of Ukraine via the link.

In case of a breach involving official information or official devices, promptly contact the relevant cybersecurity authorities. 

Military personnel of the Ministry of Defence should report any cyber incidents to the Cyber Incident Response Centre: 

• Signal: +38 (096) 773-73-70
• E-mail: [email protected]
• АТС-2: 80-861
• Tel.: +38 (044) 427-56-14

For military personnel of the Armed Forces of Ukraine:

• For incidents related to Windows, macOS, or Linux operating systems, contact the Cyber Security Center:
  • Signal: +38 (067) 332-18-91
  • E-mail: [email protected]
• For incidents related to Android or iOS operating systems, contact the Information Security Center:
  • Signal: +38 (050) 270-97-12
  • E-mail: [email protected]

In case of a cyber incident, retain all evidence such as screenshots of suspicious communications, links to phishing websites, and files containing malicious software. This information will help specialists to quickly identify the threat and develop effective countermeasures.

Be mindful that the timely reporting of cyberattacks is your contribution to collective security. A threat vector you identified may be used against numerous military personnel. Your vigilance can help protect not only yourself but also your comrades.