Should harsher sanctions be imposed on the use of russian software in Ukraine?

An analytical article by Dmytro Popinako on the portal dev.ua explores the need to tighten sanctions against the use of russian software in Ukraine. The article raises questions about cybersecurity, the role of russia’s IT sector in hybrid warfare, and the threats to Ukraine’s national security.

In today’s world, cybersecurity has become an essential part of national defense. Given Ukraine’s prolonged hybrid conflict with Russia, the country must reassess its information systems protection strategy. Increasingly, experts and analysts suggest that Ukraine needs to strengthen sanctions against Russian software, which is still used by some enterprises and institutions. This move would bolster not only the nation’s defense but also the resilience of its enterprises and, by extension, the economy.

The relevance of the threat

The Russian IT sector has long been a tool for conducting information attacks and cybercrimes. According to the CyberPeace Institute, over 80% of cyberattacks on Ukrainian state and private institutions originate from Russia or its allies. These attacks often target critical infrastructure and are part of broader military operations aimed at undermining Ukraine’s cybersecurity and stability. A recent report by ESET indicates that Russian hackers actively exploit software from Russian developers, installed in many Ukrainian companies, to collect intelligence and sabotage operations. This includes cyber espionage campaigns showing how russian cyber-terrorists use russian-developed software to attack both public and private institutions in Ukraine.

IT as a tool of political pressure

Russia’s IT sector—particularly software developers and IT solution providers – has been leveraged as a political tool. Systems like 1C, BAS, UA-Budget, Bitrix24, and AMO CRM, still widely used in Ukraine, pose risks by potentially collecting sensitive data, enabling sabotage, or launching cyberattacks on critical infrastructure. Cybersecurity Ventures’ analysis warns that the financial damage from such attacks on critical infrastructure could reach billions of dollars, causing significant harm to Ukraine’s economy and security.

Benefits of strengthening sanctions

• Reducing Cyberattack Risks:
  Tightening sanctions could significantly lower the risk of cyberattacks. A ban on russian-developed software would reduce the likelihood of sensitive information being exploited against Ukraine. Oxford Economics research shows that investments in cybersecurity can decrease the risk of attacks by 30–40%. Companies that identify vulnerabilities and invest in cybersecurity are better protected against attacks, helping avoid substantial financial and reputational losses.
• Strengthening National Security:
  Enhanced sanctions would contribute to creating a more secure information environment in Ukraine. Transitioning from russian IT solutions to national or international alternatives could substantially improve information system security. Studies show that organizations implementing comprehensive security measures, including avoiding risky software, report fewer cyber incidents.
• Stimulating the inside IT Market:
  Stricter sanctions could boost Ukraine’s IT sector. Replacing Russian software with Ukrainian or international alternatives would drive innovation and investment in Ukrainian startups and tech companies. Despite challenges, Ukraine’s IT sector has shown stable growth, with startups continuing to develop and support the nation’s economy even amidst war.
• Improving International Support and Reputation:
  Strengthening sanctions against Russia’s IT sector could enhance Ukraine’s international reputation as a country actively combating cyber threats and Russian influence. This could result in increased international support and investments in Ukraine’s cyber infrastructure.

Challenges and potential obstacles

However, imposing harsher sanctions is not without challenges. Ukrainian companies that rely on russian IT solutions and lack immediate alternatives may face economic difficulties. Additionally, seamless coordination between government agencies and businesses is essential to maintain operational continuity during the migration to new solutions.

Amid ongoing cyber threats and aggression from russia, Ukraine must seriously consider tightening sanctions against the russian IT sector. Doing so would reduce cyberattack risks, enhance national security, stimulate the domestic IT market, and improve the country’s international reputation. While the migration process may be challenging and require effort and time, the benefits of imposing stricter sanctions far outweigh the potential losses.

Original version: Чи потрібні жорсткіші санкції проти використання російського програмного забезпечення в Україні? – блог | dev.ua