22.01.2025
Investigations
Hacker Attack on Ukraine’s State Registries: How is the Ministry of Justice Manipulating Ukrainian Data During the War?
One of the biggest questions that arises after the Russian attack on the registries is where the funds allocated for cybersecurity went. For example, in 2024, UAH 473,724,216 from the state budget was transferred to the accounts of the State Enterprise NAIS, which administers the registers. This money was supposed to be used to strengthen protection against external attacks. Instead, it appears to have been used to satisfy the private interests of Stefanishyna’s Ministry of Justice officials and subordinate enterprises.
A brief summary
On December 19, 2024, a massive hacker attack temporarily blocked the functioning of about 60 state registries, including:
- The Unified State Register of Legal Entities, Individual Entrepreneurs and Public Organizations.
- The State Register of Rights to Real Estate.
- The State Register of Civil Status Acts.
- The Unified State Register of Convicts and Persons in Custody.
- The Unified Register of Powers of Attorney and many other important systems.
This cyberattack caused serious disruption, as access to this data is critical for the functioning of the state and business. However, even after measures were taken to restore access, these registers are still not fully operational.
At the same time, the State Enterprise “NAIS”, which is responsible for the cybersecurity of state registers, received more than UAH 723 million last year alone, which should have strengthened resources and prevented Russian interference. So what were the funds actually spent on?
Corrupt tenders: or what were millions spent on cybersecurity?
The analysis of public procurement showed that AVALIS LLC, ACCORDGROUP LLC, BSS Ukraine LLC and B2B-SOLUTIONS LLC signed the most contracts related to the purchase of computer equipment, servers and software.
Here are some examples of tenders concluded between July and December 2024:
- AKCORDGROUP LLC won a tender for servers worth UAH 20,900,000. The tender was announced on July 10, 2024.
- AVALIS LLC received an order for computer equipment worth UAH 38,400,000. The date of delivery is October 22, 2024.
- On December 6, 2024, B2B SOLUTIONS LLC won a tender for security software worth UAH 2,400,000.
At the same time, the requirements for bidders were set so that the victory was given to pre-qualified companies. This is a clear indicator of manipulation at the level of tender procedures.
But that’s not all. Many of the listed companies have scandalous reputations and links to criminal proceedings. For example, AVALIS LLC is involved in a case of abuse of office.
According to open sources, in November 2023, the company was involved in a case under Part 4 of Article 191 of the Criminal Code of Ukraine (theft of public funds). In addition, the investigation revealed that AVALIS overstated the cost of equipment, which led to the illegal receipt of about UAH 5 million in extra charges.
BSS Ukraine LLC also became the subject of an investigation when it turned out that the company, together with other affiliated firms, received more than UAH 500 million for software for government agencies such as the Ministry of Finance and the National Bank, with purchases made at inflated prices.
These facts call into question the very activities of the state enterprise NAIS, which does not check the reputation of its counterparties when entering into contracts with such dubious companies.
What is even more disturbing is the alleged connection of these companies with Russian special services. Some of them have close ties to Russian structures. This opens up new aspects for investigations, as the detection of communication may indicate possible involvement in the cyberattacks that occurred at the end of 2024 and targeted the State Registries of Ukraine.
The described schemes in the system have far-reaching consequences. The theft of more than 40% of the budget funds allocated for the functioning of the registries jeopardizes not only the stability of the financial system but also the security of the state as a whole. As a result of this activity, information from state registers becomes available for unauthorized access, making the country vulnerable to cyberattacks and hacker threats. This, of course, also affects the property of citizens.
Illegal changes in registries: what should Ukrainians expect?
After the cyberattack that de-energized state registries, many illegal changes in the registers took place. For example, our NGO “Non-Stop” was secretly re-registered to an unknown Martyniuk Y.V. from Zhytomyr. The registrars from the Ministry of Justice did not take into account the principles of territoriality or the lack of approval from the current leadership of the organization.
The change was made through the submission of forged documents and direct illegal interference with the registration system, which was made possible through a cyberattack.
We conducted our own investigation and found out who was behind the raider seizure of the NGO “Non-Stop”. It was not only the registrar of the Central Interregional Department of the Ministry of Justice, Lopotsiuk, who entered deliberately false data into the system. It is also about the entire vertical of the Ministry: from the departments of registration of public formations within the departments to the first deputy Kucheryavenko and Stefanishyna herself.
We have already written and sent complaints about the involvement of each of the verticals in raider actions against property and citizens’ rights. We are waiting for a response and urgent measures to be taken.
Did you witness a crime?
Let us know about it. We will help protect the violated rights!
Share the post:
Last news
-
20 January 2025Without Category
-
18 January 2025Money laundering Tenders
-
17 January 2025Money laundering The Great Construction Program
-
15 January 2025Ecology Investigations
-
13 January 2025Investigations Money laundering
-
11 January 2025Investigations
-
9 January 2025Money laundering
-
7 January 2025Kharkiv Utility scams
-
4 January 2025Money laundering
-
2 January 2025Money laundering