Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

Ukraine Sacks Top 2 Cyber Officials in Embezzlement Probe

6 Individuals Accused of Inflating Value of Software Contracts by $1.7 Million
Ukraine Sacks Top 2 Cyber Officials in Embezzlement Probe
Yury Shchyhol, now the former head of Ukraine's SSSCIP (Image: SSCIP)

The Ukrainian government dismissed two top cybersecurity officials as the country's anti-corruption unit probes suspected embezzlement.

See Also: Webinar | Everything You Can Do to Fight Social Engineering and Phishing

Yury Shchyhol, head of the State Service for Special Communication and Information Protection of Ukraine, and Viktor Zhora, the deputy head, were fired on Monday.

Their dismissal was first announced by the cabinet's parliamentary envoy, Taras Melnychuk, on Telegram.

Among its many cybersecurity responsibilities, the SSSCIP is responsible for securing Ukrainian government data and communications and protecting critical national infrastructure. The importance of that job has surged since Russia launched a war of conquest against Ukraine in February 2022.

Ukraine's cabinet has temporarily appointed Dmytro Makovsky to head the SSSCIP. He was previously one of Shchyhol's deputies.

The government accuses the two former officials of misappropriating $1.7 million designated for purchasing software and services.

Its investigation is being led by Ukraine's National Anti-Corruption Bureau, or NABU, together with the Specialized Anti-Corruption Prosecutor's Office, or SAP, which is an independent unit in the government's prosecution office.

NABU and SAP on Monday announced that they suspect six individuals of colluding in a scheme that ran from 2020 to 2022 and involved inflating the value of software and services being purchased from a foreign manufacturer and pocketing the difference. Investigators accused Shchyhol and Zhora of being involved, along with four other unnamed suspects: the general manager of a state-owned enterprise, an employee of the enterprise, the owner of a group of companies who organized the scheme and one of his employees.

"Two controlled companies were involved, and the purchase was classified in order to avoid open bidding and ensure their victory," NABU and SAP said, according to a machine translation. Investigators said the contracts were negotiated for $7.9 million, when the real value of the software being purchased was $6.2 million, leaving $1.7 million for the alleged co-conspirators. "These funds were transferred to the accounts of controlled companies abroad for the purpose of legalization and distribution among the members of the organized group," NABU and SAP said.

In a Facebook post, Shchyhol said Monday that he had resigned, The Record reported.

"I am confident that I will be able to prove my innocence during an impartial investigation and directly in court," Shchyhol reportedly said, before locking his account, making it no longer publicly accessible.

In a statement, the SSSCIP pledged its ongoing adherence to the "principles of openness and zero tolerance for corruption."

The agency appears to question the allegations against its former chiefs. "All purchases made by the service from 2020 onwards were carried out in compliance with current legislation," it said, according to machine translation. "Procurement in the field of protection of state registers is complex, their analysis requires preparation and understanding, and the service is ready to provide all necessary clarifications to NABU detectives, in any format."

Zhora disputed the allegations. "I cannot disclose the details of the investigation, but I am convinced that I will be able to protect my honest name and reputation in court," he said in a late Monday post to X, formerly Twitter.*

Well-known in Western cybersecurity circles, Zhora held a position similar to Jen Easterly, who leads the U.S. Cybersecurity and Infrastructure Security Agency, and Lindy Cameron, president of Britain's National Cyber Security Center, and he has regularly shared cybersecurity information and lessons learned as the war has continued (see: Ukraine's Cyber Defense: Wipers Remain 'Biggest Challenge').

Zhora has been a regular speaker at international cybersecurity conferences, recently including Cyberwarcon on Nov. 9 in Washington, and on Thursday, the IRISSCERT Cybercrime Conference hosted by the Irish Reporting and Information Security Service in Dublin.

Corruption Crackdown

Ukrainian President Volodymyr Zelenskyy has pledged to take a zero tolerance approach to corruption. When the European Union in June 2022 granted Kyiv candidate status, Brussels said eliminating corruption remains a requirement for full membership in the bloc.

Transparency International, which tracks corruption globally, said in January that Ukraine has been making strides. "The country has long struggled with systemic abuse of power, but has taken important steps to improve oversight and accountability," it said.

In January, Zelenskyy dismissed 15 officials, including the deputy minister of infrastructure, who was accused of inflating the price of generators and other essential winter equipment, as well as the deputy minister of defense, who allegedly inflated the value of food contracts, reported The Guardian.

"I want it to be clear: There will be no return to the way things used to be," Zelenskyy subsequently said in a January speech.

In September, as corruption allegations continued to dog the defense ministry, Oleksii Reznikov, the defense minister, stepped down.

On Friday, Zelenskyy dismissed Oleksandr Tarasovsky, the deputy head of the Foreign Intelligence Service of Ukraine. No reason was given for his dismissal.

*Updated Nov. 21, 2023 09:31 UTC: This story has been updated to include Victor Zhora's statement.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.