The encrypted messaging app Signal has ceased responding to Ukrainian law enforcement requests regarding Russian cyber threats, a senior Ukrainian official claimed, warning that this inaction is aiding Moscow’s intelligence operations.
Speaking at the Kyiv International Cyber Resilience Forum on Tuesday, Serhii Demediuk, the deputy secretary of Ukraine’s National Security and Defense Council, stated that Russian espionage groups are exploiting Signal to target Ukrainian military personnel and government officials. The change was first reported by Daryna Antoniuk.
“With its inaction, Signal is helping Russians gather information, target our soldiers, and compromise government officials,” Demediuk said. He suggested that political instability in the U.S. might be influencing the platform’s decision and expressed hope that cooperation could resume.
Signal, a U.S.-based nonprofit messaging service known for its strong stance on user privacy, has not publicly commented on Demediuk’s allegations. CyberInsider reached out to Signal for clarification but had not yet received a response.
Russian threat actors exploiting Signal
According to Demediuk, Ukraine had previously communicated with Signal through an official channel to warn about the app’s abuse by Russian hackers. These attacks reportedly involve phishing campaigns and account takeovers, often targeting Ukrainian military and government personnel. While Signal previously responded to such concerns, Demediuk said this is no longer the case.
A report by Google’s security team in February highlighted a rise in Russian state-backed hacking attempts against Signal accounts. These attacks commonly involve phishing tactics to install spyware on victims’ devices. Additionally, attackers have been abusing Signal’s “linked devices” feature, which allows messages to be synced across multiple devices, effectively granting adversaries real-time access to compromised accounts.
Migrating from Telegram
In Ukraine, Signal has increasingly been used as an alternative to Telegram, a messaging app founded in Russia. Telegram has long been suspected of being exploited by Russian intelligence for surveillance and influence campaigns.
Demediuk noted that Telegram’s cooperation with law enforcement has improved since the arrest of its Russia-born founder, Pavel Durov, in France. Last September, Telegram updated its terms of service, stating that it would begin sharing the IP addresses and phone numbers of users who violate its policies in response to legal requests. However, despite these changes, Telegram remains a security risk.
While Ukraine has banned Telegram on official government and military devices, Demediuk dismissed the idea of a nationwide ban, arguing that such actions often backfire and serve as “free advertising.” Instead, he emphasized the need to educate users about the risks associated with the app.
U.S. policy shifts impacting Ukraine’s cybersecurity
Demediuk’s comments come amid a broader shift in U.S. policy that has affected Ukraine’s cybersecurity and intelligence-sharing efforts. The temporary suspension of U.S. foreign aid, coupled with changes in the Trump administration’s approach to politics on the international stage, has disrupted Ukraine’s cyber defenses.
Earlier this month, U.S. Cyber Command reportedly halted the planning of offensive cyber operations against Russia in an effort to push for negotiations, though CISA officially refuted these claims. Additionally, intelligence sharing between the U.S. and Ukraine was briefly suspended before being restored under the condition of a 30-day interim ceasefire agreement.
Widely used communication tools like Signal are inevitably caught in the political turbulence surrounding global conflicts, making balancing privacy and national security a difficult act. While Signal upholds strict user protections, its lack of cooperation with Ukraine underscores the challenge of addressing cyber threats without undermining privacy and encryption principles.
Nym Launches “World’s Most Secure” VPN to Counter AI-Driven Surveillance
Leave a Reply