In 2025, CERT-UA processed over 4,300 cyber incidents in Ukraine. That’s a 70% increase compared to pre-invasion levels. And those are only the reported cases — the actual number of attacks is significantly higher.
Small and medium businesses often think: “Why would anyone attack us? We’re not a bank or a government agency.” This is a dangerous misconception. It’s precisely this mindset that makes SMBs the easiest targets.
Ukraine — One of the Most Attacked Countries in the World
Since the start of the full-scale war, Ukraine has become a testing ground for cyber weapons. According to international reports:
- 4,315 incidents processed by CERT-UA in 2025
- 70% increase compared to 2021
- 38% of attacks target the private sector (not just government)
- Phishing remains the #1 vector — over 60% of initial compromises
- Ransomware attacks grew by 45% year-over-year
For context: Ukraine ranks in the TOP-5 countries by cyberattacks per capita, alongside Israel and Estonia.
Why Small Business Is the Primary Target
Large enterprises have SOC centers, SIEM systems, and dozens of security specialists. Small businesses have Igor, who “knows computers.”
Statistics That Should Concern You
- 43% of all cyberattacks globally target small and medium businesses (Verizon DBIR 2025)
- 60% of small companies shut down within 6 months after a serious cyberattack
- Average detection time for a breach in SMBs — 197 days
- Average incident cost for a small business — $25,000 to $50,000
- Only 14% of small companies have even a basic incident response plan
In Ukraine, the situation is even more acute: the war created additional threat vectors, and IT talent shortages due to mobilization and emigration leave businesses exposed.
TOP 5 Cyber Threats for Ukrainian Businesses in 2026
1. Phishing and Social Engineering
Phishing has evolved. It’s no longer the “Nigerian prince” — it’s precisely crafted emails from “the tax service,” “Nova Poshta,” or “your bank.” With generative AI, phishing email quality has increased dramatically.
What it looks like: An accountant receives an email supposedly from the State Tax Service with an “updated reporting form.” Opens the attachment — and malware is already in the network.
2. Ransomware
Ransomware groups operate like businesses: with “customer support,” negotiators, and affiliate programs. The average ransom for SMBs in 2025 was $150,000.
Fact: After the NotPetya attack in 2017, Ukrainian companies collectively lost over $1 billion. Today’s attacks are smaller in scale but far more targeted.
3. Supply Chain Attacks
Compromise one vendor — gain access to dozens of their clients. The M.E.Doc attack in 2017 and the state registries attack in December 2024 demonstrated how effective this approach is.
4. Business Email Compromise (BEC)
Attackers gain access to an executive’s email or impersonate it. Then — fake wire transfer instructions. Average BEC attack losses — $47,000.
5. DDoS Attacks
Thousands of simultaneous requests — and your website or service goes down. In 2025, DDoS attacks on Ukrainian commercial sites increased by 35%.
Real Cases from IT-Premium’s Practice
Case 1: Logistics Company, 25 Employees
An accountant opened a phishing email attachment. Ransomware locked the 1C server and file server. Without backups, the company lost 3 days of work and paid $12,000 for data recovery.
What should have been in place: Anti-phishing filter, regular backups, staff training.
Case 2: E-commerce Store
DDoS attack during Black Friday. The site was down for 8 hours. Direct losses — ₴180,000 in sales. Reputational damage — immeasurable.
What should have been in place: CDN with DDoS protection, recovery plan.
Case 3: Law Firm, 12 Employees
BEC attack: attackers compromised a partner’s email and sent fake payment details to a client. The client transferred ₴340,000 to the fraudsters’ account.
What should have been in place: Two-factor authentication, phone verification of payments.
Minimum Protection for Small Business: Checklist
You don’t need a million-dollar budget. You need discipline and basic tools:
🔐 Essential (cost: minimal)
- Two-factor authentication (2FA) on all accounts — email, banking, CRM
- Regular backups following the 3-2-1 rule (3 copies, 2 media types, 1 offsite)
- Software updates — automatic, no “I’ll update later”
- Staff training — at least quarterly basic briefings
🛡️ Recommended (cost: moderate)
- Enterprise-grade EDR/antivirus (not free consumer versions)
- Email filtering with anti-phishing protection
- Password manager for the entire team
- VPN for remote employees
🏢 For Growing Businesses
- Annual security audit
- Incident Response Plan
- 24/7 network monitoring
- Cyber insurance
The Cost of NOT Protecting Yourself
Let’s compare expenses:
| Basic Protection | After an Incident | |
|---|---|---|
| Antivirus (10 licenses) | ₴15,000/year | — |
| Cloud backups | ₴6,000/year | — |
| Staff training | ₴5,000/year | — |
| Ransomware recovery | — | from ₴300,000 |
| Downtime (3 days) | — | from ₴200,000 |
| Lost clients | — | immeasurable |
| Total | ₴26,000/year | from ₴500,000 |
That’s a 20x difference. And this doesn’t account for reputational damage or potential fines for personal data breaches.
What’s Next: Cybersecurity Trends for 2026
- AI-powered attacks — generative AI creates convincing phishing emails and deepfake calls from “the CEO”
- Cloud service attacks — cloud migration without proper security configuration
- Regulatory pressure — new NCCC requirements and EU integration standards (NIS2)
- Growth of Ransomware-as-a-Service — attacks become accessible even to non-professionals
How IT-Premium Helps Protect Your Business
We’ve been working with Ukrainian businesses for 17 years. During that time, we’ve seen everything — from NotPetya to targeted attacks on our clients during the full-scale war.
What we do:
- Cybersecurity audits — finding vulnerabilities before attackers do
- 24/7 monitoring — detecting suspicious activity while you sleep
- Backup and recovery — tested plans that actually work
- Staff training — interactive sessions with phishing simulations
- Incident response — if something happens, we’re already working on recovery
Don’t wait for an incident. Request a free cybersecurity consultation and find out how protected your business really is.
Sources: CERT-UA Annual Reports, Verizon Data Breach Investigations Report 2025, IBM Cost of a Data Breach Report, SSSCIP Ukraine, IT-Premium practice data.