Ігор Вишневський That's Life 2 December 2025, 09:00

"There are no nannies here." Messengers and group chats in the army: what is allowed and what is not. The Ministry of Defense and the General Staff spoke about the instructions that regulate this, and the servicemen themselves spoke about their experience

A month ago, on November 1, Ukrainian servicemen were killed as a result of another Russian strike during a mass operation deep in the rear in the Dnipropetrovsk region. But this article is not about the parade ground and public awards in the Defense Forces, which have long been recognized not just as bad manners, but as a completely unjustified and even criminal danger, but about the causes of the aforementioned tragic incident.

Then the Commander-in-Chief of the Armed Forces of Ukraine Oleksandr Syrskyi stated that the enemy could most likely have learned about the meeting place by hacking the group chat of Ukrainian military personnel on social networks. We decided to investigate the question — what regulatory documents and how exactly does the Defense Forces regulate the creation of such chats in messengers? What messengers can be used for work communication, what do the defenders themselves think about it and how is information security provided in their brigades. And most importantly — who and how controls the implementation of these regulations. To do this, we spoke on condition of anonymity with three servicemen from different brigades.

We are familiar with the order.

The rules for the use of digital services by the personnel of the Armed Forces of Ukraine are determined by the order of the Commander-in-Chief No. 165 dated April 29, 2024. It approved the relevant instructions on the use of «mobile communication devices and other electronic means.» In response to dev.ua’s information request, we were informed about this by both the Ministry of Defense and the General Staff of the Armed Forces of Ukraine.

However, we were unable to get hold of the full text of this instruction — the document is not published on official websites. A request for public information was published on the Access to Truth website, in response to which one of the military units indicated that «the instruction is an internal organizational document used by units of the Armed Forces of Ukraine and is not intended for wide distribution outside the organization,» and «in the conditions of countering and deterring the armed aggression of the Russian Federation, the distribution of the specified information may harm the Armed Forces of Ukraine.»

One of the servicemen, with whom the journalist spoke, noted that the personnel of his battalion were familiar with the aforementioned order of the Commander-in-Chief of the Armed Forces of Ukraine.

«Our battalion’s personnel also completed an online cybersecurity course, which included, among other things, rules for dealing with messengers,» he added.

The defender believes that he was lucky with this aspect, because even during basic general military training, the instructors paid significant attention to the use of messengers and the prohibition of photographing the location of the deployment. «But it all depends on the specific training center. I think I was lucky. The guys from our unit, who were trained in other training centers, did not have such experience,» he said.

According to the serviceman, the brigade is bringing to their attention fairly simple but logical recommendations — not to publish photos on social networks that could reveal the location of the unit or position, turn off geolocation at training grounds, distribute only official information in work chats, and, accordingly, not to distribute official information outside the unit, etc.

«The conscientiousness of implementing these recommendations rests with the serviceman. Of course, the role of the human factor cannot be dismissed. From personal experience, I can say that sometimes a person can send a message to the wrong work chat. Administrators quickly delete such messages. There were no critical cases in our unit,» he said.

What the military says about the dangers of Telegram, as well as WhatsApp, Signal and their Ukrainian competitor

From the words of the servicemen we spoke with, we can get the general impression that WhatsApp and Signal are the most common messengers for communication and group chats, and the «odious» Telegram, although not used anywhere for work correspondence, is nevertheless not actually banned for personal use and reading news. Here everything depends on the self-awareness of a particular serviceman — whether he is ready to completely abandon the use of this information channel for personal use, or whether convenience and old habits will prevail.

«Everyone is more or less using the secure messengers WhatsApp and Signal. It is advisable not to have Telegram on your phone at all, and if you do, then only for news channels, not for correspondence. And even more so — not for any serious correspondence. There is another messenger — Sonata. The Russians wrote about it that they supposedly hacked it, but sometimes work correspondence and important communication also take place in Sonata,» one of the military personnel of the Defense Forces told dev.ua.

By the way, the Sonata messenger was developed by the Ukrainian company «Dolya i Ko», which specializes in providing ministries, facilities, and enterprises of various profiles with professional radio communications.

«In my opinion, it’s still a bit buggy, not yet fully polished. But it’s supposedly protected and it’s such a big social network where you can find other people,» said one of the servicemen, whom dev.ua spoke with, about his experience using the messenger.

Two more servicemen noted that traditionally their correspondence takes place in WhatsApp or Signal work chats, more in the former. One of them considers the state policy towards Telegram too weak, although he admits that controlling the use of the messenger will be problematic. «Personally, I do not understand the state policy towards Telegram. In my opinion, its use should be banned at least among military personnel and civil servants. But here the question of control arises,» he says.

Another military officer notes that, despite all the talk about its potential danger, Telegram has not disappeared from military phones.

«I have never heard anyone say anything about a complete ban on Telegram. No one forced us to delete it from their phones. It is enough to look at Telegram to see how many official brigade pages there are, and how many people read them — both military and civilian. Moreover, my boss called me literally two months ago and told me to create Telegram for certain purposes, I didn’t have one until then. Well, I had to create one. But no one really conducts work correspondence on Telegram, they only read news there, and that’s it,» he stated.

When chats on WhatsApp are also on internal accounting

One of the servicemen told dev.ua about his experience using group chats on WhatsApp. As he says, in his brigade, such chats are constantly updated, «killing» the old chat and adding its participants to the new one. This helps to check the relevance of the numbers and reduce risks.

«If there is a group in the unit, then this group must be constantly changed. Every few months we cancel the previous group on WhatsApp and create a new one. But before creating a new one, we check whether no one has lost access to their account, whether no one has been added by mistake, for this purpose all its members are specially called,» the military man noted.

At the same time, even such a seemingly elementary action for civilians as creating a work chat room results in a certain range of bureaucratic procedures in the army — a WhatsApp chat room also needs to be «registered.»

«You take and make a passport for this group, go and approve this passport in cybersecurity. They register all this there. That is, even creating a group on WhatsApp has certain bureaucratic consequences when you spend some time just to draw up papers,» the military man described the situation. «This is necessary to cover your ass, because covering your ass is a constant phenomenon,» he added, half-jokingly and half-seriously.

The defense attorney noted that from time to time they are given information and instructions on cybersecurity, and their internal cybersecurity service periodically visits the unit and checks to make sure there are no leaks. At such times, control over the transmission of any information via messengers is especially strict and practically minimized, but when such checks are passed, everything, according to the military, returns to normal.

«If they don’t allow something, then the question arises: how to transfer information? Even though WhatsApp is not a specially protected or military means of communication, when information needs to be transferred quickly, it is transferred via WhatsApp. But when cybersecurity arrives, instead of giving me a conditional sign in WhatsApp, they tell me the data from this sign over the phone, because their computer doesn’t have access to the Internet!», — the serviceman told about the realities.

According to another interlocutor, they have a number of chat rooms for work issues — just like in civilian structures — but an ordinary soldier only has information that is relevant to his work and competence. «Officers and sergeants know much more, but the disclosure of information for them is also regulated,» he added.

About security measures and their control

One of the representatives of the Defense Forces notes that after each tragic arrival, security measures are tightened, and the issue of military communication in messengers becomes increasingly relevant, but in general, large-scale conclusions are not always drawn.

However, he noted that certain aspects are still receiving increased attention today, especially for recruits. «When you’re at the training ground, you definitely put your smartphone on the plane to be out of range. Then you’re either without the Internet at all, or you’re connected to a starlink, but you definitely don’t use the mobile Internet. And this is an ironclad rule for recruits, it’s checked. They really take this more seriously. Servicemen are already told in battalions and companies that this is an important component of security,» he shared.

On the other hand, a representative of the Defense Forces emphasizes that it is practically impossible to check every soldier and his smartphone, and everything depends very much on the self-awareness of the soldiers.

«I haven’t heard of any cases where they followed you and checked it all the time. They brought it to your attention — they brought it to your attention. But you’re an adult, so try, as they say, to put the plane down and not connect the mobile Internet. However, often in the army, unfortunately, the story still persists that after the fact they find out that someone didn’t do it. And all the worst that could happen has already happened,» the defense attorney stated.

According to him, it is very difficult to control such things, and there are no resources for this. «Formally, the conditions have been met — but informally, there are no nannies here either. And the signalmen or the commander have no time to run around and watch some guy — what kind of Internet he has turned on there and what he is doing on his phone,» the military man summed up.

Another defender also speaks about the strict observance of the ban on the use of mobile Internet at firing positions or control points. «When you are somewhere at a control point, your mobile Internet and mobile communication in general should be turned off. There, communication occurs via Wi-Fi, Starlink or landline. The situation is the same on combat sites. Usually there is no regular communication there anyway, but it also happens that you arrive at a firing position, but there is communication there, and it is not bad, the tower is nearby,» he said.

He also adds that as part of security measures, correspondence usually does not provide the exact coordinates of the conditional «meeting place», but some point nearby. «That is, if you meet a person, you drop a point somewhere nearby, not far away, but not the point where you are supposed to meet. You have to meet the person at this point and, accordingly, after that, take them to where you need to go,» he explained.

Missile strike based solely on hacked group chat data is unlikely

Returning to the background, that is, the missile strike, all three military personnel we spoke with point out that a single chat conversation could hardly have been the cause of an enemy attack — usually any intelligence relies on several sources, one is not enough. «It is very difficult to track the implementation of recommendations by soldiers regarding the use of messengers, so such leaks of information can happen. But to order a strike on a specific enemy facility, confirmation from other sources is still required. For this, conditional „waiters“ are used or agents are recruited among the local population,» says one military personnel. Another defender confirms the same.

«Any intelligence, when intelligence data is collected, relies on several sources, because one can always be wrong. It could have been the Zhdun, or a reconnaissance drone, or someone else leaked some information. Maybe someone called home and said that we would have a meeting. Therefore, we cannot assume that some correspondence there was the only source, and I think there were other sources, which is why the attack was carried out,» he emphasized.

He insists once again that «tightening the screws» in the army’s cyber hygiene in the use of messengers and social networks can be an adequate measure only when an alternative is offered, otherwise such a decision will not be effective. «I remember that at the beginning of the war we were even afraid to call home and did not say in which region we were. Then we relaxed a little about this, because the war has been going on for a long time, and keeping people under these bans for a long time is very difficult. But if you forbid the military to use the means of communication to which they are accustomed, then it is necessary to offer them some alternative,» he is sure.

Instructions are not for the prying eye

Although the Commander-in-Chief’s instruction itself is not available for public access, certain of its provisions were nevertheless quoted by the Mass Information Department of the Ministry of Defense and the Main Communications Department of the Armed Forces of Ukraine in response to our request.

According to the information provided to us by the press service of the Ministry of Defense, this instruction prohibits the use of Viber, Telegram, MapsMe, 2GIS, GetContact and «other dangerous applications» and allows the use of only Signal, WhatsApp and Threema as messengers — «provided they are configured in accordance with the relevant recommendations.»

In addition, as follows from the response to our information request, the Armed Forces have additionally implemented methodological recommendations on the use of social networks and «ensuring the personal cybersecurity of a serviceman.» In particular, the Ministry of Defense has internal orders and policies on digital security, including the End Device Protection Policy and the procedure for connecting personal devices for official purposes. The ministry has also introduced mandatory cyber hygiene courses, and the mobile devices of servicemen are regularly checked by cyber defense units.

«The Cyber Incident Response Center of the Ministry of Defense has developed special instructions for checking and connecting devices, as well as security settings in Signal and WhatsApp. Some of the recommendations are published on the official website of the Ministry of Defense in a format safe for wartime, other documents are provided through closed channels,» the Ministry of Defense replied to us, citing, in particular, the published manual «Personal Cybersecurity: Passwords and Messengers.»

The Ministry of Defense also reminded that, in accordance with the protocol of the National Cybersecurity Coordination Center No. 24 dated September 19, 2024, the Ministry of Defense has introduced restrictions on the installation and use of the Telegram messenger on official devices.

«The use of Telegram for official communication is prohibited, with the exception of officials whose powers include its direct use to perform official tasks,» the ministry emphasized.

The Ministry of Defense also assured that information on restrictions and recommendations regarding cybersecurity and the use of various digital services is provided to all structures of the Ministry of Defense in a comprehensive manner through a secure electronic document management system and through constant training on cyber hygiene. They also reminded about the availability of the training course «Information Resilience. Cybersecurity» in the «Army+» application.

Meanwhile, the Main Communications Directorate of the Armed Forces of Ukraine voiced the position of the General Staff on these issues. There, again, they quoted the aforementioned instruction, specifying that paragraph 4 of the document «allows the use of several specified messengers.» They «must be configured in accordance with the Recommendations on increasing the security of using mobile communication devices in the Armed Forces of Ukraine, which is an appendix to the instruction.»

In addition, the use of messengers in the Armed Forces of Ukraine, judging by the response to our request, is regulated by a number of separate instructions and orders of the General Staff, in particular:

regarding the use of group chats;
regarding the detection of unidentified and unauthorized additional software and hardware communication channels (third-party sessions) in messengers and configuring their operation with two-factor authentication enabled;
regarding the procedure for checking third-party sessions in the WhatsApp messenger and the user’s procedure for actions in the event of an attacker stealing an account in the WhatsApp or Signal messengers on a mobile communication device;
regarding restrictions on the use of personal mobile communication devices by personnel and the prohibition of the use of mobile communication devices in the presence of military communications equipment;
regarding restrictions on the use of the Telegram messenger.

They also assured that the requirements of the above documents have been brought to the attention of the personnel of the Armed Forces of Ukraine, and for their violation, servicemen and employees of the Armed Forces of Ukraine «bear personal responsibility, as provided for by law.» Systematic informing of personnel on these issues is carried out by information protection services during cybersecurity training.

In addition, the General Staff recalled that the mentioned topic has been added to the online course on basic cybersecurity measures, which is mandatory for all personnel of the Armed Forces of Ukraine to complete annually. The General Staff emphasized that work is underway to place it on the Army+ web portal.

The General Staff also drew attention to the fact that the BZVP program provides for the educational discipline «Fundamentals of Cybersecurity» for those called up for military service, and instruction on the safe use of mobile devices and their secure configuration is carried out on the first day of the recruits' arrival at the training units.

In Russia, Telega was created - a copy of the Telegram messenger that collects user data and transfers it to VK servers

Kirill Budanov on the Russian state messenger Max: "We will work with it and get into this one too"