How the “Hostile Software” Project Helps Businesses Abandon Russian Software

National security today extends beyond the protection of physical borders into the digital domain. Despite the full-scale invasion, a significant proportion of Ukrainian businesses continue to use software of Russian origin.

Marta Kindrys, Director of the Advocacy and IT Industry Development Centre at the IT Ukraine Association, presented updated data and tools as part of the strategic “Hostile Software” project during her speech at the Ukrainian ERP Forum.

The transition from 1C to independent and reliable solutions is inevitable. The vast majority of market participants recognise this, and it is clear that this process will soon be formalised at the legislative level. Our goal is to help make this transition structured, transparent, efficient and properly managed,

Marta noted.

The project, initiated by the IT Ukraine Association with the support of Ukrsibbank BNP Paribas Group, aims to achieve digital independence and promote high-quality software solutions. The situation remains critical: over 70% of Ukrainian enterprises still rely on 1C and other Russian IT products. The scale of the issue is also reflected in the public sector — since 2015, Ukrainian state institutions have spent more than UAH 2 billion on procuring Russian software through the Prozorro system.

Risks of Using Russian Software

 

The use of products such as 1C or Bitrix24 represents not merely an operational inconvenience but a direct threat:

• National security: A high risk of personal data leakage and its potential misuse by Russian intelligence services.
• Cyber threats: In 2025 alone, CERT-UA under the State Service of Special Communications handled 5,927 cyber incidents. Since the beginning of the invasion, the Security Service of Ukraine has neutralised over 14,000 attacks, a significant share of which exploited vulnerabilities in Russian software.
• Financing the aggressor: Taxes generated from licence sales (1C, BAS, etc.) directly contribute to the aggressor state’s budget.
• Ethical considerations: As Ukraine calls on the international community to strengthen sanctions, the continued domestic use of hostile tools is unacceptable.

Regulatory Framework and Liability

 

The Association coordinated a working group in the Verkhovna Rada and contributed to draft law No. 13505. In October 2025, the Parliamentary Committee on Digital Transformation recommended its adoption in the first reading. The draft law proposes:

• Timelines: The transition will first become mandatory for critical infrastructure entities. By 2030, all Ukrainian businesses are expected to migrate to secure alternatives.
• Sanctions: While the law is pending full implementation, administrative liability is already in place (starting from UAH 1,700). If the use of such software results in severe security consequences, criminal liability may apply.

The state has already reached a new level of enforcement. In January 2026, the State Service of Special Communications and Information Protection published an open list of prohibited software and networking equipment.

Practical Support and Alternatives

 

The IT Ukraine Association not only highlights the issue but also offers concrete solutions:

• In September 2025, Diia.Business, together with the IT Ukraine Association, launched the Digital Solutions Marketplace — an online platform featuring verified software across multiple categories, including operations, logistics, marketing, finance, e-commerce, sales, security, accounting, and HR.
• The “Vouchers for Digital Transformation of MSMEs” project, implemented with the support of international cooperation programmes DT4SME and STEP IN 2 EU, is designed to facilitate the transition of micro, small and medium-sized enterprises from hostile software such as 1C and BAS to secure ERP solutions.

Key Challenges of Transition

 

According to the “Study of Ukrainian Businesses’ Experience in Transitioning from Russian Software to Secure Alternatives,” conducted by Sociology students at the Ukrainian Catholic University in cooperation with the IT Ukraine Association, several major barriers persist:

• Human factor: Accounting and operations teams often resist change due to familiarity with legacy interfaces.
• Technical complexity: The need for deep system customisation and a shortage of specialists working with alternative solutions.
• Economic constraints: The cost of implementation and adaptation remains a key factor slowing down the transition.

The IT Ukraine Association continues to advance the “Hostile Software” project, supporting businesses in migrating to secure solutions. The adoption of draft law No. 13505 is expected to become the decisive step towards large-scale transformation.