YouTube

Ukraine's State Special Communications Service bans '1C' and BAS: full list and what it means for businesses and the public sector

The official list of banned software and communications equipment has been published — a step toward digital security and autonomy. We explain why the decision matters and how to prepare.

49
Share:

What happened and why it matters

The State Service of Special Communications and Information Protection of Ukraine published an official list of software and communications (network) equipment prohibited for use by state bodies, local self-government, military formations, state enterprises and operators of critical infrastructure. The decision is backed by the Cabinet of Ministers’ resolution of 22 October 2025 No. 1335 and is aimed at strengthening the protection of state information resources from cyber threats.

Official rationale

"Refusing to use software and communications equipment that may contain hidden vulnerabilities or be used for espionage and sabotage is the key to ensuring the resilience of the state in the context of the full-scale aggression by the Russian Federation."

— State Service of Special Communications and Information Protection of Ukraine

This is not a political gesture — it is a practical risk-management measure. In times of hybrid war, hardware-software systems that have ties to the aggressor country represent a real threat to the security of the state and critical infrastructure.

Who the list covers and what’s on it

The list is intended for state and municipal bodies, security forces, state enterprises and operators of critical infrastructure. For businesses, the recommendation is to conduct an audit and, where possible, phase out risky solutions.

Among the prohibited products are a number of popular solutions from the Russian company "1C" and the BAS product line, as well as the state software "UA-Budget". The full list has been published officially; key items:

  1. 1C: Accounting 8 for Ukraine
  2. 1C: Accounting 8 for Ukraine Basic
  3. 1C: Accounting 8 for Ukraine. Educational version "1C"
  4. 1C: Enterprise 8. Trade for individual entrepreneurs in Ukraine
  5. 1C: Enterprise 8. Comprehensive accounting for budgetary institutions of Ukraine
  6. 1C: Enterprise 8. Comprehensive accounting for budgetary institutions of Ukraine Basic
  7. 1C: Enterprise 8. Trade Management for Ukraine
  8. 1C: Enterprise 8. Small Business Management for Ukraine
  9. 1C: Enterprise 8. Payroll and Personnel Management for Ukraine
  10. 1C: Enterprise 8. Payroll and Personnel Management for Ukraine Basic
  11. 1C: Enterprise 8. Trade Enterprise Management for Ukraine (1C: Trade Enterprise Management 8, 1C: UTP8)
  12. 1C: Enterprise 8. Accounting for budgetary institutions of Ukraine (1C: Accounting 8 for budgetary institutions)
  13. 1C: Enterprise 8. Payroll and Personnel for budgetary institutions of Ukraine (1C: Payroll and Personnel for budgetary institutions of Ukraine)
  14. 1C: Enterprise 8. Manufacturing Enterprise Management for Ukraine
  15. 1C: Enterprise 8. Document Management CORP for Ukraine
  16. 1C: Enterprise 7.7. Accounting for Ukraine (1C: Accounting 7.7.)
  17. 1C: Trade and Warehouse 7.7 for Ukraine
  18. 1C: Payroll and Personnel 7.7 for Ukraine
  19. 1C: Enterprise 7.7. Comprehensive package for Ukraine
  20. 1C: Enterprise 7.7. Manufacturing + Services + Accounting for Ukraine
  21. BAS ERP
  22. BAS Holding Management
  23. BAS Document Management CORP
  24. BAS Trade Management
  25. BAS Retail Trade
  26. BAS Accounting CORP
  27. "UA-Budget"

The manufacturer of the listed products is the Russian company "1C" (distribution, support, business software development). Ukraine introduced sanctions against Russian IT companies and related legal entities back in 2017; state structures were to switch to other products from 2018.

What actions to take now

For state institutions: comply with the resolution’s requirements, carry out an inventory of the IT landscape, and plan the replacement of risky systems in the first quarter after the list is published.

For businesses: conduct an internal audit of used software, assess risks to supply chains and finances, and prepare a migration plan to secure alternatives. This is an investment in cyber-resilience — and in the long term in protection against reputational and financial losses.

Legal context: draft law No. 13505 has been registered in the Verkhovna Rada proposing a complete ban on the sale, distribution and use of "software associated with the aggressor." The Digital Transformation Committee recommended adopting it as a basis. The law provides for a phased ban: the main provisions are to take effect six months after publication, and sanctions for violations from 1 January 2030.

Brief outlook

This decision is part of a broader policy of digital independence and cybersecurity. The transition will require resources and time, but it will reduce systemic risks of data leakage, espionage and potential sabotage. the expert community and legislative initiatives are moving in the same direction: strengthening security standards and abandoning technological dependence on the aggressor.

The reform poses a simple question to organizations: are you ready to pay now for migration and audits, or pay later — and more — for the consequences of an incident? The action plan is clear: inventory, risk prioritization, finding proven alternatives and testing the transition.

The public list will be updated — follow official announcements from the State Service of Special Communications and Information Protection and prepare to act systematically, not emotionally. This is another step toward a more secure digital state.

World news