"Please help share!": Security and Privacy Advice on Twitter during the 2022 Russian Invasion of Ukraine

The Russian Invasion of Ukraine in early 2022 resulted in a rapidly changing (cyber) threat environment. This changing environment incentivized the sharing of security advice on social media, both for the Ukrainian population, as well as against Russian cyber attacks at large. Previous research found a significant influence of online security advice on end users. We collected 8,920 tweets posted after the Russian Invasion of Ukraine and examined 1,228 in detail, including qualitatively coding 232 relevant tweets and 140 linked documents for security and privacy advice. We identified 221 unique pieces of advice which we divided into seven categories and 21 subcategories, and advice targeted at individuals or organizations. We then compared our findings to those of prior studies, finding noteworthy similarities. Our results confirm a lack of advice prioritization found by prior work, which seems especially detrimental during times of crisis. In addition, we find offers for individual support to be a valuable tool and identify misinformation as a rising threat in general and for security advice specifically.