Ukraine at D+18: An increasingly indiscriminate war. | #cybersecurity | #cyberattack


Russian forces continue to encounter strong resistance and self-inflicted logistical problems. Three Russian generals are believed to have been killed so far, an unusual number for so short a time in a war of this kind, and a loss rate that probably indicates poor combat performance that’s forced senior officers to risk themselves by leading from the front.

Russian President Putin has claimed, noted the Times, that he’d seen “positive signs” of progress in negotiations so far. The Ukrainian side sees no such signs (not yet, anyway, although they do see hints that Russia may propose a cease-fire), but talks are set to resume today. Russian airstrikes over the weekend hit western Ukrainian cities, with attacks coming close to the Polish border. Ukrainian President Zelenskyy took the occasion to renew his call for a NATO-enforced no-fly zone over Ukraine. The US warned Russia to expect a strong response should such attacks hit NATO members’ territory, the Telegraph reports. “If there is a military attack on NATO territory,” US National Security Advisor Jake Sullivan said, “it would … bring the full force of the NATO alliance to bear in responding to it.” Russia is believed, in the meantime, to have asked for Chinese support for its war. Some reports indicate that the support requested is materiel: Russia is thought to be running short on certain classes of ordnance. (Beijing says the US claims are “fake news.”) The US also warned China, the AP reports, against attempting to help Russia evade sanctions. And sentiment favoring prosecution of Russian leaders as war criminals continues to manifest itself.

Situation reports from the UK’s Ministry of Defence.

Britain’s Ministry of Defence (MoD) has continued its grim but informative Twitter updates on Russia’s war against Ukraine. Its regularly updated situation map is particularly useful.

On Saturday the MoD reviewed the progress of Russia’s war in the air, noting high cost exacted by Ukraine’s air defenses and Russia’s expansion of its campaign to Western Ukraine: “In the past 24 hours, Russian air and missile forces have conducted strikes against the western Ukrainian cities of Lutsk and Ivano-Frankivsk. The staunch resistance of the Ukrainian air defence forces is compelling Russia to rely on ‘stand-off’ munitions to conduct attacks against targets deep inside Ukraine.” The MoD also notes that air operations have become as indiscriminate as ground operations: Russian tactical aircraft supporting the advance of Russian ground forces are relying primarily on unguided ‘dumb’ munitions. Such weapons are relatively inaccurate and indiscriminate and their use significantly increases the likelihood of civilian casualties.

Yesterday the MoD reported renewed action in the Black Sea: “Russian naval forces have established a distant blockade of Ukraine’s Black Sea coast, effectively isolating Ukraine from international maritime trade. Russian naval forces are also continuing to conduct missile strikes against targets throughout Ukraine. Russia has already conducted one amphibious landing in the Sea of Azov and could look to conduct further such operations in the coming weeks.” This forms part of the general advance, but one that continues to encounter stiff opposition from Ukrainian defenders and to be hobbled by command and logistical challenges. The MoD said: “Russian forces are attempting to envelop Ukrainian forces in the east of the country as they advance from the direction of Kharkiv in the north and Mariupol in the south. Russian forces advancing from Crimea are attempting to circumvent Mykolaiv as they look to drive west towards Odessa. Russia is paying a high price for each advance as the Ukrainian Armed Forces continue to offer staunch resistance across the country.”

And this morning’s update from the MoD emphasizes the plight of refugees: “More than 2,500,000 refugees have been forced from their homes as a result of President Putin’s attack on Ukraine. Indiscriminate Russian shelling and air attacks are causing widespread destruction. The UN have reported that there have already been 1,663 civilian casualties since the Russian invasion began. As with previous such estimates, the true figures are likely to be significantly higher and will continue to climb as long as Russian operations continue.

“Angry and frustrated.”

Consensus in Washington and elsewhere holds that President Putin isn’t crazy, and that his extreme policies are now being driven by his anger and frustration over a two-and-a-half-week stalemate in a war he expected to win in two days. The AP quotes US Director of Central Intelligence William Burns, a former US ambassador to Moscow, as telling Congress, “I think Putin is angry and frustrated right now. He’s likely to double down and try to grind down the Ukrainian military with no regard for civilian casualties.” Burns sees Mr. Putin as living in a “propaganda bubble” of his own creation. US intelligence officials see few face-saving ways for the Russian President to exit what’s become a costly war. “He has no sustainable political end-game in the face of what is going to continue to be fierce resistance from Ukrainians,” DCI Burns told Congress. Director of National Intelligence Avril Haines said Mr. Putin “perceives this as a war he cannot afford to lose. But what he might be willing to accept as a victory may change over time given the significant costs he is incurring.”

Some of the anger and frustration appear to have been visited upon the FSB, the security service that’s the Russian successor to the Soviet KGB. The Times reported Saturday that Sergey Beseda, head of the FSB’s Fifth Service, the foreign intelligence branch whose particular remit is the Near Abroad, was arrested along with his deputy, Anatoly Bolyukh. The formal basis for the arrests is a charge that the two men were embezzling funds allocated for covert activities in Ukraine, but the real reason is widely believed to be the poor intelligence the FSB provided before the war concerning the political situation in Ukraine. Thus the arrests appear to be the beginning of scapegoating for combat and intelligence failures.

Ukrainian sources may have fed Kremlin suspicion of Russia’s own organs. The Times reported Thursday that sources in the Ukrainian government said that the FSB had been quietly feeding Ukraine intelligence about the special Chechen units Russia had deployed into the county, at leas one of which is said to have been an assassination squad. Ukrainian sources credit KGB turncoats with helping them thwart the assassinations in particular. FSB intelligence failures are thought responsible for giving Russia the impression that the invasion would, in many areas of Ukraine, amount to a march of flowers, with Ukrainians welcoming Russian forces as liberators. It became clear within a matter of hours that this wouldn’t be the case, and that the invasion would face stiff and determined opposition. The FSB’s covert attempts to foment pro-Russian insurrections in Ukraine also failed. These shortcomings are thought to be particularly galling to Mr. Putin, who was the FSB’s director before succeeding Boris Yeltsin as president.

Russia’s Defense Minister, General Sergei Shoigu, remains in office for now. Whether he’ll ultimately prove to be a scapegoat or a successor, or neither, remains to be seen.

Provocations and pretexts.

On Friday Russia’s permanent representative to the United Nations, Vasily Nebenzya, brought before the Security Council the preposterous claim that Ukraine, with American assistance, was preparing to use biological weapons against Russia, and that Russia felt a high-minded concern that the effects of such weapons would be difficult to confine to Russia and Ukraine. The Guardian quotes the ambassador as saying, “We call upon you to think about a very real biological danger to the people in European countries, which can result from an uncontrolled spread of bio agents from Ukraine. And if there is such a scenario then all Europe will be covered. The risk of this is very real given the interests of the radical nationalist groups in Ukraine are showing towards the work with dangerous pathogens conducted together with the ministry of defence of the United States.”

The Ukrainian plan, Ambassador Nebenzya said, involved releasing bats, birds, and bugs as disease vectors, and the bats, birds, and bugs would go where they would, even heading westward. The accusation is ridiculous, but also a tried and true propaganda theme that Moscow used as far back as the Korean War, and most recently in speculative stories retailed in the West by RT before Russia’s invasion of Ukraine. The Bulletin of the Atomic Scientists published an early and convincing debunking of RT’s stories; the US State Department has published a more recent refutation. There are concerns that claims of Ukrainian biowar plans and capabilities are intended to provide a pretext for Russian use of biological or (more likely) chemical weapons.

Other concerns about provocations have been prompted by Russian forces’ seizure of the decommissioned but still dangerous reactors at Chernobyl, where power interruptions have placed the plant’s safety at risk. WIRED reports on the possibility of radiological contamination from the site. Kyiv’s military intelligence service, the Telegraph reports, has said it believes Russian forces are stockpiling the bodies of Ukrainian soldiers killed in action to use in staging an attack against the nuclear facility that would serve as a pretext for a radiological attack.

A brief excursus on weapons of mass destruction.

There’s been some loose writing about “weapons of mass destruction,” with some calling weapons as small as machine pistols “weapons of mass destruction.” They’re not. Conventional weapons like small arms, automatic weapons, cannons, tanks, high explosive ordnance of all kinds, these can have horrific effects, and such effects are being seen throughout Russian areas of operation in Ukraine. But these are not properly speaking weapons of mass destruction.

The US Joint Staff’s Dictionary of Military and Associated Terms is a useful place to begin. It defines “weapons of mass destruction” as “Chemical, biological, radiological, or nuclear weapons capable of a high order of destruction or causing mass casualties, excluding the means of transporting or propelling the weapon where such means is separable and divisible.”

  • Chemical weapons are toxic chemicals designed for use on the battlefield. They’re most familiar to the general public from their use in World War One, where German first use of such weapons (“poison gas”) was taken up by the other belligerents. The chemical weapons most likely to be used today are nerve agents, which were derived from work on insecticides during the Second World War but weren’t used during that conflict. Russia has a well-elaborated doctrine for the use of nerve agents, and it’s used one of them, “Novichok” (that is, “New Guy”) on a very small scale in the attempted assassination of a GRU defector and his daughter.
  • Biological weapons are pathogens packaged to be delivered against enemy targets. Japanese forces used them against China during the Second World War, with indifferent effects. Ancient, medieval, and modern poisoning of wells by dumping corpses in them, and such actions as distributing blankets contaminated with smallpox to populations who lacked natural immunity are early historical anticipations of biological warfare. Biological agents are today categorically forbidden under international law. They’ve also proven difficult to weaponize, hard to package and difficult to deliver, and, above all, effectively impossible to contain. Russia has accused Ukraine, with US assistance, of working to create biological weapons for presumed use against Russia. This accusation is widely regarded as disinformation.
  • Nuclear weapons are devices that induce nuclear fission to produce a chain reaction that results in very large blast and thermal effects, accompanied by potentially lethal radiation and non-lethal but equipment-killing electromagnetic pulse. Thermonuclear weapons use a fission device to create the temperatures and pressures necessary to produce fusion, with even greater effects than those achieved by nuclear fission weapons. These two classes of weapons are often called “atomic bombs” and “hydrogen bombs,” respectively. Nuclear weapons have been used twice, both by the Americans at the end of World War Two against the Japanese cities of Hiroshima and Nagasaki.
  • Radiological weapons, sometimes called “dirty bombs,” involve the distribution of radioactive materials to sicken or kill people in the targeted area, or to so contaminate an area that it becomes impossible to occupy or perhaps even transit. Unlike nuclear weapons, radiological weapons don’t involve a nuclear detonation: their effects don’t depend upon either blast or heat. There are no confirmed uses of radiological weapons.

Weapons of mass destruction share one important feature beyond the destruction they promise and the fear they inspire: they’re indiscriminate. Their effects are difficult to contain.

Hiring mercenaries, recruiting volunteers.

Why would a combatant government hire mercenaries or recruit foreign volunteers? The reasons for doing generally so fall into one of two categories: seeking capabilities or seeking influence. Capabilities might include familiarity with or possession of desirable equipment, simple numbers, useful experience, or perhaps even a willingness to engage with unusual ruthlessness.

Britain’s Ministry of Defence commented on the prospect of foreign support of Russia’s war against Ukraine. “President Putin has publicly welcomed the recruitment of ‘16,000 mostly Middle Eastern volunteers’ to support his invasion of Ukraine. Syrian mercenaries have deployed alongside Russian proxy forces in Libya since late 2020,” the MoD tweeted. “This follows earlier reporting that Russia was also planning to deploy experienced mercenaries from Russian Private Military Companies to support the invasion.” Both Syrian proxies and deniable mercenary contractors of organizations like the Wagner Group have been used in Russian operations in the Middle East. The MoD sees a manpower problem, difficult as that may be to credit. “Russia this week has also been forced to acknowledge the use of conscript soldiers in its operations against Ukraine. As losses mount, Russia will be forced to draw on alternative sources to reinforce their overstretched regular forces.” Thus the MoD sees the Russian announcement as showing a need for capability, particularly numbers, arguably unusual ruthlessness.

Ukraine seems to be interested in attracting experienced fighters in sufficient numbers to give its forces a combat boost. Early in the war, on February 27th, Ukrainian Foreign Minister Dmytro Kuleba issued a call for foreign volunteers: “Foreigners willing to defend Ukraine and world order as part of the International Legion of Territorial Defense of Ukraine, I invite you to contact foreign diplomatic missions of Ukraine in your respective countries. Together we defeated Hitler, and we will defeat Putin, too.” Volunteers have indeed responded, and these seem to be, insofar as can be determined, genuine volunteers, motivated by sympathy rooted in personal connection, outrage at Russian conduct, or desire to support a victim of aggression.

Both efforts also have a persuasive dimension, as the Russian and Ukrainian governments are interested in showing evidence that the world as a whole is on their side, or at least not entirely on the enemy’s side. Ukraine seems to be doing a better job of this than Russia. Russia has claimed that Ukraine’s acceptance of volunteers is a violation of international law, but that’s not true. Reuters has an overview of the laws governing volunteering in a foreign country’s army. Canadians, Georgians, Indians, Japanese, Britons, and Americans are among the volunteers who’ve gone to fight for Ukraine.

Cyber operations against Ukraine.

Satellite Internet service delivered by Viasat was interrupted on February 24th, around H-hour of Russia’s invasion. The US National Security Agency, France’s ANSSI, and Ukrainian intelligence services are jointly investigating whether the incident was a Russian cyberattack. The target and the timing, at least, suggest that it was. “The hackers disabled modems that communicate with Viasat Inc’s KA-SAT satellite, which supplies internet access to some customers in Europe, including Ukraine. More than two weeks later some remain offline,” Reuters reports.

The Record reported Friday that Ukrainian Internet access was coming under increasing attack. Two services are particularly affected: “Ukrtelecom (AS6849) [was] down nationally at 9:35 UTC (11:35am local) for ~40min” and “Triolan (AS13188) has been down nationally for over 12hrs due to reported cyber attack. Still almost entirely offline.”

Cyber operations against Russia (and those connected with Russia).

Anonymous claims to have compromised the networks of Rosneft Deutschland, the German subsidiary of the Russian energy firm Rosneft. The collective appears most interested in tracking former German Chancellor Gerhard Schröder’s activities. Herr Schröder chairs Rosneft’s supervisory board. The company itself is led by oligarch Igor Ivanovich Sechin, a close associate of President Putin.

Restraint in cyberspace, both Russian and Western.

The Viasat incident seems the most serious cyberattack of the war. Cyber incidents traceable to Russia have been observed outside the Ukrainian theater of operations (as in, for example, a case under investigation in County Kerry, Ireland) but these seem for the most part to be familiar criminal or at worst privateering capers that have long been run by the Russian underworld with Moscow’s toleration and sometimes encouragement. While Russia’s war against Ukraine has indeed been a hybrid war with cyber phases, those phases have been characterized by low-grade distributed denial-of-service (DDoS) attacks and website defacement. An essay by Jan Kalberg in the CyberWire offers an explanation of why this might be so: destructive attacks, once executed, are difficult to repeat, and deploying the cyber weapons such attacks would use should wait until it makes strategic sense to do so. If there’s no combat advantage in, for example, taking down a power grid, it shouldn’t be surprising that such attacks haven’t yet materialized. The effects of a cyberattack, however devastating, are of finite duration, and it’s difficult to repeat them at need.

A similar calculus seems to be informing US restraint against Russian assets, POLITICO reports.

Is it possible that Russia might engage, at the right time, or under the right conditions of provocation or desperation, in large-scale, destructive cyber warfare? Yes, argues Lou Steinberg, CTM Insights Managing Partner. Noting that large-scale disruptive cyberattacks could achieve, in principle at least, widespread and indiscriminate effects. “As conflict with the west has moved from tension to outright hostility,” he wrote, “Russian tactics have changed from stealthy attacks to steal data and prepare for cyberwar, to attributable attacks designed to disrupt. But how far will they go, if attribution means retribution?” He went on to describe the levels of effect Russia might achieve through cyberattacks:

“As in any attack, the damage done is a combination of the weapon used and who or what it’s pointed at. There are essentially three types of disruptive attacks against various types of targets. Disruptive attacks include:

“1.   Temporary disruption, such as a Denial of Service attack that overwhelms a web site

“2.   Lasting disruption, by wiping computers or encrypting data (essentially ransomware without the ransom)

“3.   Directly endangering health and safety, often by making cyber changes that control things in the real world.

“Obviously, the blast radius changes with the cyber target. Disrupting a corner candy store with a denial of service attack is not the same as disrupting a hospital. Wiping computers in a hospital is terrible, but limited to patients in the local area. Wiping the computers at a major bank or disrupting payments affects more people over a larger area.

“As bad as those are, they aren’t the nuclear equivalent. Attacks designed to disrupt and cause physical harm in power, water, food, medicine, transportation, and fuel would have a large blast radius that cause both immediate and long term harm or death. For example, disrupt electrical power and you have an immediate impact that gets worse with time. With no power, food rots. Medicines spoil. Gas stations can’t operate pumps, so fuel for trucks is stuck in underground tanks. No trucks mean no replacement food and medicine. Water and sewage treatment plants stop. People die. And that’s just one example.

“It’s clear that Russia, directly and through 3rd parties, is willing to point temporary disruption weapons at a large number of targets. Russia also appears to be using encryption and “wiper software” to permanently disable some computers in Ukraine. As sanctions take effect, Russia and her sympathizers may well widen the use of permanent disruption attacks to include western targets.

“That leaves the ‘nuclear option.’ If things get bad enough at home, would Russia take cyber actions that would harm civilians in America and western Europe? A kinetic nuclear weapon would be easy to show came from Russia and elicit an unthinkable response. Would they gamble that a cyber weapon makes it hard to prove it came from them, perhaps making it harder to justify a reaction?

“I believe we have the ability to show beyond any reasonable doubt the source of such an attack, meaning it would force an equally massive response. I hope my belief isn’t put to the test.”

Information operations, by and against Russia.

The Washington Post has an account of FSB strong-arm tactics used as early as September of last year to pressure Apple and Google to trim their policies to accommodate official Russian sensibilities. Those tactics extended to threats of arrest made against corporate personnel in Russia. The Post characterizes the threats as preparatory work for the censorship the current hybrid war against Ukraine has brought in its train, and it says the companies at the time “blinked.”

Russians’ access to information from the outside world has been substantially curtailed, but the censorship hasn’t been airtight. Polish hackers, for example, have established a system that Russians can use to circumvent the firewalls Moscow has put in place. Flashpoint offers an overview of how Russia’s long-mooted sovereign Internet is maturing during wartime.

Influencers remain engaged in Russia’s war against Ukraine, and here, as is the case with other items influencers flack, from clothing to drinks, they’re being paid for their services. Vice reports a Russian campaign to pay influencers to retail Moscow’s propaganda to their gullible followers. The US National Security Council is running a rumor-control effort that specifically addresses the spread of Russian disinformation through TikTok. Prominent TikTokers, the Washington Post says, were given a Zoom meeting by the White House in which the lines of Russian propaganda and the human cost of repeating it were outlined.

Meta’s platforms Facebook and Instagram have relaxed their customary strictures against hate speech to permit stronger language about Russia’s war against Ukraine to pass its filters, and Russia has responded by adding Instagram to its blocked list. Authorities in Moscow have also asked a court to designate Meta an “extremist organization,” which, Bloomberg comments, would effectively criminalize all of its activities in Russia. Meta spokesman Nick Clegg issued the company’s response, which repeated familiar claims of commitment to free speech and opposition to hate speech, and said that the relaxed rules apply only to users in Ukraine, the expression of whose outrage Meta is unwilling to censor. Mr. Clegg says in particular that the company on whose behalf he speaks won’t tolerate “Russophobia.” Meta did clarify in other communications that it wouldn’t permit people to call for the death of a head of state. Unnamed here is Mr. Putin, whose death a number of people have publicly desired. So, everybody, no more “death to Putin” posts (and we trust that the algorithm is smart enough to realize that the quotation marks indicate that we’re mentioning the words, and not using them).

The Economist lacerates Mr. Putin for what its Saturday leader characterized as his “re-Stalinisation” of Russia that involves both domestic repression and outrageously bare-faced lies. It sees that process as having been put in train by some extraordinary bad judgment in the opening of the war against Ukraine:

“To understand the scale of Mr Putin’s lies, consider how the war was planned. Russia’s president thought Ukraine would rapidly collapse, so he did not prepare his people for the invasion or his soldiers for their mission—indeed, he assured the elites that it would not happen. After two terrible weeks on the battlefield, he is still denying that he is waging what may become Europe’s biggest war since 1945. To sustain this all-encompassing lie, he has shut down almost the entire independent media, threatened journalists with up to 15 years in jail if they do not parrot official falsehoods, and had anti-war protesters arrested in their thousands. By insisting that his military ‘operation’ is de-Nazifying Ukraine, state television is re-Stalinising Russia.”

Public opinion’s aim is sometimes wayward.

The New York Times reports that some people are shunning and denouncing companies and businesses they misperceive as Russian. Stolichnaya vodka, for example, is the target of many boycott calls, but Stolichnaya is produced in Latvia, and the distillery’s corporate parent is in deeply inoffensive Luxembourg. And just because a restaurant has the word “Russian” in its name doesn’t mean it’s actually Russian. Enjoy your blini with a clear conscience.





Original Source link

Leave a Reply

Your email address will not be published.

78 + = eighty eight