Russia closed the January 21st talks in Geneva with a set of "proposals" that amounted to a soft ultimatum for NATO: that the Atlantic Alliance would agree to rule out eventual Ukrainian (or Georgian) membership, that it would roll back troop deployments and infrastructure in the Near Abroad and the former Warsaw Pact, and that it would agree not to deploy certain classes of long-range strike weapons. The US and NATO responded yesterday, and unambiguously rejected the Russian demands, the AP reports.
A démarche proposes confidence-building.
The US and NATO did seek to offer, as the BBC quotes US Secretary of State Blinken, "a serious diplomatic path forward, should Russia choose it." The challenge will be to arrive, if US and NATO diplomacy should prove successful, at a face-saving way for Russia to back away from its pressure on Ukraine. The US and NATO responses offered additional confidence-building measures, in particular the disclosure of information about certain kinds of short-notice military exercises that have hitherto been exempt from transparency agreements. The US also proposed an extension and expansion of the New START treaty that would further reduce nuclear weapon inventories and alert levels, the Washington Post said.
Kinetic combat and possible responses.
Russian forces remain in a high state of alert near the Ukrainian border. The US has increased reconnaissance flights, the Air Force Times reports, and NATO has shipped quantities of materiel to Ukraine. NATO has also increased the readiness of its own forces in Eastern Europe, but this probably is a precaution, Reuters explains, against the possibility that Russian operations against Ukraine would spill over into NATO members like the Baltic states, Poland, and Slovakia. In the event of a Russian invasion, NATO's immediate response would probably be imposition of sanctions designed to cripple the Russian economy.
Cyber operations in the early stages of a hybrid war.
As Ukraine continues to investigate the data-wiping attack that hit government websites two weeks ago, the State Service of Special Communication and Information Protection of Ukraine says it's found signs of false-flag evidence planted to mislead investigators into suspecting a Ukrainian hacktivist group as opposed to Russian intelligence services. Ukraine has called that campaign "Bleeding Bear," and Deep Instinct has a useful account of what's presently known about the attacks. Zero Day reports that the wiper used in the Bleeding Bear attacks was code repurposed from the WhiteBlackCrypt ransomware strain. Other low-grade hacking continues. Reuters reports that a "promotional" website belonging to the Ukrainian foreign ministry was knocked offline yesterday for several hours by unidentified threat actors.
There are concerns that any cyber operations that accompany the crisis in Ukraine will extend, by accident or by design, to civilian targets in many countries. The US Cybersecurity and Infrastructure Security Agency (CISA) has urged infrastructure operators in particular to be on the alert, and to look to their defenses.
The CyberWire's continuing coverage of the crisis in Ukraine may be found here.