Russia stages more general purpose forces near Ukraine (notably moving amphibious assault ships from the Mediterranean through the Dardanelles and toward Ukraine's Black Sea coast) while diplomatic efforts to reduce tension continue. Belarus continues to emerge as an important staging point for Russian conventional forces. No fresh, large-scale cyber activity, however, is being reported. The New York Times reviews the current state of multilateral negotiations and sees, if not stalemate, at least stasis. Its analysis foresees "a drawn-out and dangerous diplomatic slog toward a difficult settlement."
The AP reports that Poland has appointed Brigadier General Karol Molenda to lead the country's new Cyber Defense Force. Defense Minister Mariusz Blaszczak framed the new command as a defensive measure taken in recognition of, especially, cyber threats from Russia. “We are perfectly aware that in the 21st century cyberattacks have become one of the tools of aggressive politics, also used by our neighbour. For that reason these capabilities are of fundamental, key nature to Poland’s Armed Forces.”
Reuters cites unnamed sources who say that the European Central Bank (ECB) has raised its level of alert for cyberattack, and has shifted its focus from the common financially motivated cybercrime to the prospect of state-directed attacks originating from Russia. The ECB is said to have queried banks about their readiness to withstand such attacks, and that the individual banks are holding drills to increase their own state of readiness. The measures seem driven more by prudential considerations concerning the continuing Russian threat to Ukraine and by Russia's record of offensive action in cyberspace than they are by specific intelligence of any particular imminent threat.
Some observers think that simple deterrence is likely to restrain Russia from escalating its hybrid war in cyberspace. An op-ed in the Telegraph, for example, argues that Russia understands British (and US) offensive cyber capabilities, and that its calculus will tell them that an expanded cyber war is one Moscow is unlikely to win.
Task and Purpose reviews potential cyber threats from Russia and concludes that none of them amount to "shock and awe." It reviews five major cyber campaigns Russia has mounted against Ukraine (widely regarded as a testing ground as well as a theater of operations) since 2014—Election Interference (2014), Power Grid Sabotage (2015), Power Grid Sabotage (2016), NotPetya Economic Disruption (2017), and BadRabbit Economic Disruption (2017)—and rates the strategic effects of all but NotPetya as "negligible." (NotPetya's effect it rates as "unknown.") These are, of course, all actual attacks. There are other potential threats, especially large-scale and destructive attacks against power grids, whose consequences could be far more devastating than these. But the essay's account of the use of cyberattack as tactical adjuncts to military operations is interesting.
The CyberWire's continuing coverage of the crisis in Ukraine may be found here.