Russia's invasion of Ukraine seems to be proving more difficult than Moscow would have hoped, and the weekend saw heavier international sanctions levied against Russia. The Kremlin's response to sanctions and "unfriendliness" has been to raise the alert level of nuclear forces. Both sides in the war continue to sustain cyberattacks.
The United Nations plans to hold a (very rare) emergency session of the General Assembly this afternoon at 3:00, New York time, to address Russian aggression against Ukraine.
Ukrainian resistance may have stalled the Russian advance at key points. Russian forces have failed to reach their initial objectives, stalling in the north and east while advancing with somewhat more, although still limited success, from Crimea in the south. Neither Kyiv nor Kharkiv, the two large cities under greatest pressure, had yet fallen.
A number of Russian banks will be expelled from SWIFT (the Society for Worldwide Interbank Financial Telecommunication), the European Commission President Ursula von der Leyen announced late Saturday.
Mr. Putin has raised Russian nuclear forces' level of alert in response to Western sanctions and their lack of sympathy for the Russian cause, Reuters reports him as saying yesterday on state television. The US has pointedly declined to respond with a corresponding alert of its own nuclear forces.
Cyber operations against Ukraine.
RiskIQ confirms that it's seeing Ghostwriter activity against Ukrainian troops. Ghostwriter has been associated with the Belarusian government, and with the group being tracked, by Recorded Future and others, as UNC1151. Recorded Future thinks it likely that Russian elements, particularly the GRU, have used Belarusian infrastructure and cooperated with Belarusian intelligence services to run operations against Ukraine.
The BBC reports that other hackers have rallied to the Russian colors and volunteered to hit Ukrainian online assets. The ones talking to the BBC claim to be cutting quite a swathe, but it's unclear how effective they may actually have been.
Cyber operations against Russia.
Hacker News reports that Russia's National Computer Incident Response and Coordination Center has warned its domestic clientele that cyberattacks against Russian critical infrastructure are to be expected. The hacktivist group Anonymous seems to be siding with Ukraine (although as always it's difficult to know who speaks for an anarcho-syndicalist collective), according to ZDNet. As always, statements by hacktivists should be received with cautious skepticism. Anonymous, however, has claimed responsibility for an attack against Russian media outlet RT, and RT was indeed knocked offline by a cyberattack, the Daily Beast reports.
Ukraine's government hasn't been reluctant to call for hacktivist volunteers as it's called for volunteer fighters. BleepingComputer reports that Kyiv is calling for "an IT army" to take on Russian targets, and that it's also released a target list: "Russian government agencies, government IP addresses, government storage devices and mail servers, three banks, large corporations supporting critical infrastructure, and even the popular Russian search engine and email portal, Yandex."
Hybrid war and the broader threat of Russian cyber operations.
As international sanctions tighten against Moscow, and in particular as its banking sector is incrementally blocked from access to the SWIFT system, Venture Beat reports that organizations around the world are bracing for Russian retaliation in cyberspace. President Putin's calculus may have led him to believe that restraint will gain him little. "Putin/Russia getting completely isolated economically & diplomatically. The West is completely united. Even China is getting scared of secondary sanctions," Silverado Policy Accelerator chairman and CrowdStrike co-founder Dmitri Alperovitch tweeted. “The danger: Putin has very little to lose now. He is cornered. May go all out on economic and cyber retaliation,”
Conti, the familiar ransomware gang, says it will strike those who oppose Russia. According to Reuters, Conti blogged, "If anybody will decide to organize a cyberattack or any war activities against Russia, we are going to use our all possible resources to strike back at the critical infrastructures of an enemy." Thus any serious suppression of cyber criminal gangs by Russian security authorities has proven to be, as was foreseeable, largely illusory, at best temporary and tactical.
Disinformation and misinformation.
Russia continues to push its familiar lines of disinformation: Ukraine is historically illegitimate; it's run by a junta of drug addicts and neo-Nazis; it's guilty of anti-Russian genocide; it's a NATO puppet; and Russia's special military action is a defensive response to a Ukrainian threat. These themes have found little traction abroad, as POLITICO writes, social media companies have had difficulty addressing the deliberate dissemination of falsehoods. The Russian government has also increased online censorship, the New York Times reports.