Roughly half a million refugees are moving west, across Ukraine's borders, and the numbers are expected to increase. Russia continues its attempts to take major Ukrainian cities. Cyber operations in this hybrid war have so far failed to develop into the catastrophes that seemed well within Russian capabilities. (Where, for example, have been the attacks on the Ukrainian power grid, something Russia has shown itself capable of.)
Yesterday's talks between Russian and Ukrainian representatives, held at a checkpoint in Ukraine near the Belarusian border, concluded without any result beyond an agreement to hold further meetings later this week, the New York Times reports. That had been generally expected; it's noteworthy that Russia is negotiating at all, since Moscow's going-in position had been that it would have nothing whatsoever to say to Kyiv until Ukraine laid down its weapons. A Russian spokesman did say he saw some possibility for both sides to find common ground.
The UN General Assembly takes up Russia's war against Ukraine.
The General Assembly's emergency session opened in New York yesterday afternoon. According to Reuters, sentiment is running heavily against the Russian war. The General Assembly is expected to vote on Russia's war tomorrow.
Dealing with WhisperGate and HermeticWiper.
The US Cybersecurity and Infrastructure Security Agency (CISA) and its FBI partners have continued to update the guidance they've issued on the wiper malware that's been observed in sporadic use against Ukrainian targets. The Globe and Mail reports that Canadian authorities are offering comparable advice to their country's own businesses.
The muted cyber phases of a hybrid war.
Russia had shown, in its 2016 and 2017 attacks on sections of the Ukrainian power grid, the ability to mount large-scale and destructive operations against its neighbor. But so far the cyberwar has been limited to relatively confined wiper attacks (which are cyberattacks proper) and influence operations (disinformation and trolling). The Washington Post describes the relatively quiet cyber front, noting that, of course, this could change at any time.
Influence operations have been more extensive. Hacktivists claiming to be adherents of the Anonymous collective have taken down or defaced Russian media and government websites. SC Magazine reports that TASS, RIA Novosti, Kommersant, and Izvestiya, among others, have all been affected. Ukraine has also recruited an online "IT army" of volunteer hacktivists to take action against Russian interests.
Some of the response to both cyberattacks and influence operations has involved a public-private partnership, the New York Times reports, as companies follow governments' lead in opposing Russian operations against Ukraine. Microsoft has been openly rendering assistance to the Ukrainian government as Redmond explained.
Such cooperation isn't confined to the US. Bitdefender is working closely with Romania's National Cyber Security Directorate to help Ukraine against the Russian cyber threat. And CyberScoop summarizes the ways in which security companies are offering assistance to those threatened, in Ukraine and elsewhere.
Social media companies have also moved to restrict Russian access to their platforms, the AP reports, and to label material that can be traced to the Kremlin as deriving from Russian government sources.
Leaked files reveal Conti as a privateer (or at least a crew of FSB collaborators).
The Verge, speaking with Hold Security, reports that the chat logs leaked from Conti were obtained by a legitimate Ukrainian researcher who infiltrated the gang, and not by a disaffected (if patriotic) criminal. Among the more interesting revelations in the chat logs are indications that Russia's FSB security service had Conti go after the muckraking news service Bellingcat.
Russian toleration and protection of cybercriminal gangs has played an important role in the gangs' success and survival, but Conti's experience may have moved other crews to trim in the direction of apolitical neutrality, SC Magazine reports.
Sanctions move from deterrence to economic "war of attrition."
Foreign Policy reviews the current state of sanctions against Russia. They're along the lines of those the US has levied against Iran, but less comprehensive. On the other hand, there's a great deal more international unanimity on the measures imposed against Russia. Even traditionally and proverbially neutral Switzerland has sanctioned Moscow over its invasion of Ukraine. The International Institute of Finance predicts Russian default on its international debt unless the crisis in Ukraine is resolved soon. Should Russia default, as seems likely, the IIF sees a double-digit contraction in the country's economy as a likely result.
Russian countermeasures include a rule that foreign owners of Russian equities may not sell those equities to Russian citizens. For what it's worth, Russia also says sanctions won't deflect it from its course in Ukraine.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.