The UK's Ministry of Defence situation report this morning continues a now familiar tale of stagnation and Russian reverses: "In the last 24 hours there has been no significant change to Russian Forces dispositions in occupied Ukraine. Ongoing logistical shortages have been compounded by a continued lack of momentum and morale amongst the Russian military, and aggressive fighting by the Ukrainians. Russia has gained most ground in the south in the vicinity of Mariupol where heavy fighting continues as Russia attempts to capture the port."
Cyber operations in the hybrid war.
The largest Russian cyber operation of the hybrid war so far still seems to be interference with Viasat ground stations, now pretty clearly attributed to Russia's GRU military intelligence service. There was some spillover of this attack into neighboring countries.
Other parties, not directly involved, have stepped up cyberespionage during Russia's war against Ukraine, as they might be expected to do in any period of crisis and heightened tension. Chinese attempts against NATO networks, for example, are said to have risen by 116% since Russia invaded its neighbor.
C3 and electronic warfare.
Russian failure to execute the widely expected, intense cyberattacks is joined by another small mystery: why hasn't Russian electronic warfare, particularly jamming, been more in evidence? Breaking Defense reports that Ukrainian command, control, and communications have gone largely undisrupted. Why that's so isn't entirely clear, but the matter is less mysterious than Russia's failure to engage in widespread cyberattacks against Ukrainian infrastructure. Among the possible reasons (which aren't mutually exclusive) for a lack of jamming are:
- Concern that jamming Ukrainian comms would also interfere with Russian comms. Both armies use common or adjacent portions of the electromagnetic spectrum, and jamming must be highly directional to avoid interfering with one's own forces. Such directional jamming might not be feasible when opposing forces interpenetrate one another to the extent seen in Ukraine.
- The related difficulty of interfering with cellular communications when both sides use them.
- A desire to continue to monitor enemy communications because intercepting them is yielding valuable intelligence.
- The resistance of some Ukrainian tactical communications to jamming. Some of the sources Breaking Defense talked to think that Ukraine may have received enough jam-resistant radios from the West to give Russian electronic warfare units difficulties.
- Finally, simple combat failure. This seems unlikely, since Russian electronic warfare capabilities have for decades been highly regarded, but it's a possibility, especially given the extent of the combat failures on display elsewhere.
In a related problem, Russian units are apparently making extensive use of insecure tactical communications, and that use, the Washington Post reports, has enabled Ukrainian forces to collect against and target Russian formations.
Preparing for the spread of cyberattacks.
Western governments continue to warn that Russian cyberattacks remain a real possibility, and that organizations should prepare to defend themselves. US Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly put it this way to CNN over the weekend: “All businesses, all critical infrastructure owners and operators need to assume that disruptive cyber activity is something that the Russians are thinking about, that are preparing for, that are exploring options, as the President said. That’s why we are so focused on making sure that everybody understands the potential for this disruptive cyber activity. And it’s not about panic. It’s about preparation.”
Disinformation and influence operations.
Ukrainian President Zelenskyy gave an interview to four "prominent" Russian television journalists yesterday, over a Zoom connection. The four journalists were not official or semi-official Kremlin mouthpieces. One was a freelancer, the other three represented Meduza, Kommersant, and TV Rain. Roskomnadzor immediately forbade any outlet from broadcasting the interview, and warned, "The media outlets conducting the interviews will be subject to scrutiny to determine the extent of responsibility and the appropriate response to be taken." Under recently passed Russian law, that appropriate response may be criminal prosecution.
Newsweek has a summary of the points the Russian communications authority found so objectionable:
- "Russia Is 'Stealing' Ukrainian Children.".
- "Mariupol Is a 'Humanitarian Catastrophe'."
- "Zelensky Offers Putin Route Out of Ukraine War."
- "Russia Forged Documents on Planned attack on Donbas."
- "Ukraine Won't Discuss 'De-militarization' and 'De-Nazification'."
- "Zelensky Outlines Potential Deal."
The Atlantic Council's Digital Forensic Research Lab reports that Kremlin-directed Telegram channels, notably Kremlin Z, are posting images and documents which, they say, indicate that Ukraine is planning to invade and recapture Crimea, which Russia illegally annexed by invasion in 2014.
Poland, and perhaps NATO as a whole, has also been accused, by a member of the Duma, of revanchist intentions with respect to the geographically isolated port city of Kaliningrad, which is surrounded by Polish territory and has been under Russian control since the end of the Second World War. The accusations were made at a relatively low level, by Duma member Maria Butina, who was last in the news when she was arrested for espionage and expelled from the United States in 2018. Ms Butina told Russian news agencies that “Nato is afraid of its aggressive independent actions. Remember, there was a campaign with fake maps, on which the Kaliningrad region was depicted as if it were not Russian territory.”
US FCC sanctions Kaspersky.
The US Federal Communications Commission (FCC) has added Kaspersky to its list of communications service and equipment providers who pose a threat to US national security, Reuters reports. US concerns derive from Kaspersky's obligation, under Russian law, to provide certain kinds of cooperation with the Russian government. Kaspersky's official statement Friday deplored the FCC's action as "unconstitutional" and baseless, adding, "Kaspersky will continue to assure its partners and customers on the quality and integrity of its products, and remains ready to cooperate with US government agencies to address the FCC’s and any other regulatory agency’s concerns."
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.