This morning's update from the UK Ministry of Defence tells a grim but now familiar story of Russian combat failure and compensatory indiscriminate shelling, and not the humanitarian gesture of "scaled back" operations the Kremlin promised at the beginning of the week. An Atlantic Council essay argues that Russia's ongoing redefinition of its objectives (now said to be confined to the Donbas) amounts to an admission of defeat in the campaign to decapitate Ukraine by taking Kyiv.
Taking down bot farms.
BleepingComputer reports that Ukrainian authorities have taken down five bot farms in Kharkiv, Cherkasy, Ternopil, and Zakarpattia that were operating tens of thousands of inauthentic social media accounts. The messaging was coordinated and consistent, with disinformation about the progress of the war aimed at discouraging further Ukrainian resistance. The items seized in the raids included:
- "100 sets of GSM gateways,"
- "10,000 SIM cards for various mobile operators to disguise the fraudulent activity," and
- "Laptops and computers used for controlling and coordinating the bots".
Russia says the US is the aggressor in cyberspace.
Reuters reports, citing stories in Russian official media, that Kremlin officials are pointing with concern at cyberattacks they say the US is conducting against Russia. The cyberattacks are said to amount to "hundreds of thousands" every day. "The sources of attacks will be identified and the attackers will inevitably be held accountable for their actions in accordance with the law," Kremlin representatives said. Moscow appears to view Ukraine's semi-official, part-hacktivist, part-volunteer, and part-contractor IT Army as an American cat's paw.
Sanctions are also biting Russian cyber gangs.
Digital Shadows has been keeping an eye on cybergangs' chatter in the dark web, and the word on that particular street is that the hoods are taking a financial bath as the ruble collapses under sanctions. With transfers of money blocked, and with extensive restrictions on banking in place, criminals are finding it difficult to cash out cryptocurrencies, and are having trouble getting hard currency. Digital Shadows describes the underworld's difficulty deciding what to do:
"One user advised simply leaving the money where it was for six months, if the questioner did not need to use it urgently for other purposes. A different user mocked this suggestion, writing: “I hope you were joking about [holding the funds in rubles for] half a year? After half a year, your rubles will only be good for lighting a fire, they will not be good for anything else”. The user also questioned whether the Russian state could be trusted to allow the purchase of dollars after six months, and worried that many Russian banks would go bankrupt. Other forum members considered the advisability of buying gold, although some noted that this method would incur losses due to the high trade fees and storage costs and would involve “an expensive examination” during the transaction process."
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.