The British Ministry of Defense situation map shows the slow withdrawal of Russian forces from the northern portions of Ukraine as the invaders refocus on the Donbas and the Black Sea coast. Russia's slow but violent reduction of Mariupol continues. "Heavy fighting and Russian airstrikes have continued in the encircled city of Mariupol. The humanitarian situation in the city is worsening. Most of the 160,000 remaining residents have no light, communication, medicine, heat or water. Russian forces have prevented humanitarian access, likely to pressure defenders to surrender."
Russian cyber operations: an assessment.
Russian cyber operations in Moscow's war against Ukraine haven't developed in the expected directions. Those directions included:
- Crippling attacks against Ukrainian infrastructure (especially its power grid, which Russian operators attacked in December 2015),
- Attacks against countries sympathetic to Ukraine, and
- Widespread, damaging attacks that spread globally and indiscriminately, as WannaCry and NotPetya did in May and June of 2017.
But of course Russian cyber operations have taken place at lower levels, especially in the form of nuisance-level distributed denial-of-service attacks and attempts to push disinformation through accessible channels. An essay in Foreign Affairs argues that in fact Russian cyber operations were both extensive and successful, and that it would be naive to underestimate them simply because they didn't unfold as expected. "Extensive" seems correct, but "successful" is less clear. It may be that the cyber operations' success was lost in the general noise of Russian tactical ineptitude. The authors maintain that Russian cyber operators performed as planned, and that the failure was a general strategic one.
In addition to the DDoS attacks, the Foreign Affairs piece mentions the wiper attack against Viasat customers. There has also been Russian interference with GPS. Simple Flying reports that France’s civil aviation authority (DGAC) has attributed interference with GPS signals near Finland to Russian jamming. That jamming has been ongoing since early last month, and is probably intended as a hedge against attacks against Russian forces by precision-guided weapons. And of course there have also been cyberattacks against Ukrainian telecommunications infrastructure, notably the March 28th attack on Ukrtelecom. The Wall Street Journal reports that both Microsoft and Cisco have been helping Ukrainian telcos with remediation.
But this doesn't change the fact that Western expectations of the damage Russian cyberattacks would produce were inflated. And it also seems inarguable that Ukrainian networks have proven more resilient than expected, and that Ukraine has probably received more foreign assistance than Moscow anticipated.
US has been providing cyber assistance to Ukraine.
General Paul M. Nakasone, commander, US Cyber Command, yesterday delivered his organization's Posture Statement to the 117th Congress. Prominent among the threats and responses he outlined were those presented by Russia's invasion of Ukraine. Russia, in Cyber Command's estimation, is using a broad range of its capabilities against Ukraine. "Russia’s invasion of Ukraine demonstrated Moscow’s determination to violate Ukraine’s sovereignty and territorial integrity, forcibly impose its will on its neighbors and challenge the North Atlantic Treaty Organization (NATO). Russia’s military and intelligence forces are employing a range of cyber capabilities, to include espionage, influence and attack units, to support its invasion and to defend Russian actions with a worldwide propaganda campaign." He also alluded to US Cyber Command's direct support of Ukraine in cyberspace.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.