Home
Story
Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.
Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.
N2K logoFeb 20, 2023

Biden visits Zelenskyy in Kyiv as the war's first anniversary approaches.

Ukraine at D+361: Diplomacy on the eve of the war's first anniversary.

This week will mark the first anniversary of Russia's invasion of Ukraine, and today, US President Biden visited Ukrainian President Zelenskyy in Kyiv. The trip had not been announced in advance. “I thought it was critical that there not be any doubt, none whatsoever, about U.S. support for Ukraine in the war,” President Biden said. The AP reports that missile strike warning sirens periodically sounded during the visit, and that President Biden took the occasion as an opportunity to announce a further half-billion dollars in aid to Ukraine. The Guardian reports speculation that the visit will make Russian President Putin's annual state-of-the-nation speech longer and even more hard-line than it otherwise would have been.

The British Ministry of Defence this morning briefly discussed the operational implications of the first anniversary of the invasion. "Russia continues to pursue several offensive axes in eastern Ukraine: Vuhledar, Kremina, and Bakhmut. Casualties reportedly remain high, particularly in Bakhmut and Vuhledar. Specifically, the 'elite' 155th and 40th Naval Infantry Brigades have sustained very high losses in Vuhledar and are likely combat ineffective. Russian forces are likely under increasing political pressure as the anniversary of the invasion draws near. It is likely that Russia will claim that Bakhmut has been captured to align with the anniversary, regardless of the reality on the ground. If Russia's spring offensive fails to achieve anything then tensions within the Russian leadership will likely increase."

The Wagner Group is still dissatisfied.

And the private military corporation blames the Russian Ministry of Defense for not adequately supplying it. The Telegraph reports that the Wagner Group has released a video showing stacks of its own dead fighters' corpses and saying that “We’re losing our fighters every day: it would be half as much if the military officials were to supply us with weapons and ammunition on time.” (The most recent video, critical as it is, strikes a more temperate tone than earlier denunciations of General Gerasimov personally. Russian speakers will find this video, for example, a bit of an eye-and-ear-opener.) The Washington Post quotes National Security Council spokesman John Kirby as putting the total number of Wagner Group casualties during the war so far at about 30,000, with some 9000 of those killed. Yevgeny Prigozhin, the entrepreneur who runs the Wagner Group, has been increasingly vocal in his criticism of the Ministry of Defense. That's risking arrest, unless, of course, Mr. Prigozhin, who's positioned himself as a kind of shadow defense minister, is confident he continues to enjoy presidential protection.

A look at the Russian home front may inform Mr. Putin's state of the nation address.

On Saturday the UK's Ministry of Defence alluded to a Duma report on the special military operation. "Andrey Turchak, the leader of the Russian parliamentary group that is focused on the so-called Special Military Operation in Ukraine, stated on 16 February 2023 that the group had presented a report to Russian President Putin. The report is likely to cover issues such as social support to those mobilised and their families. This issue is likely to become more salient if any further mobilisation (be it overt or tacit) takes place. Putin may well refer to these issues in his state of the nation address on 21 February 2023. It is becoming increasingly difficult for the Kremlin to insulate the population from the war in Ukraine. A December 2022 Russian poll reported that 52% had either a friend or relative who had served in the so-called Special Military Operation."

Balloon bandwagon.

This was the British MoD's Sunday morning situation report: "On 15 February 2023 Ukrainian armed forces spotted several balloons with radar reflectors suspended beneath them over Kyiv. Ukrainian officials reported that they shot down at least six of these. Earlier, on 12 February 2023, Ukraine’s Air Force reported sighting balloons over eastern Dnipropetrovsk. It is likely that the balloons were Russian. They likely represent a new tactic by Russia to gain information about Ukrainian air defence systems and compel the Ukrainians to expend valuable stocks of surface to air missiles and ammunition. On 14 February 2023, sighting of a ‘balloon shaped’ object led to the closure of Moldovan airspace for several hours. There is a realistic possibility that this was a Russian balloon that had drifted from Ukrainian airspace."

We must note, in passing, that there are a lot of balloons routinely out and about. Many of them are meteorological, and these are flown especially in combat: accurate predicted artillery fire requires regular meteorological data (wind velocities and barometric pressure at different altitudes, etc.), and balloons are used to collect and report this information. But now that balloons are in the news, people will inevitably be looking up and seeing them.

Deutsche DDoS.

It's now been confirmed that the cyber incident German airports at Düsseldorf, Nüremberg, Erfurt-Weimar and Dortmund sustained last week was indeed a distributed denial-of-service attack. Spiegel reports that the attack lasted about an hour, and that Russian hacktivists claimed responsibility. The Register, which dismissed the incident as "script kiddies up to shenanigans," points out that it spared the three largest German airports (Berlin, Frankfurt, and Munich).The Record reports that Anonymous Russia counted coup in its Telegram channel with a snarky "And again, non-flying weather in Germany ... What's up?" followed by links to outage reports at each affected airport.

Spiegel also reported that Lufthansa, Germany's national airline, had experienced service disruptions earlier in the week, on Wednesday, and that preliminary investigation suggested that the cause might have been broken fiber-optic cables supplying the airline's network. But the Russian hacktivist auxiliary Killnet has since claimed responsibility for that incident. In a communiqué published by the Russian outlet Gazeta, Killnet said, “We killed the corporate network of Lufthansa employees with 3 million fat data packet requests per second. It was an experiment on rats, which was successful. Now we know how to stop the work of any airport in the world.” The attack was retaliation, the KillMilk section of the group said, for Germany's decision to furnish Ukraine with Leopard tanks. “Who else wants to supply weapons to Ukraine?” the auxiliaries asked, rhetorically. (To which one can only reply, "Well, basically the entire civilized world," but that's beside the point.)

This is, again, minor, nuisance-level stuff, and doesn't represent a crippling attack. Still, it remains a nuisance.

The future of hybrid wars.

One consequence of the growing tendency of auxiliaries, hacktivists, privateers, and other irregulars to participate in wartime cyber operations appears to be an extension of combatant status to actors who would otherwise be considered non-combatants. The Record reports that last week Mauro Vignati, advisor on the digital technologies of warfare to the International Committee of the Red Cross, addressed the Munich Cyber Security Conference on the risk that this trend could undermine protections noncombatants currently are entitled to under the laws of armed conflict. “While individuals may be physically removed from the theater of hostilities, they are only one click away from the digital battlefield," Vignati said, and he cautioned governments to restrain themselves from encouraging civilians to participate in offensive cyber operations. “Encouraging civilian participation in cyber activities during armed conflict could undermine the protection of civilians who must be spared from the effects of armed conflict. That’s why ICRC strongly recommends states to reverse the trend of civilianization of the digital battlefield,” he said.

It's worth noting that participation by irregulars in combat doesn't deprive them of all protections under the laws of armed conflict. They exchange the protections afforded non-combatants for the less extensive but still significant protections combatants enjoy. The International Committee of the Red Cross has a convenient summary of the relevant distinctions here.

Tyler Farrar, CISO of Exabeam, sees a growing likelihood of cybeattacks in Russia's war. Farrar also sees such attacks as providing a template for what's likely to represent a trend in other states' operations during 2023. .

“Nation-state actors will continue cyber operations in 2023; whether these attacks increase, decrease, or stay the same ultimately depends upon the strategic objectives of each campaign. Based on the current geopolitical climate, I think we can expect these cyberattacks to increase across the major players. For example, Russia’s failure in Ukraine exposed its weaknesses to the world, but its attacks are likely to continue against Ukraine, including operational disruption, cyber espionage, and disinformation campaigns. It would be unsurprising for the attacks to expand beyond Ukraine too, as Russia's leader attempts to prove Russia is not weak. Likewise, cyber espionage is a key tactic in China’s strategy for global influence and territorial supremacy, and I think we can expect these operations to increase, particularly across private sector companies.

"In 2023, state policies will directly influence cybercriminal and hacktivist communities to obfuscate sources and methods, increasingly blurring the lines between nation-states, cybercriminals, and hacktivists. Cybersecurity teams would be wise to remain flexible with respect to threat actor attribution.”

Private sector support for Ukrainian cybersecurity.

Corporate support for Ukraine's cyber defense has been one of the striking features of the war to date. Business Insider has an interview with Yegor Aushev, founder of the Ukrainian security firm Cyber Unit Tech in which Aushev describes his successful effort to rally practitioners to Ukraine's cause in cyberspace. "We started creating projects that we could help with and delivered them to the Ministry of Defense and National Security and Defense Council," Aushev said, "along with information to help our government in an unofficial capacity." This is unsurprising and unexceptional. The work of the volunteers Aushev has attracted (which he describes as "decentralized") has for the most part been rendering assistance to organizations that have found themselves under cyberattack. They've also been involved with OSINT collection and analysis.

Bloomberg reports that Big Tech was prominent at last week's Munich Security Conference. Apple, Amazon, Microsoft, Meta and Alphabet were there, and all of them urged continued support for Ukraine. They themselves have contributed to Ukraine's cyber resilience, and seem likely to continue to do so. That support has been assisted, as the Washington Times describes, by considerable cooperation with US intelligence agencies, notably NSA.