Ukraine at D+441: Skirmishing along the line of contact, and in cyberspace.
N2K logoMay 11, 2023

Ukraine says it will open its offensive when it's ready, and not before.

Ukraine at D+441: Skirmishing along the line of contact, and in cyberspace.

Desultory Russian shelling of civilian areas continues, as do Ukraine's preparations for its spring offensive. President Zelenskyy says that offensive will begin when Ukraine has its forces ready, and the Ukraine won't rush its attack.

Competing for prisoner-recruits.

The UK's Ministry of Defence this morning discussed the importance of prisoners as a source of recruits not only to the Wagner Group, but to the regular army as well. "Since the start of 2023, the Russian Ministry of Defence (MoD) has ramped up a scheme to recruit Russian prisoners to fight in Ukraine. It is likely that up to 10,000 convicts signed up in April 2023 alone. From summer 2022, prisoners were the key pool of recruits for the Wagner Group private military company’s operations in Ukraine. However, the group highly likely lost access to the Russian penal system in February 2023 when its public feud with the MoD was escalating. The MoD’s prisoner recruitment campaign is part of a broader, intense effort by the Russian military to bolster its numbers, while attempting to avoid implementing new mandatory mobilisation, which would be very unpopular with the Russian public." Thus the Wagner Group and the Russian regulars are competing not just for ammunition, but for prison-labor as well.

US and Canadian cyber units wrap up hunt-forward mission in Latvia.

The Voice of America reports that a US-Canadian hunt-forward mission in Latvia has completed its three-month engagement. Latvia has been a strong supporter of Ukraine, and as such has come under Russian cyberattacks. The hunt-forward team focused on threats to Latvian infrastructure. “With our trusted allies, the U.S. and Canada, we are able to deter cyber threat actors and strengthen our mutual resilience,” C4ISRNet quotes Baiba Kaškina, general manager of CERT.LV, as saying. “This can only happen through real-life defensive cyber operations and collaboration. The defensive cyber operations conducted allowed us to ensure our state infrastructure is a harder target for malicious cyber actors.”

An unknown threat actor is collecting against both Russia and Ukraine.

Malwarebytes reports on a cyberespionage group it's calling "RedStinger." The group has been quietly active for at least three years, and Malwarebytes identifies it with the operation Kaspersky has been tracking as "Bad Magic." Malwarebytes says that RedStinger has pursued targets on both sides of Russia's war against Ukraine, and that the victimology renders attribution complex and unclear. Indeed, there is no credible attribution, yet. "In this case, attributing the attack to a specific country is not an easy task. Any of the involved countries or aligned groups could be responsible, as some victims were aligned with Russia, and others were aligned with Ukraine," Malwarebytes writes. "What is clear is that the principal motive of the attack was surveillance and data gathering. The attackers used different layers of protection, had an extensive toolset for their victims, and the attack was clearly targeted at specific entities."