Ukraine at D+230: Escalation, but unlikely to be sustainable.
N2K logoOct 12, 2022

Russian missile strikes are widely condemned internationally, but domestically Russian deadenders cry for even harsher measures. NATO warns that sabotage could trigger Article 5, and the US warns that the Russian cyber threat is far from over.

Ukraine at D+230: Escalation, but unlikely to be sustainable.

Russian missile strikes against civilian targets continued to attract widespread odium. The G7 nations (Canada, France, Germany, Italy, Japan, the United Kingdom and the United States) reiterated their support for Ukraine, condemned the Russian strikes, and said that President Putin would be held to account for them, the Washington Post reports.

Looking for ammunition.

The UK's Ministry of Defence this morning offered a reality check on the Iranian drones Russia has been importing to use in Ukraine. They're unlikely to make much of a difference. "Russia has deployed Iranian manufactured uncrewed aerial vehicles (UAVs) since at least August 2022, including the one-way attack Shahed-136 variant. Russia included Shahed variants among the extensive wave of strikes it conducted on 10 October 2022. Previously, the Ukrainian General Staff reported that Russia had launched a total of 86 Shahed-136s and claimed that 60 per cent had been destroyed in the air. These UAVs are slow and fly at low altitudes making lone aircraft easy to target using conventional air defences. There is a realistic possibility that Russia has achieved some success by attacking with several UAVs at the same time. Despite a reported range of 2,500 km, the Shahed-136 only has a small explosive payload. It is unlikely to be satisfactorily fulfilling the deep strike function which Russia probably aspired to use it for. With Russian tactical combat jets still achieving limited effect over Ukrainian territory, the lack of a reliable, sustainable, and accurate operational-level strike capability is likely one of Russia’s most significant capability gaps in Ukraine."

The Telegraph describes the Shaheed 136 as a small, relatively slow drone. It can carry a 50 kilogram high explosive warhead.

Russian deadenders call for harsher measures.

The AP summarizes increasingly strident calls by President Putin's domestic supporters for more violence and an end to what they perceive as half measures. An account in the Telegraph sees Russian public opinion as caught in a dilemma: "Put yourselves in the Russians’ shoes: you can either accept as false the premise of this war, in which Putin has tied up your national identity, and demand the radical overhaul of society in the face of terrifying force, or you can pretend the real issue is that the military and politicians haven’t been trying hard enough and, once they start doing so, Russia will win."

A representative expression of these views, in all of their extreme implausibility, may be found in a video provided by the Russian Media Monitor. Pavel Gubarev, the Russian quisling who in 2014 proclaimed himself the leader of Donetsk separatists, takes an opportunity to explain what's at stake in Russia's war. That war, he explains, is in fact an act of mercy: extermination, if necessary will be the way in which the Ukrainians will be exorcised of Satan, nationalism, and liberal consumerism:

"It's very important for us to create an image of the enemy that will be reality-based: These are Russian people, possessed by the Devil! We are coming to convince them, not to kill them. But if you don't want us to change your minds, then we will kill you. We will kill as many of you as we have to. We will kill one million, five million. We can exterminate all of you. Until you understand that you're possessed, and you have to be cured. Zelensky is the main possessed one there. He is really the devil's spawn. He is Hitler 2.0, with his rabid nationalism, with that rabid Russophobia, with images of a woman cutting a throat. They are bloody possessed Satanists, from the standpoint of Christian thought, from the secular point of view these are anti-system liberal consumers, stupid people who can't figure out what's happening."

Mr. Gubarev has been for the most part sidelined recently. A former advertising man, he seems to hope that his persuasive skillz will restore his influence. His message is, however, characteristic of Mr. Putin's deadenders.

The Independent reports that Russian Foreign Minister Lavrov sounded a more irenic note, Russia is open to negotiations, he lamented, but the "Anglo-Saxons" (that is the Five Eyes, and especially the UK and the US) are the ones behind the war, are benefiting from it, and in their bad faith haven't responded to Russia's peaceful gestures.

Costs of a nuisance.

Killnet, the nominally hacktivist group controlled by Russian intelligence services, claims to have disrupted online infrastructure of JPMorgan Chase. There was, SC Magazine reports, no evident effect on the financial services company, and Killnet seems again to have produced a fizzle. The announced attack comes a day after Killnet succeeded in briefly disrupting some public-facing websites at US airports (but failed to have an effect on airport operations).

Even such low-grade, nuisance-level activity exacts a certain cost on its targets, however. The Wall Street Journal points out that affected organizations still have to defend, investigate, and communicate their response, even when the attack has negligible effect.

Remaining on alert during a hybrid war.

As sabotage of the Nord Stream pipelines and German railroad communications networks remains under investigation, the Telegraph reports NATO has warned that sabotage could trigger the Atlantic Alliance's Article 5, the collective defense agreement under which an attack on one member is regarded as an attack on all of them. In the US, according to the Voice of America, US officials cautioned against complacency. While Killnet's recent distributed denial-of-service (DDoS) attempts have had negligible effect, organizations shouldn't rule out the possibility of major, crippling Russian cyberattacks.

W. Curtis Preston, Chief Technical Evangelist at Druva, wrote to offer advice on how organizations might prepare for and respond to nation-state attacks during periods of hybrid war:

"The warnings from governments worldwide around the increased risk of cyberattacks triggered by the current crisis in Ukraine are serious. For some organizations, the threat of nation-state attacks will rise. This could lead to significant disruption as seen with the global spread of the NotPetya ransomware attack in 2017. However, the greater threat for the majority of organizations will likely result from increasing activity by cyber criminals motivated to exploit the global state of disorder and anxiety. This further highlights the growing importance of a comprehensive data resiliency strategy. To prepare, we recommend organizations:  

  • "Back up critical data: Ensure data is backed up automatically and protected in an air-gapped, immutable architecture 
  • "Isolate backups: Make at least three copies or versions of data stored on two different media, one of which is off-site. To be even more secure, store data off-site in a separately managed account.  
  • "Apply zero-trust: Strengthen your security model by implementing additional security measures such as Role Based Access Control (RBAC), Multi-Factor Authentication (MFA) and Single Sign-on (SSO). This will help prevent bad actors from gaining access to the backup environment and deleting data. 
  • "Be on the alert: Remind employees through training and regular communication the importance of remaining cautious and vigilant during this time of unknown attachments and senders. Enterprises are only as secure as their employees.   
  • "Monitor for unusual activity: Leverage AI and ML to help identify anomalies and provide automated alerts for unusual data activity including bulk deletion and encryption. If attacked, businesses can use these insights to quickly identify affected snapshots during recovery."