Cyber threat warnings and diplomatic good cops.
Renewed hopes for diplomacy.
N2K logoFeb 15, 2022

Russia offers the prospect of more diplomacy over Ukraine as the German Chancellor visits Moscow. In the meantime the US repeats warnings of heightened cyber threat during the crisis.

Cyber threat warnings and diplomatic good cops.

Russia says that it's open to more talks concerning Ukraine, and the Minsk Accords seem likely to provide Moscow with a formula for de-escalation. But there are mixed signals on the ground: Russia says it's returning some forces to garrison now that exercises are concluded, but other observers say that forces near Ukraine may have increased, with some units moving toward assault positions.

Buzzfeed correspondent Christopher Miller tweeted this morning that there are signs of a surge in cyberattacks against Ukrainian financial services and the country's Ministry of Defense. The Ministry of Defense has itself tweeted that it's undergoing distributed denial-of-service attacks.

More diplomacy as Chancellor Scholz arrives in Moscow.

Russia is signaling (most obviously in what the New York Times calls "stage-managed, televised meetings" among Russian leaders) that it's interested in further diplomacy aimed at reducing tensions over Russia's ambitions in Ukraine. Foreign Minister Lavrov (good cop) was yesterday shown giving President Putin his assessment of prospects for negotiation, “I believe that our possibilities are far from exhausted. I would propose continuing and intensifying them.” President Putin (bad cop) responded with what the Times characterizes as an ambiguous "Good."

Foreign Minister Lavrov called some US proposals "constructive," and it appears there's some Russian interest in confidence-building measures that might be put into place to mediate Russo-NATO relations. But the US reacted, in the AP's characterization, "coolly." “The path for diplomacy remains available if Russia chooses to engage constructively,” White House principal deputy press secretary Karine Jean-Pierre said. “However, we are clear-eyed about the prospects of that, given the steps Russia is taking on the ground in plain sight.”

German Chancellor Scholz is in Moscow for talks. Reuters summarizes his going-in diplomatic position includes both an indication of willingness to address such legitimate security concerns Russia may have and a clear statement that Russian escalation will prompt sanctions. "We are ready for very far-reaching and effective sanctions in coordination with our allies," he said. The Chancellor did not say whether sanctions might extend to the Nord Stream II pipeline.

Ukraine is not willing to bargain away NATO membership in exchange for Russian guarantees, the Guardian reports, even as Ukrainian President Zelenskyy muses that the dream of joining NATO might amount to just that: a dream.

It seems increasingly likely that 2015's Minsk Accords, negotiated after Russia's 2014 conquest and annexation of Ukrainian territory in Crimea, will serve as a starting point for a face-saving formula that could cover a Russian stand-down. The Accords are susceptible to various interpretations; the Washington Post has a summary.

Troop movements on the ground.

There are contradictory indications of the current state of Russian deployments near Ukraine. On the one hand, Russia says that, some exercises having concluded, it's moving many units back to garrison. The New York Times quotes Russian statements that some forces in military districts near Ukraine are leaving assembly areas and returning to home station. On the other hand, US intelligence sources have said, the Wall Street Journal reports, that Russian force levels in the immediate theater of operations have increased, up to one-hundred-five battalion equivalents from eighty-three such units earlier in February.

Russian conventional forces may not be the ones used in an escalation. It's possible, the Atlantic Council says, that Russia would use deniable, nominally insurgent proxies to fight on the ground.

The uses of intelligence in influence operations and diplomacy.

The US has been unusually forthcoming with intelligence during the crisis. Foreign Policy sees this as a possible sign that the US is catching up with its rivals in this aspect of information operations. The strategic calculation is that transparency will serve as a deterrent: the more that's known about hybrid operations and strategic deception in particular, the less likely they are to succeed.

And more US warnings of possible Russian cyberattacks.

Security firm Intel 471 writes that rates of cybercrime against Ukrainian victims, most of which would be expected to originate in Russia, has been unusually low during the crisis. The Russian government has publicly cracked down on cyber gangs over the past two months, but this may represent a diplomatic gesture that could be easily reversed should tactics change.

In a conference call yesterday afternoon the US FBI and CISA reiterated recent warnings that organizations in the US should be alert for increased hostile cyber activity originating with the Russian government. The substance of the call, to judge from a report by Yahoo News, emphasized vigilance and security best practices. Director of the US Cybersecurity and Infrastructure Security Agency Jen Easterly (handle @CISAJen) has tweeted a short guide to interpreting the Shields Up alert, and she explicitly holds up NotPetya as a foreshadowing of how the Russian threat might manifest itself in practice:

"Every organization in the US is at risk from cyber threats that can disrupt essential services. As we know, the Russians have used cyber as a key component of their force projection, to include disabling or destroying critical infrastructure. 

"While there are no specific credible threats to the US homeland at this time, we are mindful of the potential for Russia to consider escalating its destabilizing actions in ways that may affect our critical infrastructure, to include cascading impacts as we saw w/NotPetya.

"ALL organizations must adopt a heightened posture of vigilance. The time to act is NOW. We’re urging all orgs to put #ShieldsUp to:

"- Reduce the likelihood of a cyber intrusion

"- Quickly detect a potential intrusion

"- Ensure you’re prepared to respond

"- Maximize resilience"