Undersea infrastructure sabotage may have aimed to stay below NATO's Article 5 threshold.
Ukraine at D+595: Sabotage in the Baltic Sea.
Ukraine continues its slow advance near Bakhmut and in the western zone of the Zaporizhia Oblast, the Institute for the Study of War (ISW) reports. The ISW also notes signs of learning on the part of Russian forces engaged around Avdiivka: more attention to counterbattery fire, more use of electronic warfare, and better communications. The Institute, however, thinks these improvements are unlikely to translate into more general success. The Washington Post describes Ukraine's small-unit infiltration tactics, which accompany its larger, combined-arms operations.
Russian drone strikes continued against Ukrainian grain facilities. Ukrainian authorities say they shot down twenty-eight of thirty-three drones launched against its territory. This is in keeping with a trend that's emerged over the past year of war: both sides' air defenses claim high kill rates against drones.
Undersea infrastructure in the Baltic damaged.
NATO defense ministers are being briefed today in Brussels on this week's sabotage of the Balticconnector pipeline between Finland and Estonia and the Estlink telecommunications cable that runs beside the pipeline. Finland, which is leading the investigation, says that it "hasn't ruled out" a state actor. The damage was caused mechanically, not by an explosion, and the Balticconnector is expected to be out of service until April of next year.
Finland's government hasn't directly accused Russia of the sabotage, but has publicly and pointedly noted that Russia increasingly treats Finland as a hostile state. NATO Secretary General Stoltenberg said yesterday that should the sabotage be “proven to be an attack on Nato critical infrastructure … it will be met by a united and determined response from Nato."
Hacktivists and the laws of war.
OODA Loop takes a look at an essay by officials of the International Committee of the Red Cross (ICRC), "8 rules for 'civilian hackers' during war, and 4 obligations for states to restrain them," that proposes extension of international humanitarian law to wartime hacktivism, and it thinks the recommendations may have amounted to too little and arrived too late. The author, Emilio Iasiello, sees several reasons why a commendable attempt to civilize hacktivist conduct will fall short of expectations. First, it's a purely voluntary, ethical code. Second, the notorious difficulty of attribution of cyber activity will make it difficult to hold hacktivists to any code, voluntary or not. And, finally, it's difficult to imagine what unbiased party might serve as an arbiter of an ethical code: misconduct is, even more than beauty, in the eye of the beholder.
The criticism is well taken. There may, however, be more room for optimism than the OODA Loop piece allows. First, as the critique itself acknowledges, the ICRC officials who wrote the rules for hacktivists are not naïfs. They're aware that the laws of armed conflict are very imperfectly observed and enforced. Russia's war against Ukraine provides ample evidence of that. But their proposal shows how the principles behind the laws of war and international humanitarian law might be applied to action in cyberspace. Proportionality, discrimination, and avoidance of unnecessary suffering all have obvious relevance. The ICRC officials also point out that hacktivists could legitimately be considered, under some circumstances, to have forfeited their noncombatant status. They propose eight rules for hacktivists, but they outline four obligations states have with respect to the hacktivists acting in the states' interests or operating from within the states' jurisdiction. Thus the extension of the laws of armed conflict the ICRC suggests isn't either quixotic or unenforceable in principle. International law evolves with war itself. That's as true today as it was in Nuremberg in 1946.