Ukraine at D+524: Targeting grain and dissent.

Russia continues its missile campaign against civilian targets. Ukrainian air defenses shot down a dozen Russian drones overnight, but Russian missiles scored against Odesa, where they succeeded in firing a grain warehouse. Russian missile strikes also hit Izmail, a small Ukrainian port on the Danube River that's remained one of the few outlets for grain, in an apparent effort to interdict export of Ukrainian food. Reuters reports that global grain prices increased in the aftermath of the attack.

Poland has deployed more troops to its border with Belarus after accusing its neighbor of violating Polish airspace with military helicopters. The Guardian reports that Polish military sources claimed that Mi-8 an Mi-24 aircraft had crossed the border “at a very low height, hard to intercept by radar.” Polish residents living near the border have been sharing accounts of incursions into Polish airspace. Belarus officially dismissed the charges as "old wives' tales," fed to Warsaw by its Western masters. Tension between Belarus and Poland has grown over the past month, driven especially by the redeployment of Wagner Group units to Belarus, where they're apparently engaged in training that nation's soldiers. Russian President Putin has warned, baselessly, that Poland covets Belarusian territory, and that Russia would regard an attack on Belarus as an attack on itself. Belarusian President Lukashenka last month joked that he was restraining the Wagnerites from conquering Poland, saying the fighters were hot to “go on a trip to Warsaw and Rzeszów.” In fairness to Belarus, slovenly navigation is at least as likely an explanation of an airspace violation as is deliberate provocation. Soviet aircraft were notorious for inadvertently straying across the West German border during the Cold War.

Force generation.

The UK's Ministry of Defence this morning continues its look at Russia's attempts to increase the size of its forces in Ukraine, and, of course, given Moscow's current narrative that it's the victim of NATO aggression, the capabilities of its forces facing NATO. "Over the last two months, Russia has likely started forming up major new formations to add depth to its ground forces. These include the 25th Combined Arms Army. Since its invasion of Ukraine, Russia has mainly deployed mobilised reservists to back-fill established formations, or as part of territorial defence infantry regiments. It has rarely established new, all-arms organisations such as combined arms armies which are designed to be a self-sufficient force. An exception to this was the 3rd Army Corps created in summer 2022, which has generally performed poorly. Russia will likely deploy any new formation as a reserve force in Ukraine. However, in the longer term, Russia aspires to strengthen its forces facing NATO."

Incursion into Norwegian government networks went on for four months.

Investigators have concluded that a cyberespionage campaign against Norwegian government networks lasted four months before it was detected and action taken to stop it, Bloomberg reports. The effort, generally attributed to Russian intelligence services, exploited a now-patched vulnerability in Ivanti Endpoint Manager Mobile. Yesterday the US Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) released a joint Cybersecurity Advisory (CSA) on the incident, Threat Actors Exploiting Ivanti EPMM Vulnerabilities.

The CSA, which includes extensive advice on detection, remediation, and prevention, says, "Mobile device management (MDM) systems are attractive targets for threat actors because they provide elevated access to thousands of mobile devices, and APT actors have exploited a previous MobileIron vulnerability. Consequently, CISA and NCSC-NO are concerned about the potential for widespread exploitation in government and private sector networks."

Russian legislation seeks to reduce or eliminate online privacy.

TorrentFreak, writing with outrage, describes a bill signed into law by President Putin on Monday. Federal Law No. 406-FZ (On Amendments to the Federal Law ‘On Information, Information Technologies and Information Protection’ and the Federal Law “On Communications”) will prohibit foreign email systems, and it will require all domestic platforms to verify the identity of all users by government-approved methods. VPNs aren't banned outright, but the VPN services remaining in operation in Russia are compliant with state regulations and afford little if any anonymity or privacy. Attempting to evade identity verification requirements will be risky, as the new laws criminalize preparation to make such attempts. "Posting information online that amounts to advice on how to use VPNs, Tor, and similar tools, for circumvention purposes, will be considered a crime. On top, regular hosting providers will be subjected to state registration and new obligations along similar lines to those imposed on VPN providers."

The law is an example of what Foreign Policy calls Russia's return to its totalitarian past. Information control, censorship, and draconian suppression of dissent are becoming the norm.