Ukraine at D+404: Lessons from the hybrid war.
N2K logoApr 4, 2023

Waiting for the counteroffensive, and assessing the lessons of cyberwar from the conflict.

Ukraine at D+404: Lessons from the hybrid war.

Fighting continues, as it has for months, in Bakhmut, with little change to the situation on the ground. Al Jazeera reports that Wagner Group capo Prigozhin says his troops have "raised the flag" on a key building, Al Jazeera reports, but this seems little more than a gesture.

Russian drone strikes continue, but a high fraction of them have been shot down in recent engagements. According to Reuters, seventeen Iranian-supplied Shahed drones were launched yesterday, and fourteen of those were shot down by Ukrainian air defenses. Odessa was the focus of activity: thirteen of the drones were downed there.

The Washington Post reports that Russia has dug extensive defensive trenches in occupied Crimea, and that this is taken as a sign that Russian commanders fear the loss of their conquered province, or at the very least that they're preparing for the realistic possibility of a major Ukrainian offensive.

Russia blames both Ukraine and internal dissidents for the assassination of milblogger Tatarsky.

Russian authorities, the New York Times writes, now blame not only Ukrainian actors but also internal, domestic dissenters, for the bomb that killed prominent and very extreme milblogger Vladlen Tatarsky Sunday. "Russia’s Antiterrorism Committee also issued a statement claiming, without providing evidence, that the bombing had been planned by Ukrainian intelligence agencies," the Times says, "along with 'agents' connected to the movement of Aleksei A. Navalny, the imprisoned Russian opposition leader. Investigators also said that Ms. Trepova was a supporter of Mr. Navalny’s Anti-Corruption Foundation." The Anti-Corruption Foundation denies any involvement.

Daria Trepova, the woman accused of handing Mr. Tatarsky the figure containing the bomb that killed him, is a Russian national. Her husband, according to the Telegraph, says she's being framed, and that her apparent video confession is a put-up job.

More private military companies are being formed.

Despite the ongoing rivalry between the Wagner Group and Russia's Defense Ministry, private military companies remain useful to Moscow. "Russia is likely seeking to sponsor and develop alternative private military companies (PMCs) to eventually replace the Wagner Group PMC in its significant combat role in Ukraine," the UK's Ministry of Defence reports this morning. "This takes place in the context of the high-profile feud between the Russian Ministry of Defence and Wagner Group. Russia’s military leadership likely wants a replacement PMC that it has more control over. However, no other known Russian PMC currently approaches Wagner’s size or combat power. Russia likely sees continued utility for PMCs in Ukraine because they are less constrained by the limited pay levels and inefficiency which hamper the effectiveness of the regular army. Russia’s leadership probably believe heavy casualties amongst PMCs will be better tolerated by Russian society compared to regular military losses." Thus they're efficient and expendable, a source of troops no one cares much about.

Lessons from the cyber phases of Russia's war against Ukraine.

The accounts of the Vulkan Papers' contents, summarized and placed into context by the Conversation, have prompted discussion of the lessons in cyberwarfare to be learned from Russia's war. Russian operations have encompassed cyberespionage, disruptive attacks against infrastructure (these were more successful before the invasion than after the war had fully begun), nuisance-level hacktivism, and, most prominently, influence operations aimed at both domestic and international opinion.

The disruptive attempts may have fallen short of pre-war expectations, but defense experts find them alarming nonetheless. The Voice of America quotes a US Defense official who spoke Friday on condition of anonymity. “The [Russian] operation in Ukraine as it relates to red lines for conflict should be of concern to many people. you're willing to drop a bomb on a power station, or if you're willing to drop a bomb on a rail network, then you're certainly willing to execute a cyberattack against them. As a just general commonsense sort of military tactic, I don't believe you would reduce something to rubble if you had the ability to neutralize it otherwise. You don't want to use high-end kinetic tools unless you have to.”

Did "appeasement" embolden Russia's cyber operators?

Retired US Admiral James Stavridis, a former NATO SACEUR (Supreme Allied Commander, Europe), thinks so. He argues, in an op-ed published by both Bloomberg and the Washington Post, that "Insufficient response to its non-kinetic military operations helped equip the Kremlin with an effective virtual complement to the traditional invasion. The West in effect conducted a policy of digital appeasement in response to multiple cyberattacks." There has been, in Admiral Stavridis' view, a failure of deterrence and of diplomacy. He singles out three missteps that he believes gave Moscow a sense that it could act with impunity in cyberspace.

  1. Western diplomats lack the technical background and culture that would enable them to deal with international competition in cyberspace. "We need to precisely define what constitutes an attack. Why not draw a red line for gigabit-per-second denial of service attacks against banks, or for arbitrary code execution of known flaws in commercial software with a rating in the Common Vulnerability Scoring System above 8? Overstepping that line would draw immediate retaliation. The more the U.S. resorts to vague descriptions of cyber-aggression, the more its adversaries exploit the domain to their advantage."
  2. Western governments are wary of risking escalation. They fear not only the "burning," the exposure and thus expenditure, of their own cyber capabilities, but also the initiation of a more general cyber war in which they have more to lose than their enemies. This has led to an unwillingness to impose costs and thence to the erosion of deterrence.
  3. Overconfidence in the effectiveness of technical cyber defenses has led to Western complacency in the face of years of constant attacks by Russian government services and criminals who enjoy the protection of the Russian state.

"The U.S. needs to develop a sense of deterrence in cyber, and doing so will require more aggressive responses than it has been willing to employ thus far," Admiral Stavridis concludes. "Now that the Russians have acted so strongly in the physical domain, we may find them even more emboldened in the cyber domain."