Ukraine at D+483: Misdirection and wishful thinking.
N2K logoJun 22, 2023

Russia's mass child abductions were really child protection actions, says Russia, as the Duma engages in misdirection to distract attention from Russian atrocities. Hacktivist groups show more signs of ties to Russian security and intelligence services.

Ukraine at D+483: Misdirection and wishful thinking.

Russia's President Putin claims that a relative pause in Ukrainian operations is due to heavy Ukrainian losses, but cautions that his enemy's combat potential is far from exhausted. Ukraine's President Zelenskyy says, to the contrary, that the counteroffensive is proceeding with due caution, slower than Mr. Zelenskyy might wish, but prudently, with appropriate care for soldiers' lives. Ukrainian Prime Minister Denys Shmygal was similarly optimistic, saying, "We will do very smart, offensive operations. And because of this, it (the counter offensive) will take time. But we have the intention to move and go ahead. We are going to go ahead... and I’m absolutely optimistic for the liberation of all our lands occupied by Russians."

Deflecting war crimes indictments with a tu quoque.

The Kremlin is working to develop a narrative of child protection, the UK's Ministry of Defence reported this morning. "On 20 June 2023, Russia’s Duma voted to create a parliamentary committee to investigate alleged crimes committed by the Ukrainian government against juveniles in the Donbas since 2014. The Duma is almost certainly responding to the international condemnation of Russia’s deportation of children from occupied Ukraine since its full-scale invasion. The move is highly likely both a form of ‘lawfare’ and contributes to Russian information operations, weaponising legislation by attempting to muddy the narrative around its own egregious actions. Messaging around children’s rights is likely an important communications theme for the Kremlin because alleged child deportations formed the basis of the International Criminal Court’s arrest warrant against President Putin issued in March 2023."

Russian hacktivist auxiliaries say they’ve taken down 

Russian website reported that the so-called DARKNET Parliament, composed of KillNet, Anonymous Sudan, and REvil, claims to have taken down the International Finance Corporation’s website, ( is clearly editorially on the side of the Russian hacktivist auxiliaries. They refer to the groups as “our valiant ANONYMOUS SUDAN and [KillNet],” which lends more circumstantial credibility to the conclusion that Anonymous Sudan is a Russian front group.) The attack started yesterday morning and the hacktivist auxiliaries called the distributed denial of service (DDoS) attack “just the beginning.” The Telegram pages for the associated groups are notably light on the usual updates regarding their cyber activities, with KillNet posting what for the group is an unusually modest, “Unfortunately, IFC is no longer working, we ask all partners and personnel of the Bank's organization to go to.” Says KillNet–the claims await confirmation.

This most recent claimed DDoS attack is a part of a larger campaign announced last week targeting Western banking organizations. Earlier this week the hacktivist auxiliaries did conduct a DoS attack against the European Investment Bank (EIB). EIB confirmed an incident in a tweet on June 19th when it wrote, “We are currently facing a cyber attack which affects the availability of and We are responding to the incident.” Sally Vincent, Senior Threat Research Engineer at LogRhythm, wrote to discuss the implications of the incident. “While the responsible party and the extent of the compromised data remain uncertain, over 3,000 employees and assets surpassing €500 billion are at risk," she said. "It is noteworthy that this incident occurred after Russian hackers issued a warning last year, indicating their intentions to target Western financial establishments providing assistance to Ukraine. The cyberattack has resulted in a complete outage of both the EIB's website and the European Investment Fund's website." Vincent suggests some lessons financial institutions might draw from the incident. "Given the growing threat presented by cybercriminals, financial institutions must reevaluate their protocols for responding to incidents and strengthen their security position. To protect banks effectively, it is recommended that they invest resources in cybersecurity solutions capable of detecting malicious behavior and responding promptly by implementing measures to prevent unauthorized entry attempts. Additionally, it is vital for these institutions to give high importance to authentication and access controls, as well as detection and response capabilities, while also ensuring real-time monitoring.”