Russia effectively declares war on Ukraine.
N2K logoFeb 24, 2022

As Russia effectively declares war on Ukraine, the civilized world considers its options. Cyber operations continue, and Ukraine says it will fight.

Russia effectively declares war on Ukraine.

Russia mounted a pre-dawn invasion of Ukraine from both its own and Belarusian territory this morning. President Putin says he intends to "demilitarize" and "denazify" Ukraine. Ukrainian President Zelenskyy says Ukraine will fight.

Russia declares war, and begins a general offensive against Ukraine.

Russian President Putin said he had authorized a "special military operation." Its objectives, he said, are the "demilitarization" and "denazification" of Ukraine, but not its occupation. "Denazification" will be baffling for any who haven't followed the crisis closely: one of the principal talking points in the long-running Russian disinformation campaign is that the Ukrainian government is composed of actual, unreconstructed neo-Nazis. This particular claim is intended for domestic consumption, and isn't taken seriously abroad. Mr. Putin said that the breakaway provinces of Donetsk and Luhansk had asked for Russian aid, and that Russia's intervention was designed to prevent what he's variously described as a "humanitarian catastrophe" and "genocide."

Mr. Putin has also warned the world to keep their hands off Ukraine, "Now a few important, very important words for those who may be tempted to intervene in ongoing events from the outside," he said. "Whoever tries to interfere with us, and even more so to create threats to our country, to our people, should know that Russia's response will be immediate and will lead you to such consequences as you have never experienced in your history. We are ready for any development of events. All necessary decisions in this regard have been made. I hope that I will be heard." Some have seen this as veiled threat of nuclear war, and while that seems unlikely, the strategic force exercises Russia held over the weekend do seem to have been intended to suggest that possibility to NATO.

President Putin had a message for Ukrainian troops as well: lay down your arms, and If you do so, you'll be allowed to return home.

Ukrainian President Zelenskyy late Wednesday broadcast an appeal for peace to the Russian people. Speaking in Russian, he said, “The people of Ukraine and the government of Ukraine want peace. But if we come under attack, if we face an attempt to take away our country, our freedom, our lives and the lives of our children, we will defend ourselves. When you attack us, you will see our faces, not our backs.” He had earlier sought to contact President Putin, but Mr. Putin didn't take his call.

Mr. Putin's speech was broadcast at 5:45 AM Moscow time, according to POLITICO, which is 4:45 AM in Kyiv, and a general attack began minutes thereafter, at 5:01 AM, according to statements by the Ukrainian Interior Ministry. That's roughly two hours and forty-five minutes before sunrise, and about two-and-and-a-quarter hours before the beginning of morning civil twilight, the time at which military aircraft without special equipment are able to begin routine operations. Artillery fire has been observed in Kharkiv, but operations have not been confined to the Donbas. Explosions have been reported in both the capital, Kyiv (at the city's Boryspil airport) and in the Black Sea port, Odessa. NBC News reported that the explosions around Kyiv were missile strikes. Fighting spread rapidly Thursday morning as Ukraine said it would resist the Russian attack. Assault forces attacked from both Russia and Belarus; Kyiv is about two hours away from the Belarusian border.

The US had warned yesterday, continuing its recent policy of unusual transparency with respect to intelligence products, that a full-scale Russian invasion of Ukraine was expected within forty-eight hours.

5:00 AM Thursday in Kyiv was 10:00 PM Wednesday in New York, and at that time the UN Security Council was in session discussing the crisis. The New York Times reports that "Sergiy Kyslytsya, in an emotional speech at the United Nations Security Council held up his phone and asked the Russian ambassador if he wanted to see the video of President Putin announcing a military attack on his country. 'You declare war and it is the responsibility of this body to stop the war,' Kyslytsya said. 'I call on every one of you to do everything possible to stop the war or should I play the video of your president declaring the war?' [The] Russian ambassador replied: 'This is not called a war; it is called a special military operation in Donbas.'" Russia was chairing the session (as if it was scheduled to do), and the Ukrainian ambassador rose to demand that the Russian ambassador relinquish the rotating presidency. Directly addressing the Russian ambassador, he said, ”There is no purgatory for war criminals. They go straight to hell, ambassador.”After a pause, the Russian ambassador answered, “We aren’t being aggressive against the Ukrainian people, but against the juncture in power in Kyiv.” And then he gaveled the meeting to a close.

Late last night, at about 10:30 PM, US President Biden condemned the Russian attack: "President Putin has chosen a premeditated war that will bring a catastrophic loss of life and human suffering. Russia alone is responsible for the death and destruction this attack will bring, and the United States and its Allies and partners will respond in a united and decisive way. The world will hold Russia accountable." A few hours later he posted an account of a call with President Zelenskyy:

"President Zelenskyy reached out to me tonight and we just finished speaking. I condemned this unprovoked and unjustified attack by Russian military forces. I briefed him on the steps we are taking to rally international condemnation, including tonight at the United Nations Security Council. He asked me to call on the leaders of the world to speak out clearly against President Putin’s flagrant aggression, and to stand with the people of Ukraine. Tomorrow, I will be meeting with the Leaders of the G7, and the United States and our Allies and partners will be imposing severe sanctions on Russia. We will continue to provide support and assistance to Ukraine and the Ukrainian people."

President Biden is expected to announce more sanctions against Russia and possibly additional support to Ukraine, perhaps as early as noon today. He is spending the morning in consultation with allies (specifically with G7 leaders, which suggests a fundamentally economic set of sanctions) and his national security staff.

Cyber aspects of Russian aggression.

Ukraine's Minister of Digital Transformation, Mykhailo Fedorov, said yesterday that yesterday afternoon large distributed denial-of-service (DDoS) attacks began against Ukrainian banks and government websites. ESET says its researchers found a wiper deployed against Ukrainian targets about two hours after the DDoS attacks began. ESET is calling, for convenience, the destructive malware "HermeticWiper," as it was signed with a certificate from the Cypriot company Hermetica Digital. Reuters says it's been unable to find out very much about Hermetica Digital, beyond its apparent founding a year or so ago. SentinelOne has also confirmed that HermeticWiper is in active use. Reuters also reports that Symantec has said the attack has also had some effects in Latvia and Lithuania.

Now that the Russian war against Ukraine is fully kinetic, cyber operations will probably assume a significant combat support role. But concerns about spillover to Western countries in addition to the two Baltic states already affected remain. We heard from some industry experts shortly after yesterday's cyberattacks on Ukraine were reported. Eric Milam, VP Research and Intelligence at BlackBerry, wrote about the importance of preparation against the eventuality of Russian cyberattacks:

“Ukrainian banks and government websites are the latest victims of a cyber incident, it has been announced. Although the fine details of the event have not been revealed, foreign governments are often the target of international cyber-espionage campaigns. My own team’s investigation and prevention of these state-sponsored threats, has revealed that it is crucial for both private organizations and the public sector to learn how to protect against cyber attacks as a matter of highest priority. With a prevention-first and AI-driven approach, breaches can be stopped in their tracks.

"As government agencies collect and share more digital information, they must develop a comprehensive, integrated approach to security to protect highly confidential data and communication. This can be done through AI-based threat prevention, enabling a Zero Trust security environment which continuously validates that trust at every event or transaction to authenticate users.

"If you are victim to an attack, you also need the capability to contain it as fast as possible through a unified critical communications network, which can communicate between organizations, people, devices, and external entities regarding who is in the network and next steps. In this case, these solutions can also be used to communicate public safety warnings or updates to quell any panic.”

Critical infrastructure security firm Nozomi Networks says that Chris Grove, its Security Strategist, is "actively working with U.S. critical infrastructure on what to do as Ukraine is seeing DDoS attacks against banks and government." Grove wrote to express a sense of the difference between ordinary criminal activity and hacktivism on the one hand and attacks by a nation-state on the other:

"DDOS attacks happen all of the time, it's part of the crime-ware ecosystem and cyber-extortion chain of tactics they may use. Most cybersecurity is designed with the level and type of the threat in scope, which includes ransomware and criminal operators, hacktivists, etc.

"But nation-state level attacks are a different matter altogether. The question, 'how would critical infrastructure withstand a cyber-attack (DDOS)' has a clear answer: It depends. Nation states are a different equation to solve. They won't need to hide if cyberspace becomes a hot-warzone. The FBI is less effective against a military opponent.

"Against a small, underfunded nation-state, our CI [critical infrastructure] would hold up, but they could do damage. Against a medium, well-funded nation-state, our CI could be impacted. Against a large, well funded nation state, like the U.S., Russia, China, etc., who has the goal of destruction rather than espionage, very few entities are capable of withstanding such an attack. 

"If the intent is to use cyber as a means to impose pain, there will be multiple issues to deal with, including supply chain impacts, disabled critical technology partners (such as no DNS, no Cloud, low-speed connectivity, etc). Defenders of CI should be thinking about testing alternative communication plans (ensuring critical staff have multiple ways to contact each other), and other tenants of the safety processes are polished and on-hand.

"Should we worry about DDOS attacks on our critical infrastructure? No.

"Should we worry about a nation-state attack on our critical infrastructure? Yes."