Ukraine at D+473: Counterattack toward the Sea of Azov.
N2K logoJun 12, 2023

Ukraine's counteroffensive is under way. Hacktivists hit Russia telecom provider.

Ukraine at D+473: Counterattack toward the Sea of Azov.

The Telegraph reported that the Ukrainian government claims to have retaken three formerly occupied towns in Donetsk; the AP added a fourth recaptured village to the tally early this morning. Ukrainian authorities accused Russia of destroying a second, smaller dam with a view to rendering key terrain untrafficable, according to the Guardian. The dam is on the Mokri Yaly River, which runs south, draining into the Sea of Azov, and which lies along Ukraine's axis of advance in Donetsk.

Saturday morning's situation report from the UK's Ministry of Defence (MoD) offered an assessment of the first two days of Ukraine's counteroffensive. "In the last 48 hours significant Ukrainian operations have been taking place in several sectors of eastern and southern Ukraine. In some areas, Ukrainian forces have likely made good progress and penetrated the first line of Russian defences. In others, Ukrainian progress has been slower. Russian performance has been mixed: some units are likely conducting credible manoeuvre defence operations while others have pulled back in some disorder, amid increased reports of Russian casualties as they withdraw through their own minefields. The Russian Airforce has been unusually active over southern Ukraine, where the airspace is more permissive for Russia than in other parts of the country. However, it remains unclear whether tactical airstrikes have been effective."

The MoD's Sunday morning situation report concentrated on the near-term effects of the Nova Kakhovka sabotage. "The collapse of the Kakhovka Dam on 06 June 2023 has almost certainly severely disrupted the occupied Crimean Peninsula’s primary source of fresh water, the North Crimean Canal (NCC). The NCC draws water from the Kakhovka Reservoir, from an inlet higher than the bed of the reservoir. The water level in the reservoir had likely dropped below the level of the inlet by 09 June 2023 and water will soon stop flowing to Crimea. This will reduce the availability of fresh water in southern Kherson Oblast and northern Crimea. However, the Russian authorities will likely meet the immediate water requirements of the population using reservoirs, water rationing, drilling new wells, and delivering bottled water from Russia.Concurrently, communities on both the Russian and Ukrainian-controlled sides of the flooded Dnipro are facing a sanitation crisis with limited access to safe water, and an increased risk of water-borne diseases."

Tension between the Wagner Group and Russia's Ministry of Defense.

Wagner Group boss Prigozhin said yesterday that he would sign no contracts with Defense Minister Shoigu. The Telegraph quotes him as saying, “Wagner will not sign any contracts with Shoigu. Shoigu cannot properly manage military formations.” The Defense Ministry had said that "volunteer formations" (that is, the private military corporations) would be required to regularize their legal status by signing contracts with the Ministry no later than July 1st.

The requirement for contracts and Mr. Prigozhin's public assessment of Mr. Shoigu's capacity came after a week in which incidents--still cloudy--of direct conflict in the field between Wagnerites and regulars were reported. The Guardian quotes Lieutenant Colonel Roman Venevitin, former commander of the 72nd Independent Motorized Rifle Brigade, who offered a defense (apparently scripted, in the Guardian's opinion) of the Russian Army and a denunciation of the Wagner Group. “The tension with the Wagners for me and my brigade began from the first days of our transfer to the [Bakhmut] direction. This was due not only to provoking our fighters into conflicts with their audacious behaviour and constant threats to [kill] us, but also by their concrete actions.” Lieutenant Colonel Venvitin had, earlier in the week, been featured in a Wagner Group video in which he had confessed, under evident duress, to having ordered (while drunk) his troops to fire on the Wagnerites. This latest video seems to be an attempt by the Ministry of Defense to debunk the earlier confession. For his part Mr. Prigozhin dismisses the retraction and accusations as nonsense.

“The anarchism that the Wagner is breeding at the front is the result of a game of political elites who, instead of strengthening our president, are trying to weaken him,” he said.Defense Minister Shoigu's higher recent public profile was noted this morning in the MoD's regular report. "Over the last week, Russian Defence Minister Sergei Shoigu has maintained a high public profile, likely with the aim of presenting himself as in control of strategic issues while Ukraine accelerates offensive operations. Shoigu has provided at least two comments on Russia’s defensive operations, including making almost certainly seriously exaggerated claims about Ukrainian losses. This contrasts with other key periods in the war when he had disappeared from public appearances. Shoigu has also urged Russia’s defence industry to redouble its efforts, and castigated Western Military District officers for not dispatching reserve armoured vehicles to the front quickly enough. Shoigu is likely acutely aware of the need to maintain a positive image in the face of increasingly unmasked criticism from some fellow Russians."

The tensions between the Wagner Group and the Ministry of Defense are likely to remain the subject of domestic influence operations.

Cyber Anarchy Squad claims to have taken down Russian telecom provider's infrastructure.

The Cyber Anarchy Squad, which represents itself as a hacktivist organization dedicated to supporting Ukraine in defending itself against Russia, claimed to have hit, successfully, the Russian telecommunications provider Infotel JSC last Thursday evening. Infotel JSC confirmed that its systems had indeed come under attack, BleepingComputer reports: "We would like to inform you that as a result of a massive hacker attack on the network of Infotel JSC, some of the network equipment was damaged. Restoration work is currently underway. Additional deadlines for completing the work will be announced. We hope for your understanding and further cooperation."

For its part, the Cyber Anarchy Squad crowed, as quoted by the Record, "We have completely destroyed their infrastructure. There is nothing left alive. Let them try to restore it now, but their chances are as slim as finding an easy life in Russia," Infotel JSC has a number of clients in the financial sector, including Russia's Central Bank of Russia. Connectivity between the Central Bank and other financial service and e-commerce businesses depends to a significant extent on the telco's infrastructure, and the Cyber Anarchy Squad claims that its attack has rendered it difficult and in some cases impossible for banks to conduct routine transactions.

The attack coincided with the opening of Ukraine's counteroffensive, and according to Security Affairs included website defacements celebrating Ukraine's attack. There are no obvious indications, however, that the cyberattack was a closely coordinated combat support operation. It seems rather to have been malign exuberance directed Russiawards.

RomCom resumes its activity in the Russian interest.

BlackBerry researchers find that the operators of the RomCom remote access Trojan (RAT) have recently stepped up their activity against, among other targets, Ukrainian politicians working closely with Western governments and at least one US organization involved in delivering relief to Ukrainian refugees. The goal is collection of information. "The threat actor behind the RomCom RAT appears to be actively interested in what Western countries are doing to support Ukraine, what Ukraine is doing, and who the refugees are receiving help from in the United States," BlackBerry writes. "If medical records stored electronically are stolen, it would be easy for the threat actor (and those they are affiliated with) to profile the patient and use that data in future war scenarios and in geopolitics in general. Even the extraction of partial information, such as name, sex, date of birth, and related data, poses a potential risk to that person and those who provide them with any type of aid in future."

Jamming JDAMs.

The US-developed and manufactured Joint Direct Attack Munition (JDAM), which has been supplied to Ukraine, is a precision, GPS-guided weapon that can be fixed to a bomb to give it the capability of striking a selected target with great accuracy. The Royal United Services Institute reports that high-power, broadband Russian jamming may be degrading some of JDAM's accuracy. The jamming represents a trade-off: it might render incoming JDAM less accurate, but it also will affect Russian systems with indiscriminate electronic noise. And the high-power jammers are themselves electronically very conspicuous, which exposes the jammers themselves to a hard-kill by anti-radiation weapons. Russian commanders may think the trade-off worth it in protecting their high-value targets from Ukrainian JDAM strikes.