Ukraine at D+557: Ukraine works to exploit local breaches in Russian lines.

The ABC (Australian Broadcasting Corporation) is among those reporting significant Ukrainian tactical success. Russian lines of communication with occupied Crimea are now at significant risk. There are credible reports of occupation government officials installed by Russian forces in Tokmak, a town on the Ukrainian axis of advance, fleeing the town they've been charged with administering. While the local Ukrainian advances are significant, their forces still face, as the Wall Street Journal outlines this morning, challenges in exploiting them for a general breakthrough.

The Institute for the Study of War (ISW) characterized comments from Ukrainian military officers about the prospects of further advances in the Zaporizhzhia Oblast "notably frank and direct." They think in particular that subsequent lines of defense will be easier to penetrate than the first line they've now breached. Russian sources acknowledge Ukrainian advances, but tend to describe the initial positions the Ukrainian offensive has broken through as a "forward line," and imply that the next lines are in fact the main defenses. But that sounds much more like American than Russian tactical doctrine, with a defense organized as a covering force in front of a main battle area. And the Russian defense has been notably static since its own offensives stalled early this year.

Ukraine's assessment is that the positions they breached were in fact the primary Russian defensive line. Brigadier General Oleksandr Tarnavskyi, who commands Ukraine's Tavriisk Group of Forces, estimated that 60% of Russian time and resources went into constructing the first line. 20% each went toward preparation of the second and third lines. The first line was elaborate and heavily mined, "a system of interconnected Russian trenches and dugouts guarded by anti-tank ditches and dense minefields." The ISW concurs, noting that General Tamavskyi's views are consistent with its own "previous observation that Russian forces may have not extended similarly challenging preparations throughout subsequent series of defensive layers, particularly regarding the density of minefields."

Drones hit Danube grain facilities on the eve of a Russo-Turkish summit on restoring the Black Sea grain deal.

Overnight, in the early morning hours of September 4th, Russian drones again struck Ukrainian grain storage and shipping sites along the Danube in the vicinity of Odesa. Ukrainian authorities say they shot down seventeen drones, but a number of others found their targets. The Odesa Regional Governor,Oleg Kiper, said, "In several settlements of the Izmail district, warehouses and production buildings, agricultural machinery, and equipment of industrial enterprises were damaged." Such attacks have been adjacent to Romanian territory and have prompted Romanian protests, but have not actually hit Romanian targets. The strikes came, according to Radio Free Europe | Radio Liberty, as President Putin prepared to meet Turkey's President Erdogan in Sochi today to discuss the possible restoration of the Black Sea grain shipment agreement. Turkey is strongly interested in resuming such shipments; Russia withdrew from the UN-brokered agreement on July 17th of this year.

A change in leadership at Ukraine's Ministry of Defense.

On Sunday Ukraine's President Zelenskiy announced, The Hill reports, that he would replace Minister of Defense Oleksiy Reznikov with Rustem Umerov. The Ministry, President Zelenskiy said, needs new leadership. “Oleksiy Reznikov has gone through more than 550 days of full-scale war. I believe that the Ministry needs new approaches and other formats of interaction with both the military and society at large. Now Rustem Umerov should lead the Ministry.” Umerov has chaired the State Property Fund since September of last year. His remit in that post has been to oversee privatization. The change is thought to be motivated in part by Kyiv's ongoing anti-corruption drive: while Reznikov has not been credibly accused of personal corruption, various improprieties have dogged the Ministry during his tenure there. Ukraine's parliament will vote on the appointment this week. Radio Free Europe | Radio Liberty says Reznikov has submitted his resignation.

LockBit compromises UK security contractor.

The privateering LockBit ransomware gang has released documents taken in a cyberattack against Zaun, a contractor to the UK's Ministry of Defence that specializes in perimeter physical security. According to Computing, the attack took place over the 4th and 5th of August "via a rogue Windows 7 PC running software for a manufacturing machine." Zaun says it was able to limit the effects of the attack, preventing, for example, the encryption of its servers, but some data were lost. The Daily Mirror reports that Zaun serves, among other sites, HMNB Clyde Trident submarine base, the Porton Down chemical weapons research laboratory, one GCHQ facility, various prisons, and a military cybersecurity installation. LockBit has now dumped stolen data on a dark web site. On September 1st Zaun disclosed, "LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised. We are in contact with relevant agencies and will keep these updated as more information becomes available. This is an ongoing investigation and as such subject to further updates."

The GRU's Infamous Chisel cyberespionage campaign.

The UK's Ministry of Defence this morning reviewed the recently exposed Infamous Chisel campaign against Ukrainian military targets. "On 31 August 2023, the National Cyber Security Centre (NCSC), alongside international partners, published a report on a malware campaign targeting Android mobile devices used by the Ukrainian military. The malware, referred to as ‘Infamous Chisel’, has been used by the Russian cyber threat group known as Sandworm. NCSC has previously attributed Sandworm to the Russian General Staff Main Intelligence Directorate’s (GRU) Main Centre for Special Technologies (GTsST). Infamous Chisel enables persistent access to, and the collation and exfiltration of data from, compromised Android devices. This includes targeting applications used by the Ukrainian military. Infamous Chisel has highly likely been used with the aim of stealing sensitive military information. This activity demonstrates Russia’s continued use of cyber capabilities to support the invasion of Ukraine."

The EU finds Big Tech soft on Russian disinformation.

The European Commission released a study last week, "Digital Services Act: Application of the Risk Management Framework to Russian disinformation campaigns," in which it found that major tech companies' efforts to control disinformation were falling short of their aspirations, and that Russian disinformation concerning Russia's war against Ukraine had in fact increased on many widely used platforms. The BBC reports that X, the platform formerly known as Twitter, seems to have been notably irregular in its attempts to control disinformation. The Kyiv Post notes that, "The authors warned the 'reach and influence of Kremlin-backed accounts has grown further in the first half of 2023, driven in particular by the dismantling of Twitter's safety standards'," but also points out that X isn't alone in this regard, and that the platform has said it's working to do better.

Early in its report the Commission offered a characterization of Russia's hybrid war that's unambiguous and justifiably hostile. "On 24 February 2022, Russia attacked all of Ukraine, eight years after Russian troops entered Crimea and Ukraine’s Donbas regions. Russia’s military strategy has since not only resulted in harrowing violence in Ukraine—it also extended to online spaces, enabling acts of information warfare far beyond Ukraine’s borders. Kremlin operatives have deliberately manipulated the features of social media platforms to spread disinformation and influence public opinion."

The disinformation extended to domestic and international audiences. "Both inside and outside Russia, the Kremlin’s disinformation strategy followed two tactical objectives: suppressing the truth about the war and amplifying lies about an alleged 'special operation' to free Ukraine from 'Nazism'. Inside Russia, the Kremlin moved swiftly to block social media platforms such as Facebook or Twitter and to tighten media censorship in order to cut Russians off from images of the horror their country was inflicting on Ukrainians. At the same time, the Kremlin leveraged its ecosystem of state-controlled media to flood the remaining platforms in Russia with lies and self-serving conspiracies."

Externally directed disinformation was more complex and more carefully constructed. "Outside Russia, the Kremlin’s disinformation strategy followed the same objectives, but it was more subtle. Of course, the Kremlin could not censor the free media of other countries, or block Facebook across the continent to isolate Europeans from the truth. Instead, the Kremlin and its proxies captured growing audiences with highly produced propaganda content, and steered users to unregulated online spaces, where democratic norms have eroded and hate and lies could be spread with impunity."

The report sees this approach as an old one, dating back at least to the early years of the Cold War. "This is an old playbook: The Kremlin has attempted to manipulate foreign communication systems and public opinion long before the rise of Facebook and Google. The so-called information warfare doctrine goes back to early Soviet times – it builds on 'reflexive control.' The idea is to shape how adversaries think about an issue, while concealing the activities of manipulation so that the targets remain unaware. Since the 1950s, the Soviet security agency (KGB) hosted a department dedicated to spreading disinformation in other countries, including antisemitic, racist narratives designed to deepen socio-political divides."

Despite some successes, the report finds "that the mitigation measures applied by the platforms were largely ineffective," and that the platforms were unprepared to cope with information warfare.