Ukraine at D+29: Ukrainian counteroffensive appears in progress.
N2K logoMar 25, 2022

As Ukrainian forces undertake a counteroffensive, Russian tactical, logistical, and leadership failures remain on display. Western governments continue to warn against the possibility of Russian cyberattacks, and fears of chemical escalation mount.

Ukraine at D+29: Ukrainian counteroffensive appears in progress.

Russian forces remain stalled (see the current situation map from the UK's Ministry of Defence) and continue to resort to the area-destruction tactics they used against Syrian cities when Russia propped up the Assad regime (CNN has a reminder of what happened in Syria). Ukrainian forces have begun to see some success in their counter offensive, retaking ground near Kyiv and in other parts of the country. Reuters reports that the British government sees "a shift in momentum" in favor of Ukraine. In the south, Ukrainian forces have, CBC reports, destroyed a large Russian amphibious warfare ship (the Saratov, not, as early reports had it, the Orsk) in the Sea of Azov. The ship is said to have been carrying armored vehicles intended for Mariupol, where savage fighting continues, and it's also said to have been the first Russian vessel to enter the captured small port of Berdyansk.

Fears of escalation.

Repeated Russian comments that NATO and Ukraine were planning to use chemical and biological weapons on Ukraine's own people, and then blame it on Russia in an outrageous provocation have led NATO and the US to think that Russia itself is planning chemical attacks. US President Biden warned Russia against doing so, and said, the Telegraph reports, that the US would "respond in kind" if Russia used chemicals on the battlefield. The President is speaking loosely: the US couldn't respond "in kind" because the US hasn't had an offensive chemical capability for decades. (The US Department of Defense has a useful brief history of American chemical capabilities and how the US came to shed them.) Most observers read President Biden's comments, and those of other NATO leaders, as putting Russia on notice that the consequences of chemical warfare will be an unspecified but severe retaliation.

Reports that Russian artillery has resumed shelling the mostly decommissioned but still dangerous nuclear power facility at Chernobyl have revived concerns about radiological warfare, that is, the use of radiological contamination as a weapon, which is to be distinguished from the nuclear warfare various pundits on Russian state television have been musing about. MIT Technology Review has an interview with a nuclear power expert on the risks an attack on Chernobyl present.

"The dark art of the possible."

Two indictments against Russian government personnel the US unsealed yesterday are widely taken as showing the sort of active threat Russian operators pose to critical infrastructure. US Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly clapped at the Justice Department over Twitter: "Good to see @TheJusticeDept indictments on Russian state-sponsored cyber actors. Along with our #FBI & @DOE_CESER teammates, we’re releasing a Cybersecurity Advisory w/info & actions to defend against related threats to the energy sector:" An unnamed Justice Department official told the Guardian, "These charges show the dark art of the possible when it comes to critical infrastructure,”

The Washington Post reported this morning that, while the US Government has yet to make a public announcement of the determination, US intelligence analysts have now attributed the attack against Viasat services to Russia's GRU, the country's military intelligence service.

Ukraine has for some time claimed that Russia was behind the cyberattack, which Ukraine's military intelligence services viewed as Russian battlespace preparation. The Post writes, "Asked this week whether Ukraine knew who was behind the attack, Victor Zhora, deputy head of the State Service of Special Communications and Information Protection, Ukraine’s main cybersecurity agency, said: “We don’t need to attribute it since we have obvious evidence that it was organized by Russian hackers to disrupt the connection between customers that use this satellite system.” He added: “Of course, they were targeting the potential of [the] Ukrainian military forces first as this happened just before the invasion.”

California-based Viasat, which hasn't offered any attribution of the incident, told Air Force Magazine how it was accomplished: “The ground management network … that manages the KA-SAT network, and manages other Eutelsat networks—that network was penetrated. And from there, the hackers were able to launch an attack against the terminals using the normal function of the management plane of the network.” The company said the damage was limited. Only users who inherited their service from Eutelsat were affected. “Even on that [KA-SAT] network, none of our mobility and none of our government customers were affected—the controls we have around those users kept them safe."

Warnings against Russian cyberattacks (which remain relatively restrained).

That Russia has the ability and, up to a point, the will, to conduct cyberattacks against its adversaries in the hybrid war against Ukraine, is not in doubt. But at this stage of the conflict, Ukraine itself remains largely online, and the wiper and distributed denial-of-service attacks it has sustained since the run-up to Russia's invasion haven't seriously impeded access to the Internet. The Record's coverage suggests that this is largely due to the resilience of Ukrainian infrastructure and the hard work of the country's telecommunications sector, but Russia does seem to have pulled its punches. An essay in We Live Security, while cautioning that a major cyberattack certainly can't be ruled out, considers the possibility that Russia's apparent restraint may have been induced by effective deterrence. That would be both deterrence by denial and deterrence by promised retaliation.

Yesterday CISA and the FBI released Alert AA22-083A, "Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector." that provided background on the Russian cyberattacks addressed in the two indictments the US Department of Justice unsealed Thursday. The advice the Alert offers on hardening an organization against similar attacks is comparable to the advice the agencies have been circulating since CISA told everyone to go to Shields Up: familiar but nonetheless sound sets of best practices for both enterprise and industrial control systems.

Varun Talwar, CEO and co-founder of Tetrate, wrote to stress the importance of zero trust. “Enterprises need to secure their data and applications from the inside out, not just the outside in," Talwar said. The US government has set and enforced updated security standards and enterprises can use the same approach – implementing zero-trust approaches (ZTA) can immediately protect against cyberattacks of all kinds, whether they come from cybercriminals, freelance hackers, foreign governments or from within the enterprise itself.”

Implausible insistence.

A brief review of some Russian official and semi-official statements about Moscow's war against Ukraine.

Russia's Foreign Ministry, whose Twitter feed has been marked by defiance, self-pity, and implausible insistence, yesterday shared its take on Russian progress in Ukraine: "Exactly one month since the start of the special military operation in #Ukraine; it is going according to plan, and all the stated goals will be achieved. Life is returning to normal in the territories already liberated from nationalists." No one else sees it quite this way.

Former Russian President Medvedev said, Reuters reports, that it was foolish to believe that sanctions would have any influence on Russian policy. The West, in fact, would find them counterproductive, as sanctions would only further unify an already united Russian people. Sanctions against the wealthy businessmen the West calls the "oligarchs" would also be futile, since there's "no way" such wealthy people could influence state policy. And, with respect to Ukraine, Mr. Medvedev said the policy remained "demilitarization and denazification."

Personae non gratae.

In a response to US expulsion, on security grounds, of twelve Russian diplomats working in Moscow's UN delegation, the Russian government has handed the US embassy in Moscow a list of US diplomats whom the Kremlin was declaring persona non grata. Speaking for the Foreign Ministry, the Interfax news agency said, "The American side was told very firmly that any hostile U.S. actions against Russia would provoke a decisive and comparable response." A US State Department representative told Reuters "We can confirm that the U.S. Embassy received a list of diplomats declared 'persona non grata' from the Russian Ministry of Foreign Affairs on March 23. This is Russia's latest unhelpful and unproductive step in our bilateral relationship ... Now more than ever, it is critical that our countries have the necessary diplomatic personnel in place to facilitate communication between our governments." That is, when one party to a conflict has raised the possibility of nuclear and chemical escalation, it's important to have the sorts of channels in place that could help both sides avert a catastrophic mistake.

Russia's conduct of its war against Ukraine.

The general commanding the ongoing reduction of Mariupol is said to have practiced his craft against the Syrian city of Aleppo. Colonel General Mikhail Mizintsev (whom the Telegraph calls "the Butcher of Mariupol") is responsible for the deliberately brutal amateurism with which Russian forces have been operating against the city. He has told the citizens of the city to leave, because, if they remain, they'll be tried by military tribunals along with the other bandits he finds there.

We find it difficult to contain the contempt Russian generalship and military professionalism invite. Some insight into General Mizintsev's leadership style may be gleaned from a phone call of his that Ukrainian military intelligence intercepted and released. Make due allowances for the text having been provided by a hostile intelligence service, and treat it with a degree of appropriate skepticism, but it rings true. The general is apparently exercised by a picture of a junior officer whose turnout is not to the general's liking. “Look at that scum standing there, frowning with his bovine eyes, showing me his unhappy face, his stinking mug. Why is he still serving? And why should I have to waste my time with your scum? If you’re the head of a unit, then step up to the plate. Why has his face not been messed up? Why has his ear not been cut off? Why is he not limping by now?” (We haven't been able to find the original Russian text, but we strongly suspect that "bovine," while no doubt accurate in some sense, lacks the original's perlocutionary force.) Note the prominence mayhem evidently holds in the speaker's imagination.

This sort of approach to battlefield leadership would go a long way toward explaining the widely reported morale problems among the Russian troops. Hey, Mikhail Yevgenyevich, a pro tip on behalf of some actual officers: spend less time yelling at the troops that they should smile and more time getting them rations and clean socks. They might still not be as happy with you as you'd like, but at least they'd be suffering fewer cold weather injuries.

One more question: why are you using an easily intercepted phone, Mikhail Yevgenyevich, to communicate your wishes to your subordinates? Your encrypted tactical comms aren't working? Drug dealers do better with their burner phones.

It will be worth recalling, when Russian troops return home, the extent to which they were betrayed by their senior leaders.