Ukraine at D+469: Hacktivism reorganized amid an incipient counteroffensive.
the cyberwire logoJun 8, 2023

Observers see the Dnipro flooding as evidence of a growing Russian appetite for escalation. Russian hacktivists reorganize, one moving in the direction of professionalism, another with gestures toward serving as a popular movement.

Ukraine at D+469: Hacktivism reorganized amid an incipient counteroffensive.

Ukrainian forces continue to make local advances, but Kyiv yesterday emphasized that the general counteroffensive had yet to begin. “All of this is not true," the Guardian quotes Oleksiy Danilov, secretary of Ukraine’s national security and defence council, as saying in response to Russian claims that the offensive had not only begun, but had already failed. "When all this will begin, it will be decided by our military. When we start the counteroffensive, everyone will know about it, they will see it.” The Russians, he said, have merely mistaken local operations for a general attack. One local advance Ukraine claimed unambiguously has been in Bakhmut and the surrounding countryside.

In what the UK's Ministry of Defence calls "a highly complex operational picture," there's evidence of heavy fighting in several zones of the front. "In most areas Ukraine holds the initiative. Russian forces are likely still being ordered to return to the offensive as soon as possible: Chechen units have led an unsuccessful attempt to take the town of Marivka, near Donetsk city, where the front line has changed little since 2015. Through 07 June 2023, flood levels continued to rise in the lower Dnipro, following the collapse of the Kakhovka Dam, but will likely start to recede during 08 June 2023. Shelling has complicated some attempts to evacuate displaced civilians from inundated areas."

Widespread destruction and escalation.

The flooding of the Dnipro Valley upstream of Kherson produced by the destruction of the Nova Kakhovka dam is expected to peak today. The destruction has affected both Ukrainian- and Russian-controlled territory. Refugees report that Russian authorities have been either unwilling to offer rescue or too disorganized to provide it. There are also reports of Russian troops firing on refugees and rescue workers.

The destruction of Nova Kakhovka is being widely denounced as a war crime, with the German government being particularly explicit in its condemnation of Russia's role in the dam's failure. Western governments that haven't gone as far as Germany's continue their own assessments, but they're leaning strongly toward attributing the destruction to Russia. For its part, Moscow continues to deny any role in the dam's destruction, which it blames on Ukraine.

Some observers see the destruction of Nova Kakhovka and the attendant disaster as evidence of a Russian appetite for further escalation. Retired US Brigadier General Kevin Ryan, now at Harvard's Belfer School, argued in an interview with Radio Free Europe | Radio Liberty that Russian nuclear threats aren't empty, and that NATO should prepare for Russian use of nuclear weapons. If not nuclear weapons, then perhaps a nuclear accident, arranged at the Russian-controlled Zaporizhzhia nuclear power plant (ZNPP), could be a possibility, a Telegraph essay argues.

Lustration policies to handle collaborators.

Should Ukraine's counteroffensive succeed in retaking provinces occupied by Russia--Luhansk, Donetsk, and Crimea--the Ukrainian government will face the question of how to deal with those provinces' reintegration, and in particular how to handle those who collaborated with the Russian invaders. Resisting calls for harsh retribution will be difficult, and Foreign Policy describes how a well-constructed lustration policy--a procedural means of distinguishing the (relatively few) genuinely dangerous collaborators from those who went along, or tolerated, or simply conformed out of fear--can help post-war reintegration. "History makes clear that the process requires restraint, including establishing safeguards to minimize potential risks and unintended consequences. This will be especially important in Ukraine, given the direction of popular sentiment and the brutality of the war." The essay suggests that the Czech Screening Law of 1991, designed to handle the legacy of Communism after the collapse of the Warsaw Pact's constituent governments at the end of the Cold War, may provide a useful example for Kyiv.

A look at KillNet's reboot.

KillMilk's reorganization of the hacktivist auxiliary he (or she) leads on behalf of the Russian intelligence and security organs continues. Radware describes the reboot as a move toward a more professional, better disciplined organization. KillNet had hitherto been willing to present itself as a grassroots movement, but no more. "The revised Killnet isn’t for armchair hackers and DDoSers," Radware writes, "nor is it a platform for self-promotion or a ticket to overnight fame. Only the shrewdest minds, not the IT layabouts, will earn their place in the 'New Killnet.'”

Consumer best practices from a hacktivist auxiliary.

NoName has been posting interesting IT stories from the Russian perspective, and with it they also published their own tips to protect your financial data online by following twelve simple steps. (Actually one five steps of the twelve are out. The remaining seven are to-be-published.)

"How can you defend your financial assets on the internet? (½)

"The development of services is forcing bank clientele to implement digital hygiene. This is  imperative for obvious reasons, because of the existence of an incredible amount of methods to steal your data on the internet. The rules of digital financial hygiene aren’t very intrusive to the user if you follow these 12 simple steps.:

  • "Install antivirus on your telephone and computer, don’t click on suspicious files
  • "Only log into your personal bank account via secure Wi-Fi or mobile internet of your network provider, categorically ignore open links. 
  • "Only click the links of official sites. 
  • "Utilize dual factor authentication everywhere where able. 
  • "Use encrypted folders on devices for personal information.

"**The rest of the tips will be released in part two.**"

Thus NoName seems to be positioning itself as a community leader, offering advice and information to ordinary users.