Mediaboss Marketing

17 April 2023

Image source, Getty Images

Ten days after leaked Pentagon documents burst into public view, what have we learned about the war in Ukraine?

The documents, mostly dating from February and March, offer tantalising insights into the state of the conflict. There's a wealth of detail, much of it highly complex.

But reading between the lines, you get a real sense of the Pentagon doing its utmost to understand the course of the conflict, sometimes with difficulty.

The "fog of war" is definitely on display.

Take the critical question of how many men and pieces of equipment each side is losing. The raw data tells a story (as many as 223,000 Russian killed or wounded soldiers, versus as many as 131,000 Ukrainians), until you read that the Pentagon has "low confidence" in the numbers.

This is due to several factors, including operational secrecy, deliberate distortions and what is described as "potential bias in Ukrainian information sharing".

In other words, the US may be Ukraine's most important ally, but Washington doesn't always trust what it's being told.

A similar lack of certainty is visible in a summary of the battle for the Donbas, dated 22 February.

It says the Pentagon has "moderate confidence" that the battle is "likely heading for a stalemate throughout 2023."

But it goes on to say that it would have higher confidence in this assessment "if we could accurately estimate the endurance of Ukraine's operations," adding that it cannot fully account for the toll Ukraine's counter-offenses in late 2022 took on Russian morale and equipment.

These are just a few examples of the questions swirling around the minds of Pentagon planners on a daily basis. There are a host of others.

What might cause Israel to get more involved? Can South Korea be prevailed upon to set aside its reservations and supply Kyiv with badly needed artillery shells? What if Vladimir Putin dies?

Image source, Getty Images

The leaks suggested that some members of the Russian elite had plotted to undermine Vladimir Putin's war.

Given the high levels of uncertainty, it's hardly surprising that Washington should revert to covert means to improve its understanding of what's going on.

Even if that means spying on the very country it says it's committed to helping.

And so we hear of intercepted conversations in which Ukraine's President Volodymyr Zelensky and his top officials discuss the pros and cons of hitting Russian targets in Belarus or Russia itself.

On 17 February, President Zelensky's Chief of Staff Andriy Yermak learned of an alleged Russian plot to sabotage Vladimir Putin's "special military operation", involving the Russian Chief of the General Staff, Valeriy Gerasimov, and the head of National Security Council, Nikolay Patrushev.

The plot, allegedly timed to coincide with a day when Vladimir Putin was scheduled to begin a round of chemotherapy, never materialised.

But for the Pentagon, anxious to detect signs of division and weakness in Moscow, one can imagine that the report must, for a day or so, have seemed intriguing.

Military conflicts are large, complex events, always shifting according to a wide range of military and political factors.

Which means that circumstances are likely to have changed in subtle ways in the weeks since the documents were drawn up.

The much reported case of Ukraine's air defences is a good example.

At least two documents from late February describe a situation in which key elements of Ukraine's defences - Soviet-era SA-11 and SA-10 surface-to-air missiles - are expected to run out by March 31st and May 2nd respectively.

Given that the two systems combined account for 89% of Ukraine's medium to high range protection, according to the document, these sound like dire predictions.

The projections are based on what is described as "current interceptor consumption", with the conclusion that Ukraine can only withstand 2-3 more waves of Russian attacks on its civilian infrastructure.

In fact, there have been no further mass attacks on Ukraine's infrastructure, meaning that Ukraine will have been able to eke out some of its precious stocks a little longer.

Nor is there any reference in the documents to the arrival of 13 MiG-29 jets from Slovakia, only approved by the government in Bratislava in mid-March.

Image source, Getty Images

MiG-29s, like the ones donated by Slovakia, have long been the backbone of Ukraine's air force.

Inevitably, the overwhelming tone of these documents is more sober, even pessimistic, than most public American pronouncements about the war.

There are no predictions here of sweeping Ukrainian successes when its much anticipated counter-offensive begins, possibly in the coming weeks.

Instead, the talk is of "modest territorial gains."

It's likely that some of Ukraine's reported weaknesses will have informed joint US-Ukrainian planning long before they came to public attention.

What we don't know, because these snapshots, although recent, are mere glimpses of a constantly evolving situation, is how successfully any of those weaknesses have been addressed.

Follow this link:
Ukraine war: As the dust settles, did the US leaks reveal anything important? - BBC

Russian forces are stepping up their use of heavy artillery and air strikes in the devastated eastern Ukrainian city of Bakhmut, the commander of Ukraines ground forces said on Tuesday.

Poland and Ukraine will resume negotiations early on Tuesday to try to reopen the transit of food and grains, the Polish agriculture minister told public radio station PR1. The two countries held talks on Monday over bans by central eastern European countries seeking to shelter their farmers from the impact of an influx of cheaper Ukrainian grain.

Romanias ruling Social Democrat party (PSD) has said it will ask the coalition government to approve an emergency decree enforcing a temporary ban on Ukrainian grain imports, mirroring similar moves by countries in central and eastern Europe.

Russias defence minister, Sergei Shoigu, told his Chinese counterpart on Tuesday that their countries military cooperation was a stabilising force in the world and helped to reduce the chances of conflict.

Security concerns have prompted Russian authorities this year to cancel traditional immortal regiment nationwide victory day processions where people carry portraits of relatives who fought against Nazi Germany in the second world war.

The UK has condemned the sentencing of Russian opposition activist Vladimir Kara-Murza, who was jailed for 25 years on Monday for opposing the war in Ukraine. UK foreign secretary James Cleverly summoned the Russian ambassador, Andrei Kelin, for an explanation. Kara-Murza holds dual Russian-British citizenship.

Kara-Murzas wife, Evgenia Kara-Murza, told British broadcaster LBC that she was baffled by the UK governments weak response. Introducing sanctions against his perpetrators would actually be a very practical step that I would very much like to see, she said.

The UNs human rights head, Volker Trk, urged Russia to release him, while Baltic neighbour Latvia sanctioned 10 Russian officials and lawyers involved in the case.

Russias leading opposition figure, Alexei Navalny, faces the prospect of new criminal charges, one of his lawyers has claimed. Vadim Kobzev alleged on Twitter that authorities had provoked Navalny by placing another inmate in his cell, and that Navalny had been given no choice but to drag him out. He had then been told he would be charged with thwarting prison authorities, which carries a maximum sentence of five years, Kobzev said.

The Belarusian leader, Alexander Lukashenko, held a meeting with the Russian-installed head of Ukraines occupied Donetsk region, Denis Pushilin, on Tuesday.

Russia is not yet planning to block Wikipedia, its minister of digital affairs said on Tuesday as a Moscow court handed the online encyclopaedia another fine for failing to remove content Russia deems illegal.

G7 foreign ministers have condemned Russias irresponsible nuclear rhetoric and its threat to deploy nuclear weapons in Belarus as unacceptable, after a three-day meeting in the Japanese resort town of Karuizawa. Any use of chemical, biological or nuclear weapons by Russia would be met with severe consequences, they warned.

The Pentagon said it expected findings within 45 days from a review into how the US military handles classified information after last weeks arrest of an airman over the leak a trove of highly classified documents online.

Russia said it had repelled an illegal Ukrainian attempt to infiltrate Russian territory in the southern border region of Bryansk, 11 days after reporting a similar incident. The intruder stepped on a mined protection line, said regional governor Alexander Bogomaz on Telegram.

Excerpt from:
Russia-Ukraine war at a glance: what we know on day 419 of the invasion - The Guardian

Among the disclosures to emerge from the U.S. Department of Defenses recent leak of sensitive materials, one of the most alarming from the point of view of the Ukrainian Armed Forces is a purported assessment of the precarious quantity of missiles available to Kyivs hard-pressed ground-based air defense systems.

While its important to note that the reliability of the contents of the hundreds of leaked classified Pentagon documents has been questioned, the critical need to replenish Ukrainian air defense missiles as well as to replace Soviet-era systems with more advanced Western equipment is something The War Zone has discussed from very soon after Russia launched its full-scale invasion.

Assuming this part of the document dump is a legitimate assessment, there could be massive consequences for Ukraine, with Russia potentially regaining the opportunity to execute fixed-wing air combat operations deep into Ukrainian airspace. This is in addition to targets in Ukraine becoming far more vulnerable to standoff missile and drones attacks. If anything else, it's a reminder of just how precarious the delicate air power balance is between the two countries and how important it is to rearm Ukraine for a longer fight.

Among the leaked materials, the most significant document in regard to stocks of air defense missiles appears to be one dated February 28, which provides an overview of Ukrainian missile usage rates and then projects when stocks of weapons for certain systems will be exhausted.

The document in question or at least portions of it was recently published by The New York Times.

The key claim included in this document is that Pentagon officials have assessed that Ukrainian air defenses assigned to protect troops on the front line will be completely reduced by May 23.

Were that to happen, Russian air power would be much less constrained in how it operates over the forward edge of the battlefield, with potentially disastrous consequences for Ukrainian troops on the ground. At the same time, by rolling back Ukrainian ground-based air defenses here, Russian aircraft would be better able to push further west into Ukraine, making it easier to target cities, and military installations including airbases, as well as other key infrastructure, military and civilian at least in some areas.

Eroded air defenses would allow Russia to be better able to overcome the limitations it now faces in terms of a dwindling supply of long-range standoff munitions. Not only are these generally expensive to produce but the strict sanctions now imposed on Russia make it much harder to replenish them. If the Russian Aerospace Forces were given more freedom of action by depleted Ukrainian air defenses, they could also make increasing use of shorter-range weapons.

Russian Aerospace Forces Su-35S multirole fighter jets deployed from the Eastern Military District to Belarus, from where many combat missions have been launched against Ukraine:

Ultimately, if the Pentagons supposed predictions about missile stocks were to come true, then the entire picture of the air war could begin to morph dramatically. Since failing to achieve air superiority at the start of the conflict, Russian tactical jets and helicopters have been very cautious in the face of stiff resistance from Ukrainian ground-based air defenses and fighters. Very often, Russian attack aircraft and helicopters have been forced to use unguided rockets fired from a very low level in the approximate direction of the target, with much-reduced accuracy as a result in hopes of hitting any targets near the front lines. Russian fighter jets, with far more capable sensors and weapons than their Ukrainian counterparts, have tended to operate outside Ukrainian airspace, firing missiles from very long range opportunistically.

According to the leaked documents, the Soviet-era S-300 and Buk accounted for 89 percent of Ukraines medium/long-range air defense capabilities, as of February 28. Depletion of missile stocks for the S-300 and the Buk would remove these systems as kinetic players in the overall defense of Ukraine, wherever they were stationed. The fact is that the wide variety of Western ground-based air defense systems now delivered or in the process of delivery to Ukraine are not available in anything near as significant numbers. The higher-end Western systems that have been delivered since the start of the war are being prioritized to cover major population centers, especially Kyiv, and likely little else.

As we reported at the beginning of the war, Ukraine started the conflict with an estimated 250 launchers of different types for its S-300P (SA-10 Grumble) long-range surface-to-air missile (SAM) systems, as well as a far smaller number of the related S-300V1 (SA-12 Gladiator/Giant) system.

No NATO militaries use the S-300V family of systems, ruling out the possibility of transferring additional such weapons to Ukraine, although the S-300P family does exist in NATO inventories and Kyiv has received at least some examples, including a complete S-300PMU battery (a more advanced version that those used by Ukraine) from Slovakia.

Bulgariahas one complete S-300PMUsystem, while Greece has 12 of the further improved S-300PMU-1 versions. These, or missiles from them, could potentially be supplied to Ukraine, too, although the reality is that stocks of missiles for the S-300 are always going to be limited and, at some point, will be exhausted.

The situation as regards to the Buk mobile medium-range SAM system is even more problematic. Ukraine entered the war with a reported 72 examples of the Buk-M1 version available. There are no NATO operators of the Buk family. Within the alliance, only Finland previously operated the Buk, but all its remaining stocks are understood to have been scrapped.

Unable to of provide additional Buk systems or the missiles made for them, the United States has approved the transfer of RIM-7 Sparrow missiles that will be integrated with the Ukrainian Buk systems. This is an innovative way of keeping the remaining Buk systems in the fight, but its unclear how long the process of adapting the Soviet-era Buk for these NATO-standard missiles might take or how effective it will end up being. You can read more about the initiative here.

A previous, Polish effort to integrate the Sparrow missile on the 2K12 Kub (the Buks predecessor), from around 2008:

Since our initial report on the state of Ukrainian ground-based air defense capabilities, there have been some significant transfers of systems of Western origin. Putting to one side man-portable air defense systems and very short-range air defense systems, Ukraine has begun to receive IRIS-T SLM systems from Germany, Crotale NG batteries from France, and MIM-23 HAWK systems from Spain and the United States. Spain has also supplied an Aspide 2000 battery, with similar SkyGuard Aspide/Spada systems being delivered by Italy.

Perhaps most importantly, Ukraine has begun to receive NASAMS batteries from the United States, with more scheduled to follow from Canada and Norway. As we have pointed out in the past, NASAMS has the considerable advantage of being able to draw upon the very deep reserves of missiles available from most NATO countries, primarily for air-to-air use. Already, Belgium, the Netherlands, and the United Kingdom have pledged to deliver AMRAAM missiles that will be used to arm Ukrainian NASAMS.

An official Ukrainian Air Force video showing the NASAMS in operation:

At the higher end of the SAM scale, Ukraine has recently received the first Patriot battery from Germany, with another to follow from the United States, together with two additional Patriot launchers from the Netherlands. These will provide enhanced long-range, high-altitude engagement capability that is currently only offered, to a lesser degree, by Ukraines S-300s, with their dwindling stocks of missiles. Importantly, the Patriot will also bring an anti-ballistic missile capability, something that is currently only provided by the small number of Ukrainian S-300V1 systems, and even those dont come anywhere close to the Patriot in this regard. Providing somewhat similar capabilities to the Patriot is the SAMP/T, a joint Franco-Italian SAM system, one battery of which is also headed to Ukraine.

The advanced Patriot system promises to be a very welcome addition to Kyivs armory, although its somewhat less mobile than the S-300P series and considerably less mobile than the S-300V1 and will be a prime target for Russian suppression/destruction of enemy air defenses (SEAD/DEAD) missions.

Meanwhile, there have also been efforts to supply Ukraine with Soviet-era air defense equipment from NATO stocks although, as previously noted, the supplies of these systems are rather more limited. Poland, which has been a staunch backer of Ukraine, has provided examples of the 9K33 Osa (SA-8 Gecko) mobile short-range air defense system (SHORADS) as well as the S-125 (SA-3 Goa) medium-altitude SAM system.

The S-125 was understood to have been withdrawn from Ukrainian service sometime before the full-scale Russian invasion, although, more recently, there have been signs of reactivation or perhaps evidence that the system was never entirely retired from service. Another Soviet-era system not known to have been in Ukrainian use prior to the invasion is the medium-range 2K12 Kub (SA-6 Guideline) SAM system, which Slovakia recently agreed to deliver to Kyiv in the form of the upgraded 2K12M2 Kub-M2.

Clearly, the influx of ground-based air defense systems of different types and from various sources reflects the very obvious requirement to sustain and reinforce Ukraines capabilities in this regard, to continue to apply pressure on Russian air operations.

Regardless, the possibility that the missiles fired by Ukrainian S-300 and Buk systems could be exhausted, sooner rather than later, is highly troubling, but its also a fact that new, NATO-supplied ground-based air defense systems are still being delivered and the most capable of these have not yet been brought online. Once they are operational, they will likely have a significant impact on Russian air planning.

Still, beyond the potential of weapons like the Patriot to become a major factor in the air war, its no secret that numbers are just as important as capability. Indeed, its notable that Ukraine has spent a disproportionate effort in countering Russian kamikaze drones, like the Iranian-designed Shahed series, which have, in the past, at least, been launched in significant numbers, placing a considerable burden on Ukrainian air defenses. Added to this are the repeated barrages of cruise missile attacks launched from different Russian platforms and ranging from stealthy air-launched subsonic weapons, to ship-launched cruise missiles. Russia has also made use of Mach-4-capable Kh-22 anti-ship missiles used in a land-attack role, defense against which has apparently proven next to impossible.

As Yurii Ihnat, a spokesman for Ukraines Air Force Command, told The New York Times, The question is numbers. To fully replace [existing SAM systems], we need many systems, and I wont tell you how many.

As it stands, the tables in the air war are delicately balanced. After receiving a fairly severe mauling at the start of the conflict, the Russian Aerospace Forces has never fully taken the initiative, with Ukrainian ground-based air defenses and fighter jets using bold and innovative tactics to ensure the skies over the country remain dangerous to the invaders.

Without a doubt, however, the Russian Aerospace Forces loom over the Ukrainian Air Force in terms of size as well as possessing key technological advances, including in the realm of sensors and weapons. One of the recently leaked Pentagon documents assesses that Ukraine has 85 fighter jets available, compared to 485 Russian fighter jets deployed in the Ukrainian theater.

We do know that Russia has a substantial number of aircraft in its inventory and a lot of capability left, U.S. Secretary of Defense Lloyd J. Austin III warned back on February 14, during a visit to Brussels. We need to do everything that we can to get Ukraine as much air defense capability as we possibly can.

So far, Ukraine has managed to do more with less and deny Russia air superiority. Exactly how accurate the assessments found in the leaked Pentagon documents turn out to be, they should serve as a warning call to Ukraines allies. If its to continue to keep Russian airpower at bay, the Ukrainian Armed Forces need a continuous flow of ground-based air defense systems (among other key weapons).

Should the effort to bolster Ukraines ground-based air defenses fail, the results could be disastrous. In the worst-case scenario, Russian airpower could have another shot at gaining air superiority or at least operating deep over certain parts of Ukraine for brief periods of time.

The influx of Western air defense systems means that major population centers will still likely have robust coverage, but this could also be put at further risk by emboldened Russian Aerospace Forces. After all, if able to effectively run tactical fixed-wing operations over large swathes of the country, this would include suppression and destruction of enemy air defenses (SEAD/DEAD) missions, with the express purpose of targeting Ukrainian ground-based air defense systems. Russia can do this with standoff weapons and the most valuable of systems like Patriot and NASAMS would be top targets.

For general strike operations, as we have mentioned, Russia would be far less reliant on air-launched standoff munitions, allowing cheaper and more plentiful shorter-range and unguided weaponry to be brought to bear on certain targets. With the limited gains made by Russia in the conflict so far, the chance to secure something like air superiority over portions of Ukraine could potentially change the course of the war.

Ukrainian fighters, still very limited in number even after being bolstered a bit by allies, would also be put at far greater risk. Russia has superior air-to-air capabilities and Russian fighters pushing deeper into Ukraine could force engagements that Ukraine's fighter force is not likely to win, at least on paper. Even on the ground, Ukraine's fighter force would become more vulnerable.

Beyond that, it should be remembered that the bleak picture painted by the leaked Pentagon documents refers specifically to the S-300 and Buk and as such concerns the upper-altitude blocks within a layered ground-based air defense system. The situation in regards to SHORADS is likely much less concerning, with significant numbers of these systems still in place, and more arriving, backed up by highly mobile very short-range air defense systems, including man-portable air defense systems (MANPADS).

This means that while low-level operations would still be very contested along the front, higher-level ones could open up to Russian forces. As such, a mix of low-level and high-level tactics could be employed, including crossing over the lines at high-altitude and dropping to much lower altitudes while deeper inside Ukrainian-controlled territory to avoid high-altitude systems still clustered around a handful of population centers.

Russia would still have to commit to such a strategy and its fixed-wing tactical assets would still be put at high risk even in a degraded air defense environment, especially early on. But if Putin and his generals see an opening, the possibility of bringing fixed-wing air combat power to bear deep into Ukraine, and working to degrade its defenses further in doing so, maybe just too sweet an apple not to pluck off the tree. This is especially true considering the state of Russias Special Military Operation and the need for some major wins.

Ukraine's finite missile stocks available to the S-300 and Buk systems were never in doubt and these weapons, which have played a key role so far in the conflict, require replacement by systems that offer at least as much capability, if not more. It's quite remarkable these Soviet-era stockpiles have lasted as long as they have. But just as importantly, the systems that replace them need substantial quantities of missile reloads, whether drawn from active production lines or from existing NATO stocks.

Where exactly these systems and the inventories of missiles needed to make long-term use of them will materialize from is another question altogether.

Contact the author: thomas@thedrive.com

See the original post:
What Could Happen If Ukraine's Stock Of Soviet SAMs Runs Dry - The War Zone

PT-91 Twardys in Ukraine.

A long column of ex-Polish PT-91 Twardy tanks, rolling along a training ground somewhere in Ukraine on or before Monday, is a healthy reminder of two important facts.

Despite substantial pledges to Ukraine of Western-made tanks, upgraded Soviet-style tanks still by far are the most numerous tanks in Ukraines arsenal. And its those tanks that are likely to lead the way if Kyivs forces finally shift from defense to offense in the coming weeks or months.

Still, the worst Soviet-style tank Ukraine is acquiring is better than the best Soviet-style tank Russia lately has been able to acquire in meaningful numbers.

Russia doesnt yet import tanks. It builds them new, locally, or restores them from local stocks of Cold War-vintage vehicles. Industrial bottlenecks have throttled Russias efforts to make good the 2,000 or so tanks its lost in the 14 months since it widened its war on Ukraine.

Increasingly, the Russian armys replacement tanks are unmodified T-62s and T-55s from the 1960s and 1950stanks that dont require the high-tech components that are in short supply in Russia.

By contrast, as Ukraine replaces the roughly 500 tanks its lost since February 2022, its getting many of the replacement tanks from foreign allies. Any local shortages of electronics, optics or ball bearings dont constrain the supply of fresh vehicles.

Which is why those eight PT-91s, parading across that field in Ukraine this week, are so encouraging for advocates of a free Ukraine. These are the tanks Kyiv could send into battle against Russias ancient T-62s and T-55s.

It would be a deeply unfair match. To produce a PT-91, Polish vehicle-maker Bumar-Labedy started with a 45-ton T-72M1a downgraded export variant of the 1983-vintage, Soviet T-72Aand replaced the engine, transmission, fire-controls, optics and autoloader and added bricks of Polish-made Erawa reactive armor.

The result is a tank that still looks a lot like a T-72. Same silhouette. Same 125-millimeter 2A46 main gun. Same three-person crew. But its got an 850-horsepower diesel engine in place of the old, 780-horsepower modelmaking it several miles per hour faster. The neatly-fitted reactive armor offers better protection against high-explosive rounds.

The new fire-controls are the PT-91s most important feature, however. The stabilizer on the T-72M1 is crude and requires frequent recalibration, limiting the tanks accuracy while firing on the move. The Twardy adds new, more robust, two-axis stabilization.

All that is to say, the PT-91 is a better tank than a 1980s-vintage T-72M1 isand a much better tank than a much older T-62 or T-55 is. As far as firepower and protection go, the Polish-made tank might fall just behind a German-made Leopard 2A4.

Poland back in the 1990s acquired around 230 PT-91s. Warsaw so far has pledged 60 of them to Kyiv. More could follow as Polands new American-made M-1s and South Korean K-2s begin arriving in large numbers.

Its unclear how many of the PT-91s so far have reached Ukraine. It is clear, from a total lack of photographic evidence of Twardys on the front lines, that Kyiv is holding back the ex-Polish tankseither saving them for newly-forming brigades, or waiting to send them to existing brigades as replacements for combat losses.

Either way, these fresh PT-91s soon should outnumber Ukraines battle-ready Western tanks, which include: 14 ex-British Challenger 2s; some portion of 40 Leopard 2A4s from Poland, Canada, Norway and Spain; and a few of the 31 newer Leopard 2A6s/Strv 122s coming from Germany, Portugal and Sweden.

Ukraine also is getting more than a hundred Leopard 1A5s from a German-led consortium as well as 31 American M-1A1s. But none of these tanks have shipped.

If Ukraine goes on the counteroffensive this spring or early summer, the PT-91s could be the most numerous of the Ukrainian armys replacement tanks.

Luckily for the Ukrainians, theyre pretty good tanks. Far better, at least, than Russias own replacement tanks.

Visit link:
Ex-Polish PT-91 Tanks Have Arrived In Ukraine. They're Better Than ... - Forbes

Russian and pro-Russian operatives continue to modify their hacking and influence operations aimed at Ukraine to extract intelligence and sway public opinion in favor of the war, Google researchers said in a report released Wednesday. The latest tactics include promoting highly produced YouTube videos as well as more traditional phishing campaigns.

Roughly 14 months after the Russian invasion of Ukraine, the cyber components of the Russian onslaught continues with nearly 60% of Russian-backed phishing campaigns targeting Ukraine, Billy Leonard, a security engineer with the Google Threat Analysis Group, wrote in an update on the most notable hacking campaigns the company observed between January and March of 2023.

The latest report includes new information operations from Russias elite hacking units as well as work from a group believed to be Belarusian, a staunch Russian ally. From traditional credential and intelligence gathering efforts to information operations aimed abroad and at Russian audiences to glorify war efforts, the ongoing cyber operations remain active and show signs of adaptations and new techniques, Leonard wrote.

One of Russias most prolific and elite hacking groups known widely as Sandworm, but tracked by Google as FROZENBARENTS continues to focus heavily on the war in Ukraine with campaigns spanning intelligence collection, IO, and leaking hacked data through Telegram, Leonard wrote. Believed to operate out of Russian Armed Forces Main Directorate of the General Staff, or GRU, Unit 74455, the group known best for its multiple successful Ukrainian power grid attacks and the NotPetya malware that racked up more than $10 billion in global damages maintains its perch atop the Russian-backed offensive hacking ecosystem.

FROZENBARENTS remains the most versatile GRU cyber actor with offensive capabilities including credential phishing, mobile activity, malware, external exploitation of services, and beyond, Leonard wrote. They target sectors of interest for Russian intelligence collection including government, defense, energy, transportation/logistics, education, and humanitarian organizations.

The group continues to exploit EXIM mail servers around the world, Leonard wrote, a tactic it has employed since 2019, according to a 2020 NSA advisory. Once compromised, the hosts have been observed accessing victim networks, interacting with victim accounts, sending malicious emails, and engaged in information operations (IO) activity.

FROZENBARENTS has also continued to target organizations associated with the Caspian Pipeline Consortium (CPC), one of the largest oil pipelines in the world that transports crude oil from Kazakhstan across Russian territory to the Black Sea, Leonard wrote. The group has targeted a range of unnamed Eastern European energy sector organizations using fake Windows update packages on a domain spoofing CPC that, if executed, loaded a variation of the Rhadamanthys malware that could then exfiltrate stored credentials, including browser cookies.

Dating back to December 2022, the group has also launced multiple waves of credential theft campaigns targeting Ukrainian defense industry, military and Ukr.net mail users, Leonard wrote.

The group has also been active in the information operation space, he said, creating online personas to push pro-Russian news and narratives and leak stolen data, Leonard wrote, such as the persona CyberArmyofRussia, or CyberArmyofRussia_Reborn.

Both the YouTube channel for CyberArmyofRussia, or CyberArmyofRussia_Reborn which was pulled down upon notification and the Instagram account had minimal engagement and a negligible number of subscribers or followers, Leonard wrote. The groups Telegram channel, launched April 1, 2022, remains robust, with frequent posts for nearly 23,000 subscribers. Google researchers assess that the channel was created and controlled by the elite hacking unit.

In several recent incidents, FROZENBARENTS compromised a webserver of the target organization and uploaded a webshell to maintain persistent access to the compromised system, Leonard wrote. The attackers then deployed Adminer, a single file PHP script for managing databases, to exfiltrate data of interest. Shortly after exfiltration, the data appeared on the CyberArmyofRussia_Reborn Telegram channel.

In another information operation, the Internet Research Agency notorious for its efforts to shape domestic U.S. opinion ahead of the 2016 presidential elections produced a series of YouTube Shorts, short-form videos akin to TikTok or Instagrams Reels. The group has focused particularly on narratives supportive of Russia and the business interests of Russian oligarch Yevgeny Prigozhin, especially the Wagner Group, Leonard wrote.

The U.S. Department of Justice indicted Prigozhin, a longtime associate of Russian President Vladimir Putin, in 2018 for his role in the IRA interference operation. He is currently wanted by the FBI.

The group was also promoting a new film by Aurum LLC, a film company partially owned by Prigozhin. This movie has a high production value and communicates narratives portraying the Wagner Group in a positive light, Leonard wrote.

Altogether, Moscow continues to leverage the full spectrum of information operationsfrom overt state-backed media to covert platforms and accountsto shape public perception of the war in Ukraine, Leonard wrote.

Smaller campaigns from other hacking groups caught Googles eye as well.

Another operation attributed to the GRU as well but perhaps a unit other than FROZENBARENTS has since April 2022 maintained a Telegram channel to promote and amplify narratives related to the use of biological weapons in Ukraine and how the United States is responsible for the proliferation of biological weapons around the world, Leonard wrote. This campaign involves a Russian-language Telegram channel and an English Substack newsletter, which has published only once.

APT28 known widely as Fancy Bear, and tracked as FROZENLAKE sent multiple large waves of phishing emails to hundreds of users in Ukraine in February and March, Leonard wrote. Part of the effort involved reflected cross-site scripting (XSS) on multiple Ukrainian websites, which represents a new tactic for the group.

A Belarusian-linked hacking campaign tracked as PUSCHA by Google but sometimes called UNC1151 andlinked to Belarus by Mandiantin November 2021 has consistently targeted users in Ukraine and neighboring countries throughout the war, Leonard wrote, typically targeting the i.ua and meta.ua webmail services. Leonard described the phishing campaigns as targeted, and focused on small numbers of users in Ukraine.

Written by AJ VicensAJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal/WhatsApp: (810-206-9411).

View post:
Russia's digital warriors adapt to support the war effort in Ukraine ... - CyberScoop