Russia unleashes a politics-cyber-camouflage strategy against Ukraine

The first element was designed to give domestic (an underreported concern) and foreign justification to Russia’s impending escalation. It came from Foreign Minister Sergey Lavrov, who warned that the United States had not taken seriously Russian demands over NATO enlargement and the West’s relationship with Ukraine. Lavrov declared, “Our patience has been exhausted. We are very patient. You know what they say about how long Russians take to harness their horses: We harness them slowly, but then it’s time to ride.”

Translation: We may decide to ride into battle. While Lavrov is a devoted showman, matched against Russia’s now rapidly escalating military encirclement of Ukraine, his rhetoric cannot be ignored as bluster.

The second element of Russia’s strategy appears to be a Russian plot to conduct an attack on pro-Russian interests in Ukraine. Russia would then blame this “false flag” attack on Ukrainian forces or partisans, thus giving Moscow a moral pretense to launch a re-invasion of Ukraine.

Moscow hinted that it was developing such a plot in December. As reported on Dec. 30, the U.S. and Britain have grown concerned by the deployment of boutique Russian special forces units in Ukraine. Such plots are a favorite of Russian President Vladimir Putin and are centered in the Soviet military strategy of “maskirovka,” or “camouflage/masking.”

The third element, designed to intimidate Ukraine and possibly to deter the European Union from joining U.S. sanctions, came with a cyberattack against Ukrainian government websites. This temporarily disabled the websites in lieu of offensive messages in Russian, Ukrainian, and Polish. The attack is unlikely to be directly traced to an SVR or GRU cyber-intelligence unit, the most capable in the Russian cyber-offensive inventory. Instead, it seems relatively simplistic, designed for short-term effect and public intimidation. Considering the obvious benefit to Russian strategic interests, it is likely that nominally private hackers associated with Russian ransomware groups were responsible. These groups operate with varying degrees of subservience to the Russian state, specifically the FSB domestic security service.