Security

Ukrainian attack damages Kerch Bridge

Wagner moves soldiers to Belarus following apparent disbandment in Russia

Wagner vehicle columns are seen driving from Voronezh to Belarus

Tracking narratives

Russian officials and state media change their tune about the Kerch Bridge attack after Kremlin announces terror investigation

Media policy

FSB colonel alleged to be behind popular Telegram channel detained for extortion

International response

Wagner continues to advertise its services in Africa

Wagner troops arrive in Central African Republic ahead of critical referendum

Lavrov to replace Putin at BRICS summit

Ukrainian attack damages Kerch Bridge

Russia accused Ukraine of conducting a drone strike against the Kerch Strait Bridge on July 17. The bridge, also known as the Crimean Bridge, connects Ukraine’s Crimean Peninsula with Russia’s Krasnodar region. The bridge is used for civilian movement and as an essential logistical route for the Russian army.

Explosions were reported at around 3:00 a.m. local time. Footage of the aftermath indicates that a span of the bridge’s road had collapsed while another suffered damage but remained intact. Traffic reportedly resumed several hours after the explosion, but in the interim, occupation authorities asked civilians to consider alternate evacuation routes. Russian Telegram channels reported extensive traffic jams in Crimea’s Dzhankoi area and in the occupied Kherson region towards Melitopol. 

Ukraine defense intelligence spokesperson Andrii Yusov told Suspilne News that damage to the bridge could create logistical difficulties for Russian forces, but said Kyiv would not comment on the cause of the explosion. CNN, citing a source in the Security Service of Ukraine (SBU), reported that the attack on the bridge was a joint operation of the SBU and Ukrainian naval forces. Ukrainian media outlet LIGA also reported that the SBU and Ukrainian naval forces were responsible for the attack, citing sources in the SBU. LIGA also noted that the strike was likely conducted with surface drones. The SBU said that information about the incident would only be revealed once the war ended. Some Russian military bloggers, including former Russian officer and pro-war nationalist Igor Girkin, stated that Russian authorities had focused too heavily on road security and not enough on maritime security. Alexander Kots, another prominent blogger and Kremlin-appointed Russian Human Rights Council member, also blamed Russian authorities for focusing too much on land security.

Natalia Humeniuk, a spokesperson for Ukraine’s Southern Operational Command, speculated without evidence that the attack may have been a provocation by Russia amid talks on prolonging the Black Sea Grain Initiative. The grain deal, brokered by Turkey and the United Nations in July 2022, has been essential for stemming a global surge in food prices. The agreement, necessitated after the Russian navy blocked all Ukrainian ports, permits Ukraine to export products. It has has been prolonged several times, with the last extension expiring on July 17. The Kremlin announced on July 17 that it had suspended its participation in the initiative but claimed that the decision was unrelated to the bridge attack. 

Meanwhile, about twenty-four hours after the attack on the Kerch Bridge, explosions were heard in Odesa in southern Ukraine. Unconfirmed reports claimed the explosions were a response from Russia. The attack on Odesa continued for a second night on July 19, described by Ukrainian officials as “hellish.” Odesa is an essential port for Ukrainian exports and was allowed to remain open under the conditions of the grain deal.

—Ruslan Trad, resident fellow for security research, Sofia, Bulgaria

Wagner moves soldiers to Belarus following apparent disbandment in Russia

The Wagner Group appears to have disbanded its operations in Russia and relocated to Belarus, according to footage reviewed by the DFRLab documenting the movements of Wagner military columns in the days following the mutiny through July 18. Additionally, satellite imagery captured the entry of troops and equipment at the Tsel military camp, located near the Belarusian town of Asipovichy.

On July 17, a video shared on Telegram depicted Wagner soldiers taking down the Russian flag and the Wagner flag at the group’s original military base in Molkino, Krasnodar Krai, Russia. In another video published on July 19, Prigozhin addressed Wagner fighters as they left the Molkino base, describing the situation on the front as “a shame.” In addition, he declared that the group is relocating to Belarus and will focus on its activities in Africa. For the time being, he said, Wagner soldiers are no longer participating in Russia’s special military operation in Ukraine, although they “will perhaps return to the special military operation at the moment when [they] are sure [they] will not be forced to shame ourselves.”

Shortly after the mutiny ended, Russian authorities conducted raids on Wagner’s accounting divisions in Saint Petersburg, according to information purportedly shared by the wives and mothers of Wagner fighters in an online forum. Additional raids took place on Prigozhin’s residence. The movements of Prigozhin’s private jet also indicate frequent travel to Belarus over the past three weeks.

An investigation by Belarusian opposition media outlet Motolko.help revealed a photograph of a man resembling Prigozhin in his undergarments allegedly at the Tsel military base, where he reportedly spent the night on July 12. According to flight data posted on the online portal Radarbox, Prigozhin’s personal Embraer Legacy 600 jet, registration number RA-02795, completed four round-trip flights between Belarus’ Machulishchy air base and Russia.

Radar imagery acquired on July 17 also shows the tents where Wagner fighters appear to be housed and several places for vehicles parked inside the military base.

—Valentin Châtelet, research associate, Brussels, Belgium

Wagner vehicle columns are seen driving from Voronezh to Belarus

On July 16, several videos emerged on Telegram documenting Wagner vehicles departing Voronezh Oblast along Russia’s M-4 Don highway. Utilizing social media footage, the DFRLab determined the location of the vehicles and identified forty registration plates. At least two-thirds of these vehicles displayed military registration plates from the self-proclaimed Donetsk and Luhansk People’s Republic. However, the Belarusian monitoring project Belaruski Hajun reported that many other vehicles used tape to cover their registration plates.

The columns are composed of various buses and trucks, of which only a few could transfer construction equipment. Most of the convoys consist of UAZ Patriot pickup trucks, Ural vans, and Lada cars. No heavy military equipment was observed at the time of writing.

Another video shared on the Russian Telegram channel VChK-OPGU revealed a Wagner convoy of soldiers entering Belarusian territory. According to a post by Belaruski Hajun, at least sixty vehicles entered Belarus through Mogilev Oblast in the early hours of June 15 using the R-43 and M-5 roads. A photograph on Telegram showed the Russian and Wagner Group flags flying at a border outpost.

According to Belaruski Hajun, since July 14, nine distinct military convoys have entered Belarusian territory. They are likely located at the Tsel military camp near Asipovichy. The camp is home to military unit 61732 and was previously identified by Verstka Media as a potential site to accommodate Wagner soldiers. Further, the Belarusian military TV channel VoyenTV posted a video on July 14 showing Wagner soldiers arriving in Belarus and training local forces. According to updated estimates from Belaruski Hajun, as many as 2,500 Wagner members may have relocated to the Tsel military camp since last week.

—Valentin Châtelet, research associate, Brussels, Belgium

Russian officials and state media change their tune about the Kerch Bridge attack after Kremlin announces terror investigation

In the immediate aftermath of the July 17 attack on the Kerch Bridge, Russian officials and state media were relatively mild in their initial language addressing the incident, referring to it as an “emergency.” However, once Kremlin agencies began referring to the attack as a “terror act,” state media and officials began changing their language to follow the Kremlin.

“Traffic was stopped on the Crimean bridge: an emergency occurred in the area of the 145th support from the Krasnodar territory,” Sergei Aksenov, the Russian-installed head of occupied Crimea, wrote on his Telegram channel at 4:21 a.m. local time. Notably, Aksenov did not use the words “explosion,” “attack,” or “terror” to describe the destruction of the bridge. Two subsequent posts, made at 5:03 a.m. and 6:59 a.m., also avoided these terms. It wasn’t until 1:51 p.m. that Aksenov used the phrase “terror act” to describe the attack.

In between Aksenov’s posts, Russia’s National Antiterrorism Committee reported at 10:04 a.m. that they had assessed the Kerch Bridge explosion as a “terror act,” according to Kremlin-owned news agency TASS. Several minutes later at 10:07 a.m., Russia’s Investigative Committee announced that it would open a criminal case investigating the “terror act” on the Kerch Bridge. 

Several Kremlin-owned Russian media outlets, including RIA Novosti and TASS, also used the term “emergency” (“чрезвычайное прошествие” or ЧП) to first describe the bridge explosion before later pivoting to using “terror act.” Neither outlet referred to the destruction of the Kerch Bridge as a “terror act” prior to the official announcements from the Investigative Committee and Antiterrorism Committee. In the case of RIA Novosti, they published a story using the word “emergency” in the headline at 11:41 a.m., more than ninety minutes after the terror investigation announcement, while TASS used the term as late as 7:31 p.m., even though it had already published a report on the investigation. Similarly, many other Kremlin-controlled media outlets, like Komsomolskaya Pravda, Gazeta.ru, RBC, Lenta.ru, and Izvestiya used both “emergency” and “terror act” in their publications throughout the day interchangeably.

—Nika Aleksejeva, resident fellow, Riga, Latvia

FSB colonel alleged to be behind popular Telegram channel detained for extortion

According to Russian media outlet RBC, former Federal Security Service (FSB) Colonel Mikhail Polyakov, the purported administrator of the Telegram channel Kremlevskaya Prachka (“Kremlin Laundress”), was detained for suspected extortion. The press office for the Moscow court released a statement that said Polyakov is “suspected of extorting 40 million rubles [around $440,000] from JSC Lanit, the leader of the Russian industry of information technology.” 

“According to the prosecution, from 2020 to 2023, Polyakov received a large sum of money from a group of IT companies for not publishing information (the so-called ‘negative block’) that could cause significant harm to the rights and legitimate interests of Lanit JSC and the management of Lanit JSC,” the Moscow court continued. The “negative block” is a guarantee that a channel will not mention a particular person or a company in a negative light in exchange for money; this is reportedly a popular practice among Russian Telegram channels.

The independent Russian media outlet Vazhnyye Istorii (“Important Stories”), citing a source close to Russian intelligence services, reported that Polyakov was behind the Kremlevskaya Prachka Telegram channel. According to the outlet, Polyakov supervised an unnamed service at the FSB’s Office for the Protection of the Constitutional Order. In addition, he reportedly oversaw pro-government Telegram channels and was engaged in promoting the Kremlin’s agenda via media and social networks. According to Important Stories, he worked in coordination with Vladimir Putin’s deputy chief of staff, Sergey Kiriyenko.

Important Stories noted that the Telegram channel 112 also named Polyakov as Kremlevskaya Prachka’s administrator, along with the Telegram channels Siloviki, Nezigar, and Brief, which are not as staunchly pro-govern cited by Kremlin propagandists and proxies.

Kremlevskaya Prachka has not posted since the evening of July 13, corresponding with the reported detainment of Polyakov.

—Eto Buziashvili, research associate, Tbilisi, Georgia

Wagner continues to advertise its services in Africa

On July 16, the Wagner-affiliated Telegram channel REVERSE SIDE OF THE MEDAL posted an advertisement offering Wagner’s services to African states. The post included an image from the Prigozhin-funded film, Granite, as well as an email address, seemingly for interested African countries to communicate with Wagner. 

In French, the advertisement reads: “PMC Wagner offers its services to ensure the sovereignty of states and protect the people of African from militants and terrorists.” The fine print emphasizes that “various forms of cooperation are possible,” as long as the cooperation does not “contradict Russia’s interests.” Russia’s interests are not specified.

While the Telegram channel claimed the advertisement was replicated on African social media channels, the DFRLab has not found additional evidence to support this claim.

—Tessa Knight, research associate, London, United Kingdom

Wagner troops arrive in Central African Republic ahead of critical referendum

Alexander Ivanov, director of the Officer’s Union for International Security (COSI), released a statement on COSI’s Telegram channel regarding the recent arrival of dozens of Wagner operatives in Central African Republic. According to US authorities, COSI is a front company for the Wagner Group in Central African Republic.

In the statement, Ivanov confirmed the Wagner troop rotation while stressing that the new personnel have no contract with Russia’s Ministry of Defense. He reiterated that both in CAR and across the continent, “security work is carried out by private companies that enter into contracts directly with the governments of sovereign states,” and that these private companies have nothing to do with official Russian state entities. Ivanov also indicated that this staff rotation should not impact the activities of Russia in Ukraine, and he claimed to have been in contact with Yevgeny Prigozhin. 

Notably, Ivanov stated that despite the recent changes in the structure of Wagner’s “African business,” Prigozhin “intends not to curtail, but to expand his presence in Africa.” This is somehow consistent with what some analysts are observing: Wagner appears to be trying to expand its presence in West African coastal states increasingly threatened by a spillover of the jihadist insurgency from the Sahel, or possibly taking advantage of upcoming elections in several fragile African countries. 

Although Ivanov has often remarked on Wagner activities in CAR and Africa in the past, this statement, coupled with other recent comments, suggest that the COSI director might be now exercising a wider role as spokesman for all Wagner activity in Africa, as Wagner reorganizes its structure in the wake of last month’s failed mutiny. 

The statement comes as a U-turn in recent communications over Wagner’s presence in CAR. In past weeks both CAR and Russian officials stated that the African republic had an agreement with Russia and not with a private military company. Ivanov seems to be returning to earlier narratives in which Wagner claimed that the CAR government signed an agreement with the PMC and not the Russian government. This narrative seems to confirm DFRLab reporting in the June 30 edition of the Russian War Report, in which we noted that denying direct links to Wagner’s actions in Africa has become more difficult for the Kremlin after recent events damaged the principle of plausible deniability, which had previously been a key aspect of Wagner’s success in Africa. However, Russia does not want to waste the network of influence built by its state proxy forces and is now attempting to reorganize, rebrand and develop a new narrative around Wagner and the Kremlin’s ability to conduct hybrid warfare.

The arrival of dozens of troops from Russia’s Wagner in CAR comes at a critical time as the country prepares to hold a constitutional referendum on July 30 that would eliminate presidential term limits and allow President Faustin-Archange Touadéra to extend his term. The CAR government stated earlier this month that Wagner operatives will help in securing the referendum. This could be seen as a strong signal from Moscow to reiterate the strategic importance of its influence in CAR and reassure local partners of its continued support, while sending a message of continuity and strength to other countries in the region where Wagner operates.

—Mattia Caniglia, associate director, Brussels, Belgium

Lavrov to replace Putin at BRICS summit

The Office of South Africa’s Presidency announced on July 19 that Russian Foreign Minister Sergey Lavrov would replace President Vladimir Putin at the upcoming Summit of BRICS Nations (Brazil, Russia, India, China and South Africa) “by mutual agreement.”

In Russian media, pro-Kremlin and opposition news outlets alike posted articles claiming that Russia had refused South Africa’s proposal to send Lavrov as head of the country’s delegation on July 14. Quoting an interview with South Africa’s deputy president, the Russian pro-Kremlin news outlet RTVI suggested that “negotiations are still ongoing.”

Putin is wanted by the International Criminal Court (ICC) for alleged war crimes committed during Russia’s war in Ukraine. A warrant for the arrest of both the Russian president and Presidential Commissioner for Children’s Rights Maria Lvova-Belova alleges that they were involved in organizing and participating in the deportation of Ukrainian children. As a signatory to the Rome Statute, which established the ICC, South Africa would have been obligated to arrest Putin had he attended the BRICS Summit in August. 

South Africa’s largest opposition party, the Democratic Alliance, took to court in a petition to force the government to arrest Putin if he did attend. In a responding affidavit, South African President Cyril Ramaphosa stated that Russia would view South Africa arresting Putin as a “declaration of war.” 

The Kremlin denied claims that Moscow had threatened South African authorities. However, Kremlin spokesperson Dmitry Peskov said on July 19 that “it is clear to everyone in the world what an attempt to encroach on the head of the Russian Federation means.”

—Tessa Knight, Research Associate, London, United Kingdom and Valentin Châtelet, Research Associate, Brussels, Belgium

The post Russian War Report: Wagner is still in business in Africa appeared first on Atlantic Council.

Security

Russian missile strike in Lviv kills ten civilians, injures dozens

Tracking narratives

New narrative accuses US and Ukraine of planning false flag attack on Zaporizhzhia nuclear power plant

Media policy

Former employees share details about Prigozhin’s media group and troll farms

Kremlin-owned RT offers jobs to former employees of Prigozhin’s troll factory

Russian missile strike in Lviv kills ten civilians, injures dozens

At least ten people were killed and thirty-seven injured in Russia’s July 6 attack on Lviv, in western Ukraine. Regional Governor Maksym Kozytskyy said that a Russian missile struck a residential building in the city, destroying more than fifty apartments. 

Meanwhile, Russian forces continue to launch offensive actions in Donetsk and Luhansk oblasts. Ukrainian forces reported thirty-eight combat engagements against Russian troops near Novoselivske, Novohryhorivka, Berkhivka, Bohdanivka, Bakhmut, Avdiivka, and Marinka. In the direction of Lyman, Russian forces shelled Nevske, Bilohorivka, Torske, Verkhnokamyanske, and Rozdolivka in Donetsk. Russian aviation conducted an airstrike in Bilohorivka. Russia also attacked villages in Zaporizhzhia and Kherson oblasts, including Levadne, Olhivske, Malynivka, Huliaipole, and Bilohirka. On July 6, Russian troops shelled Chervonohryhorivka and Nikopol, damaging civilian infrastructure.  

On July 5, reports from Russian military bloggers suggested that Ukrainian forces had advanced southwest of Berkhivka, west of Yahidne, and southwest of Bakhmut. The Ukrainian army said it conducted offensive operations south and north of Bakhmut and is moving on Bakhmut’s southern flank. The Russian Ministry of Defense claimed that the Ukrainian army conducted offensive operations near Lyman, Bakhmut, along the Avdiivka front, on the border between Zaporizhzhia and Donetsk, and in western Zaporizhzhia. 

The Ukrainian army appears to have launched a coordinated attack on Russian army logistical and communications hubs. On July 4, Ukrainian forces reportedly struck an ammunition depot in occupied Makiivka, Donetsk. Russian sources claimed without evidence that Ukraine had struck a hospital. Former Russian army commander Igor Strelkov, also known as Igor Girkin, said the attack demonstrates how Ukraine regularly launches missile strikes against Russian rear targets. Other unconfirmed reports from July 5 indicate Ukraine may have struck Russian positions near Debaltseve. Russian sources claimed that Ukrainian forces hit Russian positions near Yakymivka in the Melitopol area and attempted to strike Berdyansk in the Zaporizhzhia region.

—Ruslan Trad, resident fellow for security research, Sofia, Bulgaria

New narrative accuses US and Ukraine of planning false flag attack on Zaporizhzhia nuclear power plant

Ahead of next week’s NATO Summit in Vilnius, Lithuania, allegations that the United States and Ukraine will launch a false flag operation on the Zaporizhzhia nuclear power plant are spreading on various platforms, including Twitter, 4chan, and Instagram. The allegations seemingly aim to create panic and, in the event of a future attack on the plant, establish a narrative the West and Ukraine are to blame. 

On July 3, a post appeared on 4chan from an anonymous user who introduced himself as a US Marine Corps veteran now working for the government in electronic espionage. The user claimed that the Ukrainian and US governments are working together to bomb the Zaporizhzhia power plant. According to the conspiracy theory, after the false flag operation, the United States will be able to use “nuclear warheads” against Russia. At the time of writing, the post had been deleted from 4chan. However, similar posts remain on the platform.

However, the false flag claims did not originate on 4chan. Russian Twitter accounts posted similar claims building the false flag narrative. After the 4chan post, the claim circulated again on Twitter.  

A similar narrative was also shared by Renat Karchaa, an adviser to Rosenergoatom, a subsidiary of the Russian state nuclear agency Rosatom. Karchaa claimed on Russian state television channel Russia-24 that on the night of July 5, the Ukrainian army would attempt an attack on the Zaporizhzhia plant. Without evidence, he accused the United States and the West of planning a false flag incident to damage Russia’s reputation. The claims were further amplified by Russian state media outlets.  

The allegations escalated on social media after July 4, when Ukrainian President Volodymyr Zelenskyy repeated Ukraine’s concerns about the status of the nuclear power plant. In an address, Zelenskyy restated that Russia plans to attack the plant and that Russian troops have placed explosive-like objects on the building’s roof. In June, Ukrainian military intelligence made similar claims when it reported that the plant’s cooling pond had been mined by Russian troops.  

On July 5, the International Atomic Energy Agency (IAEA) said that it was aware of reports that mines and other explosives had been placed around the plant. The IAEA said their experts inspected parts of the facility and did not observe any visible indications of mines or explosives. IAEA Director General Rafael Mariano Grossi added, “The IAEA experts requested additional access that is necessary to confirm the absence of mines or explosives at the site.” On July 7, the IAEA announced that Russia had granted its experts further access, “without – so far – observing any visible indications of mines or explosives.”  

—Sayyara Mammadova, research assistant, Warsaw, Poland

Former employees share details about Prigozhin’s media group and troll farms

Several independent Russian media outlets published stories this week interviewing former employees of Yevgeny Prigozhin’s Patriot Media Group, which dissolved on June 30.  

In a video published on Telegram, Yevgeny Zubarev, director of Patriot Media Group’s RIA FAN, said the goal was to “work against the opposition, such as Alexei Navalny and others who wanted to destroy our country.” Zubarev confirmed key details previously reported by independent Russian journalists at Novaya Gazeta in 2013 and the now-Kremlin-controlled RBC in 2017 about the existence of paid commentators and the creation of Prigozhin-affiliated media outlets. Zubarev added that, after Russian President Vladimir Putin’s 2018 re-election, the group hired “foreign affairs observers.” The timing corresponds with attempts by Prigozhin’s Internet Research Agency to meddle in the 2020 US presidential election. 

Further, independent Russian media outlets Sever.Realii, Bumaga, and Novaya Gazeta interviewed former employees of Prigozhin’s media group. Speaking on the condition of anonymity, the former employees confirmed that Prigozhin’s “troll factory” and “media factory” conducted coordinated information attacks on opposition leaders, published fabricated or purchased news “exclusives,” praised Putin, and deliberately ignored particular individuals who criticized Wagner Group. Bumaga and Sever.Realii described a smear campaign against Saint Petersburg Governor Alexander Beglov. In 2019, Prigozhin’s media group supported and promoted Beglov, but in 2021, Prigozhin reportedly launched a smear campaign, as Beglov allegedly prevented him from developing a waste collection business in the city. Novaya Gazeta’s report also provided evidence that Prigozhin’s troll farm activities extended beyond Russia, with employees portraying skinheads and fascists in the Baltic region, specifically in Lithuania. 

In recent years, additional revelations about Prigozhin’s media group have come to light. For example, Bumaga reported that prospective hires had to pass a “lie detector test” in which “security service specialists” asked candidates about their attitudes toward the opposition and Alexei Navalny in particular. Once hired, employees were closely surveilled. One former employee Bumaga interviewed characterized the atmosphere as being in a “closed military company.” Both Bumaga and Novaya Gazeta’s interviewees said that most of the employees did not believe in the mission. In one example, an employee left after refusing to launch a smear campaign against Ivan Golunov, a journalist at the independent news outlet Meduza who was detained in 2019 under false pretenses. Bumaga, citing an unnamed former employee, also reported that at one point an employee had hacked the system, erased a database, and fled to Poland. The same interviewee claimed they employed two Telegram administrators who also administered pro-Ukraine channels.

—Nika Aleksejeva, resident fellow, Riga, Latvia

Kremlin-owned RT offers jobs to former employees of Prigozhin’s troll factory

RT Editor-in-Chief Margarita Simonyan offered to hire employees of Yevgeny Prigozhin’s Patriot Media Group, which reportedly housed his troll factories. In the latest episode of the program Keosayan Daily, Simonyan praised the work of “Wagner’s media empire.” She said their work “was super professional” and that anyone left without a job can join “them,” referring to Russian propaganda outlets. She added, “We know you as professional colleagues of ours.” 

The fate of Patriot’s former employees is being actively discussed in Russia. According to Russian outlet Novie Izverstia, Pavel Gusev, editor-in-chief of the pro-Kremlin outlet MK.ru, volunteered to help find jobs for former employees of Patriot. In addition, the chairman of the Saint Petersburg branch of the Union of Journalists of Russia stated that the union would contact the heads of media outlets to help find opportunities for dismissed employees and would provide additional informational support.

—Eto Buziashvili, research associate, Tbilisi, Georgia

The post Russian War Report: Russian conspiracy alleges false flag at Zaporizhzhia nuclear plant appeared first on Atlantic Council.

Security

Military camps for Wagner reportedly under construction in Belarus

Tracking narratives

Pro-Kremlin sources spreading disinformation to justify missile strike in Kramatorsk

Kremlin blames Colombian victims for the injuries they sustained in the Kramatorsk attack

Media policy

Prigozhin’s online assets reportedly blocked in Russia

International Response

Questions abound over the future of Wagner contracts and Prigozhin-linked businesses in Africa

Analysis: With Wagner mutiny, Russia’s loses plausible deniability about its involvement in Africa

Investigation sheds light on how Putin’s childhood friends allegedly evade sanctions

Military camps for Wagner reportedly under construction in Belarus

Russian independent outlet Verstka reported on the construction of camps for Wagner forces near Asipovichi, Mogilev Oblast, located in Belarus approximately two hundred kilometers from the Ukraine border. According to Verstka’s local forestry source, the area will cover 2.4 hectares (5.9 acres) and accommodate eight thousand Wagner fighters. The source also claimed that there will be additional camps constructed. Family members of Wagner fighters also confirmed to Verstka that they were deploying to Belarus. 

Radio Svaboda, the Belarusian-language edition of Radio Liberty, reviewed satellite imagery from Planet Labs that suggested signs of expansion at the Unit 61732 military camp adjacent to the village of Tsel, twenty kilometers northwest of Asipovichi. The outlet interviewed Ukrainian military analyst Oleg Zhdanov, who suggested it was “too early to tell” as to whether the military camp’s expansion is specifically for Wagner forces. “Very little time has passed to start building a camp specifically for the Wagnerites—it’s unreal,” Zhdanov told Radio Svaboda.

On June 27, in his first speech after the Wagner mutiny, Russian President Vladimir Putin reaffirmed the deal that ended the rebellion on June 24 in which Yevgeniy Prigozhin would relocate to Belarus. Putin praised those Wagner fighters who did not participate in the revolt and said they could sign a contract with the Russian Ministry of Defense of other services. He added that other mercenaries who do not want to join could go either home or follow Prigozhin to Belarus.

—Eto Buziashvili, research associate, Tbilisi, Georgia

Pro-Kremlin sources spreading disinformation to justify missile strike in Kramatorsk

Pro-Kremlin sources denied Russia targeted civilians when a missile struck a crowded pizza restaurant in Kramatorsk, killing at least twelve civilians and injuring more than fifty others. According to this narrative, RIA Pizza was actually a military base hosting US and Ukrainian soldiers. To support the claims, pictures taken after the strike were published on Telegram and Twitter.

To support the claim that soldiers of 101st Airborne Division were located at the pizza “military base,” pro-Kremlin sources circulated grisly footage of the attack aftermath recorded by freelance journalist Arnaud De Decker. The clip shows a man wearing a morale patch of a US flag with the words “Always Be Ready: 5.11 Tactical.” 5.11 Tactical is a military apparel company that sells branded merchandise, including morale patches, worn to offer support to various causes and slogans but not used official unit patches. Various types of 5.11 Tactical’s “Always Be Ready” patches are readily available for purchase online.

Similarly, another post from Aleksandr Simonov’s Telegram channel that a man wearing an 101^st Airborne t-shirt was a member of the US Army division. These t-shirts are also readily available from online retailers.

—Sayyara Mammadova, research assistant, Warsaw, Poland

Kremlin blames Colombian victims for the injuries they sustained in the Kramatorsk attack

In addition to pro-Kremlin accusations that the Kramatorsk attack targeted a base housing US Army soldiers, Kremlin influencers also targeted citizens of Colombia, three of whom were injured in the attack, for being at the site of the incident. Colombian President Gustavo Petro said the attack targeted “three defenseless Colombian civilians” in violation of the protocols of war and called for the Colombian Foreign Ministry to submit a note of diplomatic protest to Russia. While the Kremlin acknowledged launching the attack, it insisted the assault struck military personnel rather than civilians.

The three Colombian citizens injured in the attack include acclaimed Colombian writer Hector Abad Faciolince; Sergio Jaramillo Caro, who previously led Colombia’s peace negotiations with FARC rebels; and Ukrainian-based journalist Catalina Gomez. According to the New York Times, Abad and Jaramillo were in Kramatorsk “collecting material” in support of their initiative, ¡Aguanta Ucrania! (“Hang On Ukraine!”), which seeks to garner support for Ukraine in Latin America.

Following the attack, Colombian influencers and officials criticized the attack through media outlets and social media accounts in Spanish. Danilo Rueda, Colombia’s current high commissioner for peace, issued a statement expressing support for the victims without mentioning Russia, while the Ministry of Foreign Affairs expressed its “strongest condemnation of the unacceptable attack by Russian forces on a civilian target.” 

Gomez, who was injured in the attack, broadcast a video for France 24 from the site of the explosion. Meanwhile, Abad and Jaramillo conducted interviews with Colombian media outlets such as El Tiempo in which they described the incident.

Actualidad RT, a Russian media outlets with enormous reach in the Spanish-speaking world, insisted that the victims of the attack were mercenaries and instructors of NATO and Ukraine rather than civilians. Actualidad RT quoted statements from Igor Konashenkov, spokesperson for the Russian Ministry of Defense,  and Kremlin spokesperson Dmitri Peskov, who said the attack struck “military targets” and that “Russia does not attack civilian infrastructure.” Actualidad RT promoted its claims via Twitter and Facebook multiple times on June 28.

Colombian radio station WRadio interviewed Kremlin foreign policy spokesperson Maria Zakharova on the morning of June 28. Zakharova stated that the restaurant was a Russian military target and called for an investigation into Victoria Amelina, a Ukrainian writer who was gravely injured while purportedly hosting the Colombians at the restaurant, claiming without evidence that Amelina had prior knowledge that the restaurant was a military target. Zakharova reiterated this statement after a WRadio journalist asked her to confirm the accusation. In contrast, Abad stated that it was Gomez who suggested they visit the restaurant, and that she apologized for doing so after the attack.

The Russian embassy in Colombia amplified Zakharova’s narrative later that same afternoon and evening. On Twitter, the embassy insisted that the city was “an operational and logistical-military hub, not a suitable place to enjoy Ukrainian cuisine dishes.” It also seemed to celebrate that the “reckless trip [of the Colombians] did not turn into an irreparable tragedy.”

—Daniel Suárez Pérez, research associate, Bogota, Colombia

Prigozhin’s online assets reportedly blocked in Russia

Over the course of the thirty-six-hour Wagner mutiny, the Kremlin attempted to limit information about Yevgeniy Prigozin on Russian social media and search engines, eventually blocking websites affiliated with Prigozhin. On June 24, the Telegram channel of Russian state-owned propaganda outlet RT reported that several Prigozhin-controlled media outlets including RIA FAN, People’s News, and Patriot Media Group were no longer accessible in parts of Russia. RT added that the reason for their disappearance was unknown. Similar reports appeared in Mediazona and several Telegram channels. 

The DFRLab used the Internet censorship measurement platform OONI to verify the claim and check the accessibility of RIA FAN within Russia. OONI detected signs that riafan.ru was blocked in the country. 

On June 29, independent Russian outlet The Bell claimed the Kremlin was searching for a new owner for Patriot Media Group, which includes media assets associated with Prigozhin. The following day, multiple Russian outlets reported that Prigozhin had dissolved Patriot Media Group.

—Eto Buziashvili, research associate, Tbilisi, Georgia

Questions abound over the future of Wagner contracts and Prigozhin-linked businesses in Africa

For years, Wagner has acted as Russia’s primary form of influence in Africa—spreading disinformation and propaganda, securing military contracts, and exporting natural resources to support Putin’s war effort. Following Prigozhin’s attempted mutiny, the future of Wagner’s operations on the continent has come into question. While it is highly unlikely the Kremlin would willingly abandon its influence in Africa, if Wagner is retired or its troops absorbed into the Ministry of Defense, it is uncertain who would maintain the group’s operations on the continent.

Russian Foreign Minister Sergei Lavrov confirmed that Russia’s work in Africa will continue. In a TV interview with Russia Today, Lavrov said, “In addition to relations with this PMC the governments of CAR and Mali have official contacts with our leadership. At their request, several hundred soldiers are working in CAR as instructors.”

A top advisor to Central African Republic President Faustin-Archange Touadéra appeared unconcerned about the weekend’s events. Speaking of Wagner’s military instructors, Fidèle Gouandjika said, “If Moscow decides to withdraw them and send us the Beethovens or the Mozarts rather than Wagners, we will have them.” In a statement released to its Telegram channel, the Officer’s Union for International Security—a US-sanctioned Wagner front company operating in CAR—claimed CAR’s defense minister had apologized for Gouandjika’s remarks. It quoted Defense Minister Claude Rameaux Bireau as saying, “The people of the CAR are grateful to the Russian instructors of Wagner, ask any Central African on the streets of Bangui or in the village of the CAR—he will confirm my words.”

In Mali, where Wagner forces have taken over responsibility for pushing back jihadists after the departure of French forces, the online outlet Mali Actu reported that the situation could dramatically impact Mali. “This situation raises major concerns about the security, stability and sovereignty of Mali, as well as the impact on the local population and counter-terrorism efforts,” it wrote.

—Tessa Knight, research associate, London, United Kingdom

Analysis: With Wagner mutiny, Russia loses plausible deniability about its involvement in Africa

While Wagner’s future in Africa remains uncertain, it is important to consider that the Wagner Group not just a paramilitary force. It is also a conglomerate of companies active in different sectors, from mining and logistics to political warfare and moviemaking, able to travel the spectrum between private entrepreneurism to state proxy. This flexibility has previously allowed Moscow to deploy Wagner to act as a force multiplier in Africa while simultaneously denying Russia’s direct presence on the continent. In Africa, Russia has used Wagner multiple times as part of a strategy to help authoritarian leaders stay in power and gain a pro-Russian military presence on the ground, all while maintaining plausible deniability. Until now, the positive outcomes of this strategy have far exceeded the costs for the Kremlin, as Russia has built a strong network of African influence with relatively little effort, securing concessions in strategic extractive industries, and expanding military-to-military relations on the continent.

However, this principle of plausible deniability, which made Wagner so successful and so useful for Moscow as an extension of its foreign policy and influence, is now damaged. As previously noted, Russian Foreign Minister Sergei Lavrov, as well as Putin, publicly confirmed direct links between Wagner and the Russian state apparatus.

Africa is intimately linked to Wagner: In the wake of Wagner’s involvement in Syria, Africa became the scene of the group’s expansion. Engaging in Sudan, the Central African Republic, Libya, Mozambique, Madagascar, and Mali, Wagner employed an opportunistic strategy of supplying security while taking concessions to mine natural resources. While its forces were in most cases invited to stabilize fragile states, its actions actively invited further instability, creating more opportunities and a greater demand signal for its services, ultimately granting renewing opportunities to Moscow to reinforce its footprint in the continent.

While denying direct links to Wagner’s actions in Africa might have become more difficult for the Kremlin, Russia is unlikely to waste the network of influence built by the group in recent years. Instead, Moscow will likely continue to deploy hybrid tools such as Wagner, although organized in different shapes and forms, so Russia can continue displacing Western influence, exploiting natural resources, and evading sanctions through dozens of front companies.

—Mattia Caniglia, associate director, Brussels, Belgium

Investigation sheds light on how Putin’s childhood friends allegedly evade sanctions

On June 20, the Organized Crime and Corruption reporting project (OCCRP) published a series of investigations titled “The Rotenberg Files” that shed light on the business dealings and alleged sanctions evasion attempts of Boris and Arkady Rotenberg, close friends of Russian President Vladimir Putin. The report is based on fifty thousand leaked emails and documents, examined by journalists from seventeen outlets. The OCCRP said the leak came from a source who worked for the brothers at a Russian management firm. The OCCRP investigation was conducted in partnership with the Times of London, Le Monde, and Forbes, among others.

Boris and Arkady Rotenberg are childhood friends of Putin. The billionaire brothers faced Western sanctions amid Russia’s 2014 annexation of Crimea, but their lavish lifestyles do not appear to have been impacted. 

According to the OCCRP, the leaked documents demonstrate how the Rotenberg brothers allegedly used Western lawyers, bankers, corporate service providers, and proxies to evade sanctions. 

One of the report’s findings also alleges the brothers maintain business links to Prince Michael of Kent, a cousin of the late Queen Elizabeth II who was previously accused by the Sunday Times and Channel 4 of profiting off close access to the Kremlin. According to the latest investigation, “Prince Michael distanced himself from earlier ties to the Putin regime in the wake of the 2022 invasion of Ukraine. But leaked emails and corporate records show he co-owns a company with two Russian businessmen who helped billionaire oligarch and Putin ally Boris Rotenberg dodge Western sanctions.” 

Another investigation from the Rotenberg files reported that Putin’s eldest daughter regularly visited a holiday property financed by Arkady Rotenberg in an exclusive Austrian skiing destination. Documents reviewed by the OCCRP suggest that the house was purchased by a Cypriot company in 2013 with a loan from a bank then owned by Arkady, using funds invested by another company he owned. Other records suggested that the former romantic partner of Putin’s daughter is connected to the company that owns the Austrian property. Residents claim to have seen Putin himself at the Kitzbühel residence, though this has not been confirmed. 

The Rotenberg brothers and Prince Michael declined to comment to the OCCRP investigative consortium.

—Ani Mejlumyan, research assistant, Yerevan, Armenia

The post Russian War Report: Kremlin denies that it targeted civilians in a missile attack on a pizza restaurant appeared first on Atlantic Council.

Introduction

The prominence of West Africa, and Africa as a whole, within the global disinformation ecosystem cannot be ignored. A report by the Africa Center for Strategic Studies released in April 2022 identified twenty-three disinformation campaigns targeting African countries dating back to 2014. Of these campaigns, sixteen are linked to Russia.

The listed disinformation campaigns—nine of which were identified by the DFRLab—reveal two key points. First, there has been a marked increase in the number of publicly identified disinformation campaigns in recent years. Whether this is due to an increase in the scrutiny, analytical capacity, or efforts on the part of bad actors is unclear. Second, the characteristics of each of these influence operations are distinct—these operations target a wide variety of issues, such as elections, the war in Ukraine, commercial interests, and domestic and international politics.

Further, relations between France and francophone West Africa have, following years of amicable relations built on the back of military cooperation, seen a marked erosion that was underscored by the exit of the last of the French troops from Mali in August 2022. Anti-France and pro-Russia sentiments have surged contemporaneously, with overlapping narratives positioning Russia as a viable alternative to Western aid. When French forces began their departure from Mali in June 2022, Russian private military companies (PMCs) such as the Wagner Group stood ready to fill the void.

This report examines several influence operation case studies from the West African region, with a particular emphasis on Mali, Burkina Faso, Côte d’Ivoire, and Niger. The narratives, actors, and contexts supporting these influence operations are summarized alongside their impact on regional stability. Russian influence plays a significant role in these case studies, an unsurprising fact considering the geopolitical history of this region.

This report also includes case studies from outside the Sahel region, consisting of thematically distinct but strategically noteworthy influence campaigns from elsewhere on the continent. For example, the Nigerian government used social media influencers to suppress citizen participation in the #EndSARS movement. Elsewhere, the Ethiopian diaspora used innovative click-to-tweet campaigns to spread international awareness of the conflict in Ethiopia’s Tigray region. In South Africa, the rise in violent xenophobic demonstrations was precipitated by a popular social media campaign that normalized prejudice against foreign nationals.

The plethora of actors, targets, strategies, and tactics make a blanket approach to studying African disinformation networks difficult. The depth and breadth of these campaigns shows that Africa is facing the same challenges as the rest of the world insofar as disinformation is concerned. Moreover, the interest shown by foreign governments attests to the region’s geopolitical significance. This combination of geopolitical importance and a vulnerability to influence campaigns makes Africa a notable case study.

Background

Africa’s information environment is not monolithic Analog channels such as radio and film are used in conjunction with digital efforts to reach audiences, but Internet penetration rates and the accompanying reli- ance on analog media differ significantly from country to country For example, as of January 2022, Morocco, the Seychelles, and Egypt maintained Internet penetration rates of higher than 70 percent, nearly ten times the rate of the country with the lowest penetration rate, the Central African Republic (7 percent).

In the countries mentioned in the table above, Facebook and Instagram maintain a leading position insofar as social media penetration is concerned This can be partly ascribed to Facebook’s Free Basics service that “zero-rates” data (including Facebook and Instagram data) on participating mobile networks. These mobile networks can then bundle Facebook and Instagram data into a consumer’s service plan without the consumer having to pay extra for that data use Considering that mobile connections outstrip desktop connections, and that mo- bile data is more expensive than fixed broadband, it is clear why this has been effective to expand Facebook and Instagram’s footprint Meta shuttered the Free Basics program in some regions at the end of 2022 as the program’s spiritual successor – Meta Discover – was being rolled out The impact this will have on the information environment remains to be seen.

Social media and internet penetration rates in some of the African countries referenced in this report

With contributions from

The Atlantic Council’s Digital Forensic Research Lab (DFRLab) has operationalized the study of disinformation by exposing falsehoods and fake news, documenting human rights abuses, and building digital resilience worldwide.

learn more

The post The disinformation landscape in West Africa and beyond appeared first on Atlantic Council.

Strategy Paper Editorial board

Executive editors

Frederick Kempe
Alexander V. Mirtchev

Editor-in-chief

Matthew Kroenig

Editorial board members

James L. Jones
Odeh Aburdene
Paula Dobriansky
Stephen J. Hadley
Jane Holl Lute
Ginny Mulberger
Stephanie Murphy
Dan Poneman
Arnold Punaro

Executive summary

The United States and the People’s Republic of China (PRC) are engaged in a strategic competition surrounding the development of key technologies. Both countries seek to out-compete the other to achieve first-mover advantage in breakthrough technologies, and to be the best country in terms of the commercial scaling of emerging and existing technologies.

Until recently, the United States was the undisputed leader in the development of breakthrough technologies, and in the innovation and commercial scaling of emerging and existing technologies, while China was a laggard in both categories. That script has changed dramatically. China is now the greatest single challenger to US preeminence in this space. 

For the United States, three goals are paramount. The first is to preserve the US advantage in technological development and innovation relative to China. The second is to harmonize US strategy and policy with those of US allies and partners, while gaining favor with nonaligned states. The third is to retain international cooperation around trade in technology and in scientific research and exploration.

The strategy outlined in these pages has three major elements: the promotion of technologically based innovation; the protection of strategically valuable science and technology (S&T) knowhow, processes, machines, and technologies; and the coordination of policies with allies and partners. The shorthand for this triad is “promote, protect, and coordinate.”

On the promotion side, if the United States wishes to remain the leading power in scientific research and in translating that research into transformative technologies, then the US government—in partnership with state and local governments, the private sector, and academia—will need to reposition and recalibrate its policies and investments. On the protect side, a coherent strategy requires mechanisms to protect and defend a country’s S&T knowledge and capabilities from malign actors, including trade controls, sanctions, investment screening, and more. Smartly deploying these tools, however, is exceedingly difficult and requires the United States to hone its instruments in a way that yields only intended results. The coordination side focuses on “tech diplomacy,” given the need to ensure US strategy and policy positively influence as many allies, partners, and even nonaligned states as possible, while continuing to engage China on technology-related issues. The difficulty lies in squaring the interests and priorities of the United States with those of its allies and partners, as well as nonaligned states, and even China itself. 

This strategy assumes that China will remain a significant competitor to the United States for years to come. It also assumes that relations between the United States and China will remain strained at best or, at worst, devolve into antagonism or outright hostility. Even if a thaw were to reset bilateral relations entirely, the US interest in maintaining its advantage in technological development would remain. 

Any successful long-term strategy will require that the US government pursue policies that are internally well coordinated, are based on solid empirical evidence, and are flexible and nimble in the short run, while being attentive to longer-run trends and uncertainties. 

There are two major sets of risks accompanying this strategy. Overreach is one because decoupling to preserve geopolitical advantages can be at odds with economic interests. A second involves harms to global governance including failure to continue cooperation surrounding norms and standards to guide S&T research, and failure to continue international science research cooperation focused on solving global-commons challenges such as pandemics and climate change. 

The recommendations that follow from this analysis include the following, all directed at US policymakers.

1. Restore and sustain public research and development (R&D) funding for scientific and technological advancement.
2. Improve and sustain STEM (science, technology, engineering, and math) education and skills training across K–12, university, community college, and technical schools.
3. Craft a more diverse tech sector.
4. Attract and retain highly skilled talent from abroad.
5. Support whole-of-government strategy development.
6. Ensure private-sector firms remain at the cutting edge of global competitiveness. 
7. Improve S&T intelligence and counterintelligence.
8. Ensure calibrated development and application of punitive measures. 
9. Build out and sustain robust multilateral institutions.
10. Engage with China, as it cannot be avoided.

Back to top

A 2033 What If…

Imagine that it is the year 2033. Imagine that China has made enormous strides forward in the technology arena at the expense of the United States and its allies and partners. Suppose that this outcome occurred because, between 2023 and 2033, China’s economy not only does not weaken substantially but instead goes from strength to strength, including (importantly) increasing its capabilities in technological development and innovation. Suppose, too, that the US government failed to craft and maintain the kinds of investments and policies that are needed to sustain and enhance its world-leading tech-creation machine—its “innovation ecosystem”—to stay ahead of China. Suppose that the US government also failed to properly calibrate the punitive measures designed to prevent China from acquiring best-in-class technologies from elsewhere in the world—where calibration means the fine-tuning of policies to achieve prescribed objectives without spillover consequence. Finally, suppose that the United States and its allies and partners around the world failed to align with one another in terms of strategies and policies regarding how to engage China and, just as critically, about alignment of their own ends. What might that world look like?

Looking at that world from the year 2033, a first observation is that US scientific and technological (S&T) advantage, a period that lasted from 1945 to the 2020s, has come to an end. In its place is a world where China’s government labs, universities, and firms are often the first to announce breakthrough scientific developments and the first to turn them into valuable technologies.

For the US government and for allies and partners in the Indo-Pacific region, the strategic consequences are severe, as China has not only closed much of the defense spending gap by 2033 but is able to employ weaponry as advanced, and in some cases more advanced, than those of the United States and its allies.¹ Military planners from Washington to New Delhi watch China’s rising capabilities with much anxiety, given the geostrategic leverage that such changes have given Beijing across the region.

Nor is this problem the only headache for the United States and its coalition of partners in 2033. For a variety of reasons, many of China’s tech firms are outcompeting those elsewhere in the world, including some of the United States’ biggest and most important firms. Increasingly, the world looks as much to Shenzhen as to Silicon Valley for the latest tech-infused products and services.

China’s long-standing ambition to give its tech firms an advantage has paid off. The Chinese state has successfully pursued its strategy of commercial engagement with other countries, one that has been well known for decades and is characterized by direct and indirect financial and technical aid for purchases of Chinese hardware and software. This approach, while imperfect, drove adoption of Chinese technology abroad, with much of that adoption happening in the Global South.² Across much of Africa, Latin America, South and Southeast Asia, and the Middle East, China has grown into the biggest player in the tech space, with its technologies appealing both to consumers and to many governments looking for financial assistance in upgrading their tech infrastructure. Moreover, China’s tech assistance has aided authoritarian governments seeking the means to control access to information, especially online, and the desire to surveil citizens and suppress dissent.³ China’s efforts have been a major reason why the internet has fractured in many countries around the world. The ideal of the internet as an open platform is largely gone, replaced by a system of filtered access to information—in many instances, access that is controlled by authoritarian and illiberal states.

In 2033, even the biggest US-based tech firms struggle to keep pace with Chinese firms, as do tech firms based in Europe, Asia, and elsewhere. Although still formidable, Western firms find themselves at a disadvantage in both domestic and foreign markets. China’s unfair trading practices have continued to give its firms an edge, even in markets in mature economies and wealthy countries. China has continued its many unfair trading practices, including massive direct and indirect state subsidies and regulatory support for its firms, suspect acquisition—often outright theft—of intellectual property (IP) from firms abroad, and requiring that foreign firms transfer technology to China in exchange for granting access to its enormous domestic consumer market, in 2033 the biggest in the world.⁴ When added to the real qualitative leaps that China has made in terms of the range and sophistication of its tech-based products and services, foreign firms are often on the back foot even at home. In sector after sector, China is capturing an increasingly large share of global wealth.

Nor is this all. China’s rising influence means that the democratic world has found it impossible to realize its preferences concerning the global governance of technology. This problem extends beyond China’s now significant influence on technical-standards development within the range of international organizations that are responsible for standards.⁵ The problem is much larger than even that. Since the early 2020s, because of decreasing interest in scientific cooperation, the United States, China, and Europe have been unable to agree on the basic norms and principles that should guide the riskiest forms of advanced tech development. As a result, big gaps have appeared in how the major players approach such development. This patchwork, incomplete governance architecture has meant that countries, firms, and even individual labs have forged ahead without common ethical-normative frameworks to guide research and development. In such fields as artificial intelligence (AI), China has increased its implementation of AI-based applications that have eroded individual rights and privacies—for example, AI-driven facial-recognition technologies used by the state to monitor individual activity—not only within China, but in parts of the world where its technologies have been adopted.⁶

Nor is even this long list all that is problematic in the year 2033. Scientific cooperation between the United States and China—and, by extension, China and many US allies and partners—has declined precipitously since 2023. Cross-national collaboration among the world’s scientists has always been a proud hallmark of global scientific research, delivering progress on issues ranging from cancer treatments to breakthrough energy research. Collaboration between China on the one hand, and Western states on the other, used to be a pillar of global science. Now, unfortunately, much of that collaboration has disappeared, given the rising suspicions and antagonism and the resulting policies that were implemented to limit and, in some cases, even block scientific exchange.⁷

From the perspective of developments that led to this point in the year 2033, the United States and its allies and partners failed to pursue a coherent, cooperative, and united strategy vis-à-vis strategic competition with China. Policymakers were unable to articulate, and then implement, policies that were consistent over time and across national context. Various international forums were created for engagement on strategy and policy questions, but they proved of low utility as policy harmonization bodies or tech trade-dispute mechanisms.

Back to top

Strategic context

The above scenario, which sketches a world in 2033 where China has gained the upper hand at the expense of the United States and its allies and partners, is not inevitable. As this strategy paper articulates, there is much that policymakers in the United States and elsewhere can do to ensure that more benign futures, from their perspectives, are possible. However, as this strategy paper also articulates, their success is far from a given.

The United States and the People’s Republic of China (PRC) are engaged in a strategic competition surrounding the development of key technologies, including advanced semiconductors (“chips”), AI, advanced computing (including quantum computing), a range of biotechnologies, and much more. Both countries seek to out-compete the other to achieve first-mover advantage in breakthrough technologies, and to be the best country at the commercial scaling of emerging and existing technologies.

These two capabilities—the first to develop breakthrough technologies and the best at tech-based innovation—overlap in important respects, but they are not identical and should not be regarded as the same thing. The first country to build a quantum computer for practical application (such as advanced decryption) is an example of the former capability; the country that is best at innovating on price, design, application, and functionality of electric vehicles (EVs) is an example of the latter capability. The former will give the inventing country a (temporary) strategic and military advantage; the latter will give the more innovative country a significant economic edge, indirectly contributing to strategic and military advantage. The outcome of this competition will go a long way toward determining which country—China or the United States—has the upper hand in the larger geostrategic competition between them in the coming few decades.

For China, the primary goal is to build an all-encompassing indigenous innovation ecosystem, particularly in sectors that Chinese leadership has deemed critical. Beijing views technology as the main arena of competition and rivalry with the United States, with many high-level policies and strategy documents released under Xi Jinping’s tenure emphasizing technology across all aspects of society. Under Xi’s direction, China has intensified its preexisting efforts to achieve self-sufficiency in key technology sectors, centering on indigenous innovation and leapfrogging the United States. 

On the US side, the Joe Biden administration and Congress have emphasized the need to maintain leadership in innovation and preserve US technological supremacy. Although there are many similarities between the Donald Trump and Biden administrations’ approaches to competition with China, one of the primary differences has been the Biden administration’s focus on bringing allies and partners onboard and trying to make policies as coordinated and multilateral as possible. While a laudable goal, implementation of a seamless allies-and-partners coordination is proving difficult.

Until recently, the United States was the undisputed leader in the development of breakthrough technologies, and in the innovation and commercial scaling of emerging and existing technologies. Until recently, China was a laggard in both categories, falling well behind the United States and most, if not all, of the world’s advanced economies in both the pace of scientific and technological (S&T) development and the ability to innovate around technologically infused products and services.

That script has changed dramatically as a result of China’s rapid ascension up the S&T ladder, starting with Deng Xiaoping’s reforms in the 1970s and 1980s and continuing through Xi Jinping’s tenure.⁸

Although analysts disagree about how best to measure China’s current S&T capabilities and its progress in innovating around tech-based goods and services, there is no dispute that China is now the greatest single challenger to US preeminence in this space. In some respects, China may already have important advantages over the United States and all other countries—for example, in its ability to apply what has been labeled “process knowledge,” rooted in the country’s vast manufacturing base, to improve upon existing tech products and invent new ones.⁹

This competition represents a new phase in the two countries’ histories. The fall of the Berlin Wall and the decade that followed saw US leadership seek to include China as a member of the rules-based international order. In a March 2000 speech, President Bill Clinton spoke in favor of China’s entry into the World Trade Organization (WTO), arguing that US support of China’s new permanent normal trade relations (PNTR) status was “clearly in our larger national interest” and would “advance the goal America has worked for in China for the past three decades.”¹⁰ China’s leadership returned the favor, with President Jiang Zemin later stating that China “would make good on [China’s] commitments…and further promote [China’s] all-directional openness to the outside world.”¹¹

Despite some US concerns, the period from 2001 through most of the Barack Obama administration saw Sino-American relations at their best.¹² The lure of the Chinese market was strong, with bilateral trade in goods exploding from less than $8 billion in 1986 to more than $578 billion in 2016.¹³ People-to-people exchanges increased dramatically as well, with tourism from China increasing from 270,000 in 2005 to 3.17 million in 2017, and the number of student F-visas granted to PRC students increasing tenfold, from approximately 26,000 in 2000 to nearly 250,000 in 2014.¹⁴ US direct investment in China also grew significantly after 2000, as US companies saw the vast potential of the Chinese market and workforce. Notably, overall US investment in China continued to grow even after the COVID-19 pandemic.¹⁵

So what changed? In a 2018 essay titled “The China Reckoning,” China scholars Ely Ratner and Kurt Campbell—now both members of the Biden administration—described how the US plan for China and its role in the international system had not gone as hoped. 

Neither carrots nor sticks have swayed China as predicted. Diplomatic and commercial engagement have not brought political and economic openness. Neither US military power nor regional balancing has stopped Beijing from seeking to displace core components of the US-led system. And the liberal international order has failed to lure or bind China as powerfully as expected. China has instead pursued its own course, belying a range of American expectations in the process.

Campbell and Ratner, “The China Reckoning.”

These sentiments were shared by many others in Washington. Many felt like China was taking advantage of the United States as the Obama administration transitioned to its “pivot to Asia.” For example, in 2014 China sent an uninvited electronic-surveillance ship alongside four invited naval vessels to the US-organized Rim of the Pacific (RIMPAC) military exercises, damaging what had appeared to be improving military-to-military relations.¹⁶ On the economic side, despite the two sides signing an agreement in April 2015 not to engage in industrial cyber espionage, it soon became clear that China did not plan to uphold its side of the bargain. In 2017, the US Department of Justice indicted three Chinese nationals for cyber theft from US firms, including Moody’s Analytics, Siemens AG, and Trimble.¹⁷

Within China, political developments were also driving changes in the relationship. Xi Jinping assumed power in November 2012, and most expected him to continue on his predecessors’ trajectory. However, in 2015 a slew of Chinese policies caught the eye of outside observers, especially the “Made in China 2025” strategy that caused a massive uproar in Washington and other global capitals, given its explicit focus on indigenization of key sectors, including the tech sector. 

On the US side, when President Trump was elected in 2017, the bilateral economic relationship came under further fire, sparked by growing concerns surrounding China’s unfair trade practices, IP theft, and the growing trade deficit between the two countries. First the first time, frustration over these issues brought about strong US policy responses, including tariffs on steel, aluminum, soybeans, and more, a Section 301 investigation of Chinese economic practices by the US trade representative, and unprecedented export controls on the Chinese firms Huawei and ZTE. On the Chinese side, a growing emphasis on self-reliance, in conjunction with narratives surrounding the decline of the West, has dominated the conversation at the highest levels of government. In many instances, some of these statements—like China’s relatively unachievable indigenization goals in the semiconductor supply chain—have pushed the US policy agenda closer toward one centering on zero-sum tech competition.

In 2023, the Biden administration continued some Trump-era policies toward China, often reaching for export controls as a means to prevent US-origin technology from making its way to China. The Biden administration is even considering restricting outbound investment into China, stemming from concerns around everything from pharmaceutical supply chains to military modernization. The bottom line is that US-China competition is intense, and is here to stay for the foreseeable future. 

Back to top

Goals

There are three underlying goals for policymakers in the United States to consider when developing a comprehensive strategy. 

1. Preserve the US advantage in technological development and innovation relative to China. Although the United States has historically led the world in the development of cutting-edge technologies, technological expertise, skills, and capabilities have proliferated worldwide and eroded this advantage. Although the United States arguably maintains its first position, it can no longer claim to be the predominant global S&T power across the entire board. As a result, US leadership will have to approach this issue with a clear-eyed understanding of US capabilities and strengths, as well as weaknesses. 
   
   Further, it is impractical to believe that the United States alone can lead in all critical technology areas. US policymakers must determine (with the help of the broader scientific community) not only which technologies are critical to national security but also how these technologies are directly relevant in a national security context. This point suggests the need for aligning means with ends—what is the US objective in controlling or promoting a specific technology? Absent strong answers to this question, technology controls or promotion efforts will likely yield unintended results, both good and bad. 
   
   Further, it is impractical to believe that the United States alone can lead in all critical technology areas. US policymakers must determine (with the help of the broader scientific community) not only which technologies are critical to national security but also how these technologies are directly relevant in a national security context. This point suggests the need for aligning means with ends—what is the US objective in controlling or promoting a specific technology? Absent strong answers to this question, technology controls or promotion efforts will likely yield unintended results, both good and bad. 
   
   Further, the United States’ capacity to transform basic research into applications and commercial products is an invaluable asset that has propelled its innovation ecosystem for decades. In contrast, Chinese leadership is keenly aware of its deficiencies in this area. 
   
   First-mover advantage in laboratory scientific research is not the same thing as innovation excellence. A country needs both if it seeks predominance. A country can have outstanding scientific capabilities but poor innovation capacity (or vice versa). Claims that China is surpassing the United States and other advanced countries in critical technology areas are premature, and often fail to consider how metrics to assess innovative capacity interact with one another (highly cited publications, patents, investment trends, market shares, governance, etc.).¹⁸ Assessing a country’s ability to preserve or maintain its technological advantage requires a holistic approach that takes all of these factors into account.
2. Harmonize strategy and policy with allies and partners, while gaining favor with nonaligned states. With respect to strategic competition vis-a-vis China, the interests of the United States are not always identical to those of its allies and partners. Any strategy designed to compete in the tech space with China needs to align with the strategies and interests of US allies and partners. Simultaneously, US strategy should offer benefits to nonaligned states within the context of this strategic competition with China, so as to curry favor with them.
   
   This goal is especially important, given that the United States relies on and benefits from a network of allies and partners, whereas China aspires to self-sufficiency in S&T development. To preserve the United States’ advantage, US leadership must first recognize that its network is one of the strongest weapons in the US arsenal.
   
   US allies and partners, of which there are many, want to maintain and strengthen their close diplomatic, security, and economic ties to the United States. The problem is that most also have substantial, often critical, economic relationships with China. Hence, they are loath to jeopardize their relationships with either the United States or China. 
   
   This strategic dilemma has become a significant one for US allies in both the transpacific and transatlantic arenas. As examples, Japan and South Korea, the two most advanced technology-producing countries in East Asia, are on the front lines of this dilemma. Their challenging situation owes to their geographic proximity to China on the one hand—and, hence, proximity to China’s strategic ambitions in the East and South China Seas, as well as Taiwan—and to their close economic ties to both China and the United States on the other.¹⁹ Although both have been attempting an ever-finer balancing act between the United States and China for years, the challenge is becoming more difficult.²⁰ In January 2023, Japan reportedly joined the United States and the Netherlands to restrict sales of advanced chipmaking lithography machines to China, despite the policy being against its clear economic interests.²¹ In April and May 2023, even before China banned sales of chips from Micron Technology, a US firm, the US government was urging the South Korea government to ensure that Micron’s principal rivals, South Korea’s Samsung Electronics and SK Hynix, did not increase their sales in China.²²
   
   For nonaligned states, many of which are in the Global South, their interests are manifold and not easily shoehorned into a US-versus-China bifurcation. Many states in this category have generalized concerns about a world that is dominated by either Washington or Beijing, and, as such, are even more interested in hedging than are the closest US allies and partners. Their governments and business communities seek trade, investment, and access to technologies that can assist with economic development, while their consumers seek affordable and capable tech. Although China has made enormous strides with respect to technological penetration of markets in the Global South, there also is much opportunity for the United States and its allies and partners, especially given widespread popular appetite for Western ideals, messaging, and consumer-facing technologies.²³
3. Retain cooperation around trade and scientific exploration. One of the risks that is inherent in a fraught Sino-American bilateral relationship is that global public-goods provision will be weakened. Within the context of rising tensions over technological development, there are two big concerns: first, that global trade in technologically based goods and services will be harmed, and second, that global scientific cooperation will shrink. 
   
   An open trading system has been an ideal of the rules-based international order since 1945, built on the premise that fair competition within established trading rules is best for global growth and exchange. The US-led reforms at the end of the World War II and early postwar period gave the world the Bretton Woods system, which established the International Monetary Fund (IMF), plus the Marshall Plan and the General Agreement on Tariffs and Trade (GATT). Together, these reforms enabled unprecedented multi-decade growth in global trade.²⁴ China’s accession to the WTO in 2001, which the US government supported, marked a high point as many read into China’s entry its endorsement of the global trade regime based on liberal principles. However, since then—and for reasons having much to do with disagreements over China’s adherence to WTO trading rules—this global regime has come under significant stress. In 2023, with few signs that the Sino-American trade relationship will improve, there is significant risk of damage to the global trading system writ large.²⁵
   
   Any damage done to the global trading system also risks harm to trade between the two countries, which is significant given its ongoing scale (in 2022, bilateral trade in goods measured a record $691 billion).²⁶. Tech-based trade and investment remain significant for both countries, as illustrated by the February 2023 announcement of a $3.5-billion partnership between Ford Motor Company and Contemporary Amperex Technology Limited (CATL) to build an EV-battery plant in Michigan using CATL-licensed technology.²⁷ A priority for US policymakers should be to preserve trade competition in tech-infused goods and services, at least for those goods and services that are not subject to national security-based restrictions and where China’s trade practices do not result in unfair advantages for its firms. 
   
   Beyond trade, there are public-goods benefits resulting from bilateral cooperation in the S&T domain. These benefits extend to scientific research that can hasten solutions to global-commons challenges—for example, climate change. China and the United States are the two most active countries in global science, and are each other’s most important scientific-research partner.²⁸ Any harm done to their bilateral relationship in science is likely to decrease the quality of global scientific output. Further, the benefits from cooperation also extend to creation and enforcement of international norms and ethics surrounding tech development in, for example, AI and biotechnology.

Back to top

Major elements of the strategy

The strategy outlined in these pages has three major elements: the promotion of technologically based innovation, sometimes labeled “running faster”; the protection of strategically valuable S&T knowhow, processes, machines, and technologies; and the coordination of policies with allies and partners. This triad—promote, protect, and coordinate—is also shorthand for the most basic underlying challenge facing strategists in the US government and in the governments of US allies and partners. In the simplest terms, strategists should aim to satisfy the “right balance between openness and protection,” in the words of the National Academies of Sciences, Engineering, and Medicine.²⁹ This strategic logic holds for both the United States and its allies and partners.

1. Promote: The United States has been the global leader in science and tech-based innovation since 1945, if not earlier. However, that advantage has eroded, in some areas significantly, in particular since the end of the Cold War. If the United States wishes to remain the leading power in scientific research and in translating that research into transformative technologies (for military and civilian application), then the US government, in partnership with state and local governments, the private sector, and academia, will have to reposition and recalibrate its policies and investments.
   
   The preeminence of America’s postwar innovation ecosystem resulted from several factors, including: prewar strengths across several major industries; massive wartime investments in science, industry, and manufacturing; and even larger investments made by the US government in the decades after the war to boost US scientific and technological capabilities. The 1940s through 1960s were especially important, owing to the whole-of-society effort behind prosecuting World War II and then the Cold War. The US government established many iconic S&T-focused institutions, including the National Science Foundation (NSF), Defense Advanced Research Projects Agency (DARPA), the National Aeronautics and Space Administration (NASA), most of the country’s national laboratories (e.g., Sandia National Laboratories and Lawrence Livermore National Laboratories), and dramatically boosted funding for science education, public-health research, and academic scientific research.³⁰
   
   This system, and the enormous investments made by the US government to support it, spurred widespread and systematized cooperation among government, academic science, and the private sector. This cooperation led directly to a long list of breakthrough technologies for military and civilian purposes, and to formation of the United States’ world-leading tech hubs, Silicon Valley most prominent among them.³¹
   
   The trouble is that after the Cold War ended, “policymakers [in the US government] no longer felt an urgency and presided over the gradual and inexorable shrinking of this once preeminent system,” in particular through allowing federal spending on research and development (R&D) and education to flatline or even atrophy.³² From a peak of around 2.2 percent of national gross domestic product (GDP) in the early 1960s, federal R&D spending has declined since, reaching a low of 0.66 percent in 2017 before rebounding slightly to 0.76 percent in 2023.³³
   
   Today, US competitors, including China, have figured out the secrets to growing their own innovation ecosystems (including the cultural dimensions that historically have been key to separating the United States from its competition) and are investing the necessary funding to do so. For example, several countries, especially China, have outpaced the United States in R&D spending. Between 1995 and 2018, China’s R&D spending grew at an astonishing 15 percent per annum, about double that of the next-fastest country, South Korea, and about five times that of the United States. By 2018, China’s total R&D spending (from public and private sources) was in second place behind the United States and had surpassed the total for the entire European Union.³⁴ From the US perspective, other metrics are equally concerning. A 2021 study by Georgetown University’s Center for Security and Emerging Technology (CSET) projected that China will produce nearly twice as many STEM PhDs as the United States by 2025 (if counting only US citizens graduating with a PhD in STEM, that figure would be three times as much). This projection is based, in part, on China’s government doubling its investment in STEM higher education during the 2010s.³⁵
   
   The United States retains numerous strengths, including the depth and breadth of its scientific establishment, number and sizes of its Big Tech firms, robust startup economy and venture capital to support it, numerous world-class educational institutions, dedication to protection of intellectual property, relatively open migration system for high-skilled workers, diverse and massive consumer base, and its still-significant R&D investments from public and private sources.³⁶
   
   In addition, over the past few years there have been encouraging signs of a shift in thinking among policymakers, away from allowing the innovation model that won the Cold War to further erode and toward increased bipartisan recognition that the federal government has a critical role to play in updating that system. As was the case with the Soviet Union, this newfound interest in strengthening the US innovation ecosystem owes much to a recognition that China is a serious strategic competitor to the United States in the technology arena.³⁷ The Biden administration’s passage of several landmark pieces of legislation, including the CHIPS and Science Act, the Inflation Reduction Act (IRA), and the Infrastructure Investment and Jobs Act (IIJA), increased the amount of federal government spending on S&T, STEM education and skills training, and various forms of infrastructure (digital and physical), all of which are concrete evidence of the degree to which this administration and much of Congress recognize the stiff challenge from China.
2. Protect: A coherent strategy requires mechanisms to protect and defend a country’s S&T knowledge and capabilities from malign actors. Policy documents and statements from US officials over the past decade have called out the many ways in which the Chinese state orchestrates technology transfer through licit and illicit means, ranging from talent-recruitment programs and strategic mergers and acquisitions (M&A) to outright industrial espionage via cyber intrusion and other tactics.³⁸
   
   On the protect side, tools include trade controls, sanctions, investment screening, and more. On the export-control side, both the Trump and Biden administrations have relied on dual-use export-control authorities to both restrict China’s access to priority technologies and prevent specific Chinese actors (those deemed problematic by the US government) from accessing US-origin technology and components.³⁹ Investment screening has also been a popular tool; in 2018, Congress passed the bipartisan Foreign Investment Risk Review Modernization Act (FIRRMA) that strengthened and modernized the Committee on Foreign Investment in the United States (CFIUS)—an interagency body led by the Treasury Department that reviews inbound foreign investment for national security risks.⁴⁰ Under the Biden administration, a new emphasis on the national security concerns associated with US outbound investment into China has arisen, with an executive order focused on screening outbound tech investments in the works for almost a year.⁴¹ On sanctions, although the United States has so far been wary of deploying them against China, the Biden administration has, in conjunction with thirty-eight other countries, imposed a harsh sanctions regime on Russia and Belarus following Russia’s unprovoked invasion of Ukraine.⁴²
   
   Trade controls can be effective tools, but they need to be approached with a clear alignment between means and ends. For decades, an array of export controls and other regulations have worked to prevent rivals from accessing key technologies. However, historical experience (such as that of the US satellite industry) shows that, with a clear alignment between means and ends, trade controls can have massive implications for the competitiveness of US industries and, by extension, US national security.⁴³
   
   Before deploying these tools, it is critical for policymakers to first identify what China is doing—both within and outside its borders—in its attempts to acquire foreign technology, an evaluation that should allow the United States to hone more targeted controls that can yield intended results. Trade controls that are too broad and ambiguous tend to backfire, as they create massive uncertainties that lead to overcompliance on the part of industry, in turn causing unintended downside consequences for economic competitiveness.
   
   Understanding China’s strategy for purposes of creating effective trade controls is not as difficult as it once appeared. For instance, a 2022 report from CSET compiled and reviewed thirty-five articles on China’s technological import dependencies.⁴⁴ This series of open-source articles, published in Chinese in 2018, provides specific and concrete examples of Chinese S&T vulnerabilities that can be used by policymakers to assess where and how to apply trade controls. Other similar resources exist. Although the Chinese government appears to be systematically tracking and removing these as they receive attention, there are ways for US government analysts and scholars to continue making use of these materials that preserve the original sources.
3. Coordinate: The final strategy pillar is outward facing, focused on building and sustaining relationships with other countries in and around the tech strategy and policy space. This pillar might be labeled “tech diplomacy,” given the need to ensure US strategy and policy positively influences as many allies, partners, and even nonaligned states as possible, while continuing to engage China on technology-related issues. As with the other two pillars, this pillar is simple to state as a priority, but difficult to realize in practice.
   
   In a May 2022 speech, US Secretary of State Antony Blinken said that the administration’s shorthand formula is to “invest, align, [and] compete” vis-a-vis China.⁴⁵ Here, he meant “invest” to refer to large public investments in US competitiveness, “align” to closer coordination with allies and partners on tech-related strategy and policy, and “compete” largely to geostrategic competition with China over Taiwan, the East and South China Seas, and other areas.
   
   Blinken’s remarks underscore the Biden administration’s priority for allies and partners to view the United States as a trusted interlocutor. When it comes to technology policy on China, the trouble lies in the execution—in particular, overcoming the tensions inherent within the “invest, align, compete” formula. After Blinken’s speech, for example, the IRA became law, which triggered a firestorm of protest among the United States’ closest transpacific and transatlantic allies. Viewing the IRA’s ample support for domestic production and manufacturing of electric vehicles and renewable-energy technologies—designed to boost the US economy and tackle climate change while taking on China’s advantages in these areas—the protectionist European Union (EU) went so far as to formulate a Green Deal Industrial Plan, widely seen as an industrial policy response to the IRA.⁴⁶ Much of the row over the IRA resulted from the perception—real or not—that the United States had failed to properly consider allies’ and partners’ interests while formulating the legislation. In the words of one observer, “amid the difficult negotiations at home on the CHIPS Act and the IRA, allies and partners were not consulted, resulting in largely unintended negative consequences for these countries.”⁴⁷
   
   Long-term investment by US policymakers in multilateral institutions focused on technology will be a critical aspect of any potential victory. The Biden administration is already making strides on this front through several multilateral arrangements, including the resurrection of the Quadrilateral Security Dialogue (the Quad) and the establishment of the US-EU Trade and Technology Council (TTC) and AUKUS trilateral pact. All three of these arrangements have dedicated time and resources to specific technological issues in both the military/geopolitical and economic spheres, and all three have the potential to be massively impactful in terms of technology competition.
   
   However, history has shown that these types of arrangements are only effective as long as high-level political leadership remains involved and dedicated to the cause. Cabinet officials and other high-level leaders from all participating countries—especially the United States—will have to demonstrate continued interest in and commitment to these arrangements if they want them to produce more than a handful of documents with broad strategic visions.

Back to top

Assumptions

The strategy outlined in these pages rests on two plausible assumptions. First, this strategy assumes that China will not follow the Soviet Union into decline, collapse, and disintegration anytime soon, which, in turn, means that China should remain a significant competitor to the United States for a long time to come.

China’s leadership has studied the collapse of the Soviet Union closely and learned from it, placing enormous weight on delivering economic performance through its brand of state capitalism while avoiding the kind of reforms that Mikhail Gorbachev instituted during the 1980s, which included freer information flows, freer political discourse, and ideological diversity within the party and state—all of which Chinese leadership believes to have been key to the Soviet Union’s undoing.⁴⁸ China also does not have analogous centrifugal forces that threaten an internal breakup along geographic lines as did the Soviet Union, which had been constructed from the outset as a federation of republics built upon the contours of the tsarist empire. (The Soviet Union, after all, was a union of Soviet Socialist republics scattered across much of Europe and Asia).⁴⁹

These factors weigh against an assessment that China will soon collapse. Nicholas Burns, the US ambassador to China, has said recently that China is “infinitely stronger” than the Soviet Union ever was, “based on the extraordinary strength of the Chinese economy” including “its science and technology research base [and] innovative capacity.” He concluded that the Chinese challenge to the United States and its allies and partners “is more complex and more deeply rooted [than was the Soviet Union] and a greater test for us going forward.”⁵⁰

A more realistic long-term scenario is one in which the United States and its allies and partners would need to manage a China that will either become stronger or plateau, rather than one that will experience a steep decline. Both variants of this scenario are worrisome, and both underscore the need to hew to the strategy outlined in this paper. A stronger China brings with it obvious challenges. A plateaued China is a more vexing case, owing to the very real possibility that Chinese leadership might conclude that, as economic stagnation portends a future decline and fall, the case for military action (e.g., against Taiwan) is more, rather than less, pressing. The strategist Hal Brands, for example, has suggested that a China that has plateaued will become more dangerous than it is now, requiring a strategy that is militarily firm, economically wise (including maintenance of the West’s advantages in the tech-innovation space), and diplomatically flexible.⁵¹

Second, the strategy outlined here assumes that relations between the United States and China will remain strained at best or, at worst, devolve into antagonism or outright hostility. In 2023, the assumption of ongoing strained relations appears wholly rational, based on a straightforward interpretation of all available diplomatic evidence.

How this strategy should shift if the United States and China were to have a rapprochement would depend greatly on the durability and contours of that shift. Even if a thaw were to reset bilateral relations to where they were at the beginning of the century (an unlikely prospect), the US interest in maintaining a first-mover advantage in technological development would remain. As reviewed in this paper, there was a long period during which the United States and China traded technologically based goods and services in a more open-ended trading regime than is currently the case. During that period, the United States operated on two presumptions: that China’s S&T capabilities were nowhere near as developed as its own, and that the US system could stay ahead owing to its many strengths compared with China’s.

The trouble with returning to this former state is that both presumptions no longer hold. China has become a near-peer competitor in science and technological development, and its innovative capabilities are considerable.

If China and the United States were to thaw their relationship, the policy question would concern the degree to which the United States would reduce its “protect” measures—the import and export restrictions, sanctions, and other policies designed to keep strategic technologies and knowhow from China, while protecting its own assets from espionage, sabotage, and other potential harms.

Back to top

Guidelines for implementation

As emphasized throughout this paper, any successful long-term strategy will require that the US government pursue policies that are internally well coordinated, are based on solid empirical evidence, and are flexible and nimble in the short run, while being attentive to longer-run trends and uncertainties. The government will need to improve its capabilities in three areas.

1. Improved intelligence and counterintelligence: The US government will need to reassess, improve, and extend its intelligence and counterintelligence capabilities about tech development. The intelligence community will need to be able to conduct ongoing, comprehensive assessments of tech trends and uncertainties of relevance to the strategic competition with the United States. To properly gauge the full range of relevant and timely information about China’s tech capabilities, the Intelligence Community’s practice of relying on classified materials will need to be augmented by stressing unclassified open-source material. Classified sources, which the Intelligence Community always has prioritized, do not provide a full picture of what is happening in China. Patent filings, venture-capital investment levels and patterns, scientific and technical literature, and other open sources can be rich veins of material for analysts looking to assess where China is making progress, or seeking to make progress, in particular S&T areas. The US government’s prioritization of classified material contrasts with the Chinese government’s approach. For decades, China has employed “massive, multi-layered state support” for the “monitoring and [exploitation] of open-source foreign S&T.”⁵² There is recognition that the US government needs to upgrade its capabilities in this respect. In 2020, the House Permanent Select Committee on Intelligence observed that “open-source intelligence (OSINT) will become increasingly indispensable to the formulation of analytic products” about China.⁵³
   
   An intelligence pillar will need a properly calibrated counterintelligence element to identify where China might be utilizing its means and assets—including legal, illegal, and extralegal ones—to obtain intellectual property in the United States and elsewhere (China has a history of utilizing multiple means, including espionage, to gain IP that is relevant to their S&T development).⁵⁴ Here, “properly calibrated” refers to how counterintelligence programs must ensure that innocent individuals, including Chinese nationals who are studying or researching in the United States, are not brought under undue or illegitimate scrutiny. At the same time, these programs must be able to identify, monitor, and then handle as appropriate those individuals who might be engaging in industrial espionage or other covert activities. The Trump administration’s China Initiative was criticized both for its name (it implied that Chinese nationals and anyone of East Asian descent were suspect) and the perception of too-zealous enforcement (the program resulted in several high-profile cases ending in dismissal or exoneration for the accused). In 2022, the Biden administration shuttered this initiative and replaced it with “a broader strategy aimed at countering espionage, cyberattacks and other threats posed by a range of countries.”⁵⁵
2. Improved foresight: Strategic-foresight capabilities assist governments in understanding and navigating complex and fast-moving external environments. Foresight offices in government and the private sector systematically examine long-term trends and uncertainties and assess how these will shape alternative futures. These processes often challenge deeply held assumptions about where the world is headed, and can reveal where existing strategies perform well or poorly.
   
   This logic extends to the tech space, where the US government should develop a robust foresight apparatus to inform tech-focused strategies and policies at the highest levels. The purpose of this capability would be to enhance and deepen understanding of where technological development might take the United States and the world. Such a foresight capability within the US government would integrate tech-intelligence assessments, per above, into comprehensive foresight-based scenarios about how the world might unfold in the future. The US government has impressive foresight capabilities already, most famously those provided by the National Intelligence Council (NIC). However, for a variety of reasons, including distance from the center of executive power, neither the NIC nor other foresight offices within the US government currently perform a foresight function described here. The US government should institutionalize a foresight function within or closely adjacent to the White House—for example, within the National Security Council or as a presidentially appointed advisory board. Doing so would give foresight the credibility and mandate to engage the most critical stakeholders from across the entire government and from outside of it, a model followed by leading public foresight offices around the world.⁵⁶ This recommendation is consistent with numerous others put forward by experts over the past decade, which stress how the US government needs to give foresight more capabilities while bringing it closer to the office of the president.⁵⁷
3. Improved S&T strategy and policy coordination: One of the major challenges facing the US government concerns internal coordination around S&T strategy and policy. As technology is a broad and multidimensional category, the government’s activities are equally broad, covered by numerous statutes, executive orders, and administrative decisions. One of many results is a multiplicity of departments and agencies responsible for administering the many different pieces of the tech equation, from investment to development to monitoring, regulation, and enforcement. In just the area of critical technology oversight and control, for example, numerous departments including Commerce, State, Defense, Treasury, Homeland Security, and Justice, plus agencies from the Intelligence Community, all have responsibilities under various programs.⁵⁸
   
   Moreover, the US government’s approach to tech oversight tends to focus narrowly on control of specific technologies, which leads to an underappreciation of the broader contexts in which technologies are used. A report issued in 2022 by the National Academies of Sciences, Engineering, and Medicine argued that the US government’s historic approach to tech-related risks is done through assessing individual critical technologies, defining the risks associated with each, and then attempting to restrict who can access each type of technology. Given that technologies now are “ubiquitous, shared, and multipurpose,” the National Academies asserted, a smarter approach would be to focus on the motives of bad-faith actors to use technologies and then define the accompanying risks.⁵⁹ This approach “requires expertise that goes beyond the nature of the technology to encompass the plans, actions, capabilities, and intentions of US adversaries and other bad actors, thus involving experts from the intelligence, law enforcement, and national defense communities in addition to agency experts in the technology.”⁶⁰

Back to top

Major risks

There are two major sets of risks accompanying this strategy, both of which involve the potential damage that might result from failure to keep the strategic competition within acceptable boundaries. 

1. Decoupling run amok: Overreach is one of the biggest risks associated with this strategy. Geopolitical and economic goals contradict, and it can be difficult to determine where to draw the line. As such, reconciling this dilemma will be the hardest part of a coherent and effective competition strategy.
   
   Technology decoupling to preserve geopolitical advantages can be at odds with economic interests, which the United States is currently experiencing in the context of semiconductors. The October 7, 2022, export controls were deemed necessary for geopolitical reasons, as the White House’s official rationale for the policy centered around the use of semiconductors for military modernization and violation of human rights. However, limiting the ability of US companies like Nvidia, Applied Materials, KLA, and Lam Research to export their products and services to China, in addition to applying complex compliance burdens on these firms, has the potential to affect these firms’ ability to compete in the global semiconductor industry. 
   
   In addition, the continued deployment of decoupling tactics like export controls can put allies and partners in a position where they feel forced to choose sides between the United States and China. On the October 7 export controls, it took months to convince the Netherlands and Japan—two critical producer nations in the semiconductor supply chain whose participation is critical to the success of these export controls—to get on board with US policy.⁶¹ Even now, although media reporting says an agreement has been reached, no details of the agreements have been made public, likely due to concerns surrounding Chinese retaliation.
   
   These issues are not exclusive to trade controls or protect measures. On the promote side, the IRA has also put South Korea in a difficult position as it relates to EVs and related components. When first announced, many on the South Korean side argued that the EV provisions of the IRA violated trade rules. At one point in late 2022, the South Korean government considered filing a complaint with the WTO over the issue.⁶² Although things seem to have cooled between Washington and Seoul—and the Netherlands and Japan have officially, albeit privately, agreed to join the US on semiconductor controls—these two instances should be lessons for US policymakers in how to approach technology policies going forward. Policies that push allies and partners too hard to decouple from the Chinese market are likely to be met with resistance, as many (if not all) US allies have deeply woven ties with Chinese industry, and often do not have the same domestic capabilities or resources that the United States has that can insulate us from potential harm. China is acutely aware of this, and will likely continue to take advantage of this narrative to convince US allies to not join in US decoupling efforts. China has historically leveraged economic punishments against countries for a variety of reasons, so US policymakers should be sure to incorporate this reality into their policy planning to ensure that allies are not put in tough positions. 
   
   Recently, government officials within the Group of Seven (G7) have been using the term “de-risking ” instead of “decoupling.” The term was first used by a major public official during a speech by Ursula von der Leyen, president of the European Commission, in a March 2023 speech where she called for an “open and frank” discussion with China on contentious issues.⁶³ The term was used again in the G7 communique of May 2023: economic security should be “based on diversifying and deepening partnerships and de-risking, not de-coupling.”⁶⁴ This rhetorical shift represents a recognition that full economic decoupling from China is unwise, and perhaps impossible. Moreover, it also is a tacit admission that decoupling sends the wrong signals not only to China, but to the private sector in the West as well.
   
   In the authors’ opinion, de-risking is superior to decoupling as a rhetorical device—but changes in phrasing do not solve the underlying problem for policymakers in the United States, Europe, East Asia, and beyond. That underlying problem is to define and then implement a coherent strategy, coordinated across national capitals, that manages to enable them to stay a step ahead of China in the development of cutting-edge technology while preventing an economically disastrous trade war with China.
2. Harm to global governance: Another major set of risks involves the harms to global governance should the strategic competition between the United States and China continue on its current trajectory. Although the strategy outlined in these pages emphasizes, under the coordination pillar, maintenance of global governance architecture—the norms, institutions, pathways, laws, good-faith behavior, and so on that guide technology development—there is no guarantee that China and the United States, along with other important state and nonstate actors, will be able to do so given conflicting pressures to reduce or eliminate cooperative behavior. 
   
   Tragic outcomes of this strategic competition, therefore, would be: failure to continue cooperation regarding development of norms and standards that should guide S&T research; and failure to continue S&T research cooperation focused on solving global-commons challenges such as pandemics and climate change. 
   
   Any reduction in cooperation among the United States, China, and other leading S&T-research countries will harm the ability to establish norms and standards surrounding tech development in sensitive areas—for instance, in AI or biotechnology. As recent global conversations about the risks associated with rapid AI development show, effective governance of these powerful emerging technologies is no idle issue.⁶⁵
   
   Even under the best of circumstances, however, global governance of such technologies is exceedingly difficult. For example, Gigi Kwik Gronvall, an immunologist and professor at Johns Hopkins University, has written that biotechnology development is “inherently international and cannot be controlled by any international command and control system” and that, therefore, “building a web of governance, with multiple institutions and organizations shaping the rules of the road, is the only possibility for [effective] governance.”⁶⁶ By this, she meant that—although a single system of rules for governing the biotechnology development is impossible to create given the speed of biotech research and multiplicity of biotech research actors involved (private and public-sector labs, etc.) around the world—it is possible to support a “web of governance” institutions such as the WHO that set norms and rules. Although this system is imperfect, as she admits, it is much better than the alternative, which is to have no governance web at all. The risk of a weak or nonexistent web becomes much more real if the United States, China, and other S&T leaders fail to cooperate in strengthening it. 

Back to top

Conclusions and recommendations

The arguments advanced in this paper provide an overview of the range and diversity of policy questions that must be taken into consideration when formulating strategies to compete with China in science and technology. This final section offers a set of recommendations that follow from this analysis.

1. Restore and sustain public R&D funding for scientific and technological advancement. As noted in this paper, public investment in R&D—most critically, federal-government investment in R&D—has been allowed to atrophy since the end of the Cold War. Although private-sector investment was then, and is now, a critical component of the nation’s R&D spending, public funding is also imperative for pure scientific research (versus applied research) and for funneling R&D toward ends that are in the public interest (defense, public health, etc.). Although the CHIPS and Science Act and the IRA both pledge massive increases in the amount of federal R&D investment, there is no guarantee that increased funding will be sustained over time. Less than a year after the CHIPS Act was signed into law, funding levels proposed in Congress and by the White House have fallen well short of amounts specified in the act.⁶⁷
2. Improve and sustain STEM education and skills training across K–12, university, community college, technical schools. It is widely recognized that the United States has fallen behind peer nations in STEM education and training at all levels, from K–12 through graduate training.⁶⁸ Although the Biden administration’s signature pieces of legislation, including the CHIPS Act, address this problem through increased funding vehicles for STEM education and worker-training programs, the challenge for policymakers will be to sustain interest in, and levels of funding for, such programs well into the future, analogous to the federal R&D spending challenge. Other related problems include the high cost of higher education, driven in part by lower funding by US states, that drives students into long-term indebtedness, and the need to boost participation in (and reduce stigma around) STEM-related training at community colleges and technical schools.⁶⁹ Germany’s well-established, well-funded, and highly respected technical apprenticeship programs are models.⁷⁰
3. Craft a more diverse tech sector. A closely related challenge is to ensure that the tech sector in the United States reflects the country’s diversity, defined in terms of gender, ethnicity, class, and geography. This is a long-term challenge that has multiple roots and many different pathways to success, including public investment in education, training, and apprenticeship programs, among other things.⁷¹ Among the most challenging problems (with potentially the most beneficial solutions) are those rooted in economic geography—specifically regional imbalances in the knowledge economy, where places like Silicon Valley and Boston steam ahead and many other places fall behind. As in other areas, recent legislation including the IRA, CHIPS Act, and IIJA have called for billions in funding to spread the knowledge economy to a greater number of “tech hubs” around the country. As with other pieces of the investment equation, however, there is no guarantee that billions will be allocated under current legislation.⁷²
4. Attract and retain high-skilled talent from abroad. One of the United States’ enduring strengths is its ability to attract and retain the world’s best talent, which has been of enormous benefit to its tech sector. A December 2022 survey conducted by the National Bureau of Economic Research (NBER), for example, found that between 1990 and 2016, about 16 percent of all inventors in the United States were immigrants, who, in turn, were responsible for 23 percent of all patents filed during the same period.⁷³ Although the United States is still the top destination for high-skilled migrants, other countries have become more attractive in recent years, owing to foreign countries’ tech-savvy immigration policies and problems related to the US H-1B visa system.⁷⁴
5. Support whole-of-government strategy development. This paper stresses the need to improve strategic decision-making regarding technology through improving (or relocating) interagency processes and foresight and intelligence capabilities. One recommendation is to follow the suggestion by the National Academies of Sciences, Engineering, and Medicine, and bring a whole-of-government strategic perspective together under the guidance of the White House.⁷⁵ Such a capacity would bring under its purview and/or draw upon a tech-focused foresight capacity, as well as an improved tech-focused intelligence apparatus (see below). The CHIPS Act contains provisions that call for development of quadrennial S&T assessments followed by technology strategy formulation, both to be conducted by the White House’s Office of Science Technology and Policy (OSTP).⁷⁶ A bill that was introduced in June 2022 by Senators Michael Bennet, Ben Sasse, and Mark Warner (and reintroduced in June 2023) would, if passed, create an Office of Global Competition Analysis, the purpose of which would be to “fuse information across the federal government, including classified sources, to help us better understand U.S. competitiveness in technologies critical to our national security and economic prosperity and inform responses that will boost U.S. leadership.”⁷⁷
6. Ensure private sector firms remain at the cutting edge of global competitiveness. Policymakers will need to strengthen the enabling environment to allow US tech firms to meet and exceed business competition from around the world. Doing so will require constant monitoring of best-practice policy development elsewhere, based on the presumption that other countries are tweaking their own policies to outcompete the United States. Policymakers will need to properly recalibrate, as appropriate and informed by best practices, an array of policy instruments including labor market and immigration policies, types and level of infrastructural investments, competition policies, forms of direct and indirect support, and more. An Office of Global Competition Analysis, as referred to above, might be an appropriate mechanism to conduct the horizon scanning tasks necessary to support this recommendation.
7. Improve S&T intelligence and counterintelligence. Consistent with the observations about shortcomings in the US Intelligence Community regarding S&T collection, analysis, and dissemination, some analysts have floated creation of an S&T intelligence capability outside the Intelligence Community itself. This capability would be independent of other agencies and departments within the government and would focus on collection and analysis of S&T intelligence for stakeholders within and outside of the US government, as appropriate.⁷⁸
8. Ensure calibrated development and application of punitive measures. As this paper has stressed at multiple points, although the US government has powerful protect measures at its disposal, implementing those measures often comes with a price, including friction with allies and partners. The US government should create an office within the Bureau of Industry and Security (BIS) at the Commerce Department to monitor the economic impact (intended and unintended) of its export-control policies on global supply chains before they are implemented (including impacts on allied and partner economies).⁷⁹ This office would have a function that is similar in intent to the Sanctions Economic Analysis Unit, recently established at the US Treasury to “research the collateral damage of sanctions before they’re imposed, and after they’ve been put in place to see if they should be adjusted.”⁸⁰
9. Build out and sustain robust multilateral institutions. This paper has stressed that any effort by the United States to succeed in its tech-focused competition with China will require that it successfully engage allies and partners in multilateral settings such as the EU-TTC, Quad, and others. As with so many other recommendations on this list, success will be determined by the degree to which senior policymakers can stay focused over the long run (i.e., across administrations) on this priority and in these multilateral forums. In addition, US policymakers might consider updating multilateral forums based on new realities. For example, some analysts have called for the creation of a new multilateral export-control regime that would have the world’s “techno-democracies…identify together the commodities, software, technologies, end uses, and end users that warrant control to address shared national security, economic security, and human rights issues.”⁸¹
10. Engagement with China cannot be avoided. The downturn in bilateral relations between the United States and China should not obscure the need to continue engaging China on S&T as appropriate, and as opportunities arise. There are zero-sum tradeoffs involved in the strategic competition with China over technology. At the same time, there are also positive-sum elements within that competition that need to be preserved or even strengthened. As the Ford-CATL Michigan battery-plant example underscores, trade in nonstrategic technologies (EVs, batteries, etc.) benefits both countries, assuming trade occurs on a level playing field. The same is true of science cooperation, where the risk is of global scientific research on climate change and disease prevention shrinking if Sino-American scientific exchange falls dramatically. Policymakers in the United States will need to accept some amount of S&T collaboration risk with China. They will need to decide what is (and is not) of highest risk and communicate that effectively to US allies and partners around the world, the scientific community, and the general public. 

Back to top

The authors would like to thank Noah Stein for his research assistance with this report.

Report authors

Staff

Peter Engelke

Deputy Director of Foresight, Scowcroft Strategy Initiative

Global Energy Center Scowcroft Center for Strategy and Security

Technology & Innovation Europe & Eurasia

Fellow

Emily Weinstein

Nonresident Fellow

Global China Hub

China Technology & Innovation

Explore the Strategy Paper Series

Atlantic Council Strategy Paper Series Dec 21, 2022

Global Foresight 2023

In this year’s Global Foresight edition, our experts identify the top risks and opportunities for 2023. Our foresight team spots “snow leopards” that could have major unexpected impacts in 2023 and beyond. And we share findings from our survey of global strategists and foresight practitioners on how human affairs could unfold over the next decade.

Atlantic Council Strategy Paper Series Nov 30, 2022

Preparing for victory: A long-haul strategy to help Ukraine win the war against Russia—and secure the peace

By Stephen J. Hadley, William Taylor, John E. Herbst, Matthew Kroenig, Melinda Haring, and Jeffrey Cimmino

Ukraine’s counteroffensives, backed by expanded and accelerated US and allied support, continue to push Russian forces out of Ukrainian territory, although at a reduced rate. These hard-won successes, however, bring with them possible challenges that also must be addressed. 

Europe & Eurasia Politics & Diplomacy

Report Dec 22, 2021

Seizing the advantage: A vision for the next US national defense strategy

By Clementine G. Starling, Tyson Wetzel, Christian Trotti

In this latest installment of the Atlantic Council Strategy Papers series, Forward Defense’s Clementine Starling, Lt Col Tyson Wetzel, and Christian Trotti articulate their vision and recommendations for the next US National Defense Strategy, including clearer prioritization, investments and divestments, reposturing of US forces, a new warfighting concept, and a focus on transnational threats like hybrid warfare and climate change.

China Defense Industry

Related content

Strategic Insights Memo Apr 24, 2023

Assessing China’s approach to technological competition with the United States

By Peter Engelke, Emily Weinstein

This past winter, the Scowcroft Center for Strategy and Security and the Global China Hub convened experts and officials in a private workshop to discuss how China views technological competition with the United States.

China Politics & Diplomacy

Strategic Insights Memo Nov 15, 2022

Designing domestic and multilateral strategies for maintaining technological superiority

By Peter Engelke, Emily Weinstein

This fall, the Scowcroft Center for Strategy and Security and the Global China Hub convened experts and officials in a private workshop to discuss how the United States, in conjunction with allies and partners, might design strategies to maintain technological superiority over China. The workshop explored the necessary components of a competitive strategy via both “protect” and “run faster” policies. This memo draws from insights gathered during the workshop to give policy makers a better understanding of the potential tools in the strategic arsenal.

China Defense Technologies

Strategic Insights Memo Jul 19, 2022

Toward coherence in tech competition with China

By Peter Engelke, Emily Weinstein

This June, the Scowcroft Center for Strategy and Security and the Global China Hub convened experts and officials in a private workshop to discuss technological competition between the United States, its allies and partners, and their biggest global competitor, China. The workshop explored the stakes in this competition across economic, military, and other domains, as well as the challenges facing Washington and its allies and partners with respect to China’s rising technological capabilities. This memo draws from insights gleaned during the workshop to give policymakers a better understanding of this competition, it stakes, and the strategic choices facing the United States and its allies and partners.

China Defense Technologies

Explore the programs

The Scowcroft Center for Strategy and Security works to develop sustainable, nonpartisan strategies to address the most important security challenges facing the United States and the world.

Learn more

Global China Hub

The Global China Hub researches and devises allied solutions to the global challenges posed by China’s rise, leveraging and amplifying the Atlantic Council’s work on China across its 15 other programs and centers.

Explore more

The post Global Strategy 2023: Winning the tech race with China appeared first on Atlantic Council.

Tracking narratives

How Prigozhin used Telegram to declare war on the Russian Ministry of Defense – and then suddenly pull back

Putin calls Prigozhin’s “criminal adventure” an “armed mutiny” and “treason”

Security

Wagner forces enter Rostov, occupy Russian Southern Military District headquarters

Wagner forces emerge south of Moscow in Lipetsk

Explosion at oil depot in Russian city of Voronezh

Media policy

Amid chaos in the Russian information space the Kremlin attempts to limit information on Prigozhin

How Prigozhin used Telegram to declare war on the Russian Ministry of Defense – and then suddenly pull back

The Russian-founded messaging platform Telegram, which became a primary tool circulating pro-Kremlin narratives throughout Russia’s war in Ukraine, achieved an unprecedented level of influence on June 23, with Prigozhin wielding it to vent his rage at the Russian defense establishment and launch a mercenary mutiny. For months, Prigozhin has engaged in rhetorical warfare against his rivals in the Kremlin, in particular Russian Defense Minister Sergei Shoigu and Armed Forces Chief of Staff Gen. Valery Gerasimov. The Wagner founder blamed them for ineptitude over the course of the war in Ukraine, including a months-long public argument about supplying his forces with adequate munitions during its siege of Bakhmut. 

Prigozhin’s one-man war against the Russian Ministry of Defense (MoD) reached new heights in a series of Telegram posts that began on Friday, June 23, and continued into Saturday. At 10:50 am Moscow time, he posted a thirty-minute video to his Prigozhin Press Service Telegram channel excoriating the MoD, accusing its leadership of deceiving Putin and the Russian public in early 2022 into believing that Ukrainian aggression was imminent, and that Russia had no choice but to invade Ukraine. 

Sitting in a chair in front of a Wagner Group flag pinned to an otherwise blank wall, Prigozhin proceeded to make his case against the MoD and its entire war effort. “Right now, the [MoD] is trying to deceive society and the president and tell a story that there was insane aggression from the Ukrainian side and they were going to attack us together with the whole NATO bloc,” Prigozhin said effectively undermining the Kremlin’s entire case for war. “Therefore, on February 24, the so-called special operation was launched for completely different reasons.” He described Russia’s invasion of Ukraine as a “monstrous shame show” and an “incompetently planned operation” conducted by “a bunch of creatures” and “mentally ill scum” who “don’t have the balls” to fight aggressively with the necessary decisiveness to win the war, including their unwillingness to use tactical nuclear weapons. “The grandfathers are rather weak. They cannot get out of their comfort zone,” he added.

“A handful of dipshits decided for some reason that they were so cunning that no one would realize what they were doing with their military exercises, and nobody would stop them when they went to Kyiv,” Prigozhin said. He went on to blame Shoigu for killing thousands of capable Russian soldiers, and he directed his ire at Russian oligarchs enriching themselves on the war while seeking to return former Russian President Dmitry Medvedev to power. “Our sacred war against those who wrong the Russian people has turned into racketeering, into theft,” he said.  

Prigozhin later added that he would follow up the video with a second “interview,” but this would turn out to be a gross understatement, as the initial video was merely the first of more than a dozen messages he would post to his Prigozhin Press Service Telegram channel over the next thirty-six hours. 

Later in the day at 5:10 pm Moscow time, Prigozhin amped up his criticism of the MoD even further with a Telegram audio post in which he accused it of committing “genocide” against Russians. Calling out Shoigu and Gerasimov directly, Prigozhin said “they should be held responsible for the genocide of the Russian people, the murder of tens of thousands of Russian citizens, and the transfer of Russian territories to the enemy.” 

As angry audio clips of Prigozhin continued to appear into the evening, multiple pro-Wagner Telegram channels circulated a video around 9:00 pm Moscow time purporting to document the aftermath of a Russian airstrike on a Wagner encampment. The video shows scenes of a wooded area lined with stone paths subjected to a moderate amount debris and several fires burning in trenches; a body is briefly seen towards the end of the clip. It is unclear where or when the footage was filmed, and it brought to mind similar suspicious footage contextually devoid footage circulated prior to the February 2022 invasion accusing Ukraine of engaging in sabotage and other aggression against Russia.

Within ten minutes, Prigozhin posted another angry statement, this time accusing the MoD of attacking his forces at the camp. “Today, seeing that we aren’t broken, they decided to launch rocket attacks on our rear camps,” he exclaimed. “A huge number of fighters were killed, our comrades in arms. We’ll decide how to respond to this atrocity. The ball’s in our court.”  

Approximately fifteen minutes later, Prigozhin effectively declared war against the MoD in another Telegram audio clip. “The Wagner Group commanders’ council has made a decision,” he announced. “The evil that the country’s military leadership is carrying out must be stopped. They neglect soldiers’ lives. They’ve forgotten the word ‘justice’ and we’re bringing it back. Those who destroyed our guys today, those who destroyed many tens of thousands of Russian soldiers’ lives will be punished.” Later, he described his forces as “25,000 strong,” adding, “We’re going to get to the bottom of the lawlessness in this country.” 

As Prigozhin continued posting additional threats and taunts on Telegram, the MoD described the alleged footage circulated on pro-Wagner channels as fake, while Russia’s National Anti-Terrorism Committee announced that the Federal Security Service, or FSB, would initiate a criminal case against Prigozhin “on the fact of calling for an armed rebellion.”

Prigozhin continued posting on and off throughout Saturday as his forces advanced north in the direction of Moscow. Then just before 8:30pm local time, he uploaded another message, stating he would return Wagner forces to their camps. It remains unclear whether he intends to keep that promise.

—Andy Carvin, managing editor, Washington, DC

Putin calls Prigozhin’s “criminal adventure” an “armed mutiny” and “treason”

After spending Friday night away from cameras, Putin released a televised statement late Saturday morning. Addressing the Russian public as well as the armed forces and security personnel “who are now fighting in their combat positions, repulsing enemy attacks,” Putin described Prigozhin’s actions as a “criminal adventure” and an “armed mutiny.”  

“Today, Russia is waging a tough struggle for its future, repelling the aggression of neo-Nazis and their patrons,” he stated. “The entire military, economic, and informational machine of the West is directed against us. We are fighting for the lives and security of our people, for our sovereignty and independence, for the right to be and remain Russia, a state with a thousand-year history.” 

“This battle, when the fate of our nation is being decided, requires consolidation of all forces,” Putin continued. “It requires unity, consolidation, and a sense of responsibility, and everything that weakens us, any strife that our external enemies can use and do so to subvert us from within, must be discarded. Therefore, any actions that split our nation are essentially a betrayal of our people, of our comrades-in-arms who are now fighting at the frontline. This is a knife in the back of our country and our people.” 

Comparing the mutiny to 1917, when “Russians were killing Russians and brothers were killing brothers,” Putin declared, “We will not allow this to happen again. We will protect our people and our statehood from any threats, including from internal betrayal…. Inflated ambitions and personal interests have led to treason—treason against our country, our people and the common cause which Wagner Group soldiers, and commanders were fighting and dying for.” 

“Once again, any internal revolt is a deadly threat to our statehood and our nation. It is a blow to Russia, to our people,” he continued. “Our actions to defend the fatherland from this threat will be harsh. All those who have consciously chosen the path of betrayal, planned an armed mutiny, and taken the path of blackmail and terrorism, will inevitably be punished and will answer before the law and our people…. Those who staged the mutiny and took up arms against their comrades—they have betrayed Russia and will be brought to account. I urge those who are being dragged into this crime not to make a fatal and tragic mistake but make the only right choice: to stop taking part in criminal actions.” 

“I am certain that we will preserve and defend what we hold dear and sacred, and together with our motherland we will overcome any hardships and become even stronger,” Putin concluded. 

—Andy Carvin, managing editor, Washington, DC

Wagner forces enter Rostov, occupy Russian Southern Military District headquarters

Over the course of Prigozhin’s Telegram posts, he boasted that his “25,000 strong” Wagner forces had marched across the border from Ukraine into Russia before claiming they had shot down a Russian armed forces helicopter before entering the city of Rostov. For many hours overnight, he provided no evidence to back his claims. This finally began to change as footage emerged on Russian Telegram, ultimately confirming that Prigozhin had indeed occupied Rostov. 

At 3:47 am Moscow time, the pro-Wagner channel VChK-OGPU posted a video in which a helicopter can be heard circling over Rostov at night. The channel noted, however, “No one has yet seen the video of the Wagner PMC column and the battles with the Ministry of Defense.” Two minutes later, the channel changed its tune by sharing a second video appearing to show rocket fire and bursts of assault rifles, describing it as the “first video reportedly showing fighting between PMC Wagner and Ministry of Defense units.” The footage circulated widely on Telegram but remained unverified. 

Less than twenty minutes later, at 4:09 am, VChK-OGPU shared a third clip showing what appeared to be a convoy of Wagner tanks, trucks, and other vehicles crossing a checkpoint without any opposition. Unlike the previous clips, however, the footage was easily visible, as it appeared to have been recorded during the pre-dawn twilight. According to open-source sun-tracking data, the sun rose in Rostov this morning at 4:25 am, with twilight commencing at 3:50 am, putting the video’s release squarely in the middle of pre-dawn twilight. The exact location of the footage is still under review and cannot be confirmed. 

At 5:01 am, not long after sunrise, the Verum Regnum Telegram channel circulated video clips of what appeared to show Wagner forces arriving in central Rostov, just outside the MoD’s Southern Military District headquarters at the intersection of Pushkinskaya Ulitsa and Budonnovskiy Prospekt. One of the videos appeared to show forces beginning to set up a perimeter around the MoD building.

A second clip showed how that presence had expanded with the placement of additional armored vehicles blocking the entire intersection from vehicle traffic.

Around 7:30 am Moscow time, a pair of videos appeared on the WAGNER Z GROUP/Z PMC WAGNER’Z Telegram channel and Prigozhin’s press channel respectively. The first video showed Prigozhin and his entourage entering the inner courtyard of the Southern Military District building. Prigozhin is later seen bragging about his successes with Deputy Defense Minister Yunus-bek Yevkurov while demanding that Yevkurov speak to him respectfully. In the second video, he addressed the camera and bragged that he had captured Rostov without firing a single shot.

Later, prior to 2:00 pm Moscow time, new footage emerged showing people running from the neighborhood of the MoD building. Initial reports suggested it was a Russian Armed Forces attack within the vicinity, but this has not been confirmed.

The many civilians running from the sound of an explosion were likely due to the crowds that came out to observe Wagner’s occupation of the MoD building. In one video, people can be seen chatting with Wagner soldiers and thanking them.

—Andy Carvin, managing editor, Washington, DC

Wagner forces emerge south of Moscow in Lipetsk

The governor of Lipetsk, Igor Artamonov, announced Saturday afternoon that Wagner forces had entered the region, approximately 400 km south of Moscow. The Associated Press noted that the governor added, “The situation is under control.” Meanwhile, footage emerged that appeared to show excavators destroying the highway between Lipetsk and Moscow. 

At the time of writing there were conflicting reports as to whether the Wagner convoy had traveled from Rostov or was comprised of defectors from the Russian Armed Forces. 

—Andy Carvin, managing editor, Washington, DC

Explosion at oil depot in Russian city of Voronezh

On June 24, videos depicting an explosion at an oil depot in the region of Voronezh were widely circulated online. The DFRLab identified the precise location of the explosion and confirmed the videos as authentic. 

The video published online was captured from buildings in close proximity to the Leroy Merlin store in Voronezh, as clearly observed in the footage. The DFRLab also corroborated the location of the oil depot Red Flag Oil Combine (Комбинат Красное знамя) and identified approximate coordinates for the area where the video was recorded. Below, the screenshot on the left is extracted from the video, while the image on the right is from Google Maps, illustrating the precise positions of the oil depot, store, and the recorded video.

Additional footage documented the shelling of a residential area in Voronezh. The footage reveals visible damage to cars. In order to verify the location of the building, the DFRLab utilized reverse image search via Google and Yandex, then cross-referenced the results with Google Maps, verifying the location of the shelling.

—Sayyara Mammadova, research associate, Warsaw, Poland

—Valentin Châtelet, research associate, Brussels, Belgium

Amid chaos in the Russian information space the Kremlin attempts to limit information on Prigozhin

According to TASS, Russian social network VKontakte (VK) and search engine Yandex are blocking content related to Prigozhin. Reportedly, instead of Prigozhin’s statement that was published on June 23 at 9:52 pm Moscow time, a VK page for Prigozhin’s Concord company displayed a message that the material was blocked on the territory of Russia on the basis of the decision of the Prosecutor General’s Office. At the time of the writing, Prigozhin’s posts on Concord VK page were available, though none of them correspond to 9:52 pm Moscow time. TASS added that the Yandex search results for Prigozhin notifies a reader that some of the search results are hidden in accordance with federal law. Using a virtual private network (VPN), the DFRLab replicated the search of the content mentioned by TASS and found that they are accessible from other locations. The restrictions seem to be geofenced to Russia. 

Separately, TASS reported that there are Telegram-access disruptions detected in various Russian cities, including Moscow, St. Petersburg, Voronezh, and Volgograd Oblasts. 

Russia’s internet regulator Roskomnadzor warned that the government can place internet performance restrictions in locations where counter-terrorist operations might take place, such as Moscow, Voronezh, or Rostov. Roskomnadzor also added that the use of Telegram is not limited for now.  

Meanwhile, the Telegram channel Faridaily reported that residents of Moscow and the surrounding region are receiving calls from unknown mobile numbers with messages from Wagner. According to the Telegram post, one person received a call on their Viber messenger with a recording of Prigozhin’s appeal about “restoring justice.” Another person received a call on behalf of Wagner with an automated voice encouraging them to join Wagner when their units move toward Moscow.

Meanwhile, footage from Russian state media Rossiya 24 surfaced online showing a confused news anchor. Apparently lacking instructions from the Kremlin on how to report about the armed insurrection in Russia, they said, “Next we are going for short commercial and then… commercial.”

—Eto Buziashvili, research associate, Tbilisi, Georgia

The post Russian War Report Special Edition: Prigozhin and Wagner forces mutiny against Moscow appeared first on Atlantic Council.

Security

Ukrainian counteroffensive sees advances in Zaporizhzhia and eastern Ukraine

Wagner attempts to draft gamers as UAV pilots

Tracking narratives

Deripaska blames hackers after his website briefly takes credit for potential war crime

Rumors of alleged death of popular pro-Kremlin war correspondent gain traction on Twitter

Ukrainian counteroffensive sees advances in Zaporizhzhia and eastern Ukraine

On June 19, Ukrainian forces launched counteroffensive actions in at least three areas and appear to have made gains in Zaporizhzhia and eastern Ukraine. The Telegram channel of Russian military blogger WarGonzo reported that Ukrainian forces continued attacks northwest, northeast, and southwest of Bakhmut and advanced near Krasnopolivka. Ukrainian Deputy Defense Minister Hanna Maliar announced that over the past week Ukrainian troops advanced up to seven kilometers in the direction of Zaporizhzhia and retook 113 square kilometers of territory. Russian Telegram channels also reported that fighting was ongoing south and southwest of Orikhiv on June 19. Zaporizhzhia and Donetsk oblasts continue to be the most active areas of the frontline, as the Ukrainian army attempts to advance in the directions of Novodarivka, Pryutne, Makarivka, Rivnopil, Novodanylivka, and Robotyne.

On June 17, the Russian Ministry of Defense claimed that Ukrainian forces conducted ground attacks west and south of Kreminna. It also stated that the Russian army had repelled Ukrainian attacks on the Avdiivka-Donetsk sector. Meanwhile, Ukrainian forces continued operations around Velyka Novosilka near the border between Donetsk and Zaporizhzhia oblasts. 

According to Ukrainian forces, Russian forces conducted offensive actions in Donetsk and Luhansk oblasts. The Ukrainian military reported forty-five combat engagements with Russian forces near Yampolivka, Torske, Hryhorivka, Spirne, Avdiyivka, Krasnohorivka, Marinka, Pobieda, Novomykhailivka, and Donetsk’s Dibrova and Orikhovo-Vasylivka. According to Ukraine, the Russian army continued to shell villages in the direction of Marinka, Zaporizhzhia, Kherson, Lyman, and Kupiansk. Ukraine also alleged that Russian forces launched Kalibr cruise missiles from a submarine in the Black Sea and Shahed drones from the eastern coast of the Sea of Azov.

On June 20, Kyrylo Budanov, chief of the Main Directorate of Intelligence for the Ministry of Defense of Ukraine, alleged that Russian troops mined the Zaporizhzhia nuclear power plant’s cooling pond, which is necessary for the safe operation of the plant. According to Budanov, if Russia triggers an explosion, there is a “high probability that there will be significant problems.” Budanov did not provide any evidence to support the allegation, and the statement cannot be independently verified at this time. If true, however, it would put the nuclear plant at greater risk of a significant accident. The power plant complex, Europe’s largest, has been under occupation since February 2022.

On January 22, the governor of Russian-occupied Crimea accused Ukraine of targeting a bridge that connects the peninsula to Kherson Oblast, near the village of Chonhar. In a Telegram post, Vladimir Sal’do alleged that Ukraine struck the bridge with “British Storm Shadow missiles,” creating a hole in the middle of the bridge.

As fierce hostilities continue in eastern and southern Ukraine, there are signs of a new wave of arrests in Russia, including of people with ties to Ukraine. On June 20, Russian state media outlet RIA Novosti announced that a woman of Ukrainian origin was detained in Saransk and charged with treason.

—Ruslan Trad, resident fellow for security research, Sofia, Bulgaria

Wagner attempts to draft gamers as UAV pilots

A June 19 Telegram post from Russian opposition news outlet Verstka claimed that Wagner Group is encouraging gamers to apply to serve as unmanned aerial vehicle pilots in the war against Ukraine. The media outlet reported that no prior military experience was required to apply for the position. Posts from Wagner emerged on Vkontakte the same day, inviting gamers with experience in “manipulating joysticks in flight simulators” to enroll.

Verstka, which contacted a Wagner recruiter as part of its reporting, stated that the campaign aims to recruit soldiers to pilot “copters and more serious machines.” In this particular context, “copters” (коптеры) is a reference to commercial drones that are sold to the public and have been widely used in the war against Ukraine. A May 19 investigation published by the Organized Crime and Corruption Reporting Project found that Chinese manufacturers have reportedly continued to provide Russian armed forces with DJI drones through third parties in Kazakhstan. 

Verstka also noted that in 2022, the Russian defense ministry attempted to recruit gamers with a targeted ad campaign that invited them to play “with real rules, with no cheat codes or saves.”

—Valentin Châtelet, research associate, Brussels, Belgium

Deripaska blames hackers after his website briefly takes credit for potential war crime

The Russian-language website of Russian industrialist and US-sanctioned oligarch Oleg Deripaska briefly displayed an article appearing to take credit for deporting Ukrainian children to Russian-occupied Crimea in partnership with Kremlin official Maria Lvova-Belova, who is already facing an International Criminal Court arrest warrant for allegedly deporting children. 

Yaroslav Trofimov, chief foreign affairs correspondent at the Wall Street Journal, noted the article’s appearance and disappearance in a June 15 tweet. Trofimov shared screengrabs of the article, which by that time had already been deleted from Deripaska’s Russian-language website, deripaska.ru. A complete copy of the article can be found at the Internet Archive.

Later in the article, it added, “Separately, the Fund and personally Oleg Vladimirovich [Deripaska] express their gratitude to Maria Lvova-Belova and her project ‘In Hands to Children,’ which not only provided methodological materials, but also found an opportunity to send employees for psychological work with affected babies.” In March 2023, the ICC issued an arrest warrant for Lvova-Belova and Russian President Vladimir Putin, alleging they are responsible for unlawful deportation and transport of children from Russian-occupied parts of Ukraine to the Russian Federation.

In a response to Russian independent news outlet Meduza, which also covered the incident, a team of representatives for Deripaska called the article a “gross fake press-release” and blamed hackers for the article’s appearance. “The team added that Deripaska ‘unequivocally condemns the separation of children from their parents’ and that he is ‘one of the very few prominent Russian industrialists who openly criticizes the fratricidal war and consistently advocates for peace in Ukraine, as well as a reduction in global military spending,’” Meduza noted.

—Eto Buziashvili, research associate, Tbilisi, Georgia

Rumors of alleged death of popular pro-Kremlin war correspondent gain traction on Twitter

Rumors are spreading online that claim Ukrainian forces killed pro-Kremlin war correspondent Semyon Pegov, who operates an influential group of social media accounts under the name Wargonzo. The rumor first spread on Twitter on June 19 following the release of a graphic video from the 73rd Naval Center of Operations documenting how Ukrainian special forces unit had shot Russian soldiers in trenches. On June 19, Pegov’s Twitter account disregarded the allegations as fake. Wargonzo’s Telegram account has continued to operate as usual.

DFRLab analysis conducted with the social media monitoring software Meltwater Explore revealed that the most retweeted tweet came from the pro-Ukraine Twitter account @GloOouD, which stated, “LOOKS LIKE RUSSIAN TERRORISTS AND WAR REPORTER SEMEN PEGOV WAS KILLED BY UKRAINIAN SPECIAL FORCES.” The account shared a screenshot of a low-quality video frame depicting a red-bearded man that bears resemblance to Pegov.

The DFRLab confirmed that the video frame depicting Pegov’s look-alike was extracted from the graphic video posted posted by the 73rd Naval Center of Operations. The video’s metadata indicates the clip was created on June 18, 2023, at 22:16:07 GMT+0300. However, the video shows events occurring in daylight.

Pegov’s most recent public appearance was on June 13 during a meeting between Putin and Russian war correspondents. The Kremlin-controlled Channel One Russia broadcast the meeting on June 18.

—Nika Aleksejeva, resident fellow, Riga, Latvia

The post Russian War Report: Wagner attempts to draft gamers as drone pilots appeared first on Atlantic Council.

Zelenskyy’s comments reflect frustration in Kyiv over reports in the mainstream international media and widespread claims on social media platforms suggesting Ukraine’s counteroffensive is already floundering. Ukrainian presidential advisor Mykhailo Podolyak was one of many Ukrainian commentators to suggest this trend is part of a coordinated Kremlin disinformation operation. In a June 20 post, he accused Moscow of fueling media hysteria about the alleged failure of Ukraine’s counteroffensive in order to secure a ceasefire and “freeze the conflict at any cost.”

Kremlin-tied or Russia-friendly sources are likely to be behind at least some of the recent criticism over the initial pace of Ukraine’s counteroffensive. At the same time, negative assessments are also a consequence of the unrealistically high expectations that built up in the half-year period prior to the start of the campaign.

In the final months of 2022, the Ukrainian military stunned the watching world by liberating large areas of the country from Russian occupation. A lightning September offensive saw most of northeastern Ukraine’s Kharkiv region de-occupied, while a more methodical push in the south eventually resulted in the liberation of Kherson. These successes encouraged many to expect similarly rapid progress during the current campaign. In reality, Ukraine’s summer 2023 counteroffensive represents a far greater challenge in almost every sense.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Name
  This field is for validation purposes and should be left unchanged.

Ukraine must overcome a vast Russian invasion force strengthened by 300,000 mobilized troops that is dug in behind successive lines of sophisticated defensive fortifications stretching for over one thousand kilometers. They must do so without air superiority and while outgunned by Russian artillery at many points along the front. Nor can they count on the element of surprise. This incredibly ambitious task would challenge the world’s most powerful militaries. Understandably, Ukrainian commanders are adopting a methodical approach to the campaign.

Progress so far has been very slow but steady. During the first few weeks of the counteroffensive, Ukraine claims to have liberated at least eight settlements. While most represent sparsely populated frontline villages with little strategic value, the sight of the Ukrainian flag raised in liberated communities provides all Ukrainians with a massive morale boost. Meanwhile, the big battles still lie ahead.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

For now, the Ukrainian military is focusing on probing attacks at numerous points along the front in order to identify weaknesses and thin out Russian defenses. Ukraine is also carrying out a comprehensive campaign of airstrikes against Russian military and logistical targets deep inside occupied territory. Britain’s May 2023 decision to provide Ukraine with long-range Storm Shadow cruise missiles is playing an important role in these air attacks, making it possible to hit targets virtually anywhere in occupied Ukraine. For example, Storm Shadow missiles are believed to have been used in the June 22 attack on a strategically important bridge connecting Crimea with Russian-occupied southern Ukraine.

These tactics are reminiscent of the early stages of last year’s ultimately triumphant Ukrainian campaign to liberate Kherson. At the beginning of August 2022, Ukraine very publicly signaled the start of a counteroffensive to free the southern port city and surrounding region. Progress was initially slow, leading to widespread criticism and pessimistic forecasts. However, Ukraine’s strategy of systematically targeting key bridges across the Dnipro River which Russian troops relied upon for resupply eventually paid off. Hemmed in and cut off, Russian commanders ordered a humiliating retreat in early November. 

While the Kherson counteroffensive was on a far smaller scale than the current operation, it offers perhaps the best guide to Ukraine’s current objectives and envisioned timeline. The campaign to liberate Kherson involved tens of thousands of troops and took approximately three months to complete. Today’s counteroffensive involves hundreds of thousands of troops on both sides, with an area equal to a medium-sized European country at stake. It may be months before Ukraine’s commanders feel the conditions are right to attempt a major push to achieve a comprehensive breakthrough.

Ukraine’s international partners seem to appreciate the need for patience and are now emphasizing a long-term commitment to Ukraine that goes far beyond the current counteroffensive. At the Ukraine Recovery Conference in London on June 21, British Prime Minister Rishi Sunak reiterated his promise to “stand with Ukraine for as long as it takes.” Other Western leaders have made similar pledges in recent weeks.

These statements are particularly important at a time when Russian hopes of rescuing their faltering invasion increasingly hinge on a weakening of Western resolve and a reduction in support for Ukraine. Despite the many setbacks of the past sixteen months, Putin and other senior regime figures in Moscow are apparently still convinced they can ultimately outlast the democratic world in Ukraine. European and American leaders are attempting to dampen such expectations by signaling the strength of their commitment to Ukrainian victory.

As international anxiety grows over the perceived lack of progress in Ukraine’s big summer counteroffensive, it is vital that this message of Western unity and resolution remains clear and unambiguous. The campaign to defeat Russia’s invasion is a marathon not a blitzkrieg, but it has every chance of success as long as Ukraine and the country’s partners are unwavering in their commitment.

Peter Dickinson is the editor of the Atlantic Council’s UkraineAlert service.

Further reading

UkraineAlert Jun 21, 2023

Putin’s nuclear threats will escalate as Ukraine’s counteroffensive unfolds

By Diane Francis

As Ukraine’s long-awaited counteroffensive gets underway, there are fears that Russia’s deteriorating military predicament could lead to an escalation in Vladimir Putin’s nuclear threats, writes Diane Francis.

Conflict Disinformation

Fast Thinking Jun 7, 2023

Has Ukraine’s counteroffensive really begun?

By Atlantic Council

Atlantic Council experts share their insights on the intensifying war in Ukraine.

Conflict Europe & Eurasia

UkraineAlert Jun 12, 2023

Beyond the counteroffensive: 84% of Ukrainians are ready for a long war

By Peter Dickinson

84% of Ukrainians reject any compromise with Russia and are ready for a long war if necessary in order to fully de-occupy their country. Most simply see no middle ground between genocide and national survival, writes Peter Dickinson.

Civil Society Conflict

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Ukraine’s counteroffensive is a marathon not a blitzkrieg appeared first on Atlantic Council.

Below, Atlantic Council experts share their genuine intelligence by answering the pressing questions about what’s in the legislation and what’s next. 

1. What are the most significant aspects of this draft law? 

The European Parliament’s version of the AI Act would prohibit use of the technology within the EU for controversial purposes like real-time remote biometric identification in public places and predictive policing. Member state law enforcement agencies are sure to push back against aspects of these bans, since some of them are already using these technologies for public security reasons. The final version could well be more accommodating of member states’ security interests.

—Kenneth Propp is a nonresident senior fellow with the Atlantic Council’s Europe Center and former legal counselor at the US Mission to the European Union in Brussels.

The most significant aspect of the draft AI Act is that it exists and has been voted on positively by the European Parliament. This is the only serious legislative attempt to date to deal with the rapidly evolving technology of AI and specifically to address some of the anticipated risks, both due to the technology itself and to the ways people use it. For example, a government agency might use AI to identify wrongdoing among welfare recipients, but due to learned bias it misidentifies thousands of people as participating in welfare fraud (this happened in the Netherlands in 2020). Or a fake video showing a political candidate in a compromising position is released just prior to the election. Or a government uses AI to track citizens and determine whether they exhibit “disloyal” behavior.

To address these concerns, EU policymakers have designed a risk-management framework, in which higher-risk applications would receive more scrutiny. A few uses of AI—social scoring, real-time facial recognition surveillance—would be banned, but most companies deploying AI, even the higher-risk cases, would have to file extensive records on training and uses. Above all, this is a law about transparency and redress: humans should know when they are interacting with AI, and if AI makes decisions about them, they should have a right of redress to a fellow human. In the case of generative AI, such as ChatGPT, the act requires that images be marked as coming from AI and the AI developer should list the copyrighted works on which the AI trained.

Of course, the act is not yet finished. Next, there will be negotiations between parliament and the EU member states, and we can expect significant opposition to certain bans from European law enforcement institutions. Implementation will bring other challenges, especially in protecting trade secrets while examining how algorithms might steer users toward extreme views or criminal fraudsters. But if expectations hold, by the end of 2023 Europe will have the first substantive law on AI in the world.

—Frances Burwell is a distinguished fellow at the Atlantic Council’s Europe Center and a senior director at McLarty Associates.

There are numerous significant aspects of this law, but there are two and a half that really stand out. The first is establishing a risk-based policy where lawmakers identify certain uses as presenting unacceptable risk (for example, social scoring, behavioral manipulation of certain groups, and biometric identification by groups including police). Second, generative AI systems would be regulated and required to disclose any copyrighted data that was used to train the generative model, and any content AI outputs would need to carry a notice or label that it was created with AI. It’s also interesting what’s included as guidance for parliament to “ensure that AI systems are overseen by people, are safe, transparent, traceable, non-discriminatory, and environmentally friendly.” This gives parliament a wide mandate that could see everything from data provenance to data center energy use be regulated under this draft law.

—Steven Tiell is a nonresident senior fellow with the Atlantic Council’s GeoTech Center. He is a strategy executive with wide technology expertise and particular depth in data ethics and responsible innovation for artificial intelligence.

2. What impact would it have on the industry?

Much as the EU’s General Data Protection Regulation (GDPR) became a globally motivating force in the business community, this law will do the same. The burden on companies to maintain and keep separate infrastructure exclusively for the EU is much higher than the cost of compliance. And the cost (and range) of noncompliance for companies (and individuals) has risen—prohibited uses, those deemed to have unacceptable risk, will incur a fine up to forty million euros or 7 percent of worldwide annual turnover (total global revenue) for the preceding financial year, whichever is greater. Violations of human-rights laws or any type of discrimination perpetrated by an AI will incur fines up to twenty million euros or 4 percent of worldwide turnover. Other noncompliance offenses, including from foundational models (again, the draft regulation affects generative AI), are subjected to fines of up to ten million euros or 2 percent of worldwide annual turnover. And those supplying false, incomplete, or misleading information to regulators can be fined up to five million euros or 1 percent of worldwide annual turnover. These fines are a big stick to encourage compliance. 

—Steven Tiell 

As I wrote for Lawfare when the European Commission proposed the AI Act two years ago, the proposed AI regulation is “a direct challenge to Silicon Valley’s common view that law should leave emerging technology alone.” At the same time, though the legislation is lengthy and complex, it is far from the traditional caricature of EU measures as heavy-handed, top-down enactments. Rather, as I wrote then, the proposal “sets out a nuanced regulatory structure that bans some uses of AI, heavily regulates high-risk uses, and lightly regulates less risky AI systems.” The European Parliament has added some onerous requirements, such as a murky human-rights impact assessment of AI systems, but my earlier assessment remains generally true.

It’s also worth noting that other EU laws, such as the GDPR adopted in 2016, will have an important and still-evolving impact on the deployment of AI within EU territory. For example, earlier this week Ireland’s data protection commission delayed Google’s request to deploy Bard, its AI chatbot, because the company had failed to file a data protection impact assessment, as required by the GDPR. Scrutiny of AI products by multiple European regulatory authorities employing precautionary approaches likely will mean that Europe will lag in seeing some new AI products.

—Kenneth Propp

3. How might this process shape how the rest of the world regulates AI?

It will have an impact on the rest of the world, but not simply by becoming the foundation for other AI acts. Most significantly, the EU act puts certain restrictions on governmental use of AI in order to protect democracy and a citizen’s fundamental rights. Authoritarian regimes will not follow this path. The AI Act is thus likely to become a marker, differentiating between those governments that value democracy more than technology, versus those that seek to use technology to control their publics.

—Frances Burwell

Major countries across the globe from Brazil to South Korea are in the process of developing their own AI legislation. The US Congress is slowly moving in the same direction with a forthcoming bill being developed by Senate Majority Leader Chuck Schumer likely to have important influence. If the EU sticks to its timetable of adopting the AI Act by the end of the year, its legislation could shape other countries’ efforts significantly by virtue of being early out of the gate and comprehensive in nature. Countries more concerned with promoting AI innovation, such as the United Kingdom, may stake out a lighter-touch approach than the EU, however.

—Kenneth Propp

The world’s businesses will comply with the EU’s AI Act if they have any meaningful amount of business in the EU and governments in the rest of the world are aware of this. Compliance with the EU’s AI Act will be table stakes. It can be assumed that many future regulations will mimic many components, big and small, of the EU’s AI Act, but where they deviate will be interesting. Expect to see other regulators emboldened by the fines and seek commensurate remuneration for violations in their countries. Other countries might extend more of the auditing requirements to things such as maintaining outputs from generative models. Consumer protections in different countries will be more variable as well. And it will be interesting to see if countries such as the United States and United Kingdom pivot their legislation toward being more risk-based as opposed to principles-based.

—Steven Tiell 

4. What are the chances of this becoming law, and how long will it take? 

Unlike in the United States, where congressional passage of legislation is typically the decisive step, the European Parliament’s adoption on Wednesday of the AI Act only prepares the way for a negotiation with the EU’s member states to arrive at the final text. Legislative proposals can shift substantially during such closed-door “trilogues” (so named because the European Commission as well as the Council of the European Union also participate). The institutions aim for a final result by the end of 2023, during Spain’s presidency of the Council, but legislation of this complexity and impact easily could take longer to finalize.

—Kenneth Propp

Based on this week’s vote, there are strong signals of overwhelming support for this draft law. The next step is trilogue negotiations among the parliament, the Council of the European Union, and the European Commission, and these negotiations will determine the law’s final form. There are strong odds these negotiations will finish by the end of the year. At that point, the act will take about two years to transpose to EU member states for implementation, similar to what happened with GDPR. Also similar to GDPR, it could take at least that long for member states to develop the expertise to assume their role as market regulators. 

—Steven Tiell 

5. What are some alternative visions for regulating AI that we may see?

In general, we see principles-based, risk-based, and rights-based legislation. Depending on the government and significance of the law, different approaches might be applied. The EU’s AI Act is somewhat unique and interesting as it started life as a principles-based approach, but through its evolution became primarily risk-based. Draft legislation in the United States and the United Kingdom is principles-based today. Time will tell if these governments are influenced by the EU’s approach.

—Steven Tiell

The post The world’s regulatory superpower is taking on a regulatory nightmare: artificial intelligence appeared first on Atlantic Council.

Security

Deadly Russian barrage targets residential building in Kryvyi Rih as fighting continues in south and east

Putin confirms Russian conscripts are protecting Belgorod Oblast against raids

Tracking narratives

Narrative targeting Ukraine’s counteroffensive fails to gain traction on Twitter

Deadly Russian barrage targets residential building in Kryvyi Rih as fighting continues in south and east

On June 13, Russia attacked a residential building in Kryvyi Rih, killing at least twelve people and injuring at least thirty-four. Rescue operations continued the morning of June 14. 

Elsewhere, the Air Force of the Armed Forces of Ukraine said at least three people were killed and thirteen wounded after Russia launched Kalibr cruise missiles against Odesa on the night of June 13. The air force said it shot down three of four Kalibr cruise missiles and nine of ten Shahed drones. In addition, shelling in Karyerne, in Kherson Oblast, killed a nine-year-old girl, according to the Prosecutor General’s Office.

Further, a Donbas Telegram channel citing Governor Pavlo Kyrylenko reported at least two people killed and two others wounded after Russian missile strikes in Kramatorsk. In the Dnipropetrovsk region, Governor Serhiy Lysak said three Shahed drones were shot down, while in Svitlovodsk, Kirovohrad Oblast, a Shahed drone reportedly struck an unnamed “infrastructure object.” Russian Tu-22M3 bombers also launched Kh-22 missiles against targets in Donetsk Oblast. Meanwhile, shelling was reported in Russia’s Kursk region, targeting Glushkovo, Korovyakovka, Tetkino, and Popovo-Lezhachi. A police station in Glushkovo was reportedly damaged. 

The General Staff of the Armed Forces of Ukraine reported on June 13 twenty-eight clashes between its forces and the Russian army. Near Bakhmut, Russian forces attempted to carry out attacks in the areas of Orikhovo-Vasylivka, Ivanivske, and Bila Hora. Attacks were also reported in the direction of Lyman near Vesele and Rozdolivka. 

The office of Ukrainian President Volodymyr Zelenskyy said that evacuations are planned in Armyansk, a Russian-occupied town in north Crimea, prompted by the collapse of the Nova Kakhovka dam. Operations at the Titan titanium dioxide plant in Armyansk were critically disrupted as a result of the dam collapse. The presidential office said an attack against the Titan plant could release up to two hundred tons of ammonia into the air, posing a significant threat to north Crimea and south Kherson Oblast. Flooding is also silting up the North Crimean Canal; Reuters noted that the canal has traditionally supplied 85 percent of Crimea’s water.

Ukrainian volunteer Roman Donik reported on June 13 that the 47th Mechanized Brigade of the Armed Forces of Ukraine, known as Magura, is advancing through continuous minefields. Ukraine’s current de-mining equipment is reportedly insufficient for handling the density of the minefields. Despite the risks, the soldiers of the brigade are moving forward on foot. The following day, Speaker of the General Staff of the Armed Forces of Ukraine Andriy Kovalev announced that Ukrainian forces had advanced in various areas in the direction of Berdyansk at a distance of 200 to 1,400 meters. Currently, the main battles are taking place in Makarivka, Novodanylivka, and Novopokrovka. 

The investigative unit of Radio Free Europe/Radio Liberty’s Ukraine service reported that satellite imagery shows Russia transferred twenty helicopters to the Berdyansk airfield after the launch of Ukraine’s counteroffensive in the direction of Zaporizhzhia. Currently, there are at least twenty-seven Russian military helicopters at the occupied airfield, as well as five Ka-52 units, nine Mi-8 or Mi-24 units, and thirteen Ka-29 units. According to the report, these aircraft are designed to support Russian ground forces with the operational transfer of troops or equipment closer to the battlefield, in addition to possible evacuation operations. 

According to Mykola Kolesnyk, a Ukrainian paramilitary leader, a Russian ammunition depot was hit in occupied Staromlynivka by the aerial reconnaissance unit of the 129th Territorial Defense Forces Brigade and the artillery unit of the 55th Brigade of the Armed Forces of Ukraine. Footage from the 53rd Brigade of Ukraine’s Armed Forces shows strikes against Russian equipment, warehouses, and bases. 

Meanwhile, US Secretary of State Antony Blinken announced a new military assistance package for Ukraine, which will include additional munitions for national advanced surface-to-air missile systems (NASAMS), Stinger anti-aircraft systems, missiles for high mobility artillery rocket systems (HIMARS), 155mm and 105mm artillery shells, fifteen Bradley infantry fighting vehicles, ten Stryker armored personnel carriers, Javelin anti-armor systems, and more than 22 million rounds of small arms ammunitions and grenades, in addition to demining and communications systems. Meanwhile, the United Kingdom announced a new $116 million aid package for Ukraine, which will include a radar system to track Russian missiles, artillery, and ammunition. 

Lastly, Danish military instructors will train Ukrainian crews on German Leopard 1A5 tanks, according to a Danish media. Denmark is scheduled to send Ukraine eighty restored Leopard 1A5DK tanks this month. The machines were bought by the private German company FFG after they were withdrawn from the Danish army in 2005. Denmark and Germany allocated $3.2 million to repair and modernize the tanks. In early February, the German company Krauss-Maffei Wegmann began preparing the tanks for delivery to Ukraine.

—Ruslan Trad, resident fellow for security research, Sofia, Bulgaria

Putin confirms Russian conscripts are protecting Belgorod Oblast against raids

In a June 13 address, Russian President Vladimir Putin spoke about the situation in Russian regions bordering Ukraine. Since May 22, Belgorod Oblast has been the target of two incursions allegedly led by the Russian Volunteer Corps, an anti-Putin military unit made of Russian pro-Ukrainian partisans. In a meeting with Russian military bloggers and war correspondents, Putin reportedly said, “If this continues, then we will need to examine the question—and I say this carefully—of creating on Ukraine’s territory a sanitary zone at such a distance from where it could be impossible to reach our territory.” While this appears to be the first time the term “sanitary zone” has been used in reference to the war in Ukraine, the Russian president is likely referring to the creation of a demilitarized buffer zone in Ukraine.

In sharing an anecdote about a battalion commander in Belgorod Oblast, Putin confirmed Russian conscripts had been deployed to the region. When asked how many mobilized soldiers and conscripts were under his command, the commander reportedly replied, “They’re all conscripts,” adding, “None of them shivered!”

Russia’s spring conscription kicked off on March 30, 2023, with future recruits called to undergo military preparation. Although Putin declared in March 2022 that no conscript would fight in the war, suspicions were raised following the reported death of three conscripts after a June 1 attack against Belgorod. The three soldiers served in the 43rd Railway Brigade. In a VKontakte post, a Russian official said the conscripted soldiers had been relocated from the Sverdlovsk region to Belgorod. According to pro-Russian media outlet Lenta, Russian MP Leonid Slutsky reportedly proposed a legal mechanism so that “conscripts, fighting the enemy in the Belgorod Oblast, could be recognized as participants of combat operations and receive all the payments due under the law.”

—Valentin Châtelet, research associate, Brussels, Belgium

Narrative targeting Ukraine’s counteroffensive fails to gain traction on Twitter

A small number of influential Twitter accounts are spreading a narrative that frames the Ukrainian counteroffensive as unsuccessful. The DFRLab conducted a query using the social media analysis platform Meltwater Explore to identify tweets that mention the Ukrainian counteroffensive. It returned 352,000 results from 118,000 users, which averages almost three tweets per user. The results indicate organic traffic.

Three of the five most-retweeted tweets claimed the counteroffensive was unsuccessful. All three tweets came from @KimDotcom, a controversial hacker, entrepreneur, and activist currently based in New Zealand. In his tweets, he suggested that sanctions against Russia do not work, implied that Ukrainian soldiers are suffering enormous casualties, and amplified a tweet from the Russian Ministry of Foreign Affairs allegedly showing destroyed Western military vehicles. The second most-active account declaring the counteroffensive a failure was the anonymous account @WarMonitors, which shared allegedly destroyed Western military equipment and praised Russian equipment.

—Nika Aleksejeva, resident fellow, Riga, Latvia

The post Russian War Report: Anti-Ukrainian counteroffensive narratives fail to go viral appeared first on Atlantic Council.

Rights activists, tech leaders, and other stakeholders are meeting at RightsCon Costa Rica on June 5-8 to collectively set an agenda for advancing human rights in this digital age.

Our experts at the Digital Forensic Research Lab are coordinating part of that effort, with a slate of RightsCon events as part of their 360/Open Summit: Around the World global programming. Below are highlights from the events at RightsCon, which cover digital frameworks in Africa, disinformation in Ukraine, online harassment of women globally, and more.

The latest from San José

Rethinking transparency reporting

Human rights must be central in the African Union’s Digital Transformation Strategy

Day two wraps with a warning about dangerous threats, from militant accelerationism to violence toward women

What’s behind today’s militant accelerationism?

The digital ecosystem’s impact on women’s political participation

Day one wraps with recommendations for Africa’s digital transformation, Venezuela’s digital connectivity, and an inclusionary web

What does a trustworthy web look like?

Mapping—and addressing—Venezuela’s information desert

Where open-source intelligence meets human-rights advocacy

Rethinking transparency reporting

On Day 3 of RightsCon Costa Rica, Rose Jackson, director of the DFRLab’s Democracy & Tech Initiative, joined panelists Frederike Kaltheuner, director for technology and human rights at Human Rights Watch, and David Green, civil liberties director at Electronic Frontier Foundation, for a panel on rethinking transparency reporting. The discussion was led and moderated by Gemma Shields, Online Safety Policy Lead at the United Kingdom’s Office of Communications (Ofcom).

Shields opened the session by describing the online safety bill currently making its way through the UK parliament and the role of Ofcom in its implementation. The bill will give new powers to Ofcom to test mandatory platform transparency reporting requirements. Through these efforts, Ofcom hopes that “good, effective meaningful transparency reporting might encourage proactive action from the platforms,” Shields explained.

During the discussion, the panelists discussed what will be central to implementation of the online safety bill, including what effective transparency reporting looks like. Kaltheuner emphasized the complexity of defining meaningful transparency when the use cases vary across end users, regulators, civil society, journalists, and academics. Green underscored the importance of centering user needs in the conversation and the need to tailor reporting mandates to specific platforms.

Jackson noted that it is a strategic imperative for the UK government to consult experts from the global majority and consider how regulations and norms could be potentially used for harm by non-democratic actors. As Jackson put it, “what happens in the most unprotected spaces is the beta test for what will show up in your backyard.” She also highlighted the importance of global civil society engaging with the UK Online Safety Bill and European transparency regulations, such as the Digital Services Act, because these policies are first movers in codifying more regulation, and future policies will refer back to these efforts.

Human rights must be central in the African Union’s Digital Transformation Strategy

The DFRLab gathered stakeholders from the policy-making, democracy, rights, and tech communities across the African continent to discuss the African Union’s Digital Transformation Strategy. Participants compared notes and identified opportunities for increasing the strategy’s human-rights focus as it approaches its mid-mandate review. Participants also agreed that trusted conveners, such as watchdog agencies within national governments, can play a critical facilitating role in ensuring effective communication between experts, users, and civil society on one hand and policymakers and elected officials on the other. Discussion of particular concerns with the Strategy or recommendations to increasingly center human rights in it will be continued in future gatherings.

Day two wraps with a warning about dangerous threats, from militant accelerationism to violence toward women

The DFRLab kicked off day two at RightsCon with a conversation on how Russian information operations, deployed ahead of the full-scale invasion of Ukraine, were used to build false justifications for the war, deny responsibility for the war of aggression, and mask Russia’s military build-up. The panel also highlighted two DFRLab reports, released in February 2023, that examine Russia’s justifications for the war and Russia’s attempts to undermine Ukraine’s resistance and support from the international community.

Read more

Transcript

Jun 8, 2023

Mapping the last decade of Russia’s disinformation and influence campaign in Ukraine

By Atlantic Council

Since its full-scale invasion of Ukraine, Russia has continued its information operations, targeting more than just Ukraine, say speakers at a RightsCon event hosted by the Digital Forensic Research Lab.

Disinformation Russia

While at RightsCon, the DFRLab participated in a discussion on militant accelerationism, its impact on minority communities, and how bad actors can be held accountable. The event, hosted by the United Kingdom’s Office of Communications and Slovakia’s Council of Media Services, featured panelists who discussed the ways in which policy can hold all voices, including those of the powerful, accountable. During the panel, DFRLab Research Fellow Meghan Conroy discussed how such violent narratives have become increasingly commonplace in some American ideologies and how extremist individuals and groups sympathetic to these narratives have been mobilized.

To close out the day, the DFRLab and the National Democratic Institute co-hosted a panel featuring global experts from civil society, government, and industry on how the threat of violence and harassment online has impacted the potential for women to participate in politics. As noted by the panelists, abuse suffered online is meant to strictly intimidate and silence those who want to get involved, and it is, therefore, all the more important that these very women, and those already established, stand up and speak out so as to serve as role models and protect diversity and equity in politics, tech, and beyond.

What’s behind today’s militant accelerationism?

By Meghan Conroy

While at RightsCon, I—a DFRLab research fellow and co-founder of the Accelerationism Research Consortium—joined an event hosted by the UK Office of Communications and Slovakia’s Council of Media Services on militant accelerationism.

My co-panelists and I provided an overview of militant accelerationism and an explanation of the marginalized groups that have been targets of militant accelerationist violence. I discussed accelerationist narratives that have not only permeated mainstream discourse but have also mobilized extremists to violence. Hannah Rose, research fellow and PhD candidate at King’s College London’s International Centre for the Study of Radicalization, zeroed in on the role of conspiracy theories in enabling the propagation of these extreme worldviews.

Stanislav Matějka, head of the Analytical Department at the Slovakian Council of Media Services, delved into the October 2022 attack in Bratislava. He flagged the role of larger, more mainstream platforms as well as filesharing services in enabling the spread of harmful content preceding the attack. Murtaza Shaikh, principal at the UK Office of Communications for illegal harms and hate and terrorism, highlighted the office’s work on the May 2022 attack in Buffalo, New York. He raised that these attacks result, in part, from majority populations framing themselves as under threat by minority populations, and then taking up arms against those minority populations.

Attendees then broke into groups to discuss regulatory solutions and highlight obstacles that may stand in the way of those solutions’ implementation or effectiveness. Key takeaways included the following:

• Powerful voices need to be held to account. Politicians, influencers, and large platforms have played an outsized role in enabling the mainstreaming and broad reach of these worldviews.
• Bad actors will accuse platforms and regulators of censorship, regardless of the extent to which content is moderated. As aforementioned, they’ll often position themselves as victims of oppression, and doing so in the context of content moderation policies is no different—even if the accusations are not rooted in reality.
• Regulators must capitalize on existing expertise. Ahost of experts who monitor these actors, groups, and narratives across platforms, as well as their offline activities, can help regulators and platforms craft creative, adaptive, and effective policies to tackle the nebulous set of problems linked to militant accelerationism.

This conversation spurred some initial ideas that are geared toward generating more substantial discussion. Introducing those unfamiliar with understudied and misunderstood concepts, like militant accelerationism, is of the utmost importance to permit more effective combatting of online harms and their offline manifestations—especially those that have proven deadly.

Meghan Conroy is a US research fellow with the Atlantic Council’s Digital Forensic Research Lab.

The digital ecosystem’s impact on women’s political participation

By Abigail Wollam

The DFRLab and the National Democratic Institute (NDI) co-hosted a panel that brought together four global experts from civil society, government, and industry to discuss a shared and prevalent issue: The threat of digital violence and harassment that women face online, and the impact that it has on women’s participation in political life.

The panel was facilitated by Moira Whelan, director for democracy and technology at NDI; she opened the conversation by highlighting how critical these conversations are, outlining the threat to democracy posed by digital violence. She noted that as online harassment towards women becomes more prevalent, women are self-censoring and removing themselves from online spaces. “Targeted misogynistic abuse is designed to silence voices,” added panelist Julia Inman Grant, the eSafety commissioner of Australia.  

Both Neema Lugangira (chairperson for the African Parliamentary Network on Internet Governance and member of parliament in Tanzania) and Tracy Chou (founder and chief executive officer of Block Party) spoke about their experiences with online harassment and how those experiences spurred their actions in the space. Lugangira found, through her experience as a female politician in Tanzania, that the more outspoken or visible a woman is, the more abuse she gets. She observed that women might be less inspired to participate in political life because they see the abuse other women face—and the lack of defense or support these women get from other people. “I decided that since we’re a group that nobody speaks for… I’m going to speak for women in politics,” said Lugangira.

Chou said that she faced online harassment when she became an activist for diversity, equity, and inclusion in the tech community. She wanted to address the problem that she was facing herself and founded Block Party, a company that builds tools to combat online harassment.  

Despite these challenges, the panelists discussed potential solutions and ways forward. Australia is leading by example with its eSafety commissioner and Online Safety Act, which provide Australians with an avenue through which to report online abuses and receive assistance. Fernanda Martins, director of InternetLab, discussed the need to change how marginalized communities that face gendered abuse are seen and talked about; instead of talking about the community as a problem, it’s important to see them as part of the solution and bring them into the discussions.

Abigail Wollam is an assistant director at the Atlantic Council’s DFRLab

Read more

Transcript

Jun 8, 2023

The international community must protect women politicians from abuse online. Here’s how.

By Atlantic Council

At RightsCon, human-rights advocates and tech leaders who have faced harassment online detail their experiences—and ways the international community can support women moving forward.

Disinformation Resilience & Society

Day one wraps with recommendations for Africa’s digital transformation, Venezuela’s digital connectivity, and an inclusionary web

This year at RightsCon Costa Rica, the DFRLab previewed its forthcoming Task Force for a Trustworthy Future Web report and gathered human-rights defenders and tech leaders to talk about digital frameworks in Africa, disinformation in Latin America and Ukraine, and the impact online harassment has on women in political life, and what’s to come with the European Union’s Digital Services Act. 

Read more

Transcript

Jun 8, 2023

The European Commission’s Rita Wezenbeek on what comes next in implementing the Digital Services Act and Digital Markets Act

By Atlantic Council

At a DFRLab RightsCon event, Wezenbeek spoke about the need to get everyone involved in the implementation of the DSA and DMA.

Disinformation European Union

The programming kicked off on June 5 with the Digital Sherlocks training program in San José, which marked the first time the session was conducted in both English and Spanish. The workshop aimed to provide human-rights defenders with the tools and skills they need to build movements that are resilient to disinformation.  

On June 6, the programming opened with a meeting on centering human rights in the African Union’s Digital Transformation Strategy. The DFRLab gathered stakeholders from democracy, rights, and tech communities across the African continent to discuss the African Union’s Digital Transformation Strategy. Participants compared notes and identified opportunities for impact as the strategy approaches its mid-mandate review. 

Next, the DFRLab, Venezuela Inteligente, and Access Now hosted a session on strengthening Venezuela’s digital information ecosystem, a coalition-building meeting with twenty organizations. The discussion drew from a DFRLab analysis of Venezuela’s needs and capabilities related to the country’s media ecosystems and digital security, literacy, and connectivity. The speakers emphasized ways to serve vulnerable groups.

Following these discussions, the DFRLab participated a dialogue previewing findings from the Task Force for a Trustworthy Future Web. The DFRLab’s Task Force is convening a broad cross-section of industry, civil-society, and government leaders to set a clear and action-oriented agenda for future online ecosystems. As the Task Force wraps up its report, members discussed one of the group’s major findings: the importance of inclusionary design in product, policy, and regulatory development. To close out the first day of DFRLab programming at RightsCon Costa Rica, the task force notified the audience that it will be launching its report in the coming weeks. 

What does a trustworthy web look like?

By Jacqueline Malaret and Abigail Wollam

The DFRLab’s Task Force for a Trustworthy Future Web is charting a clear and action-oriented roadmap for future online ecosystems to protect users’ rights, support innovation, and center trust and safety principles. As the Task Force is wrapping up its report, members joined Task Force Director Kat Duffy to discuss one of the Task Force’s major findings—the importance of inclusionary design in product, policy, and regulatory development—on the first day of RightsCon Costa Rica.

In just eight weeks, Elon Musk took over Twitter, the cryptocurrency market crashed, ChatGPT launched, and major steps have been made in the development of augmented reality and virtual reality, fundamentally shifting the landscape of how we engage with technology. Framing the panel, Duffy highlighted how not only has technology changed at a breakneck pace, but the development and professionalization of the trust and safety industry have unfolded rapidly in tandem, bringing risks, harms, and opportunities to make the digital world safer for all.

Read more

Task Force for a Trustworthy Future Web

The Task Force for a Trustworthy Future Web will chart a clear and action-oriented roadmap for future online ecosystems to protect users’ rights, support innovation, and center trust and safety principles.

The three panelists—Agustina del Campo, director of the Center for Studies on Freedom of Expression; Nighat Dad, executive director of the Digital Rights Foundation; and Victoire Rio, a digital-rights advocate—agreed that the biggest risk, which could yield the greatest harm, is shaping industry practices through a Western-centric lens, without allowing space for the global majority. Excluding populations from the conversation around tech only solidifies the mistakes of the past and risks creating a knowledge gap. Additionally, the conversation touched on the risk of losing sight of the role of government, entrenching self-regulation as an industry norm, and absolving both companies and the state for harms that can occur because of the adoption of these technologies.

Where there is risk, there is also an opportunity to build safer and rights-respecting technologies. Panelists said that they found promise in the professionalization and organization of industry, which can create a space for dialogue and for civil society to engage and innovate in the field. They are also encouraged that more and more industry engagements are taking place within the structures of international law and universal human rights. The speakers were encouraged by new opportunities to shape regulation in a way that coalesces action around systemic and forward-looking solutions.

But how can industry, philanthropy, and civil society maximize these opportunities? There is an inherent need to support civil society that is already deeply engaged in this work and to help develop this field, particularly in the global majority. There is also a need to pursue research that can shift the narrative to incentivize investment in trust and safety teams and articulate a clear case for the existence of this work.

Jacqueline Malaret is an assistant director at the Atlantic Council’s DFRLab

Abigail Wollam is an assistant director at the Atlantic Council’s DFRLab

Mapping—and addressing—Venezuela’s information desert

By Iria Puyosa and Daniel Suárez Pérez

On June 6, the DFRLab, Venezuela Inteligente, and Access Now (which runs RightsCon) hosted a coalition-building meeting with twenty organizations that are currently working on strengthening Venezuela’s digital information ecosystem. The discussion was built on an analysis, conducted by the DFRLab, of the country’s media ecosystems and digital security, literacy, and connectivity; the speakers focused on ways to serve vulnerable groups such as grassroots activists, human-rights defenders, border populations, and populations in regions afflicted by irregular armed groups. 

The idea of developing a pilot project in an information desert combining four dimensions—connectivity, relevant information, security, and literacy—was discussed. Participants agreed that projects should combine technical solutions to increase access to connectivity and generate relevant information for communities, with a human-rights focus. In addition, projects should include a digital- and media-literacy component and continuous support for digital security.

Iria Puyosa is a senior research fellow at the Atlantic Council’s DFRLab

Daniel Suárez Pérez is a research associate for Latin America at the Atlantic Council’s DFRLab

Where open-source intelligence meets human-rights advocacy

By Ana Arriagada

On June 5, the DFRLab hosted a Digital Sherlocks workshop on strengthening human-rights advocacy through open-source intelligence (OSINT) and countering disinformation.

Learn more about the Digital Sherlocks program

The Digital Sherlocks program convenes a global community of researchers to build resilience against disinformation. Each semester, the program offers more than thirty free online trainings, ranging from basic to advanced levels, to cohorts drawn from universities, civil society, journalism, and academia. Through the Digital Sherlocks program, the DFRLab has trained at least 2,300 people in over 130 countries.

Read more

I co-led the workshop with DFRLab Associate Researchers Jean le Roux, Daniel Suárez Pérez, and Esteban Ponce de León.

In the session, attendees discussed the worrying rise of antidemocratic governments in Latin America—such as in Nicaragua and Guatemala—who are  using open-source tools for digital surveillance and are criminalizing the work of journalists and human-rights defenders. When faced with these challenges, it becomes imperative for civil-society organizations to acquire and use investigative skills to produce well-documented reports and investigations. 

During the workshop, DFRLab researchers shared their experiences investigating paid campaigns that spread disinformation or promote violence or online harassment. They recounted having used an array of tools to analyze the origin and behavior of these paid advertisements. 

DFRLab researchers also discussed tools that helped them detect suspicious activity on platforms such as YouTube, where, for example, some gamer channels spread videos related to disinformation campaigns or political violence. The workshop attendees also discussed how policy changes at Twitter have made the platform increasingly challenging to investigate, but they added that open-source researchers are still investigating, thanks to the help of available tools and the researchers’ creative methodologies. 

The workshop also showcased the DFRLab’s work with the Action Coalition on Meaningful Transparency (ACT). Attendees received a preview of ACT’s upcoming portal launch, for which the DFRLab has been offering guidance. The new resource will offer access to a repository of transparency reporting, policy documents, and analysis from companies, governments, and civil society. It will also include a registry of relevant actors and initiatives, and it will allow users to establish links between entries to see the connections between organizations, the initiatives they are involved in, and the reports they have published. 

The workshop ended with the DFRLab explaining that social network analysis— the study of social relationships and structures using graph theory—is important because it allows for investigating suspicious activity or unnatural behavior exhibited by users on social media platforms. 

Ana Arriagada is an assistant director for Latin America at the Atlantic Council’s DFRLab

The post Activists and experts assemble in Costa Rica to protect human rights in the digital age appeared first on Atlantic Council.

According to Power, users of Diia can digitally access the kinds of state services that US citizens can only dream of, including crossing the border using a smartphone application as a legal ID, obtaining a building permit, and starting a new business. The platform also reduces the potential for corruption by removing redundant bureaucracy, and helps the Ukrainian government respond to crises such as the Covid pandemic and the Russian invasion.

Since February 2022, the Diia platform has played a particularly important part in Ukraine’s response to Russia’s full-scale invasion. According to Ukraine’s Minister of Digital Transformation Mykhailo Fedorov, in the first days of the invasion the platform made it possible to provide evacuation documents along with the ability to report property damage. Other features have since been added. The e-enemy function allows any resident of Ukraine to report the location and movement of Russian troops. Radio and TV functions help to inform people who find themselves cut off from traditional media in areas where broadcasting infrastructure has been damaged or destroyed.

Today, the Diia ecosystem offers the world’s first digital passport and access to 14 other digital documents along with 25 public services. It is used by more than half the Ukrainian adult population. In addition to consumer-oriented functions, the system collects information for the national statistical office and serves as a digital platform for officials. Diia is widely seen as the world’s first next-generation e-government platform, and is credited with implementing what many see as a more human-centric government service model.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Phone
  This field is for validation purposes and should be left unchanged.

In today’s increasingly digital environment, governments may find that they have a lot of siloed systems in place, with each system based on its own separate data, infrastructure, and even principles. As a result, people typically suffer from additional bureaucracy and need to deal repeatedly with different official organizations. Most e-government initiatives are characterized by the same problems worldwide, such as technical disparity of state systems, inappropriate data security and data protection systems, absence of unified interoperability, and inefficient interaction between different elements. Ukraine is pioneering efforts to identify more human-centric solutions to these common problems.

One of the main challenges on the path to building sustainable e-government is to combine user friendliness with a high level of cyber security. If we look at the corresponding indices such as the Online Services Index and Baseline Cyber Security Index, we see that only a handful of European countries have so far managed to achieve the right balance: Estonia, Denmark, France, Spain, and Lithuania. Beyond Europe, only Singapore and Malaysia currently meet the necessary standards.

Ukraine has a strong record in terms of security. Since the onset of the Russian invasion, the Diia system has repeatedly been attacked by Russian cyber forces and has been able to successfully resist these attacks. This is an indication that the Ukrainian platform has the necessary reserve of cyber security along with a robust and secure digital public infrastructure.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

The success of the IT industry in Ukraine over the past decade has already changed international perceptions of the country. Instead of being primarily seen as an exporter of metals and agricultural products, Ukraine is now increasingly viewed as a trusted provider of tech solutions. The Ministry of Digital Transformation is now working to make Diia the global role model for human-centric GovTech. According to Samantha Power, the Ukrainian authorities are interested in sharing their experience with the international community so that others can build digital infrastructure for their citizens based on the same human-centric principles.

USAID has announced a special program to support countries that, inspired by Diia, will develop their own e-government systems on its basis. This initiative will be launched initially in Colombia, Kosovo, and Zambia. Ukraine’s Diia system could soon be serving as a model throughout the transitional world.

As they develop their own e-government systems based on Ukraine’s experience and innovations, participating governments should be able to significantly reduce corruption tied to bureaucratic obstacles. By deploying local versions of Diia, transitional countries will also develop a large number of their own high-level IT specialists with expertise in e-government. This is an important initiative that other global development agencies may also see value in supporting.

Anatoly Motkin is president of the StrategEast Center for a New Economy, a non-profit organization with offices in the United States, Ukraine, Georgia, Kazakhstan, and Kyrgyzstan.

Further reading

UkraineAlert May 23, 2023

Ukraine’s coming counteroffensive has a good chance of succeeding

By Richard D. Hooker, Jr.

Ukraine’s coming counteroffensive has a great chance of succeeding due to a number of factors including superior leadership, equipment upgrades, and strong morale, writes Richard D. Hooker, Jr.

Conflict Defense Technologies

UkraineAlert May 23, 2023

Belgorod raid sparks border alarm for Russia ahead of Ukrainian offensive

By Peter Dickinson

This week’s unprecedented cross-border raid into Russia’s Belgorod Oblast could be part of Ukrainian shaping operations designed to stretch the Russian military ahead of a coming counteroffensive, writes Peter Dickinson.

Conflict Defense Policy

UkraineAlert Apr 12, 2023

Poland and Ukraine: The emerging alliance that could reshape Europe

By Taras Kuzio

Poland’s leading role in the European response to Russia’s Ukraine invasion is fueling talk of a eastward shift in Europe’s geopolitical center of gravity with the Polish-Ukrainian alliance set to become increasingly influential.

Conflict Defense Industry

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Ukraine’s Diia platform sets the global gold standard for e-government appeared first on Atlantic Council.

Tracking narratives

Belgorod raid sparks trolling activity on social media

Russian pro-war military bloggers criticize the handling of Belgorod incursion

Russian media spins Australian solidarity rally for Julian Assange as an anti-NATO event

International response

US sanctions Armenian company for helping Russia evade sanctions

Belgorod raid sparks trolling activity on social media

Drone imagery from a burning border control outpost in the Russian region of Belgorod sparked a frenzy on social media this week. According to Riga-based Russian news outlet Meduza, members of the Russian Volunteer Corps and other Russian nationals crossed from Ukraine into Belgorod Oblast and attacked a border outpost in Grayvoron. The Russian Volunteer Corps, an anti-Putin military unit made of Russian pro-Ukrainian partisans, claimed responsibility for the attack; the Free Russia Legion also claimed responsibility.

An assessment by Russian news outlet RBC regarding the broader situation in Belgorod indicated an armed incursion, with shelling and artillery fire reported. On the evening of May 22, Russian government declared a state of counterterrorist emergency in Belgorod Oblast. Although the governor of the oblast did not officially issue an order to evacuate the civilian population immediately, footage and photographs posted on social media indicated that at least some residents evacuated to other areas in the region. Meduza also reported several drone strikes on the city of Belgorod itself.

Conflicting reports emerged on May 23 after Russian officials lifted the counterterrorist alert. While the Russian Ministry of Defense claimed to have “liquidated” around seventy “saboteurs,” reporting from the news outlet Mash indicated the deployment of additional Russian law enforcement in nearby Bryansk Oblast. In an effort to support their assertions of having eliminated the insurgency, Russian news outlets also released photos of military-class vehicles allegedly used by the insurgents stuck in the mud; some open-source analysts, however, questioned the authenticity of the photos. Russian media chased these reports with claims of destroyed Ukrainian tanks, while the Russian Volunteer Corps posted footage to Telegram seemingly showing intact military equipment.

Shortly after the news broke out, footage of a drone attack on the local Russian border outpost, APP Grayvoron, appeared on the outpost’s Google Maps profile, though it was later deleted. At the time of writing, it had been replaced with footage showing a convoy of vehicles, one flying the flag of the Russian Volunteer Corps.

Simultaneously, trolling reviews appeared on the border outpost’s Google Maps profile, calling the border guards “friendly” and the facilities “understaffed.” These too have been deleted, though not before they were documented by the Saint Javelin Twitter account and other Twitter users.

Other trolls took to Twitter, where members of the NAFO meme movement, a pro-NATO and pro-Ukrainian community on the platform, renamed their account to “Government of The Bilhorod’s Peoples Republic” as a joking reference to the self-proclaimed Donetsk and Luhansk Peoples Republics. “Bilhorod” is the Ukrainian name for Belgorod.

—Valentin Châtelet, research associate, Security, Brussels, Belgium

Russian pro-war military bloggers criticize the handling of Belgorod incursion

Following the apparent border incursion into Belgorod Oblast and subsequent attacks on the region, pro-war military bloggers condemned Moscow’s handling of the war in Ukraine, including its border defenses.

Telegram channel Vоенкор Котенок Z (“Milblogger Kitten Z”) criticized the Kremlin for being late in declaring a counterterrorism operation in Belgorod and not knowing how to fight “for real.” “There is a war, and in Russia … they are afraid to call the war a war,” stated the Telegram post.

The channel ДШРГ Русич (“DShRG Rusich”) questioned “commanders of all levels” on how the incursion happened. It also blamed Russia’s intelligence services for failing to reveal “plans of an enemy.” The channel added that as long as there is no photographic evidence of corpses or burned equipment, “the enemy has no losses, and the [Russian] propagandists crapped themselves a little, saying that everything is fine.”

The Kotsnews Telegram channel addressed pro-Kremlin pundits who dismissed military blogger concerns as “hysteria” by insisting that the threat to Russian territory is real and that there are uncomfortable questions around Russia’s defensive capabilities that nobody wants to ask. “What is happening with our technical equipment at the border, surveillance systems, tracking, motion detection?” the channel asked. “What about the mining of potentially dangerous areas? What about anti-tank weapons? Why did the enemy armored group calmly penetrate deep into our territory?”

As Russia’s war against Ukraine has dragged on, the frequency and intensity of pro-war military bloggers’ criticism have increased and become bolder. The DFRLab has previously covered how Russian military bloggers criticized Russian President Vladimir Putin and the Ministry of Defense.

—Eto Buziashvili, research associate, Tbilisi, Georgia

Russian media spins Australian solidarity rally for Julian Assange as an anti-NATO event

On May 20, a series of so-called “World Wide Freedom Rallies” took place in many cities around the world. The Telegram account for Simeon Boikov, a pro-Kremlin activist and blogger in Australia, claimed to have organized the Sydney edition of the rally, part of a decentralized movement that originated in 2021 to express dissatisfaction with COVID security measures. Boikov promoted a poster for the event on April 6, a day before the event announcement on the movement’s official Telegram channel. 

The rally ostensibly focused on demanding the release of WikiLeaks founder Julian Assange, who is currently being held in London facing potential extradition to the United States. After the event, however, Boikov highlighted a speech by Assange’s father, John Shipton, in a video showing scenes from the rally and emphasized that Shipton was wearing a “double headed eagle and St George’s ribbons,” both of which are Russian symbols. Additional videos and images from the rally showed many people carrying Russian flags and wearing pro-Kremlin symbols. 

Kremlin-controlled media outlets emphasized in their headlines not just the pro-Russia nature of the event, but also claims of anti-NATO sentiment, which appear to have been exaggerated. Reviewing footage from the event, the DFRLab identified only one instance of someone sporting anti-NATO messaging. Nonetheless, Russian media embraced the event as specifically anti-NATO, including state outlets Gazeta.ru, TASS, RIA Novosti, and Komsomolyskaya Pravda, and pro-Kremlin media such as News Front, Inforeactor, Ekonomika Segodnya. Additionally, The Eastern Herald, an Indian media outlet, and Belarus state-controlled television both framed the event as anti-NATO in their English-language publications.

—Nika Aleksejeva, resident fellow, Riga, Latvia

US sanctions Armenian company for helping Russia evade sanctions

On May 22, the US Department of Commerce announced that it had amended its list of sanctioned entities and individuals by adding seventy-one entities that the US government had determined to be acting “contrary to [US] national security or foreign policy interests.” Alongside Russian companies, one Kyrgyz company, Tro.Ya LLC, and one Armenian company, Medisar LLC, were included in the amended list. According to the Department of Commerce, both companies engaged in conduct that “prevented the successful accomplishment of an end-use check.” In other words, the Department of Commerce suspected that the final destination for the products was Russia but the companies themselves had obfuscated this information.

Medisar LLC, which was registered in Armenia in 2001, is an importer of chemicals and laboratory equipment. The company is one of the thousand largest taxpayers in Armenia, paying about one million dollars in taxes in 2022. It also has a longstanding trade history with Russian companies. On its website, Medisar indicates that one of its trading partners, dating back to 2011, is Russian company Minimed.

On May 20, Armenian investigative website Hetq reported that data obtained from the country’s customs service showed that in 2022, Medisar exported equipment from Armenia to Russia, including electronic integrated circuits, diodes, transistors, and similar semiconductor devices.

A company executive who did not want to be identified acknowledged to RFE/RL that Medisar imported chemicals and laboratory equipment from the United States and the European Union and re-exported them to Russia.

Medisar is the second-largest company registered in Armenia to be sanctioned by the United States. The US Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the other firm, TAKO, in April. The company is in the wholesale of electronic and telecommunications equipment and parts. TAKO, spelled TACO in Armenia’s legal entities register, was registered in May 2022 in Armenia and is fully owned by a Russian citizen, according to public registry records.

On April 18, the New York Times reported that in 2022, Armenia imported 515 percent more chips and processors from the United States and 212 percent more from the European Union than in 2021, and that Armenia exported 97 percent of those same products to Russia.

During a May 22 press conference, Armenian Prime Minister Nikol Pashinyan said that despite Armenia’s “strategic” relationship with Russia and membership in the Russian-led Eurasian Economic Union, the country “cannot afford to come under Western sanctions.” Pashinyan underscored that if Armenia faced sanctions, “it wouldn’t be good for any of our allies, while we would ruin our relations with our Western partners.”

A joint “compliance note” issued on March 2 by the US Departments of the Treasury, Justice, and Commerce, titled “Cracking Down on Third-Party Intermediaries Used to Evade Russia-Related Sanctions and Export Controls,” mentioned Armenia, along with China, Turkey, and Uzbekistan, as “transshipment points commonly used to illegally redirect restricted items to Russia or Belarus.”

According to the Statistical Committee of the Republic of Armenia, Russian-Armenian trade soared in 2022, including exports to Russia, which nearly tripled to $2.4 billion.

—Ani Mejlumyan, research assistant, Yerevan, Armenia

The post Russian War Report: Belgorod incursion brings deluge of online mockery of Russia’s defenses appeared first on Atlantic Council.

Security

Russia escalates Avdiivka, Marinka front lines; Belgorod accidentally bombed by a Russian jet

Russia’s Bashkir battalions form a new motor rifle regiment as more are sent to Ukraine to replenish Russian forces

Russian mobilized soldiers report signs of coercion to join Wagner in support of Bakhmut offensive

Russia cancels Victory Day parades and moves “Immortal Regiment” marches online

Tracking narratives

Pro-Kremlin experts use false story to claim military upper hand over Ukraine and NATO

Documenting dissent

Wagner members claim killing of Ukrainian civilians

International response

US investigates ex-Navy officer allegedly behind notorious pro-Russia social media accounts

Russia escalates Avdiivka, Marinka front lines; Belgorod accidentally bombed by a Russian jet

The offensive actions of the Russian army in Eastern Ukraine continue, as well as the defensive efforts of the Ukrainian forces. In recent days, there has been an escalation of attacks on Ukrainian positions in the direction of Marinka, Avdiivka, and Bakhmut. 

On April 17, the General Staff of the Armed Forces of Ukraine reported that more than seventy attacks by the Russian army were repulsed during the day. The most difficult areas to defend remain Bakhmut and Marinka. Offensive actions were registered in the direction of Avdiivka, with separate attacks carried out in the Kupiansk and Lyman areas. The Russian forces continued the assaults on Bakhmut and Marinka on April 18 and April 19 on par with offensive operations in the Avdiivka area, where Ukrainian forces repulsed attacks in the areas of six settlements. Between April 18-19, the Ukrainian army recorded more than sixty Russian attacks.

According to British intelligence’s April 18 assessment, even though heavy fighting continued in the directions of Avdiivka and Marinka, the Russian command still gave priority to the Bakhmut front. The front line there has become relatively stable, running along the railway line, as Ukraine’s soldiers are effectively resisting attempts by Russia to encircle the town. The question of sending reinforcements to Bakhmut is acute for both sides, since the Ukrainian command wants to attract as many units as possible for a future offensive, while the Russian army wants to form an operational reserve. On April 20, Russian forces reportedly attempted to advance near Kreminna and Serebryanske Forest, as well as Khromove, Vodyane, Pervomaiske, Pobieda, and Vuhledar. 

On the night of April 20, the Russian army attacked the south and east of Ukraine with Shahed attack drones. Ten out of eleven drones were shot down, the Ukrainian East Air Command reported. Sirens for Russian attacks were reported in Chernihiv, Cherkasy, Kyiv, Odessa, Rivne, Sumy, Poltava, and other regions of Ukraine.    

Meanwhile, Telegram users reported an explosion in Belgorod, Russia, near the Ukraine border, on the night of April 20-21. Images shared online show an explosion crater near a residential area of the city. There were reports moments before the explosion of Russian bombers launching a guided bomb in the direction of Kharkiv. At first, it was unclear whether the explosion was the result of a failed Russian attack that hit Belgorod instead of Kharkiv, or whether it was a drone attack from the Ukrainian side. Later, a Russian Ministry of Defense statement that was re-shared by Ukrainian sources said, “On the evening of April 20, during the flight of a Su-34 aircraft over the city of Belgorod, an abnormal derailment of aviation ammunition occurred.” The explosion was apparently large and caused material damage.

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Russia’s Bashkir battalions form a new motor rifle regiment as more are sent to Ukraine to replenish Russian forces

Radiy Khabirov, head of the Republic of Bashkortostan, announced on April 10 that the republic’s volunteer formations would undergo reformation as part of the creation of a new motor rifle regiment. Like many ethnic regions of Russia, the Republic of Bashkorstostan has been subjected to targeted military recruitment. These volunteers, alongside contract soldiers and mobilized military personnel of the Russian reserve, are constantly sent to Ukraine to replenish the regular Russian forces.

According to the federal media outlet FedPress, the idea was suggested by the commanders of the two national battalions, “Northern Amurs” and “Dayan Murzin,” created in Bashkortostan at the beginning of March. The newest regiment would comprise several motor rifle divisions and an artillery division, totaling between 900 to 1,500 men. Moreover, Bashkortostan has recently been pushing for more servicemen to be deployed to Ukraine. During an April 12 ceremony in the regional capital city of Ufa, Bashkirs celebrated the creation of yet another volunteer formation before it was deployed to Ukraine. The new volunteer formation, “Vatan,” Bashkir for “Fatherland,” was created at the beginning of 2023; estimates indicate it could comprise around 720 men. This would bring the number of volunteer formations in the republic to six, including four volunteer formations named after war heroes and local figures, and two volunteer battalions like “Vatan” and “Northern Amurs.” 

As the Russian State Duma recently approved a new e-drafting bill and is planning to conduct testing in Moscow and Saint Petersburg during its annual spring conscription, replenishment of military forces has become a top priority for the Kremlin. The DFRLab previously reported on regional ad campaigns targeting national minorities, including the Udmurt population. A new Bashkortostan-hosted recruitment website called BashBat  – short for “Bashkir Battalion” – launched on April 17. The domain’s WHOIS record directly points to the Bashkir Ministry for Digital Transformation. Like the Udmurt portal Delomuzhchin.rf (деломужчин.рф), BashBat was advertised in the press using the local Udmurt language, as well as on the Russian federal resource portal for recruitment, Ob’yesnyayem, in both Russian and Bashkir.

–Valentin Châtelet, Research Associate, Security, Brussels, Belgium

Russian mobilized soldiers report signs of coercion to join Wagner in support of Bakhmut offensive

An April 14 article posted by independent Russian-language media outlet Astra reported that hundreds of Russian mobilized soldiers had re-enlisted with Wagner Group. News outlets inside Russia described the situation as “volunteer enrolment.” However, information posted by Twitter user @Tatarigami_UA and subsequent reporting indicate that these episodes might have occurred forcibly. The report by Astra pointed at a video where a mobilized soldier declared that Wagner had been training mobilized personnel. Satellite imagery released by that same account points at a military training facility in Kursk, where instructors are reportedly “experienced Wagner soldiers.”

Later reports indicated one hundred soldiers disappeared after being sent into Ukraine’s Luhansk Oblast and refusing to sign Wagner contracts. Astra’s leaked texts indicate the soldiers were forced to give up their phones and threatened by thirty Wagner representatives with rifles at the Stakhanov railway station. Other signs of coercion were brought to the attention of the Russian MoD after six mobilized soldiers from Yakutia informed their families they had been forcibly recruited by another PMC. In an April 19 post, Wagner Group financier Yevgeny Prigozhin denied these accusations. 

Although user @Tatarigami_UA reports that the instructors are said to be part of a PMC called Volk (“Wolf”), the DFRLab could not confirm this. However, job ads analyzed in a previous DFRLab report mentioned instructors as “participants of the special military operation.” In their accusations of coerced re-enlistment, mobilized soldiers from the Sakha Republic also pointed to yet another subsidiary of the Wagner Group, called PMC Veteran.

–Valentin Châtelet, Research Associate, Security, Brussels, Belgium

Russia cancels Victory Day parades and moves “Immortal Regiment” marches online

Russia’s Ministry of Defense (MoD) canceled May 9 Victory Day parades in annexed Ukrainian territory and adjacent Russian territory because of security concerns. “Immortal Regiment” marches were moved from their usual offline space to online. Previously, Victory Day celebrations and parades have traditionally been a significant event in Russia. 

Citing the Russia-installed head of annexed Sevastopol city Mikhail Razvozhaev, TASS reported on April 20 that it was the MoD’s decision to cancel the parade. Earlier, on April 12, Russia-installed head of Crimea Sergey Aksenov stated that parades were cancelled across annexed Crimea “due to security concerns.” Victory Day parades were also canceled in Ukraine-neighboring Russian regions of Kursk and Belgorod. In Krasnodar Krai the parade will only be held in the city of Novorossiysk. According to the governor of the Belgorod region, such a measure was necessary in order “not to provoke the enemy with a large accumulation of equipment and military personnel.”

UkraineAlert has named equipment shortages as one of the possible reasons behind the Kremlin’s decision to cancel parades. According to the report, “[N]umerous commentators have speculated that Moscow is increasingly short of tanks and is understandably eager to avoid highlighting the scale of the losses suffered by the Russian army in Ukraine.”

Similarly there will be no traditional organized march of the “Immortal Regiment” this year. The organizers have moved the march online, which previously happened twice during COVID pandemic years in 2020 and 2021. They told RBC that Russian regions will be posting “portraits of heroes” in interactive online formats. 

Citing Russian Defense Minister Sergei Shoigu, Meduza reported that military parades are planned to be held in twenty-eight Russian cities, including Moscow, where “more than 10,000 military personnel are planned to participate,” with enhanced security measures.

—Eto Buziashvili, Research Associate, Tbilisi, Georgia

Pro-Kremlin experts use false story to claim military upper hand over Ukraine and NATO

Pro-Kremlin media continue to amplify a false story about the Russian army allegedly destroying a bunker in Lviv occupied by NATO officers with a Kinzhal supersonic missile. Snopes, the US fact-checking outlet, debunked the story as early as April 3, labeling it as “a lazy piece of obvious propaganda.” Russia previously attacked Ukraine with Kinzhal missiles on March 9 and hit two residential building in Lviv, according to Ukrainian fact-checking outlet StopFake, which debunked the story on April 19. There is no evidence of any underground NATO command center in Lviv. Both fact-checking outlets argued that it did not make sense to have such command center in Lviv, which around one hundred kilometers from Poland, a NATO member state. 

The first mention of the rumor was a March 1 report published by “Cossack Colonel Yuri Kominyenko” on the fringe website Cairns News. According to Snopes, the Greek outlet Pronews made the claim “regain virality” starting on March 12. From April 14 to April 18 pro-Kremlin media outlets resurfaced the story by citing pro-Kremlin experts who voiced contradicting numbers of NATO’s alleged casualties.  For instance, TopNews and Sibnet.ru cited Nikolay Sorokin, a pro-Kremlin political expert saying that “Kinzhal destroyed 300 officers from NATO countries.” 

Ekonomika Segodnya, ZOV Kherson, Lenta.ru, and Tsargrad cited Viktor Baranets, an author on Komsomolyskaya Pravda, who asserted, “Kinzhal destroyed secret bunker with 200 NATO and Ukrainian Armed Forces’ officers.” Baranets also claimed with no evidence that the US embassy called the representatives of Ukrainian Ministry of Defense and Armed Forces to “reprimand” them for “poor control center security” and that “capitals of NATO countries are silent about the incident because they are ashamed to admit this biting slap from Moscow.” 

Pravda.ru and RG.ru cited Anatoly Matveychuk, a military expert who declared, “Kinzhal destroyed 160 NATO and Ukrainian Armed Forces’ officers in Ukrainian bunker in Lviv.” Matveychuk reportedly suggested this led to Ukraine to cancel its plans for a spring counteroffensive. 

—Nika Aleksejeva, Resident Fellow, Riga, Latvia

Wagner members claim killing of Ukrainian civilians

On April 17, a Russian human rights project released testimonies of two Russian former prisoners, Azamat Uldarov and Alexei Savichev, who allegedly fought in Ukraine within the ranks of Wagner Group. In a conversation with Gulagu.net, Savichev and Uldarov reported the killing of Ukrainian civilians, including children, allegedly on personal orders from Wagner founder Yevgeny Prigozhin. The Ukrainian Prosecutor General’s Office launched an investigation into Uldarov and Savichev’s confessions.

Savichev argued that Wagner mercenaries in Bakhmut received an order to kill everyone over fifteen years old; he admitted killing at least ten teenagers and more than twenty unarmed Ukrainians in February 2023. In addition, Savichev claimed that he personally witnessed the killing of about seventy Russian former prisoners who served in Wagner and refused to comply with orders. He also asserted that he blew up a pit full of bodies of dead and wounded citizens of Russia and Ukraine then subsequently set fire to the remnants of dead people to hide traces of the crime. Uldarov, meanwhile, said that he killed minors in Bakhmut and Soledar and admitted that one of his victims was a girl who was “five or six” years old. 

Gulagu.net also published documents allegedly proving that Azamat Uldarov and Alexei Savichev were previously pardoned by presidential decree in September 2022 then sent to the front line in Ukraine. The founder of the Gulagu.net project, Vladimir Osechkin, argued that both of them are currently located on the territory of Russia and that they gave their testimony voluntarily. 

Following the publication of these claims, Yevgeny Prigozhin publicly addressed Alexei Savichev on April 28 and stated that he had been searching for him over the previous twenty-four hours. Prigozhin demanded that Savichev contact Wagner and explain “why he spoke falsehoods, who was behind it, how he was blackmailed.” Prigozhin promised that Savichev will be “left alive and unharmed” if he is willing to explain in person what took place. The events discussed by the ex-prisoners have not been verified independently. 

—Givi Gigitashvili, Research Associate, Warsaw, Poland

US investigates ex-Navy officer allegedly behind notorious pro-Russia social media accounts

The Wall Street Journal identified the individual allegedly behind the pro-Russian social media persona “Donbas Devushka” as Sarah Bils, a thirty-seven-year-old US Navy veteran from New Jersey who served as an aviation electronics technician at Whitby Island in Washington state. The US Department of Justice is currently investigating her for allegedly disseminating leaked classified documents. 

Donbas Devushka allegedly presented herself to her followers as a Russian Jew from occupied Luhansk. Their Twitter and Telegram accounts largely grew after Russia invaded Ukraine in February of last year. The accounts continuously spread Kremlin propaganda, with their Telegram channel amplifying graphic content of possible war crimes by Wagner Group.

According a Bellingcat investigation, Donbas Devushka’s Telegram account was found to be the first to have shared leaked intelligence currently under investigation by the Justice Department and Pentagon. According to the Wall Street Journal, Bils played a key role in spreading the leaked documents, though she has denied these claims. Bils admitted she was the administrator of Donbas Devushka, however; she also said that there were fourteen other people involved in running the network but refused to name them.

Bils also ran a tropical fish business, which in part led to her discovery. During her stint in the US Navy, Bils imported tropical fish from Poland. According to Malcontent News, she appeared in a video from the Aquarium Co-op podcast; Malcontent and the pro-Ukrainian group North Atlantic Fella Organization (NAFO) then matched her voice and home décor with footage from the Donbas Devushka account. 

—Ani Mejlumyan, Research Assistant, Armenia 

The post Russian War Report: Russia cancels Victory Day parades and moves “Immortal Regiment” marches online appeared first on Atlantic Council.

The priority for Ukraine’s cyber forces is defense. This is something they have long been training for and are excelling at. Indeed, Estonian PM Kaja Kallas recently published an article in The Economist claiming that Ukraine is “giving the free world a masterclass on cyber defense.”

When Russian aggression against Ukraine began in 2014 with the invasion of Crimea and eastern Ukraine’s Donbas region, Russia also began launching cyber attacks. One of the first attacks was an attempt to falsify the results of Ukraine’s spring 2014 presidential election. The following year, an attempt was made to hack into Ukraine’s electricity grid. In 2017, Russia launched a far larger malware attack against Ukraine known as NotPetya that Western governments rated as the most destructive cyber attack ever conducted.

In preparation for the full-scale invasion of 2022, Russia sought to access Ukraine’s government IT platforms. One of the goals was to obtain the personal information of Ukrainians, particularly those working in military and law enforcement. These efforts, which peaked in January 2022 in the weeks prior to the invasion, failed to seriously disrupt Ukraine’s state institutions but provided the country’s cyber security specialists with further important experience. “With their nonstop attacks, Russia has effectively been training us since 2014. So by February 2022, we were ready and knew everything about their capabilities,” commented one Ukrainian cyber security specialist involved in defending critical infrastructure who was speaking anonymously as they were not authorized to discuss details.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Comments
  This field is for validation purposes and should be left unchanged.

Ukrainian specialists say that while Russian hackers previously tried to disguise their origins, many now no longer even attempt to hide their IP addresses. Instead, attacks have become far larger in scale and more indiscriminate in nature, with the apparent goal of seeking to infiltrate as many systems as possible. However, the defenders of Ukraine’s cyberspace claim Russia’s reliance on the same malware and tactics makes it easier to detect them.

The growing importance of digital technologies within the Ukrainian military has presented Russia with a expanding range of high-value targets. However, efforts to access platforms like Ukraine’s Delta situational awareness system have so far proved unsuccessful. Speaking off the record, Ukrainian specialists charged with protecting Delta say Russian hackers have used a variety of different methods. “They tried phishing attacks, but this only resulted in our colleagues having to work two extra hours to block them. They have also created fake interfaces to gain passwords and login details.”

Ukrainian security measures that immediately detect and block unauthorized users requesting information have proved effective for the Delta system and similar platforms. Russian hackers have had more success targeting the messaging platforms and situation reports of various individual Ukrainian military units. However, due to the fast-changing nature of the situation along the front lines, this information tends to become outdated very quickly and therefore is not regarded as a major security threat.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

Ukraine’s cyber efforts are not exclusively focused on defending the country against Russian attack. Ukrainians have also been conducting counterattacks of their own against Russian targets. One of the challenges they have encountered is the comparatively low level of digitalization in modern Russian society compared to Ukraine. “We could hack into Russia’s railway IT systems, for example, but what information would this give us? We would be able to access train timetables and that’s all. Everything else is still done with paper and pens,” notes one Ukrainian hacker.

This has limited the scope of Ukrainian cyber attacks. Targets have included the financial data of Russian military personnel via Russian banks, while hackers have penetrated cartographic and geographic information systems that serve as important infrastructure elements of the Ukraine invasion. Ukrainian cyber attacks have also played a role in psychological warfare efforts, with Russian television and radio broadcasts hacked and replaced with content revealing suppressed details of the invasion including Russian military casualties and war crimes against Ukrainian civilians.

While Ukraine’s partners throughout the democratic world have provided the country with significant military aid, the international community has also played a role on the cyber front. Many individual foreign volunteers have joined the IT Army of Ukraine initiative, which counts more than 200,000 participants. Foreign hacker groups are credited with conducting a number of offensive operations against Russian targets. However, the large number of people involved also poses significant security challenges. Some critics argue that the practice of making Russian targets public globally provides advance warning and undermines the effectiveness of cyber attacks.

Russia has attempted to replicate Ukraine’s IT Army initiative with what they have called the Cyber Army of Russia, but this is believed to have attracted fewer international recruits. Nevertheless, Russia’s volunteer cyber force is thought to have been behind a number of attacks on diverse targets including Ukrainian government platforms and sites representing the country’s sexual minorities and cultural institutions.

The cyber front of the Russo-Ukrainian War is highly dynamic and continues to evolve. With a combination of state and non-state actors, it is a vast and complex battlefield full of gray zones and new frontiers. Both combatant countries have powerful domestic IT industries and strong reputations as hacker hubs, making the cyber front a particularly fascinating aspect of the wider war. The lessons learned are already informing our knowledge of cyber warfare and are likely to remain a key subject of study in the coming decades for anyone interested in cyber security.

Vera Mironova is an associate fellow at Harvard University’s Davis Center and author of Conflict Field Notes. You can follow her on Twitter at @vera_mironov.

Further reading

UkraineAlert Apr 8, 2023

Human wave tactics are demoralizing the Russian army in Ukraine

By Olivia Yanchik

Vladimir Putin’s invasion of Ukraine has not gone according to plan but he still hopes to win a long war of attrition. However, Russia’s reliance on human wave tactics risks undermining morale within his invading army, writes Olivia Yanchik.

Conflict Defense Policy

UkraineAlert Apr 6, 2023

NATO poses a threat to Russian imperialism not Russian security

By Peter Dickinson

Russia’s passive acceptance of neighboring Finland’s NATO membership raises serious questions over the Kremlin’s efforts to portray the invasion of Ukraine as a response to NATO expansion, writes Peter Dickinson.

Conflict Disinformation

UkraineAlert Mar 8, 2023

Ukrainians will never surrender. How long can they count on the West?

By Serhiy Prytula

Ukraine’s remarkable resistance during the first days of the Russian invasion convinced the democratic world to back the country but with Putin now preparing for a long war, continued Western resolve is vital writes Serhiy Prytula.

Civil Society Conflict

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Russia’s invasion of Ukraine is also being fought in cyberspace appeared first on Atlantic Council.

This may be easier said than done. While Russia enjoys significant demographic, industrial, and economic advantages over Ukraine, questions remain over the ability of the once-vaunted Russian military to achieve the Kremlin’s goals. Crucially, an apparent reliance on human wave tactics during Russia’s recent winter offensive has led to catastrophic losses which threaten to undermine morale within the ranks of Putin’s invading army.

There is currently no confirmed data regarding losses on either side of the Russo-Ukrainian War. At the same time, most independent sources agree that fighting in recent months has resulted in some of the worst carnage of the entire war. In mid-February, Britain’s Ministry of Defence reported that during the previous two weeks, Russia had likely suffered its highest rate of casualties since the initial stages of the invasion almost one year earlier.

Russia’s heaviest losses in recent months are believed to have occurred in battles for control over strategic towns in eastern Ukraine such as Bakhmut and Vuhledar, with Ukraine claiming to have killed or wounded tens of thousands of Russian soldiers. While unconfirmed, these figures are supported by extensive battlefield footage, much of which appears to show Russian troops engaged in reckless frontal assaults on entrenched defensive positions.

The human wave tactics on display in eastern Ukraine reflect Russia’s narrowing military options following a year of embarrassing battlefield setbacks. The Russian military entered the current war with a reputation as the world’s number two army, but has performed remarkably poorly in Ukraine. With many of his most experienced units and elite regiments decimated, Putin now hopes to grind down Ukraine’s resources and outlast the country’s Western backers by relying on superior numbers. In the final months of 2022, he bolstered his invasion force with an additional 300,000 troops via Russia’s first mobilization since World War II.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Email
  This field is for validation purposes and should be left unchanged.

Human wave tactics are not new and typically involve soldiers conducting direct attacks in large numbers with the objective of overwhelming an opposing force. Such troops are often regarded as “single-use soldiers,” with each wave suffering heavy casualties as it attempts to move the front lines further forward. This is not the first time Russian troops have been called upon to conduct such attacks. During WWII, Soviet commanders often ordered Red Army soldiers into frontal assaults that resulted in exceptionally high death tolls.

In the present war against Ukraine, the Kremlin may see human wave tactics as an effective way of overcoming determined Ukrainian resistance. It allows Russia to wear down Ukraine’s numerically fewer but battle-hardened troops, and can be implemented using a combination of easily replaced forces including recently mobilized soldiers and former convicts serving in the Wagner private military company.

This approach allows Russia’s more experienced soldiers to be held in reserve and used to exploit emerging weak points in the Ukrainian defenses. So-called “blocking units” are also reportedly being deployed behind the front lines to ensure Russian troops do not try to flee. According to numerous battlefield accounts, any Russian soldier who attempts to retreat from a human wave attack faces the prospect of being shot by their own side.

Although grisly, Russia’s human wave tactics are producing results. However, any advances during the past three months in Bakhmut and at other points along the 600-mile front line have been modest in scale and have come at a high cost. In an interview with Current Time on the front lines of Bakhmut, one Ukrainian soldier described the horrors of Russia’s frontal assaults. “The Russian soldiers face certain death in these attacks, but they are not retreating,” he commented. “You can shoot his head off, but his comrade will keep coming. Their own commanders will kill them if they don’t attack.”

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

The brutality of Russia’s human wave attacks is leading to growing signs of demoralization among front line troops. Since the beginning of 2023, dozens of video appeals have been posted to social media featuring Russian soldiers in Ukraine complaining to Putin or other state officials about human wave tactics and high death tolls. Russian media outlet Verstka reported that since early February, Russian soldiers from at least 16 different regions of the country have recorded video messages in which they criticize their military commanders for using them as cannon fodder.

Footage has also emerged of Russian soldiers refusing to follow orders after suffering heavy losses during the recent winter offensive in eastern Ukraine. While details remain unconfirmed, most of these incidents appear to have involved recently mobilized Russian troops who found themselves rushed into battle, often after having received minimal training.

In a further worrying sign for the Kremlin, Ukrainian officials have reported a record number of calls in March 2023 to the country’s “I Want to Live” initiative, which helps Russian troops surrender to the Ukrainian military. All this points to the conclusion that human wave attacks could be compounding Russian morale issues and further accelerating the buckling of front line offensives.

At this stage, there appears to be little prospect of a sudden collapse throughout the Russian military comparable to the disintegration of Afghanistan’s security forces during the 2021 US withdrawal. While the demoralization issues facing the Russian army appear significant, recent steps to introduce draconian penalties for Russian soldiers found guilty of disobedience, desertion, or surrender represent a powerful deterrent. The continued domestic strength of the Putin regime and its control over the information space also serve to hold Russia’s army together in Ukraine.

The Kremlin may now have recognized that it must address widespread anger and alarm over the military’s use of human waves. In early April, Russian General Rustam Muradov was reportedly dismissed from his post as commander of the Eastern Group of Forces in Ukraine following his disastrous handling of the recent failed assault on Vuhledar, which resulted in “exceptionally heavy casualties.” Muradov had been widely criticized by his own troops along with many members of Russia’s vocal pro-war blogger community, making him an unofficial symbol of the army’s human wave tactics.

If confirmed, Muradov’s departure may indicate a coming change in tactics. This would arguably be long overdue. If Russia is hoping to outlast Ukraine in a war of attrition, Putin’s generals will need to move beyond a reliance on costly human waves and demoralizing frontal assaults.

Olivia Yanchik is a program assistant at the Atlantic Council’s Eurasia Center.

Further reading

UkraineAlert Apr 6, 2023

NATO poses a threat to Russian imperialism not Russian security

By Peter Dickinson

Russia’s passive acceptance of neighboring Finland’s NATO membership raises serious questions over the Kremlin’s efforts to portray the invasion of Ukraine as a response to NATO expansion, writes Peter Dickinson.

Conflict Disinformation

UkraineAlert Apr 3, 2023

Pressuring Ukraine into a premature peace would only encourage Putin

By Andriy Zagorodnyuk

Efforts to pressure Ukraine into accepting a land-for-peace deal in order to end the war misunderstand Putin’s imperial ambitions and will only encourage further Russian aggression, writes Andriy Zagorodnyuk.

Conflict Freedom and Prosperity

UkraineAlert Mar 30, 2023

Russia faces long economic decline as isolated Putin turns to China

By Diane Francis

With most avenues for Western partnership indefinitely closed and Russian economic dependency on China growing rapidly, Putin’s talk of “economic sovereignty” is starting to sound very hollow, writes Diane Francis.

China Conflict

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Human wave tactics are demoralizing the Russian army in Ukraine appeared first on Atlantic Council.

Security

Belarus accuses Ukraine of plotting terrorist attack against Russian consulate

Identifying potential host sites for Russian tactical nuclear weapons

Documenting dissent

Individuals linked to Russian army form ‘angry patriots club’

Tracking narratives

Russian propaganda reaches Ukrainian users via Facebook ads

International response

Poland and Ukraine sign cooperation deal for production of tank shells

Belarus accuses Ukraine of plotting terrorist attack against Russian consulate

On April 4, Belarusian state-controlled TV channel ONT aired a documentary titled “Loud failures of the Ukrainian special services in Belarus. Gaspar did not get in touch.” Reports from Belarus’ State Security Committee (KGB) informed much of the program, which asserted that, under the leadership of Ukrainian special services, a network of Russian and Belarusian citizens planned several terrorist attacks in the Belarusian city of Grodno. The alleged perpetrators reportedly planned to target several facilities, including the Consulate General of Russia, a military enlistment office opposite Zhiliber Park, a military unit in southern Grodno, and two oil depots. 

The KGB claimed that Vyacheslav Rozum, an alleged employee of the Main Directorate of Intelligence in the Ukrainian defense ministry, planned the attacks. Ukrainian authorities had not commented on the accusations at the time of writing. According to the documentary, Rozum asked Russian citizen Daniil Krinari, known as Kovalevsky, to form a network of people to carry out terrorist acts. Krinari was reportedly arrested in Grodno in December 2022 and extradited to Russia at the request of the Russian Federal Security Service (FSB). He was charged in Russia for cooperating with Ukraine and acting in the interests of Ukraine. The Belarusian KGB asserted that, before his extradition, Krinari managed to recruit at least two people, Russian citizen Alexei Kulikov and Belarusian citizen Vadim Patsenko. Kulikov had allegedly fled Russia in 2022 to avoid conscription and moved to Belarus. 

The ONT documentary includes interviews with Kulikov and Patsenko, who argue that Rozum asked them to take photos and videos of the target facilities in Grodno. Moreover, Patsenko argued that Vyacheslav tasked him with blowing up an oil depot with a drone. The program claims Ukrainian special services promised Kulikov and Patsenko $10,000 each. While Patsenko and Kulikov allege that Ukrainian security services were involved in the operation, the ONT program does not include concrete evidence to prove this claim. 

The documentary also contains an interview with Nikolai Shvets, the main suspect behind a February 26, 2023, attack on an AWACS A-50 Russian military aircraft at Machulishchy airfield in Belarus. Shvets is reported to be a Russian-Ukrainian dual citizen and served in the Ukrainian army. In the ONT interview, he claimed he was working with a person from the Ukrainian security service while planning the sabotage. The Belarusian independent media outlet Nasha Niva reported that Maxim Lopatin, one of arrested suspects in the Machulishchy attack, had a broken jaw when he filmed the ONT doumentary. Nasha Niva suggested that he was possibly beaten by Belarusian law enforcement authorities. Belarus arrested more than twenty people in connection to the February aircraft incident and announced on April 3 that the suspects were charged with committing an act of terrorism, for which the maximum sentence is capital punishment. However, the ONT program again provides no concrete evidence linking Shvets to Ukrainian security services. 

In addition, the ONT documentary aired on the same day that Alyaksandr Lukashenka met Sergey Naryshkin, the head of Russia’s Foreign Intelligence Service, in Minsk to discuss joint counterterrorism measures undertaken by Belarus and Russia. 

—Givi Gigitashvili, Research Associate, Warsaw, Poland

Identifying potential host sites for Russian tactical nuclear weapons

On March 28, Belarus confirmed it would accept Russian tactical nuclear weapons. The announcement came after Russian President Vladimir Putin announced on March 25 plans to store tactical nuclear weapons in Belarus, promising to build a nuclear weapons storage facility in the country. Putin made the comments after the United Kingdom said it would supply Ukraine with ammunition containing depleted uranium. “The heavy metal is used in weapons because it can penetrate tanks and armour more easily due to its density, amongst other properties,” Reutersreported. On April 4, Russian Minister of Defense Sergei Shoigu reported the transfer of Iskander-M tactical missiles, which are nuclear capable and have been utilized by the Russian military against Ukraine. 

Two days after the start of Russia’s invasion of Ukraine, on February 26, 2022, Belarus approved via referendum constitutional amendments to remove the country’s non-nuclear status. The constitutional change allows Belarus to host nuclear weapons for foreign states. 

Amidst the speculation surrounding Russia’s nuclear deployment to Belarus, the most pressing questions concern the potential location of airfields capable of nuclear deployment and which type of equipment is nuclear capable in terms of maintenance and modernization efforts.  

Along with the confirmed transfer of the Iskander-M missiles (a mobile, short-range ballistic missile system with a range of up to 500 kilometers), Sukhoi Su-25 fighter jets are also a top contender in the Russian and Belarusian aviation arsenals. This aircraft is capable of carrying two nuclear bombs, which the Russian military categorizes as “special aviation bombs.” In June 2022, Belarusian President Alyaksandr Lukashenka personally called on Putin to help upgrade and retrofit the Belarusian Su-25 fleet to be nuclear-capable. This resulted in a long-term project to enable Belarusian nuclear capabilities, legalize hosting Russian nuclear technology and nuclear-capable craft, enable joint-training programs for aviation sorties, and direct training for Belarusian pilots.

In conjunction with the Su-25’s capabilities against Ukraine’s current air defence networks and Russia’s non-strategic nuclear policy, Belarus’ acceptance of Russian tactical nuclear weapons can be viewed as escalatory. Video footage showed the Su-25’s capacity to evade Ukraine’s man-portable air defence system (MANPAD).

On April 2, the Russian envoy to Minsk announced that the nuclear weapons deployment would occur along Belarus’ western border. The exact location has not been specified, but Belarus has a number of bases along its western border, including Osovtsy, Ross, and Bereza. However, Lida is a primary staging base for the Belarusian fleet of SU-25s, and open-source researchers have confirmed a large presence of the aircraft on the base. Currently, Osovtsy is not one of the highly utilized bases in Belarus, but its proximity to the western border, especially in terms of proximity to Poland and the northern border of Ukraine, makes it a primary location to watch for potential signs of development, land-clearing operations, and heightened military activity.

—Kateryna Halstead, Research Assistant, Bologna, Italy

Individuals linked to Russian army form ‘angry patriots club’

On April 1, former Russian army commander Igor Strelkov (also known as Igor Girkin) published a video announcing the formation of the “angry patriots club” (Клуб рассерженных патриотов). According to Strelkov, the club aims “to help Russian armed forces” and “meet the stormy wind that will soon whip our faces as one team.” In the video, Strelkov says that Russia “is moving toward military defeat” because “we got into a long, protracted war for which our economy turned out to be completely unprepared. Neither the army nor the political system was ready for it.” In a Telegram post, Strelkov said the club “was created two weeks ago. So far, organizational issues have not been resolved publicly.” Strelkov previously played a crucial role in forming a separatist movement in the Donbas region.

The video also featured a statement from Pavel Gubarev, who in 2014 proclaimed himself the commander of the Donbas People’s Militia. In the video, he says, “We are angry that we are going from one defeat to another, and nothing changes.” He called the system in Russia “thievish and corrupt” and said the Russian elite are “elite in catastrophe.” 

The video further featured Vladimir Grubnik, who in 2015 was arrested in Ukraine in connection to an explosion near a Security Service of Ukraine (SBU) building in Odesa; in 2019, he was part of a prisoner exchange and returned to the Russian forces in Donbas. Grubnik said that defeat would lead to Russia falling apart. 

Vladimir Kucherenko, an Odesa-born Russian propagandist better known by his pen name Maksim Kalashnikov, said, “We are not afraid to criticize the actions of the government. Why? Because it can somehow help victory. Otherwise, they will do nothing, they will not move.” He called the Russian elite “looters,” “resource grabbers,” and “corrupts.” He predicted the war would turn into “carnage to death” and that the “corrupt Russian elites” would organize a coup that would “betray the country” by agreeing to Russia’s “separation” and “giving up of nuclear arms” in order to “earn the forgiveness of the West.” In 2015, the Ukrainian Ministry of Culture included Kucherenko in the list of Russians “threatening national security.”

Another figure in the video is Maksim Klimov, a pro-Kremlin military expert, who said, “The authorities do not know the real situation.” He added, “They do not hear nor see what is happening in the special military operation zone.” Klimov also did not rule out Russia’s defeat. 

The video gained some traction online, garnering 177,000 views on YouTube at the time of writing and 623,600 views and 2,500 shares on Strekov’s Telegram channel. According to TGStat, most of the shares on Telegram came from private accounts. Many Ukrainian media outlets reported on the newly founded club. The DFRLab did not identify any mainstream Russian media outlets reporting on the club besides Kommersant, a Kremlin-approved media outlet focused on business. 

—Nika Aleksejeva, Resident Fellow, Riga, Latvia

Russian propaganda reaches Ukrainian users via Facebook ads

This week, the Center for Strategic Communications and Information Security (CSCIS) and Ukrainian civil society members reported that Facebook advertising campaigns are being used to spread negative content about Ukraine. The ads range from posts that claim “Romania wants to annex Ukrainian territories” to videos that claim “This is the end. There are no men to fight for Ukraine.” While these campaigns were quickly de-platformed and the pages sharing them were banned, the DFRLab was able to investigate some of the ads via the Facebook Ad Library. The DFRLab previously reported on Facebook ads promoting pro-Russia disinformation to Ukrainian users.

The ads included links to the website luxurybigisland.net, with some ads sharing variations of the URL, such as luxurybigisland.net/rbk or luxurybigisland.net/pravda. The website was built using the Russian website builder Tilda, and its the landing page featured German text that translates to, “Nothing that can’t be removed. We care for your textiles as gently as possible with the utmost care, iron and steam, so that you can enjoy your clothes for a long time. We care.” The same phrase appeared on the now-defunct Tilda-made website google-seo-top.com and the website of a German textile care company. Registration data for luxurybigisland.net is redacted, but WhoIs data for google-seo-top.com shows that the website was registered in Russia. Both luxurybigisland.net and google-seo-top.com include metadata, shown in Google results, that states, in German, “the USA are against the entire world.”

One URL shared in the ads, luxurybigisland.net/pravda, remained online at the time of writing. The URL redirects to a forged article mimicking the Ukrainian news outlet Pravda. The article shared in the ads never appeared on the authentic Pravda website, but its byline cited a genuine journalist working at the outlet. The DFRLab confirmed the article was a forgery by reviewing the journalist’s author page on the authentic Pravda website, reviewing Pravda’s archived section, conducting a Google search for the forged headline, and then a more specific website search via Google.

Visually the forged website is identical to the authentic one and even features links to contact information copied from the original website. However, the forged website’s image format is different. The text of the forged article claims that the Ukrainian economy is heavily damaged and that “continuation of the war will lead to even greater losses in the economy.” The data shared in the article appears to be copied from multiple media sources and is not false, but the article’s framing contains pro-Russian sentiments as it calls for Ukraine’s surrender.

A second forged article, discovered by CSCIS, was shared on the now-offline URL luxurybigisland.net/RBK. The article mimicked the website of the reputable Ukrainian outlet RBC. 

Meta itself has taken – and continues to take – action against similar cross-platform, pro-Russia networks that push users to websites designed to impersonate legitimate news organizations. The DFRLab could not tie its identified assets to those previous Meta actions, but there is some probability that they were related given the similarity of behavior.

A Facebook page with “Cripto” in its name shared some of the ads. The DFRLab identified another Facebook page with the word Cripto in the name sharing pro-Kremlin narratives via Facebook ads. The ads pushed a false story claiming there was a “riot in Kyiv over losses.” CSCIS previously debunked another narrative pushed by a similarly named page that also fomented anti-Ukrainian military sentiment.

—Roman Osadchuk, Research Associate

Poland and Ukraine sign cooperation deal for production of tank shells

During Ukrainian President Volodymyr Zelenskyy’s visit to Poland, Polish manufacturer Polska Grupa Zbrojeniowa and Ukroboronprom signed a cooperation agreement for the joint production of 125-mm tank ammunition. The agreement assumes that the deployment of new production lines will be in Polish cities and the agreement indicates that they plan to produce a large amount of ammunition for 125-mm guns. The decision to start production in Poland was made due to the high risks of Russian missile attacks on production facilities if they were to be based in Ukraine. In place of locating the production in the country, the Ukrainian side will provide technologies and highly qualified specialists with experience in production. This will be the second factory that will produce 125-mm tank shells.

The supply of shells is of particular importance to Ukrainian forces, which are preparing a counter-offensive in southern and eastern Ukraine as heavy fighting with the Russian army continues in the Bakhmut and Donetsk regions.

Separately, German manufacturer Rheinmetall is building a service center for Western military equipment used by Ukraine’s armed forces in Romania, Reuters reported on April 2. The construction for the center is already underway in the Romanian city of Satu Mare, close to the country’s border with Ukraine. The hub is expected to open later this month. 

This development is happening against the background of diplomatic activity and statements. Ukraine is not ready to sign any peace agreement with Russian President Vladimir Putin, but the war could end as early as this year, according to an April 5 interview with  Ukraine’s Minister of Defense Oleksii Rezniko, who said, “I think this war will end soon. Of course, I would like it not to start, but I personally believe in this year as a year of victory.”

Rezniko also commented on a statement made in March by Czech Republic President Petr Pavel, who claimed that Ukraine had only one chance to conduct a successful counter-offensive this year. “I think that the president of the Czech Republic now speaks more like a military man than a politician, and the logic of the military is such that they constantly calculate the worst options. But even if this is his assessment, it is subjective, and he still lays down useful for us. The message is that European countries should unite more powerfully and strengthen assistance to Ukraine,” said Reznikov. Later, Andriy Sybiha, an adviser to Zelenskyy, told the Financial Times that Kyiv is willing to discuss the future of Crimea with Moscow if its forces reach the border of the Russian-occupied peninsula.

—Ruslan Trad, resident fellow for security research, Sofia, Bulgaria

The post Russian War Report: Belarus accuses Ukraine of plotting terrorist attack appeared first on Atlantic Council.

Meanwhile, a ruthless clampdown has made it increasingly difficult and dangerous for dissenting voices to be heard. Nevertheless, opposition figures continue to question the true levels of public backing for the invasion, while insisting that large numbers of Russians are either opposed or indifferent. The real situation within Russian society is certainly far more complex than the Kremlin would like us to believe, but today’s suffocating atmosphere means there is little reason to expect an increase in visible anti-war activity any time soon.

Officially at least, Putin’s approval rating has increased significantly since the start of the full-scale invasion just over one year ago. According to Russia’s only internationally respected independent pollster, the Levada Center, the Russian President’s rating rose from 71% on the eve of the invasion to 82% in March 2023. The same source indicates consistently high levels of support for the invasion of Ukraine, with over 70% of respondents expressing their approval in every single survey conducted throughout the past thirteen months.

These figures point to strong levels of public support for the war but they must be viewed in context. Critics question the validity of any public opinion polling in a dictatorship such as Putin’s Russia, where people are legally obliged to call the invasion a “Special Military Operation” and can face criminal prosecution for social media posts. This is worth keeping in mind when analyzing surveys of Russian opinion.

Many poll respondents may be inclined to demonstrate their patriotism and their support for the Russian military while being less enthusiastic about the invasion itself or the Kremlin’s war aims. Others may have become swept up in the relentless flow of pro-war propaganda or cut off from alternative sources of information. It is also important to acknowledge that a large majority of people refuse to participate in polling of this nature. They may choose to decline for a wide range of reasons, but it is possible that many simply prefer not to share anti-war opinions with strangers.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Comments
  This field is for validation purposes and should be left unchanged.

What evidence is there of anti-war sentiment in today’s Russia? When the invasion of Ukraine began in February 2022, efforts to claim strong public backing for the war were hampered by a series of protests in cities across the country involving mainly young Russians. However, these public demonstrations failed to reach any kind of critical mass and were fairly rapidly suppressed by the authorities with large numbers of detentions.

Other Russians have voted with their feet. A mass exodus of Russian nationals began during the first weeks of the war, with a second wave starting in September 2022 in the wake of Russia’s first mobilization since World War II. Hundreds of thousands of military-age Russian men fled to neighboring countries in the last four months of the year, leading in some cases to massive queues at border crossings.

This outflow of people has had a considerable negative demographic impact on Russia, but it would not be accurate to claim that everyone who has left the country during the past year holds anti-war views. Many chose to leave in order to avoid military service, while others feared the inconvenience of wartime conditions. Thousands of wealthy Russians have relocated to destinations like Dubai, where they can manage their Russian businesses while distancing themselves physically and psychologically from the war.

For those who remain in Russia, it is still possible to live a fairly normal life despite the imposition of sanctions and the departure of many high-profile Western brands. Meanwhile, some members of Russia’s billionaire elite are believed to oppose the war, but most see their fortunes as tied to Putin and are fearful of the consequences if they break with the regime publicly.

There are indications that the war is becoming less and less popular among the very troops charged with leading the invasion. The refusal of many contract soldiers to extend their service has forced the Russian authorities to introduce legislative changes, while in recent months there has been a sharp increase in video addresses on social media featuring mobilized Russian soldiers complaining about suicidal tactics and high death tolls. At the same time, there is little indication yet that mounting demoralization on the front lines is shaping the public mood back in Russia itself.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

What of Russia’s beleaguered political opposition? For more than twenty years, the Putin regime has sought to silence any genuine opposition forces via increasingly direct means. These efforts have intensified since the onset of the Ukraine invasion, with independent media outlets shut down and many of the country’s relatively few remaining opposition figures either jailed or forced to flee. Some have attempted to speak out against the war while in exile, with others who left Russia in previous years such as Gary Kasparov and Mikhail Khodorkovsky serving as vocal opponents of the invasion.

The most prominent opposition figure in today’s Russia, Alexei Navalny, remains in prison. Navalny has managed to issue a number of statements from jail condemning the war. In February 2023, he published a fifteen-point plan calling for the Russian military to withdraw completely from Ukraine and arguing that Russia must accept Ukraine’s internationally recognized borders. While many have welcomed Navalny’s unambiguous opposition to the invasion, others remain wary due to his ties to Russian nationalism and earlier reluctance to back the return of Crimea to Ukraine.

At this point, extreme Russian nationalism appears to pose a far greater threat to the Putin regime than liberal anti-war sentiment. A new class of pro-war bloggers has emerged over the past year and has become a powerful force within the more active segments of Russian society. Hardliners such as Wagner chief Yevgeny Prigozhin and Chechen leader Ramzan Kadyrov have gained in stature thanks to their prominent roles in the invasion and have engaged in rare public criticism of key establishment figures.

The authoritarian nature of the Putin regime makes it almost impossible to accurately gauge levels of anti-war sentiment in today’s Russia. It may take a decisive military defeat before many of those who oppose the war dare to speak up and demand change. In a sense, this is exactly what Putin is fighting against. He invaded Ukraine primarily because he feared Ukrainian democracy would serve as a catalyst for similar demands inside Russia itself. So far, he has managed to prevent anti-war or pro-democracy movements from gaining momentum. However, if his invading army’s battlefield fortunes continue to deteriorate in Ukraine, those who dream of a different Russia may finally find their voices.

Christopher Isajiw is an international relations commentator and business development consultant to private, governmental, and non-governmental organizations.

Further reading

UkraineAlert Feb 20, 2023

‘You cannot outlast us’: Biden’s Kyiv visit sends strong message to Moscow

By Peter Dickinson

US President Joe Biden’s bold surprise visit to wartime Kyiv sent a strong message to Moscow that time is not on Putin’s side and Russia should not pin its hopes on a weakening of Western resolve to stand with Ukraine.

Conflict Freedom and Prosperity

UkraineAlert Mar 19, 2023

Putin the Pariah: War crimes arrest warrant deepens Russia’s isolation

By Anders Åslund

The ICC decision to indict Putin for war crimes is a highly consequential step that will deepen Russia’s international isolation while weakening Putin’s personal position both at home and abroad, writes Anders Åslund.

Conflict Human Rights

UkraineAlert Mar 8, 2023

Ukrainians will never surrender. How long can they count on the West?

By Serhiy Prytula

Ukraine’s remarkable resistance during the first days of the Russian invasion convinced the democratic world to back the country but with Putin now preparing for a long war, continued Western resolve is vital writes Serhiy Prytula.

Civil Society Conflict

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Anti-war Russians struggle to be heard appeared first on Atlantic Council.

Online Event Mon, March 27, 2023 • 1:30 pm ET

Live from the Freedom Online Coalition: How the FOC works for people around the world

The DFRLab hosts the US Deputy Secretary of State Wendy Sherman along with civil society and industry experts for a discussion on the Freedom Online Coalition and how the world’s democratic tech alliance advances human rights online.

Africa East Asia Europe & Eurasia Indo-Pacific

Ahead of the Biden administration’s second Summit for Democracy, US Deputy Secretary of State Wendy Sherman gave a sneak peek at what to expect from the US government on its commitments to protecting online rights and freedoms.

The event, hosted by the Atlantic Council’s Digital Forensic Research Lab on Monday, came on the same day that US President Joe Biden signed an executive order restricting the US government’s use of commercial spyware that may be abused by foreign governments or enable human-rights abuses overseas.

But there’s more in store for this week, Sherman said, as the United States settles into its role as chair of the Freedom Online Coalition (FOC)—a democratic tech alliance of thirty-six countries working together to support human rights online. As chair, the United States needs “to reinforce rules of the road for cyberspace that mirror and match the ideals of the rules-based international order,” said Sherman. She broke that down into four top priorities for the FOC:

1. Protecting fundamental freedoms online, especially for often-targeted human-rights defenders
2. Building resilience against digital authoritarians who use technology to achieve their aims
3. Building a consensus on policies designed to limit abuses of emerging technologies such as artificial intelligence (AI)
4. Expanding digital inclusion  

“The FOC’s absolutely vital work can feel like a continuous game of catch-up,” said Sherman. But, she added, “we have to set standards that meet this moment… we have to address what we see in front of us and equip ourselves with the building blocks to tackle what we cannot predict.”

Below are more highlights from the event, during which a panel of stakeholders also outlined the FOC’s role in ensuring that the internet and emerging technologies—including AI—adhere to democratic principles.

Deepening fundamental freedoms

• Sherman explained that the FOC will aim to combat government-initiated internet shutdowns and ensure that people can “keep using technology to advance the reach of freedom.”
• Boye Adegoke, senior manager of grants and program strategy at the Paradigm Initiative, recounted how technology was supposed to help improve transparency in Nigeria’s recent elections. But instead, the election results came in inconsistently and after long periods of time. Meanwhile, the government triggered internet shutdowns around the election period. “Bad actors… manipulate technology to make sure that the opinions and the wishes of the people do not matter at the end of the day,” he said.
• “It’s very important to continue to communicate the work that the FOC is doing… so that more and more people become aware” of internet shutdowns and can therefore prepare for the lapses in internet service and in freely flowing, accurate information, Adegoke said.
• On a practical level, once industry partners expose where disruptions are taking place, the FOC offers a mechanism by which democratic “governments can work together to sort of pressure other governments to say these [actions] aren’t acceptable,” Starzak argued.
• The FOC also provides a place for dialogue on human rights in the online space, said Alissa Starzak, vice president and global head of public policy at Cloudfare. Adegoke, who also serves in the FOC advisory network, stressed that “human rights [are] rarely at the center of the issues,” so the FOC offers an opportunity to mainstream that conversation into policymakers’ discussions on technology.

Building resilience against digital authoritarianism

• “Where all of [us FOC countries] may strive to ensure technology delivers for our citizens, autocratic regimes are finding another means of expression,” Sherman explained, adding that those autocratic regimes are using technologies to “divide and disenfranchise; to censor and suppress; to limit freedoms, foment fear, and violate human dignity.” New technologies are essentially “an avenue of control” for authoritarians, she explained.
• At the FOC, “we will focus on building resilience against the rise of digital authoritarianism,” Sherman said, which has “disproportionate and chilling impacts on journalists, activists, women, and LGBTI+ individuals” who are often directly targeted for challenging the government or expressing themselves.
• One of the practices digital authoritarians often abuse is surveillance. Sherman said that as part of the Summit for Democracy, the FOC and other partners will lay out guiding principles for the responsible use of surveillance tech.
• Adegoke recounted how officials in Nigeria justified their use of surveillance tech by saying that the United States also used the technology. “It’s very important to have some sort of guiding principle” from the United States, he said.
• After Biden signed the spyware executive order, Juan Carlos Lara, executive director at Derechos Digitales, said he expects other countries “to follow suit and hopefully to expand the idea of bans on spyware or bans on surveillance technology” that inherently pose risks to human rights.

Addressing artificial intelligence

• “The advent of AI is arriving with a level of speed and sophistication we haven’t witnessed before,” warned Sherman. “Who creates it, who controls it, [and] who manipulates it will help define the next phase of the intersection between technology and democracy.”
• Some governments, Sherman pointed out, have used AI to automate their censorship and suppression practices. “FOC members must build a consensus around policies to limit these abuses,” she argued.
• Speaking from an industry perspective, Starzak acknowledged that sometimes private companies and governments “are in two different lanes” when it comes to figuring out how they should use AI. But setting norms for both good and bad AI use, she explained, could help get industry and the public sector in the same lane, moving toward a world in which AI is used in compliance with democratic principles.
• Lara, who also serves in the FOC advisory network, explained that the FOC has a task force to specifically determine those norms on government use of AI and to identify the ways in which AI contributes to the promise—or peril—of technology in societies worldwide.

Improving digital inclusion

• “The internet should be open and secure for everyone,” said Sherman. That includes “closing the gender gap online” by “expanding digital literacy” and “promoting access to safe online spaces” that make robust civic participation possible for all. Sherman noted that the FOC will specifically focus on digital inclusion for women and girls, LGBTI+ people, and people with disabilities.
• Starzak added that in the global effort to cultivate an internet that “builds prosperity,” access to the free flow of information for all is “good for the economy and good for the people.” Attaining that version of the internet will require a “set of controls” to protect people and their freedoms online, she added.
• Ultimately, there are major benefits to be had from expanded connectivity. According to Sherman, it “can drive economic growth, raise standards of living, create jobs, and fuel innovative solutions” for global challenges such as climate change, food insecurity, and good governance.

Katherine Walla is an associate director of editorial at the Atlantic Council.

Watch the full event

The post What to expect from the world’s democratic tech alliance as the Summit for Democracy unfolds appeared first on Atlantic Council.

Online Event Mon, March 27, 2023 • 1:30 pm ET

Live from the Freedom Online Coalition: How the FOC works for people around the world

The DFRLab hosts the US Deputy Secretary of State Wendy Sherman along with civil society and industry experts for a discussion on the Freedom Online Coalition and how the world’s democratic tech alliance advances human rights online.

Africa East Asia Europe & Eurasia Indo-Pacific

Event transcript

Uncorrected transcript: Check against delivery

Introduction
Rose Jackson
Director, Democracy & Tech Initiative, Digital Forensic Research Lab

Opening Remarks
Wendy Sherman
Deputy Secretary of State, US Department of State

Panelists
Boye Adegoke
Senior Manager, Grants and Program Strategy, Paradigm Initiative

Juan Carlos Lara
Executive Director, Derechos Digitales

Alissa Starzak
Vice President, Global Head of Public Policy, Cloudflare

Moderator
Khushbu Shah
Nonresident Fellow, Digital Forensic Research Lab

ROSE JACKSON: Hello. My name is Rose Jackson, and I’m the director of the Democracy + Tech Initiative here at the Atlantic Council in Washington, DC.

I’m honored to welcome you here today for this special event, streaming to you in the middle of the Freedom Online Coalition, or the FOC’s first strategy and coordination meeting of the year.

For those of you watching at home or many screens elsewhere, I’m joined here in this room by representatives from thirty-one countries and civil-society and industry leaders who make up the FOC’s advisory network. They’ve just wrapped up the first half of their meeting and wanted to bring some of the conversation from behind closed doors to the community working everywhere to ensure the digital world is a rights-respecting one.

It’s a particularly important moment for us to be having this conversation. As we get ready for the second Summit for Democracy later this week, the world’s reliance and focus on the internet has grown, while agreement [on] how to further build and manage it frays.

I think at this point it’s a bit of a throwaway line that the digital tools mediate every aspect of our lives. But the fact that most of the world has no choice but to do business, engage with their governments, or stay connected with friends and family through the internet makes the rules and norms around how that internet functions a matter of great importance. And even more because the internet is systemic and interconnected, whether it is built and imbued with the universal human rights we expect offline will determine whether our societies can rely on those rights anywhere.

Antidemocratic laws have a tendency of getting copied. Troubling norms are established in silence. And a splintering of approach makes it easier for authoritarians to justify their sovereign policies used to shutter dissent, criminalize speech, and surveil everyone. These are the core democratic questions of our time, and ensuring that the digital ecosystem is a rights-respecting one requires democracies [to row] in the same direction in their foreign policy and domestic actions.

The now twelve-year-old FOC, as the world’s only democratic tech alliance, presents an important space for democratic governments to leverage their shared power to this end, in collaboration with civil society and industry around the world.

We were encouraged last year when Secretary of State Antony Blinken announced at our open summit conference in Brussels that the US would take over as chair of the FOC in 2023 as part of its commitment to reinvest in the coalition and its success. Just over an hour ago, the US announced a new executive order limiting its own use of commercial spyware on the basis of risks to US national security and threats to human rights everywhere really brings home the stakes and potential of this work.

So today we’re honored to have Deputy Secretary of State Wendy Sherman here to share more about the US government’s commitment to these issues and its plans for the coming year as chair.

We’ll then turn to a panel of civil-society and industry leaders from around the world to hear more about how they view the role and importance of the FOC in taking action on everything from internet shutdowns to surveillance tech and generative AI. That session will be led by our nonresident fellow and the former managing editor of Rest of World Khushbu Shah.

Now, before I turn to the deputy secretary, I want to thank the FOC support unit, the US State Department, and our Democracy and Tech team here for making this event possible. And I encourage you in Zoomland to comment on and engage liberally with the content of today’s event on your favorite social media platforms, following at @DFRLab, and using the hashtags #SummitforDemocracy, #S4D too, or #PartnersforDemocracy.

For those tuning in remotely in need of closed captioning, please view today’s program on our YouTube channel through the link provided in the chat.

It is now my distinct honor to pass the podium to Deputy Secretary of State Wendy Sherman, who needs no introduction as one of our nation’s most experienced and talented diplomats.

Deputy Secretary, thank you so much for joining us.

WENDY SHERMAN: Good afternoon. It’s terrific to be with you, and thank you, Rose, for your introduction and for all of the terrific work that the Freedom Online Coalition is doing.

It is fitting to be here at the Atlantic Council for this event because your mission sums up our purpose perfectly: shaping the global future together. That is our fundamental charge in the field of technology and democracy: how we use modern innovations to forge a better future.

That’s what the DFRLab strives to achieve, through your research and advocacy, and that’s what the Freedom Online Coalition, its members, observers, and advisory network seek to accomplish through our work. Thank you for your partnership.

More than five decades ago—seems like a long time ago, but really very short—the internet found its origins in the form of the first online message ever sent, all of two letters in length, delivered from a professor at UCLA to colleagues at Stanford. It was part of a project conceived in university labs and facilitated by government. It was an effort meant to test the outer limits of rapidly evolving technologies and tap into the transformative power of swiftly growing computer networks.

What these pioneers intended at the time was actually to devise a system that could allow people to communicate in the event of a nuclear attack or another catastrophic event. Yet what they created changed everything—how we live and work, how we participate in our economy and in our politics, how we organize movements, how we consume media, read books, order groceries, pay bills, run businesses, conduct research, learn, write, and do nearly everything we can think of.

Change didn’t happen overnight, of course, and that change came with both promise and peril. This was a remarkable feat of scientific discovery, and it upended life as we know it for better, and sometimes, worse.

Over the years, as we went from search engines to social media, we started to face complicated questions as leaders, as parents and grandparents, as members of the global community—questions about how the internet can best be used, how it should be governed, who might misuse it, how it impacts our children’s mental and emotional health, who could access it, and how we can ensure that access is equitable—benefitting people in big cities, rural areas, and everywhere in between. Big-picture questions arose about these tectonic shifts. What would they mean for our values and our systems of governance? Whether it’s the internet as we understand it today or artificial intelligence revolutionizing our world tomorrow, will digital tools create more democracy or less? Will they be deployed to maximize human rights or limit them? Will they be used to enlarge the circle of freedom or constraint and contract it?

For the United States, the Freedom Online Coalition, and like-minded partners, the answer should point in a clear direction. At a basic level, the internet should be open and secure for everyone. It should be a force for free enterprise and free expression. It should be a vast forum that increases connectivity, that expands people’s ability to exercise their rights, that facilitates unfettered access to knowledge and unprecedented opportunities for billions.

Meeting that standard, however, is not simple. Change that happens this fast in society and reaches this far into our lives rarely yields a straightforward response, especially when there are those who seek to manipulate technology for nefarious ends. The fact is where all of us may strive to ensure technology delivers for our citizens, autocratic regimes are finding another means of expression. Where democracies seek to tap into the power of the internet to lift individuals up to their highest potential, authoritarian governments seek to deploy these technologies to divide and disenfranchise, to censor and suppress, to limit freedoms, [to] foment fear and [to] violate human dignity. They view the internet not as a network of empowerment but as an avenue of control. From Cuba and Venezuela to Iran, Russia, the PRC, and beyond, they see new ways to crush dissent through internet shutdowns, virtual blackouts, restricted networks, blocked websites, and more.

Here in the United States, alongside many of you, we have acted to sustain connections to internet-based services and the free flow of information across the globe, so no one is cut off from each other, the outside world, or cut off from the truth. Yet even with these steps, none of us are perfect. Every day, almost everywhere we look, democracies grapple with how to harness data for positive ends, while preserving privacy; how to bring out the best in modern innovations without amplifying their worst possibilities; how to protect the most vulnerable online while defending the liberties we hold dear. It isn’t an easy task, and in many respects, as I’ve said, it’s only getting harder. The growth of surveillance capabilities is forcing us to constantly reevaluate how to strike the balance between using technologies for public safety and preserving personal liberties.

The advent of AI is arriving with a level of speed and sophistication we haven’t witnessed before. It will not be five decades before we know the impact of AI. That impact is happening now. Who creates it, who controls it, [and] who manipulates it will help define the next phase of the intersection between technology and democracy. By the time we realize AI’s massive reach and potential, the internet’s influence might really pale in comparison. The digital sphere is an evolving and is evolving at a pace we can’t fully fathom and in ways at least I can’t completely imagine. Frankly, we have to accept the fact that the FOC’s absolutely vital work can feel like a continuous game of catchup. We have to acknowledge that the guidelines we adopt today might seem outdated as soon as tomorrow.

Now let me be perfectly clear: I am not saying we should throw up our hands and give up. To the contrary, I’m suggesting that this is a massive challenge we have to confront and a generational change we have to embrace. We have to set standards that meet this moment and that lay the foundation for whatever comes next. We have to address what we see in front of us and equip ourselves with the building blocks to tackle what we cannot predict.

To put a spin on a famous phrase, with the great power of these digital tools comes great responsibility to use that power for good. That duty falls on all our shoulders and the stakes could not be higher for internet freedom, for our common prosperity, for global progress, because expanded connectivity, getting the two billion unconnected people online can drive economic growth, raise standards of living, create jobs, and fuel innovative solutions for everything from combating climate change to reducing food insecurity, to improving public health, to promoting good governance and sustainable development.

So we need to double down on what we stand for: an affirmative, cohesive, values-driven, rights-respecting vision for democracy in a digital era. We need to reinforce rules of the road for cyberspace that mirror and match the ideals of the rules-based international order. We need to be ready to adapt our legal and policy approaches for emerging technologies. We need the FOC—alongside partners in civil society, industry, and elsewhere—to remain an essential vehicle for keeping the digital sphere open, secure, interoperable, and reliable.

The United States believes in this cause as a central plank of our democracy and of our diplomacy. That’s why Secretary Blinken established our department’s Bureau of Cyberspace and Digital Policy, and made digital freedom one of its core priorities. That’s why the Biden-Harris administration spearheaded and signed into and onto the principles in the Declaration for the Future of the Internet alongside sixty-one countries ready to advance a positive vision for digital technologies. That’s why we released core principles for tech-platform accountability last fall and why the president called on Congress to take bipartisan action in January.

That’s why we are committed to using our turn as FOC chair as a platform to advance a series of key goals.

First, we will deepen efforts to protect fundamental freedoms, including human rights defenders online and offline, many of whom speak out at grave risk to their own lives and to their families’ safety. We will do so by countering disruptions to internet access, combating internet shutdowns, and ensuring everyone’s ability to keep using technology to advance the reach of freedom.

Second, we will focus on building resilience against the rise of digital authoritarianism, the proliferation of commercial spyware, and the misuse of technology, which we know has disproportionate and chilling impacts on journalists, activists, women, and LGBTQI+ individuals. To that end, just a few hours ago President Biden issued an executive order that for the first time will prohibit our government’s use of commercial spyware that poses a risk to our national security or that’s been misused by foreign actors to enable human rights abuses overseas.

On top of that step, as part of this week’s Summit for Democracy, the members of the FOC and other partners will lay out a set of guiding principles on government use of surveillance technologies. These principles describe responsible practices for the use of surveillance tech. They reflect democratic values and the rule of law, adherence to international obligations, strive to address the disparate effect on certain communities, and minimize the data collected.

Our third objective as FOC chair focuses on artificial intelligence and the way emerging technologies respect human rights. As some try to apply AI to help automate censorship of content and suppression of free expression, FOC members must build a consensus around policies to limit these abuses.

Finally, we will strengthen our efforts on digital inclusion—on closing the gender gap online; on expanding digital literacy and skill-building; on promoting access to safe online spaces and robust civic participation for all, particularly women and girls, LGBTQI+ persons, those with disabilities, and more.

Here’s the bottom line: The FOC’s work is essential and its impact will boil down to what we do as a coalition to advance a simple but powerful idea, preserving and promoting the value of openness. The internet, the Web, the online universe is at its best when it is open for creativity and collaboration, open for innovation and ideas, open for communication and community, debate, discourse, disagreement, and diplomacy.

The same is true for democracy—a system of governance, a social contract, and a societal structure is strongest when defined by open spaces to vote, deliberate, gather, demonstrate, organize, and advocate. This openness could not be more important, because when the digital world is transparent, when democracy is done right, that’s when everyone has a stake in our collective success. That’s what makes everyone strive for a society that is free and fair in our politics and in cyberspace. That’s what we will give—that’s what we’ll give everyone reason to keep tapping into the positive potential of technology to forge a future of endless possibility and boundless prosperity for all.

So good luck with all your remaining work; lots ahead. And thank you so much for everything that you all do. Thank you.

KHUSHBU SHAH: Hello, everybody. Thank you so much for joining us. I’m Khushbu Shah, a journalist and a nonresident fellow at the Atlantic Council’s DFRLab.

We’re grateful to have these three experts here with us today to discuss rights in the digital world and the Freedom Online Coalition’s role in those rights. I’ll introduce you to these three experts.

This is Adeboye Adegoke, who is the senior manager of grants and program strategy at Paradigm Initiative. We have Alissa Starzak, the vice president and global head of public policy at Cloudflare, and Juan Carlos, known as J.C., Lara, who’s the executive director of Derechos Digitales. And so I will mention that both J.C. and Adeboye are also on the FOC’s Advisory Network, which was created as a strong mechanism for ongoing multi-stakeholder engagement.

And so I’ll start with the thirty-thousand-foot view. So we’ve heard—we’ve just heard about the FOC and its continued mission with the United States at the helm as chair this year in an increasingly interconnected and online world. More than five billion people are online around the world. That’s the majority of people [on] this planet. We spend nearly half of our time that we’re awake online, around more than 40 percent.

We as a global group of internet users have evolved in our use of the internet, as you’ve heard, since the creation of the FOC in 2011.

So Adeboye, why do you think now suddenly so many people are suddenly focused on technology as a key democratic issue? And speaking, you know, from your own personal experience in Nigeria, should we be?

ADEBOYE ADEGOKE: Yeah. I mean, I think the reasons are very clear, not just [looking out] to any region of the world, but, you know, generally speaking, I mean, the Cambridge Analytica, you know, issue comes to mind.

But also just speaking, you know, very specifically to my experience, on my reality as a Nigerian and as an African, I mean, we just concluded our general elections, and technology was made to play a huge role in ensuring transparency, you know, the integrity of the elections, which unfortunately didn’t achieve that objective.

But besides that, there are also a lot of concerns around how technology could be manipulated or has been manipulated in order to literally alter potential outcomes of elections. We’re seeing issues of microtargeting; you know, misinformation campaigns around [the] election period to demarcate, you know, certain candidates.

But what’s even most concerning for me is how technology has been sometimes manipulated to totally alter the outcome of the election. And I’ll give you a very clear example in terms of the just-concluded general elections in Nigeria. So technology was supposed to play a big role. Results were supposed to be transmitted to a central server right from the point of voting. But unfortunately, those results were not transmitted.

In fact, as a matter of fact, three or four days after the election, 50 percent of the results were not uploaded. As of the time that the election results were announced, those results were—less than 50 percent of the results had been transmitted, which then begin to, you know, lead to questioning of the integrity of those outcomes. These are supposed to be—elections are supposed to be transmitted, like, on the spot. So, you know, it becomes concerning.

The electoral panel [gave] an excuse that there was a technical glitch around, you know, their server and all of that. But then the question is, was there actually a technical glitch, or was there a compromise or a manipulation by certain, you know, bad actors to be able to alter the outcome of the election? [This] used to be the order of the day in many supposedly, you know, democratic countries, especially from the part of the world that I come from, where people really doubt whether what they see as the outcomes of their election is the actual outcome or somebody just writing something that they want.

So technology has become a big issue in elections. On one side, technology has the potential to improve on [the] integrity of elections. But on the other side, bad actors also have the tendency to manipulate technology to make sure that the opinions or the wishes of the people do not matter at the end of the day. So that’s very important here.

KHUSHBU SHAH: And you just touched on my next question for Alissa and J.C. So, as you mentioned, digital authoritarians have used tech to abuse human rights, limit internet freedoms. We’re seeing this in Russia and Myanmar, Sudan, and Libya. Those are some examples. [The] deputy secretary mentioned a few others. For example, in early 2022, at the start of its invasion of Ukraine, Russia suppressed domestic dissent by closing or forcing into exile the handful of remaining independent media outlets. In at least fifty-three countries, users have faced legal repercussions for expressing themselves online, often leading to prison terms, according to a report from Freedom House. It’s a trend that leaves people on the frontlines defenseless, you know, of course, including journalists and activists alike.

And so, J.C., what have you seen globally? What are the key issues we must keep an eye on? And what—and what are some practical steps to mitigate some of these issues?

JUAN CARLOS LARA: Yeah. I think it’s difficult to think about the practical steps without first addressing what those issues are. And I think Boye was pointing out basically what has been a problem as perceived in many in the body politic, or many even activists throughout the world. But I think it’s important to also note that these broader issues about the threats to democracy, about the threats to human rights, [they] manifest sometimes differently. And that includes how they are seen in my region, in Latin America, where, for instance, the way in which you see censorship might differ from country to country.

While some have been able to pass laws, authoritarian laws that restrict speech and that restrict how expression is represented online and how it’s penalized, some other countries have resorted to the use of existing censorship tools. Like, for instance, some governments [are] using [Digital Millennium Copyright Act] notice and technical mechanisms to delete or to remove some content from the online sphere. So that also becomes a problematic issue.

So when we speak about, like, how do we go into, like, the practical ways to address this, we really need to identify… some low-level practices [that] connect with the higher-level standards that we aspire to for democracies; and how bigger commitments to the rule of law and to fair elections and to addressing and facing human rights threats goes to the lower level of what are actually doing in governments, what people are actually doing when they are presented with the possibility of exercising some power that can affect the human rights of the population in general. So to summarize a bit of that point, we still see a lot of censorship, surveillance, internet blockings, and also, increasingly, the use of emerging technologies as things that might be threatening to human rights.

And while some of those are not necessarily exclusive to the online sphere, they are certainly been evolving—they have been evolving [for] several years. So we really need to address how those are represented today.

KHUSHBU SHAH: Thank you. Alissa, as our industry expert I want to ask you the same question. And especially I want you to maybe touch upon what J.C. was saying about low-level practices that might be practical.

ALISSA STARZAK: You know, I think I actually want to step back and think about all of this, because I think—I think one of the challenges that we’ve seen, and we certainly heard this in Deputy Secretary Sherman’s remarks—is that technology brings opportunities and risks. And some of the challenges, I think, that we’ve touched on are part of the benefit that we saw initially. So the drawbacks that come from having broad access is that you can cut it off.

And I think that as we go forward, thinking about the Freedom Online Coalition and sort of how this all fits together, the idea is to have conversations about what it looks like long term, what are the drawbacks that come from those low-level areas, making sure that there is an opportunity for activists to bring up the things that are coming up, for industry, sort of folks in my world, to do the same. And making sure that there’s an opportunity for governments to hear it in something that actually looks collaborative.

And so I think that’s our big challenge. We have to find a way to make sure [that] those conversations are robust, that there is dialogue between all of us, and [that] we can both identify the risks that come from low-level practices like that and then also figure out how to mitigate them.

KHUSHBU SHAH: Thank you. And so, back to you—both of you. I’d like to hear from you both about, as part of civil society—we can start with you, Adegoke—what role as an organization, such as the Freedom Online Coalition, what kind of role can it play in all of these issues that we’re talking about as it expands and it grows in its own network?

ADEBOYE ADEGOKE: Yeah. So I think the work of the Freedom Online Coalition is very critical in such a time as this. So when you look at most international or global [platforms] where conversations around technology, its impact, are being discussed, human rights is rarely at the center of the issues. And I think that is where the advocacy comes in terms of highlighting and spotlighting, you know, the relevance of human rights of this issue. And as a matter of fact, not just relevance but the importance of human rights to this issue.

I think the work of the FOC is relevant even more to the Global South than probably it is to the Global North because in the Global South you—our engagement with technology, and I mean at the government level, is only from the—it’s likely from the perspective of… economics and… security. [Human rights] is, sadly, in an early part of the conversation. So, you know, with a platform like the FOC, it’s an opportunity to mainstream human rights into the technology, you know, conversation generally, and it’s a great thing that some of us from that part of the world are able to engage at this level and also bring those lessons back to our work, you know, domestically in terms of how we engage the policy process in our countries.

And that’s why it’s very important for the work of FOC to be expanded to—you know, to have real impact in terms of how it is deliberate—in terms of how it is—it is deliberate in influencing not just regional processes, but also national processes, because the end goal—and I think the beauty of all the beautiful work that is being done by the coalition—is to see how that reflects on what governments, in terms of how governments are engaging technology, in terms of how governments are consciously taking into cognizance the human rights implication of, you know, new emerging technologies and even existing technologies. So I think the FOC is very, very important stakeholder in technology conversation globally.

KHUSHBU SHAH: J.C., I want to ask you the same question, especially as Chile recently joined the FOC in recent years. And love to hear what you think.

JUAN CARLOS LARA: Yeah. I think it’s important to also note what Boye was saying in the larger context of when this has happened for the FOC. Since its creation, we have seen what has happened in terms of shutdowns, in terms of war, in terms of surveillance revelations. So it’s important to also connect what the likemindedness of certain governments and the high-level principles have to do with the practice of those same governments, as well as their policy positions both in foreign policy forums and internally, as the deputy secretary was mentioning.

I think it’s—that vital role that Boye was highlighting, it’s a key role but it’s a work in progress constantly. In which way? Throughout the process of the FOC meeting and producing documents and statements, that’s when the advisory network that Boye and myself are members of was created. Throughout that work, we’ve been able to see what happens inside the coalition and what—the discussions they’re having to some degree, because I understand that some of them might be behind closed doors, and what those—how the process of those statements comes to be.

So we have seen that very important role [in] how it’s produced and how it’s presented by the governments and their dignitaries. However, I still think that it’s a work in progress because we still need to be able to connect that with the practice of governments, including those that are members of the coalition, including my own government that recently joined, and how that is presented in internal policy. And at the same time, I think that key role still has a big room—a big role to play in terms of creating those principles; in terms of developing them into increasingly detailed points of action for the countries that are members of; but also then trying to influence other countries, those that are not members of the coalition, in order to create, like, better standards for human rights for all of internet users.

KHUSHBU SHAH: Any thoughts, Alissa?

ALISSA STARZAK: Yeah. You know, I think J.C. touched on something that is—that is probably relevant for everyone who’s ever worked in government which is the reality that governments are complicated and there isn’t one voice, often, and there frequently what you see is that the people who are focused on one issue may not have the same position as people who are working on it from a different angle. And I think the interesting thing for me about the FOC is not that you have to change that as a fundamental reality, but that it’s an opportunity for people to talk about a particular issue with a focus on human rights and take that position back. So everybody sitting in this room who has an understanding of what human rights online might look like, to be able to say, hey, this is relevant to my government in these ways if you’re a government actor, or for civil society to be able to present a position, that is really meaningful because it means that there’s a voice into each of your governments. It doesn’t mean that you’re going to come out with a definitive position that’s always going to work for everyone or that it’s going to solve all the problems, but it’s a forum. And it’s a forum that’s focused on human rights, and it’s focused on the intersection of those two, which really matters.

So, from an FOC perspective, I think it’s an opportunity. It’s not going to ever be the be all and end all. I think we all probably recognize that. But you need—I think we need a forum like this that really does focus on human rights.

KHUSHBU SHAH: An excellent point and brings me to my next question for you three. Let’s talk specifics, speaking of human rights: internet shutdowns. So we’ve mentioned Russia. Iran comes to mind as well during recent months, during protests, and recently, very recently, the Indian government cut tens of millions of people off in the state of Punjab as they search for a Sikh separatist.

So what else can this look like, J.C.? Those are some really sort of very basic, very obvious examples of internet shutdowns. And how can the FOC and its network of partners support keeping people online?

JUAN CARLOS LARA: Yes, thank you for that question because specifically for Latin America, the way in which shutdowns may present themselves is not necessarily a huge cutting off of the internet for many people. It sometimes presents in other ways, like, for instance, we have seen the case of one country in South America in which their telecommunication networks has been basically abandoned, and therefore, all of the possibilities of using the internet are lost not because the government has decided to cut the cable, but rather because it’s let it rot, or because it presents in the form of partially and locally focused cutting off services for certain platforms.

I think the idea of internet shutdowns has provided awareness about the problems that come with losing access to the internet, but that also can be taken by governments to be able to say they have not shut access to the internet; it’s just that there’s either too much demand in a certain area or that a certain service has failed to continue working, or that it’s simply failures by telecommunication companies, or that a certain platform has not complied with its legal or judicial obligations and therefore it needs to be taken off the internet. So it’s important that when we speak about shutdowns we consider the broader picture and not just the idea of cutting off all of the internet.

KHUSHBU SHAH: Adeboye, I’d like to hear what your thoughts are on this in the context of Nigeria.

ADEBOYE ADEGOKE: Yeah. It’s really very interesting. And to the point, you know, he was making about, you know, in terms of when we talk about shutdown, I think the work around [understanding shutdowns] has been great and it’s really helped the world to understand what is happening globally. But just as he said, I think there are also some other forms of exclusion that [happen] because of government actions and inactions that probably wouldn’t fall on that thematic topic of shutdown, but it, in a way, is some sort of exclusionary, you know, policy.

So an example is in some remote areas in Nigeria, for example, for most of the technology companies who are laying cables, providing internet services, it doesn’t make a lot of business sense for them to be, you know, present in those locations. And to make the matter worse for them, the authorities, the local governments, those are imposing huge taxes on those companies to be able to lay their fiber cables into those communities, which means that for the businesses, for the companies it doesn’t make any economic sense to invest in such locations. And so, by extension, those [kinds] of people are shut down from the internet; they are not able to assess communication network and all of that.

But I also think it’s very important to highlight the fact that—I mean, I come from the continent where internet is shut down for the silliest reason that you can imagine. I mean, there have been [shutdowns] because [the] government was trying to prevent students cheating in exams, you know? Shutdowns are common during elections, you know? [Shutdowns] happen because [the] government was trying to prevent gossip. So it’s the silliest of reasons why there have been internet [shutdowns] in the area, you know, in the part of the world that I am from.

But what I think—in the context of the work that the FOC does, I think something that comes to mind is how we are working to prevent future [shutdowns]. I spoke about the election that just ended in Nigeria. One of the things that we did was to, shortly before the election, organize, like, a stakeholder meeting of government representative, of fact checkers, of, you know, the platforms, the digital companies, civil society [organizations], and electoral [observers]… to say that, OK, election is—if you are from Africa, any time election is coming you are expecting a shutdown. So it’s to have a conversation and say: Election is coming. There is going to be a lot of misinformation. There’s going to be heightened risk online. But what do we need to do to ensure that we don’t have to shut down the internet?

So, for Nigeria, we were able to have that conversation a few weeks before the election, and luckily the [internet was] not shut down. So I mean, I would describe that as a win. But just to emphasize that it is helpful when you engage in a platform like the FOC to understand the dimensions that [shutdowns] take across the world. It kind of helps you to prepare for—especially if you were in the kind of tradition that we were to prepare for potential shutdown. And also I think it’s also good to spotlight the work that Access Now has done with respect to spotlighting the issue of shutdown because it helps to get their perspective.

So, for example, I’m from Nigeria. We have never really experienced widespread shutdown in Nigeria, but because we are seeing it happen in our sister—in our neighboring countries—we are kind of conscious of that and were able to engage ahead of elections to see, oh, during election in Uganda, [the] internet was shut down. In Ethiopia, [the] internet was shut down. So it’s likely [the] internet will be shut down in Nigeria. And then to say to the authority: No, you know what? We don’t have to shut down the internet. This is what we can do. This is the mechanism on [the] ground to identify risk online and address those risks. And also, holding technology platform accountable to make sure that they put mechanism in place, to make sure they communicate those mechanisms clearly during elections.

So it’s interesting how much work needs to go into that, but I think it’s… important work. And I think for the FOC, it’s also—it’s also very important to continue to communicate the work that the FOC is doing in that regard so that more and more people become aware of it, and sort of more people are prepared, you know, to mitigate it, especially where you feel is the highest risk of shutdown.

KHUSHBU SHAH: Thank you. I’m going to jump across to the other side of that spectrum, to surveillance tech, to the—to the almost literally—the opposite, and I wanted to start with the news that Deputy Secretary Sherman mentioned, with the news that the Biden administration announced just this afternoon, a new executive order that would broadly ban US federal agencies from using commercially developed spyware that poses threats to human rights and national security.

The deputy secretary also mentioned, Alissa, some guiding principles that they were going to announce later this week with the FOC. What are some—what are some things—what are some principles or what are some ambitions that you would hope to see later this week?

ALISSA STARZAK: So I think there’s a lot coming is my guess. Certainly the surveillance tech piece is an important component, but I think there are lots of broad guidelines.

I actually want to go back to shutdowns for a second, if you don’t mind…. Because I think it’s a really interesting example of how the FOC can work well together and how you take all of the different pieces—even at this table—of what—how you sort of help work on an internet problem or challenge, right? So you have a world where you have activists on the ground who see particular challenges who would then work with their local government. You have industry partners like Cloudflare who can actually show what’s happening. So are there—is there a shutdown? Is there a network disruption? So you can take the industry component of it, and that provides some information for governments, and then governments can work together to sort of pressure other governments to say these aren’t acceptable. These are—these norms—you can’t—no, you can’t shut down because you are worried about gossip, and cheating, and an exam, right? There’s a set of broad international norms that become relevant in that space, and I think you take that as your example. So you have the players—you have the government to government, you have the civil society to government, you have the industry which provides information to government and civil society. And those are the pieces that can get you to a slightly better place.

And so when I look at the norms coming out later this week, what I’m going to be looking for are that same kind of triangulation of using all of the players in the space to come to a better—to come to a better outcome. So whether that’s surveillance tech, sort of understanding from civil society how it has been used, how you can understand it from other tech companies, how you can sort of mitigate against those abuses, working with governments to sort of address their own use of it to make sure that that doesn’t become a forum—all of those pieces are what you want from that model. And I think—so that’s what I’m looking for in the principles that come out. If they have that triangulation, I’m going to be—I’m going to be very happy.

KHUSHBU SHAH: What would you both be looking for, as well? J.C., I’ll start with you.

JUAN CARLOS LARA: Yeah, as part of the [FOC advisory network], of course, there might be some idea of what’s coming in when we speak about principles for governments for the use of surveillance capabilities.

However, there are two things that I think are very important to consider for this type of issue: first of all is that which principles and which rules are adopted by the states. I mean, it’s a very good—it’s very good news that we have this executive order as a first step towards thinking how states refrain from using surveillance technology disproportionately or indiscriminately. That’s a good sign in general. That’s a very good first step. But secondly, within this same idea, we would expect other countries to follow suit and hopefully to expand the idea of bans on spyware or bans on surveillance technology that by itself may pose grave risks to human rights, and not just in the case of this, or that, or the fact that it’s commercial spyware, which is a very important threat including for countries in Latin America who are regular customers for certain spyware producers and vendors.

But separately from that, I think it’s very important to also understand how this ties into the purposes of the Freedom Online Coalition and its principles, and how to have further principles that hopefully pick up on the learnings that we have had for several years of discussion on the deployment of surveillance technologies, especially by academia and civil society. If those are picked up by the governments themselves as principle, we expect that to exist in practice.

One of the key parts of the discussion on commercial spyware is that I can easily think of a couple of Latin American countries that are regular customers. And one of them is an FOC member. That’s very problematic, when we speak about whether they are abiding by these principles and by human rights obligations or not, and therefore whether these principles will generate any kinds of restraint in the use and the procurement of such surveillance tools.

KHUSHBU SHAH: So I want to follow up on that. Do you think that there—what are the dangers and gaps of having this conversation without proposing privacy legislation? I want to ask both of our—

JUAN CARLOS LARA: Oh, very briefly. Of course, enforcement and the fact that rules may not have the institutional framework to operate I think is a key challenge. That is also tied to capacities, like having people with enough knowledge and have enough, of course, exchange of information between governments. And resources. I think it’s very important that governments are also able to enact the laws that they put in the books, that they are able to enforce them, but also to train every operator, every official that might be in contact with any of these issues. So that kind of principle may not just be adopted as a common practice, but also in the enforcement of the law, so get into the books. Among other things, I think capacities and resources are, like—and collaboration—are key for those things.

KHUSHBU SHAH: Alissa, as our industry expert, I’d like to ask you that same question.

ALISSA STARZAK: You know, I think one of the interesting things about the commercial spyware example is that there is a—there is a government aspect on sort of restricting other people from doing certain things, and then there is one that is a restriction on themselves. And so I think that’s what the executive order is trying to tackle. And I think that the restricting others piece, and sort of building agreement between governments that this is the appropriate thing to do, is—it’s clearly with the objective here, right?

So, no, it’s not that every government does this. I think that there’s a reality of surveillance foreign or domestic, depending on what it looks like. But thinking about building rulesets of when it’s not OK, because I think there is—there can be agreement if we work together on what that ruleset looks like. So we—again, this is the—we have to sort of strive for a better set of rules across the board on when we use certain technologies. And I think—clearly, I think what we’ve heard, the executive order, it’s the first step in that process. Let’s build something bigger than ourselves. Let’s build something that we can work across governments for. And I think that’s a really important first step.

ADEBOYE ADEGOKE: OK. Yeah, so—yeah, so, I think, yeah, the executive order, it’s a good thing. Because I was, you know, thinking to myself, you know, looking back to many years ago when in my—in our work when we started to engage our government regarding the issue of surveillance and, you know, human rights implications and all of that, I recall very vividly a minister at the time—a government minister at the time saying that even the US government is doing it. Why are you telling us not to do it? So I think it’s very important.

Leadership is very key. The founding members of the FOC, if you look FOC, the principles and all of that, those tests are beautiful. Those tests are great. But then there has to be a demonstration of—you know, of application of those tests even by the governments leading, you know, the FOC so that it makes the work of people like us easier, to say these are the best examples around and you don’t get the kind of feedback you get many years ago; like, oh, even the US government is doing it. So I think the executive order is a very good place to start from, to say, OK, so this is what the US government is doing right now and this is how it wants to define their engagement with spyware.

But, of course, like, you know, he said, it has to be, you know, expanded beyond just, you know, concerns around spyware. It has to be expanded to different ways in which advanced technology [is] applied in government. I come from a country that has had to deal with the issues of, you know, terrorism very significantly in the past ten years, thereabout, and so every justification you need for surveillance tech is just on the table. So whenever you want to have the human rights conversation, somebody’s telling you that, you want terrorists to kill all of us? You know? So it’s very important to have some sort of guiding principle.

Yeah, we understand [the] importance of surveillance to security challenges. We understand how it can be deployed for good uses. But we also understand that there are risks to human-rights defenders, to journalists, you know, to people who hold [governments] accountable. And those have to be factored into how these technologies are deployed.

And in terms of, you know, peculiar issues that we have to face, basically you are dealing with issues around oversight. You are dealing with issues around transparency. You are dealing with issues around [a] lack of privacy frameworks, et cetera. So you see African governments, you know, acquiring similar technologies, trying, you know, in the—I don’t want to say in the guise, because there are actually real problems where those technologies might be justified. But then, because of the lack of these principles, these issues around transparency, oversight, legal oversight, human-rights considerations, it then becomes problematic, because this too then become—it’s true that it is used against human-rights defenders. It’s true that it is used against opposition political parties. It’s true that it is used against activists and dissidents in the society.

So it’s very important to say that we look at the principle that has been developed by the FOC, but we want to see FOC government demonstrate leadership in terms of how they apply those principles to the reality. It makes our work easier if that happens, to use that as an example, you know, to engage our government in terms of how this is—how it is done. And I think these examples help a lot. It makes the work very easy—I mean, much easier; not very easy.

KHUSHBU SHAH: Well, you mentioned a good example; so the US. So you reminded me of the biometric data that countries share in Central and North America as they monitor refugees, asylum seekers, migrants. Even the US partakes. And so, you know, what can democracies do to address the issue when they’re sometimes the ones leveraging these same tools? Obviously, it’s not the same as commercial spyware, but—so what are the boundaries of surveillance and appropriate behavior of governments?

J.C., can I throw that question to you?

JUAN CARLOS LARA: Happy to. And we saw a statement by several civil-society organizations on the use of biometric data with [regard] to migrants. And I think it’s very important that we address that as a problem.

I really appreciated that Boye mentioned, like, countries leading by example, because that’s something that we are often expecting from countries that commit themselves to high-level principles and that sign on to human-rights instruments, that sign declarations by the Human Rights Council and the General Assembly of the [United Nations] or some regional forums, including to the point of signing on to FOC principles.

I think that it’s very problematic that things like biometric data are being used—are being collected from people that are in situations of vulnerability, as is the case of very—many migrants and many people that are fleeing from situations of extreme poverty and violence. And I think it’s very problematic also that also leads to [the] exchange of information between governments without proper legal safeguards that prevent that data from falling into the hands of the wrong people, or even that prevent that data from being collected from people that are not consenting to it or without legal authorization.

I think it’s very problematic that countries are allowing themselves to do that under the idea that this is an emergency situation without proper care for the human rights of the people who are suffering from that emergency and that situations of migrations are being treated like something that must be stopped or contained or controlled in some way, rather than addressing the underlying issues or rather than also trying to promote forms of addressing the problems that come with it without violating human rights or without infringing upon their own commitments to human dignity and to human privacy and to the freedom of movement of people.

I think it’s—that it’s part of observing legal frameworks and refraining from collecting data that they are not allowed to, but also to obeying their own human-rights commitments. And that often leads to refraining from taking certain action. And in that regard, I think the discussions that there might be on any kind of emergency still needs to take a few steps back and see what countries are supposed to do and what obligations they are supposed to abide [by] because of their previous commitments.

KHUSHBU SHAH: So thinking about what you’ve just said—and I’m going to take a step back. Alissa, I’m going to ask you kind of a difficult question. We’ve been talking about specific examples of human rights and what it means to have online rights in the digital world. So what does it mean in 2023? As we’re talking about all of this, all these issues around the world, what does it mean to have freedom online and rights in the digital world?

ALISSA STARZAK: Oh, easy question. It’s really easy. Don’t worry; we’ve got that. Freedom Online’s got it; you’ve just got to come to their meetings.

No, I think—I think it’s a really hard question, right? I think that we have—you know, we’ve built something that is big. We’ve built something where we have sort of expectations about access to information, about the free flow of information across borders. And I think that, you know, what we’re looking at now is finding ways to maintain it in a world where we see the problems that sometimes come with it.

So when I look at the—at the what does it mean to have rights online, we want to—we want to have that thing that we aspire to, I think that Deputy Secretary Sherman mentioned, the sort of idea that the internet builds prosperity, that the access to the free flow of information is a good thing that’s good for the economy and good for the people. But then we have to figure out how we build the set of controls that go along with it that are—that protect people, and I think that’s where the rule of law does come into play.

So thinking about how we build standards that are respect—that respect human rights in the—when we’re collecting all of the information of what’s happening online, right, like, maybe we shouldn’t be collecting all of that information. Maybe we should be thinking of other ways of addressing the concerns. Maybe we should be building [a] framework that countries can use that are not us, right, or that people at least don’t point to the things that a country does and say, well, if they can do this, I can do this, right, using it for very different purposes.

And I think—I think that’s the kind of thing that we’re moving—we want to move towards, but that doesn’t really answer the underlying question is the problem, right? So what are the rights online? We want as many rights as possible online while protecting security and safety, which is, you know, also—they’re also individual rights. And it’s always a balance.

KHUSHBU SHAH: It seems like what you’re touching on—J.C., would you like to—

JUAN CARLOS LARA: No. Believe me.

KHUSHBU SHAH: Well, it seems like what you’re talking about—and we’re touching—we’ve, like, talked around this—is, like, there’s a—there’s a sense of impunity, right, when you’re on—like in the virtual world, and that has led to what we’ve talked about for the last forty minutes, right, misinformation/disinformation. And if you think about what we’ve all been talking about for the last few weeks, which is AI—and I know there have been some moments of levity. I was thinking about—I was telling Alissa about how there was an image of the pope wearing a white puffer jacket that’s been being shown around the internets, and I think someone pointed out that it was fake, that it was AI-generated. And so that’s one example. Maybe it’s kind of a fun example, but it’s also a little bit alarming.

And I think about the conversation we’re having, and what I really want to ask all of you is, so, how might these tools—like the AI, the issue of AI—further help or hurt [human rights] activists and democracies as we’re going into uncharted territories, as we’re seeing sort of the impact of it in real time as this conversation around it evolves and how it’s utilized by journalists, by activists, by politicians, by academics? And what should the FOC do—I know I’m asking you again—what can the FOC do? What should we aim for to set the online world on the right path for this uncharted territory? I don’t know who wants to start and attempt.

ADEBOYE ADEGOKE: OK, I’ll start. Yeah.

So I think it’s great that, you know, the FOC has, you know, different task [forces] working on different thematic issues, and I know there is a task force on the issue of artificial intelligence and human rights. So I think for me that’s a starting point, you know, providing core leadership on how emerging technology generally impacts… human rights. I think that’s the starting point in terms of what we need to do because, like the deputy secretary said, you know, technology’s moving at such a pace that we can barely catch up on it. So we cannot—we cannot afford to wait one minute, one second before we start to work on this issue and begin to, you know, investigate the human rights implications of all of those issues. So it’s great that the FOC’s doing that work.

I would just say that it’s very important for—and I think this [speaks] generally to the capacities of the FOC. I think the FOC needs to be further capacitated so that this work can be made to bear in real-life issues, in regional, in national engagement so that some of the hard work that has been put into those processes can really reflect in real, you know, national and regional processes.

ALISSA STARZAK: Yeah. So I definitely agree with that.

I think—I think on all of these issues I think we have a reality of trying to figure out what governments do and then what private companies do, or what sort of happens in industry, and sometimes those are in two different lanes. But in some ways figuring out what governments are allowed to do, so thinking about the sort of negative potential uses of AI may be a good start for thinking about what shouldn’t happen generally. Because if you can set a set of norms, if you can start with a set of norms about what acceptable behavior looks like and where you’re trying to go to, you’re at least moving in the direction of the world that you think you want together, right?

So understanding that you shouldn’t be generating it for the purpose of misinformation or, you know, that—for a variety of other things, at least gets you started. It’s a long—it’s going to be a long road, a long, complicated road. But I think there’s some things that can be done there in the FOC context.

JUAN CARLOS LARA: Yes. And I have to agree with both of you. Specifically, because the idea that we have a Freedom Online Coalition to set standards, or to set principles, and a taskforce that can devote some resources, some time, and discussion to that, can also identify where this is actually the part of the promise and which is the part of the peril. And how governments are going to react in a way that promotes prosperity, that promotes interactivity, and promotes commerce—exercise of human rights, the rights of individuals and groups—and which sides of it become problematic from the side of the use of AI tools, for instance, for detecting certain speech for censorship or for identifying people in the public sphere, because they’re working out on the streets, or to collect and process people without consent.

I think because that type of expertise and that type of high political debate can be held at the FOC, that can promote the type of norms that we need in order to understand, like, what’s the role of governments in order to steer this somewhere. Or whether they should refrain from doing certain actions that might—with the good intention of preventing the spread of AI-generated misinformation or disinformation—that may end up stopping these important tools to be used creatively or to be used in constructive ways, or in ways that can allow more people to be active participants of the digital economy.

KHUSHBU SHAH: Thank you. Well, I want to thank all three of you for this robust conversation around the FOC and the work that it’s engaging in. I want to thank Deputy Secretary Sherman and our host here at the Atlantic Council for this excellent conversation. And so if you’re interested in learning more about the FOC, there’s a great primer on it on the DFRLab website. I recommend you check it out. I read it. It’s excellent. It’s at the bottom of the DFRLab’s registration page for this event.

Watch the full event

The post Wendy Sherman on the United States’ priorities as it takes the helm of the Freedom Online Coalition appeared first on Atlantic Council.

Just over one year ago, on February 24, 2022, Russia launched a full-scale invasion of neighboring Ukraine. The ensuing conflict, Europe’s largest since World War II, has not only besieged Ukraine physically, but also through the information environment. Through kinetic, cyber, and influence operations, Russia has placed Ukraine’s digital and physical information infrastructure—including its cell towers, networks, data, and the ideas that traverse them—in its crosshairs as it seeks to cripple Ukraine’s defenses and bring its population under Russian control. 

Given the privately owned underpinnings of the cyber and information domains by technology companies, a range of local and global companies have played a significant role in defending the information environment in Ukraine. From Ukrainian telecommunications operators to global cloud and satellite internet providers, the private sector has been woven into Ukrainian defense and resilience. For example, Google’s Threat Analysis Group reported having disrupted over 1,950 instances in 2022 of Russian information operations aimed at degrading support for Ukraine, undermining its government, and building support for the war within Russia. The present conflict in Ukraine offers lessons for states as well as private companies on why public-private cooperation is essential to building resilience in this space, and how these entities can work together more effectively. 

We brought together a group of experts to provide insights on the war being waged through the Ukrainian information environment and take away lessons for the United States and its allies for the future. 

#1 How has conflict in the information environment associated with the war in Ukraine compared to your prior expectations?

Nika Aleksejeva, resident fellow, Baltics, Digital Forensic Research Lab (DFRLab), Atlantic Council: 

“As the war in Ukraine started, everyone was expecting to see Russia conducting offensive information influence operations targeting Europe. Yes, we have identified and researched Russia’s coordinated information influence campaigns on Meta’s platforms and Telegram. These campaigns targeted primarily European countries, and their execution was unprofessional, sloppy, and without much engagement on respective platforms.” 

Silas Cutler, senior director for cyber threat research, Institute for Security and Technology (IST): 

“A remarkable aspect of this conflict has been how Ukraine has maintained communication with the rest of the world. In the days leading up to the conflict, there was a significant concern that Russia would disrupt Ukraine’s ability to report on events as they unfolded. Instead of losing communication, Ukraine has thrived while continuously highlighting through social media its ingenuity within the conflict space. Both the mobilization of its technical workforce through the volunteer IT_Army and its ability to leverage consumer technology, such as drones, have shown the incredible resilience and creativity of the Ukrainian people.” 

Roman Osadchuk, research associate, Eurasia, Digital Forensic Research Lab (DFRLab), Atlantic Council: 

“The information environment was chaotic and tense even before the invasion, as Russia waged a hybrid war since at least the annexation of Crimea and war in Eastern Ukraine in 2014. Therefore, the after-invasion dynamic did not bring significant surprises, but intensified tension and resistance from Ukrainian civil society and government toward Russia’s attempts to explain its unprovoked invasion and muddle the water around its war crimes. The only things that exceeded expectations were the abuse of fact-checking toolbox WarOnFakes and the intensified globalization of the Kremlin’s attempts to tailor messages about the war to their favor globally.” 

Emma Schroeder, associate director, Cyber Statecraft Initiative, Digital Forensic Research Lab (DFRLab), Atlantic Council: 

“The information environment has been a central space and pathway throughout which this war is being fought. Russian forces are reaching through that space to attack and spread misinformation, as well as attacking the physical infrastructure underpinning this environment. The behavior, while novel in its scale, is the continuation of Russian strategy in Crimea, and is very much living up to expectations set in that context. What has surpassed expectations is the effectiveness of Ukrainian defenses, in coordination with allies and private sector partners. The degree to which the international community has sprung forward to provide aid and assistance is incredible, especially in the information environment where such global involvement can be so immediate and transformative.” 

Gavin Wilde, senior fellow, Technology and International Affairs Program, Carnegie Endowment for International Peace: 

“The volume and intensity of cyber and information operations has roughly been in line with my prior expectations, though the degree of private and commercial activity was something that I might not have predicted a year ago. From self-selecting out of the Russian market to swarming to defend Ukrainian networks and infrastructure, the outpouring of support from Western technology and cybersecurity firms was not on my bingo card. Sustaining it and modeling for similar crises are now key.” 

 
#2 What risks do private companies assume in offering support or partnership to states engaged in active conflict?

Aleksejeva: “Fewer and fewer businesses are betting on Russia’s successful economical future. Additionally, supporting Russia in this conflict in any way is morally unacceptable for most Western companies. Chinese and Iranian companies are different. As for Ukraine, supporting it is morally encouraged, but is limited by many practicalities, such as supply chain disruptions amid Russia’s attacks.” 

Cutler: “By providing support during conflict, companies risk becoming a target themselves. Technology companies such as Microsoft, SentinelOne, and Cloudflare, which have publicly reported their support for Ukraine, have been historically targeted by Russian cyber operations and are already familiar with the increased risk. Organizations with pre-conflict commercial relationships may fall under new scrutiny by nationally-aligned hacktivist groups such as Killnet. This support for one side over the other—whether actual or perceived—may result in additional risk.” 

Osadchuk: “An important risk of continuing business as usual [in Russia] is that it may damage a company’s public image and test its declared values, since the continuation of paying taxes within the country-aggressor makes the private company a sponsor of these actions. Another risk for a private company is financial, since the companies that leave a particular market are losing their profits, but this is incomparable to human suffering and losses caused by the aggression. In the case of a Russian invasion, one of the ways to stop the war is to cut funding for and, thus, undermine the Russian war machine and support Ukraine.” 

Schroeder: “Private companies have long provided goods and services to combatants outside of the information environment. The international legal framework restricting combatants to targeting ‘military objects’ provides normative protection, as objects are defined as those ‘whose total or partial destruction, capture or neutralization, in the circumstances ruling at the time, offers a definite military advantage’ in a manner proportional to the military gain foreseen by the operation. This definition, however, is still subject to the realities of conflict, wherein combatants will make those decisions to their own best advantage. In the information environment, this question becomes more complicated, as cyber products and services often do not fall neatly within standard categories and where private companies themselves own and operate the very infrastructure over and through which combatants engage. The United States and its allies, whether on a unilateral of supranational basis, work to better define the boundaries of civilian ‘participation’ in war and conflict, as the very nature of the space means that their involvement will only increase.” 

Wilde: “On one hand, it is important not to falsely mirror onto others the constraints of international legal and normative frameworks around armed conflict to which responsible states strive to adhere. Like Russia, some states show no scruples about violating these frameworks in letter or spirit, and seem unlikely to be inhibited by claims of neutrality from companies offering support to victimized states. That said, clarity about where goods and services might be used for civilian versus military objectives is advisable to avoid the thresholds of ‘direct participation’ in war outlined in International Humanitarian Law.”

#3 What useful lessons should the United States and its allies take away from the successes and/or failures of cyber and information operations in Ukraine?

Aleksejeva: “As for cyber operations, so far, we have not seen successful disruptions achieved by Russia of Ukraine and its Western allies. Yes, we are seeing constant attacks, but cyber defense is much more developed on both sides than before 2014. As for information operations, the United States and its allies should become less self-centered and have a clear view of Russia’s influence activities in the so-called Global South where much of the narratives are rooted in anti-Western sentiment.” 

Cutler: “Prior to the start of the conflict, it was strongly believed that a cyber operation, specifically against energy and communication sectors, would act as a precursor to kinetic action. While a WannaCry or NotPetya-scale attack did not occur, the AcidRain attack against the Viasat satellite communication network and other attacks targeting Ukraine’s energy sector highlight that cyber operations of varying effectiveness will play a role in the lead up to a military conflict.” 

Osadchuk: “First, cyber operations coordinate with other attack types, like kinetic operations on the ground, disinformation, and influence operations. Therefore, cyberattacks might be a precursor of an upcoming missile strike, information operation, or any other action in the physical and informational dimensions, so allies could use cyber to model and analyze multi-domain operations. Finally, preparation for and resilience to information and cyber operations are vital in mitigating the consequences of such attacks; thus, updating defense doctrines and improving cyber infrastructure and social resilience are necessary.” 

Schroeder: “Expectations for operations in this environment have exposed clear fractures in the ways that different communities define as success in a wartime operation. Specifically, there is a tendency to equate success with direct or kinetic battlefield impact. One of the biggest lessons that has been both a success and a failure throughout this war is the role that this environment can play. Those at war, from ancient to modern times, have leveraged every asset at their disposal and chosen the tool they see as the best fit for each challenge that arises—cyber is no different. While there is ongoing debate surrounding this question, if cyber operations have not been effective on a battlefield, that does not mean that cyber is ineffective, just that expectations were misplaced. Understanding the myriad roles that cyber can and does play in defense, national security, and conflict is key to creating an effective cross-domain force. 

Wilde: “Foremost is the need to check the assumption that these operations can have decisive utility, particularly in a kinetic wartime context. Moscow placed great faith in its ability to convert widespread digital and societal disruption into geopolitical advantage, only to find years of effort backfiring catastrophically. In other contexts, better trained and resourced militaries might be able to blend cyber and information operations into combined arms campaigns more effectively to achieve discrete objectives. However, it is worth reevaluating the degree to which we assume offensive cyber and information operations can reliably be counted on to play pivotal roles in hot war.”

More from the Cyber Statecraft Initiative:

A parallel terrain: Public-private defense of the Ukrainian information environment

Untangling the Russian web: Spies, proxies, and spectrums of Russian cyber behavior

Hackers, Hoodies, and Helmets: Technology and the changing face of Russian private military contractors

#4 How do comparisons to other domains of conflict help and/or hurt understanding of conflict in the information domain?

Aleksejeva: “Unlike conventional warfare, information warfare uses information and psychological operations during peace time as well. By masking behind sock puppet or anonymous social media accounts, information influence operations might be perceived as legitimate internal issues that polarize society. A country might be unaware that it is under attack. At the same time, as the goal of conventional warfare is to break an adversary’s defense line, information warfare fights societal resilience by breaking its unity. ‘Divide and rule’ is one of the basic information warfare strategies.” 

Cutler: “When looking at the role of cyber in this conflict, I think it is critical to examine the history of Hacktivist movements. This can be incredibly useful for understanding the influences and capabilities of groups like the IT_Army and Killnet.” 

Osadchuk: “The information domain sometimes reflects the kinetic events on the ground, so comparing these two is helpful and could serve as a behavior predictor. For instance, when the Armed Forces of Ukraine liberate new territories, they also expose war crimes, civilian casualties, and damages inflicted by occupation forces. In reaction to these revelations, the Kremlin propaganda machine usually launches multiple campaigns to distance themselves, blame the victim, or even denounce allegations as staged to muddy the waters for certain observers.” 

Schroeder: “It is often tricky to carry comparisons over different environments and context, but the practice persists because, well, that is just what people do—look for patterns. The ability to carry over patterns and lessons is essential, especially in new environments and with the constant developments of new tools and technologies. Where these comparisons cause problems is when they are used not as a starting point, but as a predetermined answer.” 

Wilde: “It is problematic, in my view, to consider information a warfighting ‘domain,’ particularly because its physical and metaphorical boundaries are endlessly vague and evolving—certainly relative to air, land, sea, and space. The complexities and contingencies in the information environment are infinitely more than those in the latter domains. However talented we may be at collecting and analyzing millions of relevant datapoints with advanced technology, these capabilities may lend us a false sense of our ability to control or subvert the information environment during wartime—from hearts and minds to bits and bytes.”

#5 What conditions might make the current conflict exceptional and not generalizable?

Aleksejeva: “This war is neither ideological nor a war for territories and resources. Russia does not have any ideology that backs up its invasion of Ukraine. It also has a hard time maintaining control of its occupied territories. Instead, Russia has many disinformation-based narratives or stories that justify the invasion to as many Russian citizens as possible including Kremlin officials. Narratives are general and diverse enough, so everyone can find an explanation of the current invasion—be it the alleged rebirth of Nazism in Ukraine, the fight against US hegemony, or the alleged historical right to bring Ukraine back to Russia’s sphere of influence. Though local, the war has global impact and makes countries around the world pick sides. Online and social media platforms, machine translation tools, and big data products provide a great opportunity to bombard any internet user in any part of the world with pro-Russia massaging often tailored to echo historical, racial, and economic resentments especially rooted in colonial past.” 

Cutler: “During the Gulf War, CNN and other cable news networks were able to provide live coverage of military action as it was unfolding. Now, real-time information from conflict areas is more broadly accessible. Telegram and social media have directly shaped the information and narratives from the conflict zone.” 

Osadchuk: “The main difference is the enormous amount of war content, ranging from professional pictures and amateur videos after missile strikes to drone footage of artillery salvos and bodycam footage of fighting in the frontline trenches—all making this conflict the most documented. Second, this war demonstrates the need for drones, satellite imagery, and open-source intelligence for successful operations, which distances it from previous conflicts and wars. Finally, it is exceptional due to the participation of Ukrainian civil society in developing applications, like the one alerting people about incoming shelling or helping find shelter; launching crowdfunding campaigns for vehicles, medical equipment, and even satellite image services; and debunking Russian disinformation on social media.” 

Schroeder: “One of the key lessons we can take from this war is the centrality of the global private sector to conflict in and through the information environment. From expedited construction of cloud infrastructure for the Ukrainian government to Ukrainian telecommunications companies defending and restoring services along the front lines to distributed satellite devices, providing flexible connectivity to civilians and soldiers alike, private companies have undoubtedly played an important role in shaping both the capabilities of the Ukrainian state and the information battlespace itself. While we do not entirely understand the incentives that drove these actions, an undeniable motivation that will be difficult to replicate in other contexts is the combination of Russian outright aggression and comparative economic weakness. Companies and their directors felt motivated to act due to the first and, likely, free to act due to the second. Private sector centrality is unlikely to diminish and, in future conflicts, it will be imperative for combatants to understand the opportunities and dependencies that exist in this space within their own unique context.” 

Wilde: “My sense is that post-war, transatlantic dynamics—from shared norms to politico-military ties—lent significant tailwinds to marshal resource and support to Ukraine (though not as quickly or amply from some quarters as I had hoped). The shared memory of the fight for self-determination in Central and Eastern Europe in the late 1980s to early 1990s still has deep resonance among the publics and capitals of the West. These are unique dynamics, and the degree to which they could be replicated in other theaters of potential conflict is a pretty open question.”

Simon Handler is a fellow at the Atlantic Council’s Cyber Statecraft Initiative within the Digital Forensic Research Lab (DFRLab). He is also the editor-in-chief of The 5×5, a series on trends and themes in cyber policy. Follow him on Twitter @SimonPHandler.

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

The post The 5×5—Conflict in Ukraine’s information environment appeared first on Atlantic Council.

These developments come amid ongoing instability in the country, with the former prime minister continuing to criticize retired army chief General Qamar Javed Bajwa, who Khan argues played a role in ousting him from power in April 2022. Khan has stated a desire to engage with Pakistan’s current military chief General Asim Munir “for the betterment of the country.” 

This is not the first time that television channels have been barred from airing speeches made by Khan or other political leaders: a similar order banning his speeches was issued in November 2022; former prime minister Nawaz Sharif’s speeches were banned in October 2020; and former president Asif Ali Zardari’s interview was taken off air in July 2019.

Growing polarization and instability in the country have increased the likelihood that as elections draw near, curbs on speech, largely limited thus far to television channels, may extend to internet platforms like YouTube, Facebook, and Twitter.

For example, on September 6, 2022, YouTube encountered disruptions across Pakistan ahead of Khan’s speech at a rally. This was not the first such disruption—NetBlocks confirmed that a similar disruption also occurred on August 21, 2022, when Imran Khan was making another public speech. In addition, Wikipedia was blocked (and subsequently unblocked) by the Pakistan Telecommunications Authority (PTA) a few weeks ago for its failure to “remove or block allegedly sacrilegious content.” 

Other notable examples in the recent past include TikTok, which has been banned and unbanned on numerous occasions, and YouTube, which was blocked in the country back in 2012 and was only unblocked by the PTA more than three years later.

These developments make clear that the PTA indeed has the capability to disrupt internet services across Pakistan on a whim, something that journalist Abid Hussain pointed out as far back as April 2021 on Twitter. To further control access to the internet, the PTA has also been seeking to limit the use of virtual private networks in the country.

As the conflict between the current government, the military establishment, and Imran Khan’s Pakistan Tehreek-i-Insaf party sharpens ahead of elections—Punjab, Pakistan’s most populous province, is expected to go to elections on April 30—further curbs on expression and disruptions to the internet, especially platforms like YouTube, Twitter, WhatsApp, and Facebook, cannot be ruled out.

In recent months, US companies and US government stakeholders have often chosen not to react to these developments, preferring to adopt a wait-and-watch approach. In addition, they have followed a strategy to engage privately and discreetly, hoping to positively influence government stakeholders through private conversations.

As the crisis in Pakistan deepens, it is time for diplomatic and business stakeholders with an interest in strengthening its democracy and maintaining a largely open internet in the country to shift their approach. 

Given the evolving situation, these stakeholders should consider the following steps to proactively deter further curbs on expression on the internet in Pakistan:

1. Enhance level of engagement with domestic civil society: Recent weeks have seen a flurry of concerning developments in Pakistan, with the recent PEMRA order being the key development. US companies and diplomats must deepen conversations with civil society stakeholders, especially the digital rights community that has been voicing these concerns for years.

2. Proactively communicate concerns to Pakistani government officials: Ongoing diplomatic conversations between Islamabad and Washington have focused on the potential for deepening investment in the country’s technology sector. The PTA’s recent and past actions, however, undermine confidence in Pakistan’s internet economy and it is important that the negative economic impact of arbitrary bans and disruptions to the internet is clearly communicated to Pakistani stakeholders.

3. Build new alliances with the technology and content creator ecosystem: In private conversations, members of Pakistan’s burgeoning technology and content creation ecosystem continue to express growing concern over curbs on freedom of expression. These stakeholders are domestic allies for companies like Meta, Google, and Twitter. However, limited interactions and collaboration with these stakeholders mean that more often than not, a united front is not presented to deter Pakistani government stakeholders from taking adverse actions that curb expression, undermine democracy, and hurt confidence in the country’s digital economy.

The coming months will be a challenging period for Pakistan’s flawed and floundering democracy. This challenge will be compounded by the state’s own capabilities and predilections to curb expression both in the traditional  media and the internet. 

With the PTI and Imran Khan possessing a strong advantage in their ability to digitally percolate party messaging through Pakistani society, the government and its institutions may be incentivized to take drastic measures to disrupt internet services and platforms that allow Khan to bypass television channels who may not air his speeches. As elections draw near, the likelihood of such actions is increasing. For this reason, it is important for US stakeholders—including private sector companies—to proactively monitor the evolving situation and develop strategies to deter such actions. 

Doing so may perhaps safeguard Pakistan’s internet economy, its democracy, and the global reputation of internet platforms that are vital to public discourse within and outside Pakistan.

Uzair Younus is director of the Pakistan Initiative at the Atlantic Council’s South Asia Center. He also is the Vice President at The Asia Group.

The South Asia Center serves as the Atlantic Council’s focal point for work on the region as well as relations between these countries, neighboring regions, Europe, and the United States.

Learn more

Related content

SouthAsiaSource Mar 4, 2023

Can Swift Retort still inspire swift reforms?

By Ali Hasanain

After Operation Swift Retort four years ago, I argued that if Pakistan really wants to compete with India, it must focus on rapid economic growth. Regrettably, our national leadership has had other priorities, and we have fallen further behind.

Economy & Business India

New Atlanticist Dec 21, 2022

Pakistan’s foreign minister pitches more global aid and investment—and ‘less chaos’

By Nick Fouriezos

Foreign Minister Bilawal Bhutto Zardari spoke at an Atlantic Council Front Page event in Washington about how the international community can help Pakistan tackle its challenges.

Climate Change & Climate Action Economy & Business

New Atlanticist Oct 15, 2020

Why Pakistan’s TikTok ban is a bad sign for investors

By Kalsoom Lakhani

Banning content is different from banning platforms. In a conservative country like Pakistan, clear delineations around content standards not only guides players navigating this landscape, it also helps ease the risk of investors looking to operate in the country.

Digital Policy Inclusive Growth

The post Amid Pakistan’s political and economic turmoil, risks to curbs on digital freedoms grow appeared first on Atlantic Council.

This report is part of an ongoing partnership on the Power of African Creative Industries between The Policy Center for the New South (PCNS) and the Atlantic Council’s Africa Center.

“Critical connectivity: Reducing the price of data in African markets,” by Africa Center Senior Fellow Aubrey Hruby, analyzes the current state of the digital transformation in Africa and outlines how affordable and accessible data is imperative for further development. Finally, it provides concrete recommendations to the key actors and facilitators of the transition outlined in the Digital Transformation with Africa; a new initiative the Biden administration announced at the 2022 US-Africa Leaders Summit, which emphasizes the importance of reducing data costs in Africa to spur growth and employment.

In outlining why data remains so costly and inaccessible across Africa, Hruby profiles four main detriments: infrastructure, competition, policy, and consumption patterns. Through case studies and success stories from other developing nations who struggled with high-priced data and implemented successful mitigation measures, Hruby develops a framework for reform and showcases how key changes can rapidly reduce data costs, spur development, and transform entire industries. Her recommendations directly address the current US administration, African governments seeking to build and benefit from a digital economy, and global development finance institutions (DFIs) that are already investing and making much needed transformative inroads into African markets.

Throughout the 21st century, African markets have unleashed the globe’s most significant digital revolution, and they are poised to continue doing so over the next few decades as the world’s youngest population reaches maturity. Currently, 40 percent of the continent’s total population is under the age of 15 and represents 27 percent of the entire world population. From 2000 to 2010, the African mobile phone market grew at a rate of 44 percent per year, bringing the number of subscriptions to around 700 million, more than in both the European Union and the United States combined. For African creative and mobile industries, which are emerging at the forefront of this digital revolution, infrastructure and technological systems are critical to the sector’s continued growth. The African Continental Free Trade Area connects 1.3 billion people across fifty-five countries with a combined GDP of over $3 trillion. Digital infrastructure is a vital economic opportunity and a crucial security issue for African nations and their partners.

The African vision is increasingly shaped by the digital tools and platforms African consumers use and the new opportunities that have emerged in a growing start-up ecosystem. According to the UN, the digital economy is set to expand in Africa by 57 percent between 2020 and 2025. With projections by the Alliance for Affordable Internet forecasting that the continent’s digital economy will grow six times over by 2050 to $712 billion and the fact that African startups raised more than $4 billion in venture capital in 2021, it is clear that this sector is booming. Undoubtedly the future is digital, and Africa must be able to access this future affordably if it is to share in the benefits of this global revolution.

The Atlantic Council is the only DC global think tank to have placed African creative industries at the center of its security and prosperity work. The Africa Center’s focus on the creative industries was launched by the Africa Creative Industries Summit of Washington in October 2021 at the Smithsonian National Museum of African Art and was opened by a message from Vice President Kamala Harris. The program is now fully supported by strong sponsors and partners, from ADS Group and Afreximbank to OSF and OCP, allowing the Atlantic Council to continue its leadership in the field by hosting events such as the Sports Business Forum, held in Dakar, and the financial engineering task force for African creative industries. This work was crowned by the Africa Center’s partnership with the US Department of State and its participation in the organization of the African and Young Leaders Diaspora Forum on the first official day of the US-Africa Leaders Summit of December 2022 at the African American Museum of History and Culture in Washington.

Report author

Fellow

Aubrey Hruby

Nonresident Senior Fellow

Africa Center

Economy & Business Future of Work

The Africa Center works to promote dynamic geopolitical partnerships with African states and to redirect US and European policy priorities toward strengthening security and bolstering economic growth and prosperity on the continent.

Learn more

Related content

AfricaSource Jun 16, 2022

Better data is the key to unlocking major investment in Africa

By Tom Koch

As COVID-19 and the war in Ukraine continue to hurt the African continent, many countries will require significant investment to revitalize their economies. But a persistent attribute of many African markets will continue to be a barrier to private investment: a relative lack of data. This drives up diligence costs, creates difficulties in valuing assets, […]

Africa Digital Policy

New Atlanticist Dec 5, 2022

Can the US and Africa usher in a new era for globalization?

By Katherine Walla

US Trade Representative Katherine Tai discussed the future of US-Africa trade with the African Continental Free Trade Area’s secretary-general, Wamkele Mene, at an exclusive Atlantic Council event.

Africa Trade

AfricaSource Jul 8, 2022

Europe’s Green Deal plan is Africa’s green finance opportunity

By Emilie Bel

Can natural gas and nuclear power be green? “Sometimes, and for a limited period of time,” said the European Parliament on July 6, as part of an ongoing negotiation over the EU taxonomy, a key component of the European Green Deal (EGD). The EGD is the European Union’s ambitious plan to create the first emissions-neutral […]

Africa Climate Change & Climate Action

The post Critical connectivity: Reducing the price of data in African markets appeared first on Atlantic Council.

Security

DFRLab confirms increased Russian air force activity as Kremlin strives to achieve air dominance

Russian army continues to pressure Ukraine in Bakhmut

Tracking narratives

Volunteer Russian unit fighting for Ukraine reportedly infiltrates Bryansk

Kremlin-linked Telegram networks coordinated to spread disinformation around the world

Media policy

Report examines Russia’s decentralized approach to internet censorship

DFRLab confirms increased Russian air force activity as Kremlin strives to achieve air dominance

The DFRLab confirmed that the Russian General Staff has intensified its air power in recent weeks across airfields in Crimea and Rostov Oblast. Satellite imagery collected by the DFRLab throughout February indicates that Russian air forces have increased their aerial activity at the Saki military airbase in western Crimea. Several MiG and Sukhoi class fighter aircraft have been identified in standby positions or on the runway.

The DFRLab’s findings are consistent with those published by open-source researcher Brady Africk, who identified seven different instances of aircraft located in the south of Ukraine on Sentinel-2 satellite imagery. The European Space Agency’s satellite imagery also serves as open-source evidence of the aircraft’s direction, located in the different color bands of Sentinel-2.

In addition, explosions reported at the Yeysk military air base in Krasnodar Krai further suggest the Russian army has been increasingly intensifying its air maneuvers. Geolocated footage of a Sukhoi-25 fighter aircraft near Luhansk indicated that further maneuvers can be expected from Russia’s western air base of Millerovo. The DFRLab also assessed that air activity possibly occurred during the last week of February at a seemingly deserted airfield south of Luhansk. Satellite imagery shows that although the meteorological conditions in January and February were mostly snowy, the main runway and several pads dedicated to aircrafts and helicopters were consistently clear of snow. Satellite imagery has not yet detected aircraft at the site, however, so it is unclear what class of aircraft is currently deployed in this airfield. Nevertheless, the operation of MiG and Sukhoi class fighters could be responsible for the melting snow on the pads.  

Google Earth imagery from 2021 showed the airbase in dire condition, which could support the claim of its low military activity.

As battles intensify to seize Bakhmut, the southern air base near Luhansk could serve as a strategic advantage for the Russian armed forces as it requires less fuel and maneuvers. 

Meanwhile, Ukrainian forces continue to target strategic Russian installations on the southern front. On March 1, the Russian defense ministry claimed it had downed more than ten Ukrainian unmanned aerial vehicles (UAVs) in an attack against occupied Crimea. This comes as unverified reports suggested a Ukrainian UJ-22 drone was also downed on February 28 between Moscow and Ryazan. Ukrainian presidential advisor Mykhailo Podolyak denied the accusation and said Ukraine is not launching attacks on Russian soil; he claimed the increased aerial strikes on infrastructure were the result of “internal attacks.” Open-source evidence suggests explosions near Yalta and Bakhchysarai, Crimea, could have resulted from other projectiles, not exclusively drone strikes.

—Valentin Châtelet, Research Associate, Security, Brussels, Belgium 

Russian army continues to pressure Ukraine in Bakhmut

Russian forces continue their efforts to encircle and capture the eastern Ukrainian city of Bakhmut. Interviewed by Reuters on February 28, the commander of Ukraine’s ground forces described the situation as “extremely tense.” Russian troops, including Wagner units, are attempting to cut Ukraine’s supply lines to the city in a bid to force troops to surrender or withdraw. 

On February 28, pro-Russia sources shared a video showing Russian Su-25 fighter jets deployed over Bakhmut. The lack of adequate air support has been among the primary sources of friction between the Russian General Staff and the units fighting in Bakhmut. Footage from Ukraine’s 93rd Separate Mechanized Brigade shows fighting escalating, but Ukrainian forces appeared to be holding off the advance at the time of writing. On February 27 and 28, Ukrainian soldiers repelled more than sixty attacks, including on the villages of Yahidne and Berkhivka, north of Bakhmut. According to a pro-Russia blogger’s Telegram channel, Wagner units are advancing north of Bakhmut, but Ukraine’s army has not retreated. Amid heavy fighting, Wagner reportedly advanced on February 27 towards the AZOM metallurgical plant in north Bakhmut. 

Rybar, a Russian Telegram channel believed to be linked to the defense ministry, claimed on March 2 that Wagner’s troops had reached the western suburbs of Bakhmut and clashed with Ukrainian forces in the hills north of the area. According to Rybar, Russian troops approached the road between Chasiv Yar and Bakhmut. On March 2, The Insider reported that Bakhmut was under operative siege as Ukraine’s army repelled attacks in Orikhovo, Vasylivka, Dubovo, Khromove, and Ivanivske. 

Meanwhile, NATO Secretary-General Jens Stoltenberg told a Helsinki summit on February 28 that the end of the war in Ukraine “would not lead to normalization” of relations with Russia.

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Volunteer Russian unit fighting for Ukraine reportedly infiltrates Bryansk

Russian government figures, Kremlin media, and pro-Russia Telegram channels are heavily focused on an alleged March 2 incursion by pro-Ukraine forces in the Russian village of Sushany, Bryansk oblast, approximately one kilometer away from Ukraine’s north-central border with Russia. DW News and Radio Free Europe reported that members of the Russian RDK volunteer corps crossed into Russia and were active in the Bryansk area at the time of publishing.

According to DW News, RDK is “a unit of volunteers from Russia who have been fighting on the side of Ukraine since August 2022.” Initially, Ukrainian authorities dismissed the claims of an insurgency in the Russian village as a Russian false-flag operation. However, a video published on the official RDK Telegram channel showed fighters holding the unit flag and indicating a Russian government building behind them. In the video, and later in follow-up interviews, members of the unit adamantly denied claims spread by Russia that they had attacked the civilian population. They stated that the infiltration into Russian territory was done to sabotage Russian military targets. Additional reporting confirmed that RDK leader Denis Nikitin appeared in the video.

Russian Telegram channels and media did not distinguish that the volunteer troops are of Russian origin; instead they reported that a group of “Ukrainian saboteurs” had infiltrated sovereign Russian territory. The governor of Bryansk announced on March 2 that “saboteurs” had attacked the civilian population, killed a man, and taken hostages. President Vladimir Putin described the incident as a “terrorist attack” and condemned the alleged unprovoked shelling of a civilian vehicle. The Kremlin said it was closely monitoring the situation and continued to label the alleged insurgents as “Ukrainian militants.” It also tasked the Federal Security Service with conducting counterterrorism operations in response to the situation in Bryansk. 

Russia also suggested that the Center of the Psychological Operations of the Ukrainian Armed Forces (Центринформационно-психологических операций ВСУ) may have been responsible for the “attacks on civilians and infrastructure” in Bryansk, again making no distinction between the RDK and the official Ukrainian military. Echoing the Kremlin’s “terrorism” claim, far-right nationalist State Duma member Aleksey Zhuravlyov labeled the Ukrainian military and political leadership as “terrorists” in official public statements and called for an escalation of the “special military operation” into open war. 

As the conflict along the eastern flank intensifies, escalatory narratives involving northern regions of Ukraine could serve as a critical Kremlin tool for conducting operations into the northern border, where Russian forces could tap into already stationed and mobilized Belarusian troops, military bases, and equipment, along with their own units left behind following joint military training exercises between Russia and Belarus. 

—Kateryna Halstead, Research Assistant, Bologna, Italy 

Kremlin-linked Telegram networks coordinated to spread disinformation around the world

The DFRLab recently discovered fifty-six pro-Kremlin Telegram channels that targeted twenty countries with pro-Kremlin disinformation. Three networks of similarly named accounts — Surf Noise, Info Defense, and Node of Time — targeted users worldwide, including in Europe, Asia, South America, and the Middle East. The operation primarily relied on volunteer work. It focused on translating and spreading pro-Russia disinformation, as well as amplifying reports from Kremlin media outlets, state organizations, and state actors. 

The DFRLab found clear coordination between the three networks, but the approach to capturing a global audience was unsophisticated. The DFRLab consulted its global team of researchers to examine the accuracy of translations and found that the quality of translations was poor.

—Nika Aleksejeva, Research Fellow, Riga, Latvia 

—Sayyara Mammadova, Research Assistant, Warsaw, Poland 

Report examines Russia’s decentralized approach to internet censorship

Russian digital rights organization Roskomsvaboda collaborated with the Open Observatory of Network Interference (OONI) to publish a report examining “a year of military censorship in Russia.” The report reviews censored topics, websites, and services, as well as the legislative mechanisms used to enforce the censorship. 

According to the report, Russia blocked 494 domains over the course of 2022. These fell into twenty-eight categories, with news media representing the largest category, followed by social networks, human rights organizations, and circumvention tools. 

The report found that “more than 247,492 URLs were added to Roskomnadzor’s registry of banned websites” in the past year. However, the orders to ban content did not only come from Russia’s internet regulator. Other Russian agencies that requested websites be blocked include the federal tax service, Russian courts, and the prosecutor general’s office, among others. The report’s authors found over 3,500 instances of an entity anonymously requesting a website block. 

While blocking requests are centralized through Roskomnadzor’s registry, the implementation of internet censorship in Russia is decentralized, the report concluded. The authors found forty-eight of the 494 blocked domains were absent in Roskomnadzor’s registry. The report suggested that some internet providers in Russia can block content not listed in Roskomnadzor’s registry. 

—Eto Buziashvili, Research Associate, Tbilisi, Georgia

The post Russian War Report: DFRLab confirms increased Russian air force activity as Kremlin strives to achieve air dominance appeared first on Atlantic Council.

Download PDF

Executive summary

In the year since the Russian invasion of Ukraine, the conventional assault and advances into Ukrainian territory have been paralleled by a simultaneous invasion of the Ukrainian information environment. This environment, composed of cyber infrastructure, both digital and physical, and the data, networks, and ideas that flow through and across it, is more than a domain through which the combatants engage or a set of tools by which combatants interact—it is a parallel territory that Russia is intent on severing from the global environment and claiming for itself.

Russian assaults on the Ukrainian information environment are conducted against, and through, largely privately owned infrastructure, and Ukrainian defense in this space is likewise bound up in cooperative efforts with those infrastructure owners and other technology companies providing aid and assistance. The role of private companies in this conflict seems likely to grow, along with the scale, complexity, and criticality of the information infrastructure they operate.

Examining and mitigating the risks related to the involvement of private technology companies in the war in Ukraine is crucial and looking forward, the United States government must also examine the same questions with regard to its own security and defense:

1. What is the complete incentive structure behind a company’s decision to provide products or services to a state at war?
2. How dependent are states on the privately held portions of the information environment, including infrastructure, tools, knowledge, data, skills, and more, for their own national security and defense?
3. How can the public and private sectors work together better as partners to understand and prepare these areas of reliance during peace and across the continuum of conflict in a sustained, rather than ad hoc, nature?

Russia’s war against Ukraine is not over and similar aggressions are likely to occur in new contexts and with new actors in the future. By learning these lessons now and strengthening the government’s ability to work cooperatively with the private sector in and through the information space, the United States will be more effective and resilient against future threats.

Introduction

Russia’s invasion of Ukraine in 2022 held none of the illusory cover of its 2014 operation; instead of “little green men” unclaimed by Moscow, Putin built up his forces on Ukraine’s border for the entire international community to see. His ambitions were clear: To remove and replace the elected government of Ukraine with a figurehead who would pull the country back under Russia’s hold, whether through literal absorption of the state or by subsuming the entire Ukrainian population under Russia’s political and information control. In the year since the Russian invasion, Ukraine’s defense has held back the Russian war machine with far greater strength than many thought possible in the early months of 2022. President Zelenskyy, the Ukrainian government, and the Ukrainian people have repeatedly repelled Russian attempts to topple the state, buttressed in part by the outpouring of assistance from not just allied states, but also local and transnational private sector companies.

Amidst the largest conventional land war in Europe since the fall of the Third Reich, both Russia and Ukraine have directed considerable effort toward the conflict’s information environment, defined as the physical and digital infrastructure over and through which information moves, the tools used to interact with that information, and information itself. This is not only a domain through which combatants engage, but a parallel territory that the Kremlin seeks to contest and claim. Russian efforts in this realm, to destroy or replace Ukraine’s underpinning infrastructure and inhibit the accessibility and reach of infrastructure and tools within the environment, are countered by a Ukrainian defense that prioritizes openness and accessibility.

The information environment, and all the components therein, is not a state or military dominated environment; it is largely owned, operated, and populated by private organizations and individuals around the globe. The Ukrainian information environment, referring to Ukrainian infrastructure operators, service providers, and users, is linked to and part of a global environment of state and non-state actors where the infrastructure and the terrain is largely private. Russian operations within the Ukrainian information environment are conducted against, and through, this privately owned infrastructure, and the Ukrainian defense is likewise bound up in cooperative efforts with those infrastructure owners and other technology companies that are providing aid and assistance. These efforts have contributed materially, and in some cases uniquely, to Ukraine’s defense.

The centrality of this environment to the conduct of this war, raises important questions about the degree to which states and societies are dependent on information infrastructure and functionalities owned and operated by private actors, and especially transnational private actors. Although private sector involvement in the war in Ukraine has generally been positive, the fact that the conduct of war and other responsibilities in the realm of statehood are reliant on private actors leads to new challenges for these companies, for the Ukrainian government, and for the United States and allies.

The United States government must improve its understanding of, and facility for, joint public-private action to contest over and through the information environment. The recommendations in this report are intended to facilitate the ability of US technology companies to send necessary aid to Ukraine, ensure that the US government has a complete picture of US private-sector involvement in the war in Ukraine, and contribute more effectively to the resilience of the Ukrainian information environment. First, the US government should issue a directive providing assurance and clarification as to the legality of private sector cyber, information, capacity building, and technical aid to Ukraine. Second, a task force pulling from agencies and offices across government should coordinate to track past, current, and future aid from the private sector in these areas to create a better map of US collaboration with Ukraine across the public and private sectors. Third, the US government should increase its facilitation of private technology aid by providing logistical and financial support.

These recommendations, focused on Ukraine’s defense, are borne of and provoke larger questions that will only become more important to tackle. The information environment and attempts to control it have long been a facet of conflict, but the centrality of privately owned and operated technology—and the primacy of some private sector security capabilities in relation to all but a handful of states—pose increasingly novel challenges to the United States and allied policymaking communities. Especially in future conflicts, the risks associated with private sector action in defense of, or directly against, a combatant could be significantly greater and multifaceted, rendering existing cooperative models insufficient.

The Russian information offensive

The Russian Federation Ministry of Foreign Affairs defines information space—of which cyberspace is a part—as “the sphere of activity connected with the formation, creation, conversion, transfer, use, and storage of information and which has an effect on individual and social consciousness, the information infrastructure, and information itself.¹ Isolating the Ukrainian information space is key to both the short- and long-term plans of the Russian government. In the short term, the Kremlin pursues efforts to control both the flow and content of communications across the occupied areas.² In the longer term, occupation of the information environment represents an integral step in Russian plans to occupy and claim control over the Ukrainian population.

In distinct opposition to the global nature of the information environment, over the past decade or so, the Kremlin has produced successive legislation “to impose ‘sovereignty’ over the infrastructure, content, and data traversing Russia’s ‘information space,’” creating a sectioned-off portion of the internet now known as RuNet.³ Within this space, the Russian government has greater control over what information Russian citizens see and a greater ability to monitor what Russian citizens do online.⁴ This exclusionary interpretation is an exercise in regime security against what the Kremlin perceives as constant Western information warfare against it.⁵ As Gavin Wilde, senior fellow with the Carnegie Endowment for International Peace, writes, the Russian government views the information environment “as an ecosystem to be decisively dominated.”⁶

To the Kremlin, domination of the information environment in Ukraine is an essential step toward pulling the nation into its fold and under its control. Just as Putin views information domination as critical to his regime’s exercise of power within Russia, in Ukraine, Russian forces systematically conduct offensives against the Ukrainian information environment in an attempt to create a similar model of influence and control that would further enable physical domination. This strategy is evident across the Kremlin’s efforts to weaken the Ukrainian state for the last decade at least. In the 2014 and 2022 invasions, occupied, annexed, and newly “independent” regions of Ukraine were variously cut off from the wider information space and pulled into the restricted Russian information space.  

The Crimean precedent – 2014 

The Russian invasion of Ukraine did not begin in 2022, but in 2014. Examining this earlier Russian incursion illustrates the pattern of Russian offensive behavior in and through the information environment going back nearly a decade—a combination of physical, cyber, financial, and informational maneuvers that largely target or move through private information infrastructure. In 2014, although obfuscated behind a carefully constructed veil of legitimacy, Russian forces specifically targeted Ukrainian information infrastructure to separate the Crimean population from the Ukrainian information environment, and thereby the global information environment, and filled that vacuum with Russian infrastructure and information. 

The Russian invasion of eastern Ukraine in 2014 was a direct response to the year-long Euromaidan Revolution, which took place across Ukraine in protest of then-President Viktor Yanukovych’s decision to spurn closer relations with the European Union and ignore growing calls to counter Russian influence and corruption within the Ukrainian government. These protests were organized, mobilized, and sustained partially through coordination, information exchange, and message amplification over social media sites like Facebook, Twitter, YouTube, and Ustream—as well as traditional media.⁷ In February 2014, after Yanukovych fled to Russia, the Ukrainian parliament established a new acting government and announced that elections for a new president would be held in May. Tensions immediately heightened, as Russian forces began operating in Crimea with the approval of Federal Assembly of Russia at the request of “President” Yanukovych, although Putin denied that they were anything other than “local self-defense forces.”⁸ On March 21, Putin signed the annexation of Crimea.⁹

During the February 2014 invasion of Crimea, the seizure and co-option of Ukrainian physical information infrastructure was a priority. Reportedly, among the first targets of Russian special forces was the Simferopol Internet Exchange Point (IXP), a network facility that enables internet traffic exchange.¹⁰ Ukraine’s state-owned telecommunications company Ukrtelecom reported that armed men seized its offices in Crimea and tampered with fiber-optic internet and telephone cables.¹¹ Following the raid, the company lost the “technical capacity to provide connection between the peninsula and the rest of Ukraine and probably across the peninsula, too.”¹² Around the same time, the head of the Security Service of Ukraine (SBU), Valentyn Nalivaichenko, reported that the mobile phones of Ukrainian parliament members, including his own, were blocked from connecting through Ukrtelecom networks in Crimea.¹³

Over the next three years, and through the “progressive centralization of routing paths and monopolization of Internet Service market in Crimea … the topology of Crimean networks has evolved to a singular state where paths bound to the peninsula converge to two ISPs (Rosetelecom and Fiord),” owned and operated by Russia.¹⁴ Russian forces manipulated the Border Gateway Protocol (BGP)—the system that helps connects user traffic flowing from ISPs to the wider internet—modifying routes to force Crimean internet traffic through Russian systems, “drawing a kind of ‘digital frontline’ consistent with the military one.”¹⁵ Residents of Crimea found their choices increasingly limited, until their internet service could only route through Russia, instead of Ukraine, subject to the same level of censorship and internet controls as in Russia. The Russian Federal Security Service (FSB) monitored communications from residents of Crimea, both within the peninsula and with people in Ukraine and beyond.¹⁶ Collaboration between ISPs operating in Crimea through Russian servers and the FSB appears to be a crucial piece of this wider monitoring effort. This claim was partially confirmed by a 2018 Russian decree that forbade internet providers from publicly sharing any information regarding their cooperation with “the authorized state bodies carrying out search and investigative activities to ensure the security of the Russian Federation.”¹⁷

From March to June 2014, Russian state-owned telecom company Rostelcom began and completed construction of the Kerch Strait cable, measuring 46 kilometers (about 28.5 miles) and costing somewhere between $11 and $25 million, to connect the Crimean internet with the Russian RuNet.¹⁸ Rostelcom, using a local agent in Crimea called Miranda Media, became the main transit network for several Crimean internet service providers (ISPs), including KCT, ACS-Group, CrimeaCom, and CRELCOM in a short period of time.¹⁹ There was a slower transition of customers from the Ukrainian company Datagroup to Russian ISPs, but nonetheless, the number of Datagroup customers in Crimea greatly decreased throughout 2014. According to one ISP interviewed by Romain Fontugne, Ksenia Ermoshina, and Emile Aben, “the Kerch Strait cable was used first of all for voice communication … The traffic capacity of this cable was rather weak for commercial communications.”²⁰ But by the end of 2017, remnant usage of Ukrainian ISPs had virtually disappeared, following the completion of a second, better internet cable through the Kerch Strait and a series of restrictions placed on Russian social media platforms, news outlets, and a major search engine by Ukrainian President Poroshenko.²¹ The combination of the new restrictions, and the improved service of Russian ISPs encouraged more Crimeans to move away from Ukrainian ISPs. 

Russia’s efforts to control the information environment within Crimea, and the Russian government’s ability to monitor communications and restrict access to non-Russian approved servers, severely curtailed freedom of expression and belief—earning the region zero out of four in this category from Freedom House.²² Through physical, and formerly private, information infrastructure, Russia was able to largely take control of the information environment within Crimea. 

A parallel occupation – 2022 

Digital information infrastructure 

Just as in 2014, one of the first priorities of invading Russian forces in 2022 was the assault of key Ukrainian information infrastructure, including digital infrastructure. Before, during, and following the invasion, Russian and Russian-aligned forces targeted Ukrainian digital infrastructure through cyber operations, ranging in type, target, and sophistication. Through some combination of Ukrainian preparedness, partner intervention, and Russian planning shortfalls, among other factors, large-scale cyber operations disrupting Ukrainian critical infrastructure, such as those seen previously in 2015 with BlackEnergy and NotPetya, did not materialize.²³ This could be because such cyber operations require significant time and resources, and similar ends can be more cheaply achieved through direct, physical means. Russian cyber operators, however, have not been idle.  

Preceding the physical invasion, there was a spate of activity attributed to both Russian and Russian-aligned organizations targeting a combination of state and private organizations.²⁴ From January 13 to 14, for example, hackers briefly took control of seventy Ukrainian government websites, including the Ministries of Defense and Foreign Affairs, adding threatening messages to the top of these official sites.²⁵ The following day, January 15, Microsoft’s Threat Intelligence Center reported the discovery of wiper malware, disguised as ransomware, in dozens of Ukrainian government systems, including agencies which “provide critical executive branch or emergency response function,” and an information technology firm that services those agencies.²⁶ A month later, on February 15, Russian hackers targeted several websites with distributed denial of service (DDoS) attacks, forcing Ukrainian defense ministry and armed forces websites, as well as those of PrivatBank and Oschadbank, offline.²⁷  Around the same time, according to Microsoft’s special report on Ukraine, “likely” Russian actors were discovered in the networks of unidentified critical infrastructure in Odessa and Sumy.²⁸ The day before the invasion, cybersecurity companies ESET and Symantec reported that a new destructive wiper was spreading across Ukrainian, Latvian, and Lithuanian networks, as a second round of DDoS attacks again took down a spate of government and financial institution websites.“²⁹ This activity centered around information—with defacements sending a clear threat to the Ukrainian government and population, DDoS attacks impairing accurate communication, and wiper malware degrading Ukrainian data—and gaining access to Ukrainian data for Russia. Although many of these operations targeted Ukrainian government networks, the attacks moved through or against privately operated infrastructure and, notably, the first public notification and detailing of several of these operations was undertaken by transnational technology companies.  

After February 24, Russian cyber activity continued and the targets included a number of private information infrastructure operators. A March hack of Ukrtelecom—Ukraine’s largest landline operator, which also provides internet and mobile services to civilians and the Ukrainian government and military—resulted in a collapse of the company’s network to just 13 percent capacity, the most severe disruption in service the firm recorded since the invasion began.³⁰ Another such operation targeted Triolan—a Ukrainian telecommunications provider—on February 24 in tandem with the physical offensive and a second time on March 9. These incursions on the Triolan network took down key nodes and caused widespread service outages. Following the March 9 attack, the company was able to restore service, but these efforts were complicated by the need to physically access some of the equipment located in active conflict zones.³¹ These attacks against Ukraine-based information infrastructure companies caused service outages that were concurrent with the physical invasion and afterwards, restricted communications among Ukrainians and impeded the population’s ability to respond to current and truthful information. 

The effectiveness of the operation is debated, although the logic of the attack is straightforward. Russia wanted to constrain, or preferably eliminate, an important channel of communication for the Ukrainian military during the initial stages of the invasion. Traditional, land-based radios, which the Ukrainian military relies on for most of their communications, only work over a limited geographic range, therefore making it more difficult to use advanced, long-range weapons systems.⁴¹ It should be expected that landline and conventional telephony would suffer outages during the opening phases of the war and struggle to keep up with rapidly moving forces.

Initially, it was widely reported that the Russian strike on ViaSat was effective. On March 15, a senior Ukrainian cybersecurity official, Viktor Zhora, was quoted saying that the attack on ViaSat caused “a really huge loss in communications in the very beginning of the war.⁴² When asked follow-up questions about his quote, Zhora said at the time that he was unable to elaborate, leading journalists and industry experts to believe that the attack had impacted the Ukrainian military’s ability to communicate.⁴³ However, several months later, on September 26, Zhora revised his initial comments, stating that the hack would have impacted military communications if satellite communications had been the Ukrainian military’s principal medium of communication. However, Zhora stated that the Ukrainian military instead relies on landlines for communication, with satellites as a back-up method. He went on to say that “in the case land lines were destroyed, that could be a serious issue in the first hours of war.”⁴⁴ The tension, and potential contradictions, in Zhora’s comments underlines the inherent complications in analyzing cyber operations during war: long-term consequences can be difficult to infer from short-term effects, and countries seek to actively control the narratives surrounding conflict.  

The effectiveness of the ViaSat hack boils down to how the Ukrainian military communicates, and how adaptable it was in the early hours of the invasion. However, it is apparent how such a hack could impact military effectiveness. If Russia, or any other belligerent, was able to simultaneously disrupt satellite communications while also jamming or destroying landlines, forces on the frontlines would be at best poorly connected with their superiors. In such a scenario, an army would be cut off from commanders in other locations and would not be able to report back or receive new directives; they would be stranded until communications could be restored.  

The ViaSat hack had a military objective: to disrupt Ukrainian military access to satellite communications. But the effects were not limited to this objective. The operation had spillover effects that rippled across Europe. In Germany, nearly 6,000 wind turbines were taken offline, with roughly 2,000 of those turbines remaining offline for nearly a month after the initial hack due to the loss of remote connectivity.⁴⁵ In France, modems used by emergency services vehicles, including firetrucks and ambulances, were also affected.⁴⁶

ViaSat is not a purely military target. It is a civilian firm that counts the Ukrainian military as a customer. The targeting of civilian infrastructure with dual civilian and military capability and use has occurred throughout history and has been the center of debate in international law, especially when there are cross-border spillover effects in non-combatant countries. Both the principle of proportionality and international humanitarian law require the aggressor to target only military objects, defined as objects “whose total or partial destruction, capture or neutralization, in the circumstances ruling at the time, offers a definite military advantage” in a manner proportional to the military gain foreseen by the operation. ⁴⁷ What this means in practice, however, is that the aggressor determines whether they deem a target to be a military object and a beneficial target and, therefore, what is legitimate. Konstantin Vorontsov, the Head of the Russian Delegation to the United Nations, attempted to justify Russian actions in October 2022 by saying that the use of civilian space infrastructure to aid the Ukrainian war effort may be a violation of the Outer Space Treaty, thereby rendering this infrastructure a legitimate military target.⁴⁸ Similar operations like that against ViaSat are likely to be the new norm in modern warfare. As Mauro Vignati, the adviser on new digital technologies of warfare at the Red Cross, said in November 2022, insofar as private companies own and operate the information infrastructure of the domain, including infrastructure acting as military assets, “when war start[s], those companies, they are inside the battlefield.”⁴⁹

Physical information infrastructure 

In February 2022, as Russian forces moved to seize airfields and key physical assets in Ukraine, they simultaneously assaulted the physical information infrastructure operating within and beneath the Ukrainian information environment. Russian forces targeted this infrastructure, largely privately operated, by taking control of assets where possible and destroying them where not, including through a series of Russian air strikes targeting Ukrainian servers, cables, and cell phone towers.⁵⁰ As of June 2022, about 15 percent of Ukrainian information infrastructure had been damaged or destroyed; by July, 12.2 percent of homes had lost access to mobile communication services, 11 percent of base stations for mobile operators were out of service, and approximately 20 percent of the country’s telecommunications infrastructure was damaged or destroyed.⁵¹ By August “the number of users connecting to the Internet in Ukraine [had] shrunk by at least 16 percent nationwide.”⁵²

In some areas of Ukraine, digital blackouts were enforced by Russian troops to cut the local population off from the highly contested information space. In Mariupol, the last cell tower connecting the city with the outside world was tirelessly tended by two Kyivstar engineers, who kept it alive with backup generators that they manually refilled with gasoline. Once the Russians entered the city, however, the Ukrainian soldiers who had been protecting the cell tower location left to engage with the enemy, leaving the Kyivstar engineers alone to tend to their charge. For three days the engineers withstood the bombing of the city until March 21, when Russian troops disconnected the tower and it went silent.⁵³

Russian forces coerced Ukrainian occupied territories onto Russian ISPs, once again through Rostelcom’s local agent Miranda Media, and onto Russian mobile service providers.⁵⁴ Information infrastructure in Ukraine is made up of overlapping networks of mobile service and ISPs, a legacy of the country’s complicated post-Soviet modernization process. This complexity may have been a boon for its resilience. Russian forces, observed digital-rights researcher Samuel Woodhams, “couldn’t go into one office and take down a whole region … There were hundreds of these offices and the actual hardware was quite geographically separated.⁵⁵ Across eastern Ukraine, including Kherson, Mlitopol, and Mariupol, the Russians aimed to subjugate the physical territory, constituent populations, and Ukrainian information space. In Kherson, Russian forces entered the offices of a Ukrainian ISP and at gunpoint, forced staff to transfer control to them.⁵⁶

Routing the internet and communications access of occupied territories through Russia meant that Moscow could suppress communications to and from these occupied areas, especially through social media and Ukrainian news sites, sever access to essential services in Ukraine, and flood the populations with its own propaganda, as was proved in Crimea in 2014. Moving forward, Russia could use this dependency to “disconnect, throttle, or restrict access to the internet” in occupied territories, cutting off the occupied population from the Ukrainian government and the wider Ukrainian and international community.⁵⁷

The Kremlin’s primary purpose in the invasion of Ukraine was and is to remove the Ukrainian government and, likely, install a pro-Russian puppet government to bring to an end an independent Ukraine.⁵⁸ Therefore, isolating the information environment of occupied populations, in concert with anti-Ukrainian government disinformation, such as the multiple false allegations that President Zelenskyy had fled the country and abandoned the Ukrainian people,⁵⁹ were a means to sway the allegiances, or at least dilute the active resistance, of the Ukrainian people.⁶⁰ Without connectivity to alternative outlets, the occupying Russians could promote false and largely uncontested claims about the progress of the war. In early May 2022 for example, when Kherson lost connectivity for three days, the deputy of the Kherson Regional Council, Serhiy Khlan, reported that the Russians “began to spread propaganda that they were in fact winning and had captured almost all of Mykolaiv.”⁶¹ 

Russia used its assault on the information environment to undermine the legitimacy of the Ukrainian government and its ability to fulfill its governmental duties to the Ukrainian people. Whether through complete connectivity blackouts or through the restrictions imposed by Russian networks, the Russians blocked any communications from the Ukrainian government to occupied populations—not least President Zelenskyy’s June 13, 2022 address, intended most for those very populations, in which he promised to liberate all occupied Ukrainian land and reassured those populations that they had not been forgotten. Zelenskyy acknowledged the Russian barrier between himself and Ukrainians in occupied territories, saying, “They are trying to make people not just know nothing about Ukraine… They are trying to make them stop even thinking about returning to normal life, forcing them to reconcile.”⁶²

Isolating occupied populations from the Ukrainian information space is intended, in large part, said Stas Prybytko, the head of mobile broadband development within the Ukrainian Ministry of Digital Transformation, to “block them from communicating with their families in other cities and keep them from receiving truthful information.”⁶³ Throughout 2022, so much of what the international community knew about the war came—through Twitter, TikTok, Telegram, and more—from Ukrainians themselves. From videos of the indiscriminate Russian shelling of civilian neighborhoods to recordings tracking Russian troop movements, Ukrainians used their personal devices to capture and communicate the progress of the war directly to living rooms, board rooms, and government offices around the world.⁶⁴The power of this distributed information collection and open-source intelligence relies upon mobile and internet access. The accounts that were shared after Ukrainian towns and cities were liberated from Russian occupation lay bare just how much suffering, arrest, torture, and murder was kept hidden from international view by the purposeful isolation of the information environment and the constant surveillance of Ukrainians’ personal devices.⁶⁵ The war in Ukraine has highlighted the growing impact of distributed open source intelligence during the conduct of war that is carried out by civilians in Ukraine and by the wider open source research community though various social media and messaging platforms.⁶⁶ 

Narrative Warfare: How the Kremlin and Russian news outlets justified a war of aggression against Ukraine

Undermining Ukraine: How the Kremlin employs information operations to erode global confidence in Ukraine

Russian operations against, especially transnational, digital infrastructure companies can mostly be categorized as disruption, degradation, and information gathering, which saw Russian or Russian-aligned hackers moving in and through the Ukrainian information environment. The attacks against Ukrainian physical infrastructure, however, are of a slightly different character. Invading forces employed physically mediated cyberattacks, a method defined by Herb Lin as “attacks that compromise cyber functionality through the use of or the threat of physical force” to pursue the complete destruction or seizure and occupation of this infrastructure.⁶⁷ Both ends begin with the same purpose: to create a vacuum of information between the Ukrainian government, the Ukrainian people, and the global population, effectively ending the connection between the Ukrainian information environment and the global environment. But the seizure of this infrastructure takes things a step beyond: to occupy the Ukrainian information environment and pull its infrastructure and its people into an isolated, controlled Russian information space. 

Reclaiming the Ukrainian information environment 

Preparation of the environment 

The Russian assault on the Ukrainian information environment is far from unanswered. Russian efforts have been countered by the Ukrainian government in concert with allied states and with technology companies located both within and outside Ukraine. Russia’s aim to pull occupied Ukrainian territory onto Russian networks to be controlled and monitored has been well understood, and Ukraine has been hardening its information infrastructure since the initial 2014 invasion. Ukraine released its Cyber Security Strategy in 2016, which laid out the government’s priorities in this space, including the defense against the range of active cyber threats they face, with an emphasis on the “cyber protection of information infrastructure.”⁶⁸ The government initially focused on centralizing its networks in Kyiv to make it more difficult “for Russian hackers to penetrate computers that store critical data and provide services such as pension benefits, or to use formerly government-run networks in the occupied territories to launch cyberattacks on Kyiv.”⁶⁹

As part of its digitalization and security efforts, the Ukrainian government also sought out new partners, both public and private, to build and bolster its threat detection and response capabilities. Before and since the 2022 invasion, the Ukrainian government has worked with partner governments and an array of technology companies around the world to create resilience through increased connectivity and digitalization. 

Bolstering Ukrainian connectivity 

Since the 2014 invasion and annexation of Crimea, Ukraine-serving telecommunications operators have developed plans to prepare for future Russian aggression. Lifecell, the third largest Ukrainian mobile telephone operator, prepared its network for an anticipated Russian attack. The company shifted their office archives, documentation, and critical network equipment from eastern to western Ukraine, where it would be better insulated from violence, added additional network redundancy, and increased the coordination and response capabilities of their staff.⁷⁰ Similarly, Kyivstar and Vodafone Ukraine increased their network bandwidth to withstand extreme demand. In October 2021, these three companies initiated an infrastructure sharing agreement to expand LTE (Long Term Evolution) networks into rural Ukraine and, in cooperation with the Ukrainian government, expanded the 4G telecommunications network to bring “mobile network coverage to an estimated 91.6 per cent of the population.”⁷¹ 

The expansion and improvement of Ukrainian telecommunications continued through international partnerships as well. Datagroup, for example, announced a $20 million partnership in 2021 with Cisco, a US-based digital communications company, to modernize and expand the bandwidth of its extensive networks.⁷² Since the February 2022 invasion, Cisco has also worked with the French government to provide over $5 million of secure, wireless networking equipment and software, including firewalls, for free to the Ukrainian government.⁷³

This network expansion is an integral part of the Ukrainian government’s digitalization plans for the country, championed by President Zelenskyy. Rather than the invasion putting an end to these efforts, Deputy Prime Minister and Minister for Digital Transformation Mykhailo Fedorov claimed that during the war “digitalization became the foundation of all our life. The economy continues to work … due to digitalization.⁷⁴ The digital provision of government services has created an alternate pathway for Ukrainians to engage in the economy and with their government. The flagship government initiative Diia, launched in February 2020, is a digital portal through which the 21.7 million Ukrainian users can access legal identification, make social services payments, register a business, and even register property damage from Russian missile strikes.⁷⁵ The Russian advance and consequent physical destruction that displaced Ukrainians means that the ability to provide government services through alternate and resilient means is more essential than ever, placing an additional premium on defending Ukrainian information infrastructure. 

Backing up a government 

As Russian forces built up along Ukraine’s borders, Ukrainian network centralization may have increased risk, despite the country’s improved defense capabilities. In preparation for the cyber and physical attacks against the country’s information infrastructure, Fedorov moved to amend Ukrainian data protection laws to allow the government to store and process data in the cloud and worked closely with several technology companies, including Microsoft, Amazon Web Services, and Google, to effect the transfer of critical government data to infrastructure hosted outside the country.⁷⁶ Cloud computing describes “a collection of technologies and organizational processes which enable ubiquitous, on-demand access to a shared pool of configurable computing resources.”⁷⁷ Cloud computing is dominated by the four hyperscalers—Amazon, Microsoft, Google, and Alibaba—that provide computing and storage at enterprise scale and are responsible for the operation and security of data centers all around the world, any of which could host customer data according to local laws and regulations.⁷⁸ 

According to its April 2022 Ukraine war report, Microsoft “committed at no charge a total of $107 million of technology services to support this effort” and renewed the relationship in November, promising to ensure that “government agencies, critical infrastructure and other sectors in Ukraine can continue to run their digital infrastructure and serve citizens through the Microsoft Cloud” at a value of about $100 million.⁷⁹ Amazon and Google have also committed to supporting cloud services for the Ukrainian government, for select companies, and for humanitarian organizations focused on aiding Ukraine.⁸⁰ In accordance with the Ukrainian government’s concerns, Russian missile attacks targeted the Ukrainian government’s main data center in Kyiv soon after the invasion, partially destroying the facility, and cyberattacks aggressively tested Ukrainian networks.⁸¹    

Unlike other lines of aid provided by the international community to strengthen the defense of the Ukrainian information environment, cloud services are provided only by the private sector.⁸² While this aid has had a transformative effect on Ukrainian defense, that transformative quality has also raised concerns. Microsoft, in its special report on Ukraine, several times cites its cloud services as one of the determining factors that limited the effect of Russian cyber and kinetic attacks on Ukrainian government data centers, and details how their services, in particular, were instrumental in this defense.⁸³ In this same report, Microsoft claims to be most worried about those states and organizations that do not use cloud services, and provides corroborating data.⁸⁴ Microsoft and other technology companies offering their services at a reduced rate, or for free, are acting—at least in part—out of a belief in the rightness of the Ukrainian cause. However, they are still private companies with responsibilities to shareholders or board members, and they still must seek profit. Services provided, especially establishing information infrastructure like Cloud services, are likely to establish long-term business relationships with the Ukrainian government and potentially with other governments and clients, who see the effectiveness of those services illustrated through the defense of Ukraine. 

Mounting an elastic defense  

Working for wireless 

Alongside and parallel to the Ukrainian efforts to defend and reclaim occupied physical territory is the fight for Ukrainian connectivity. Ukrainian telecommunications companies have been integral to preserving connectivity to the extent possible. In March 2022, Ukrainian telecom operators Kyivstar, Vodafone Ukraine, and Lifecell made the decision to provide free national mobile roaming services across mobile provider networks, creating redundancy and resilience in the mobile network to combat frequent service outages.⁸⁵ The free mobile service provided by these companies is valued at more than UAH 980 million (USD 26.8 million).⁸⁶ In addition, Kyivstar in July 2022 committed to the allocation of UAH 300 million (about USD 8.2 mil) for the modernization of Ukraine’s information infrastructure in cooperation with the Ukrainian Ministry of Digital transformation.⁸⁷ The statements that accompanied the commitments from Kyivstar and Lifecell—both headquartered in Ukraine—emphasized each company’s dedication to Ukrainian defense and their role in it, regardless of the short-term financial impact.⁸⁸ These are Ukrainian companies with Ukrainian infrastructure and Ukrainian customers, and their fate is tied inextricably to the outcome of this war. 

As Russian forces advanced and attempted to seize control of information infrastructure, in at least one instance, Ukrainian internet and mobile service employees sabotaged their own equipment first. Facing threats of imprisonment and death from occupying Russians, employees in several Ukrtelecom facilities withstood pressure to share technical network details and instead deleted key files from the systems. According to Ukrtelecom Chief Executive Officer Yuriy Kurmaz, “The Russians tried to connect their control boards and some equipment to our networks, but they were not able to reconfigure it because we completely destroyed the software.”⁸⁹ Without functional infrastructure, Russian forces struggled to pull those areas onto Russian networks.  

The destruction of telecommunications infrastructure has meant that these areas and many others along the war front are, in some areas, without reliable information infrastructure, either wireless or wired. While the Ukrainian government and a bevy of local and international private sector companies battle for control of on-the-ground internet and communications infrastructure, they also pursued new pathways to connectivity.

Searching for satellite 

Two days after the invasion, Deputy Prime Minister Fedorov tweeted at Elon Musk, the Chief Executive Officer of SpaceX, that “while you try to colonize Mars — Russia try [sic] to occupy Ukraine! While your rockets successfully land from space — Russian rockets attack Ukrainian civil people! We ask you to provide Ukraine with Starlink stations and to address sane Russians to stand.”⁹⁰ Just another two days later, Fedorov confirmed the arrival of the first shipment of Starlink stations.⁹¹  

Starlink, a network of low-orbit satellites working in constellations operated by SpaceX, relies on satellite receivers no larger than a backpack that are easily installed and transported. Because Russian targeting of cellular towers made communications coverage unreliable, says Fedorov, the government “made a decision to use satellite communication for such emergencies” from American companies like SpaceX.⁹² Starlink has proven more resilient than any other alternative throughout the war. Due to the low orbit of Starlink satellites, they can broadcast to their receivers at relatively higher power than satellites in higher orbits. There has been little reporting on successful Russian efforts to jam Starlink transmissions, and the Starlink base stations—the physical, earthbound infrastructure that communicates directly with the satellites—are located on NATO territory, ensuring any direct attack on them would be a significant escalation in the war.⁹³

Starlink has been employed across sectors almost since the war began. President Zelenskyy has used the devices himself when delivering addresses to the Ukrainian people, as well as to foreign governments and populations.⁹⁴ Fedorov has said that sustained missile strikes against energy and communication infrastructure have been effectively countered through the deployment of Starlink devices that can restore connection where it is most needed. He even called the system “an essential part of critical infrastructure.”⁹⁵   

Starlink has also found direct military applications. The portability of these devices means that Ukrainian troops can often, though not always, stay connected to command elements and peer units while deployed.⁹⁶ Ukrainian soldiers have also used internet connections to coordinate attacks on Russian targets with artillery-battery commanders.⁹⁷ The Aerorozvidka, a specialist air reconnaissance unit within the Ukrainian military that conducts hundreds of information gathering missions every day, has used Starlink devices in areas of Ukraine without functional communications infrastructure to “monitor and coordinate unmanned aerial vehicles, enabling soldiers to fire anti-tank weapons with targeted precision.”⁹⁸ Reports have also suggested that a Starlink device was integrated into an unmanned surface vehicle discovered near Sevastopol, potentially used by the Ukrainian military for reconnaissance or even to carry and deliver munitions.⁹⁹ According to one Ukrainian soldier, “Starlink is our oxygen,” and were it to disappear, “our army would collapse into chaos.”¹⁰⁰

The initial package of Starlink devices included 3,667 terminals donated by SpaceX and 1,333 terminals purchased by the United States Agency for International Development (USAID).¹⁰¹ SpaceX initially offered free Starlink service for all the devices, although the offer has already been walked back by Musk, and then reversed again. CNN obtained proof of a letter sent by Musk to the Pentagon in September 2022 stating that SpaceX would be unable to continue funding Starlink service in Ukraine. The letter requested that the Pentagon pay what would amount to “more than $120 million for the rest of the year and could cost close to $400 million for the next 12 months.” It also clarified that the vast majority of the 20,000 Starlink devices sent to Ukraine were financed at least in part by outside funders like the United States, United Kingdom, and Polish governments.¹⁰²

After the letter was sent, but before it became public, Musk got into a Twitter spat with Ukrainian diplomat Adrij Melnyk after the former wrote a tweet on October 3 proposing terms of peace between Russia and Ukraine. Musk’s proposal included Ukraine renouncing its claims to Crimea and pledging to remain neutral, with the only apparent concession from Russia a promise to ensure water supply in Crimea. The plan was rejected by the public poll Musk included in the tweet, and Melnyk replied and tagged Musk, saying “Fuck off is my very diplomatic reply to you @elonmusk.”¹⁰³ After CNN released the SpaceX letter to the Pentagon, Musk seemingly doubled down on his decision to reduce SpaceX funding at first. He responded on October 14 to a tweet summarizing the incident, justifying possible reduced SpaceX assistance stating, “We’re just following his [Melnyk’s] recommendation,” even though the letter was sent before the Twitter exchange. Musk then tweeted the following day, “The hell with it … even though Starlink is still losing money & other companies are getting billions of taxpayer $, we’ll just keep funding Ukraine govt for free.”¹⁰⁴ Two days later, in response to a Politico tweet reporting that the Pentagon was considering covering the Starlink service costs, Musk stated that “SpaceX has already withdrawn its request for funding.”¹⁰⁵ Musk’s characterization of SpaceX’s contribution to the war effort has sparked confusion and reprimand, with his public remarks often implying that his company is entirely footing the bill when in fact, tens of millions of dollars’ worth of terminals and service are being covered by several governments every month.  

The Starlink saga, however, was not over yet. Several weeks later in late October, 1,300 Starlink terminals in Ukraine, purchased in March 2020 by a British company for use in Ukrainian combat-related operations, were disconnected, allegedly due to lack of funding, causing a communications outage for the Ukrainian military.¹⁰⁶ Although operation was restored, the entire narrative eroded confidence in SpaceX as a guarantor of flexible connectivity in Ukraine. In November 2022, Federov noted that while Ukraine has no intention of breaking off its relationship with Starlink, the government is exploring working with other satellite communications operators.¹⁰⁷ Starlink is not the only satellite communications network of its kind, but its competitors have not yet reached the same level of operation. Satellite communications company OneWeb, based in London with ties to the British military, is just now launching its satellite constellation, after the Russian invasion of Ukraine required the company to change its launch partner from Roscosmos to SpaceX.¹⁰⁸ The US Space Development Agency, within the United States Space Force, will launch the first low earth orbit satellites of the new National Defense Space Architecture in March 2023. Other more traditional satellite companies cannot provide the same flexibility as Starlink’s small, transportable receivers.

With the market effectively cornered for the moment, SpaceX can dictate the terms, including the physical bounds, of Starlink’s operations, thereby wielding immense influence on the battlefield. Starlink devices used by advancing Ukrainian forces near the front, for example, have reported inconsistent reliability.¹⁰⁹ Indeed CNN reported on February 9^th that this bounding was a deliberate attempt to separate the devices from direct military use, as SpaceX President Gwynne Shotwell explained “our intent was never to have them use it for offensive purposes.”¹¹⁰ The bounding decision, similar to the rationale behind the company’s decision to refuse to activate Starlink service in Crimea, was likely made to contain escalation, especially escalation by means of SpaceX devices.¹¹¹

But SpaceX is not the only satellite company making decisions to bound the area of operation of their products to avoid playing—or being perceived to play—a role in potential escalation. On March 16, 2022, Minister Fedorov tweeted at DJI, a Chinese drone producer, “@DJIGlobal are you sure you want to be a partner in these murders? Block your products that are helping russia to kill the Ukrainians!”¹¹² DJI responded directly to the tweet the same day, saying “If the Ukrainian government formally requests that DJI set up geofencing throughout Ukraine, we will arrange it,” but pointed out that such geofencing would inhibit all users of their product in Ukraine, not just Russians.¹¹³

While Russia continues to bombard the Ukrainian electrical grid, Starlink terminals have grown more expensive for new Ukrainian consumers, increasing from $385 earlier this year to $700, although it is unclear if this price increase also affected government purchasers.¹¹⁴ According to Andrew Cavalier, a technology industry analyst with ABI Research, the indispensability of the devices gives “Musk and Starlink a major head start [against its competitors] that its use in the Russia–Ukraine war will only consolidate.”¹¹⁵ Indeed, the valuation of SpaceX was $127 million in May 2022, and the company raised $2 billion in the first seven months of 2022.¹¹⁶ For SpaceX, the war in Ukraine has been an impressive showcase of Starlink’s capabilities and has proven the worth of its services to future customers. The company recently launched a new initiative, Starshield, intended to leverage “SpaceX’s Starlink technology and launch capability to support national security efforts. While Starlink is designed for consumer and commercial use, Starshield is designed for government use.”¹¹⁷ It is clear that SpaceX intends to capitalize on the very public success of its Starlink network in Ukraine.

Reclaiming Territory 

The Russian assault is not over, but Ukraine has reclaimed “54 percent of the land Russia has captured since the beginning of the war” and the front line has remained relatively stable since November 2022.¹¹⁸ Videos and reports from reclaimed territory show the exultation of the liberated population. As Ukrainian military forces reclaim formerly occupied areas, the parallel reclamation of the information environment, by or with Ukrainian and transnational information infrastructure operators, follows quickly. 

In newly liberated areas, Starlink terminals are often the first tool for establishing connectivity. In Kherson, the first regional capital that fell to the Russian invasion and reclaimed by Ukrainian troops on November 11, 2022, residents lined up in public spaces to connect to the internet through Starlink.¹¹⁹ The Ministry of Digital Transformation provided Starlink devices to the largest service providers, Vodaphone and Kyivstar, to facilitate communication while their engineers repaired the necessary infrastructure for reestablishing mobile and internet service.¹²⁰ A week after Kherson was recaptured, five Kyivstar base stations were made operational and Vodaphone had reestablished coverage over most of the city.¹²¹

Due to the importance of reclaiming the information space, operators are working just behind Ukrainian soldiers to reconnect populations in reclaimed territories to the Ukrainian and global information environment as quickly as possible, which means working in very dangerous conditions. In the Sumy region, a Ukrtelecom vehicle pulling up to a television tower drove over a land mine, injuring three of the passengers and killing the driver.¹²² Stanislav Prybytko, the head of the mobile broadband department in the Ukrainian Ministry of Digital Transformation, says “It’s still very dangerous to do this work, but we can’t wait to do this, because there are a lot of citizens in liberated villages who urgently need to connect.”¹²³ Prybytko and his eleven-person team have been central to the Ukrainian effort to stitch Ukrainian connectivity back together. The team works across a public-private collaborative, coordinating with various government officials and mobile service providers to repair critical nodes in the network and to reestablish communications and connectivity.¹²⁴ According to Ukrainian government figures, 80 percent of liberated settlements have partially restored internet connection, and more than 1,400 base stations have been rebuilt by Ukrainian mobile operators since April 2022.¹²⁵

Key Takeaways 

The information environment is a key domain through which this war is being contested. The Russian government has demonstrated for over a decade the importance it places on control of the information environment, both domestically and as part of campaigns to expand the Russian sphere of influence abroad. Yet, despite this Russian focus, the Ukrainian government has demonstrated incredible resilience against physical assaults, cyberattacks, and disinformation campaigns against and within the Ukrainian information environment and has committed to further interlacing government services and digital platforms.  

The centrality of this environment to the conduct of this war means that private actors are necessarily enmeshed in the conflict. As providers of products and services used for Ukrainian defense, these companies are an important part of the buttressing structure of that defense. The centrality of private companies in the conduct of the war in Ukraine brings to light new and increasingly important questions about what it means for companies to act as information infrastructure during wartime, including:  

1. What is the complete incentive structure behind a company’s decision to provide products or services to a state at war? 
2. How dependent are states on the privately held portions of the information environment, including infrastructure, tools, knowledge, data, skills, and more, for their own national security and defense?  
3. How can the public and private sectors work together better as partners to understand and prepare these areas of reliance during peace and across the continuum of conflict in a sustained, rather than ad hoc, nature? 

Incentives 

The war in Ukraine spurred an exceptional degree of cooperation and aid from private companies within Ukraine and from around the globe. Much of public messaging around the private sector’s assistance of Ukrainian defense centers around the conviction of company leadership and staff that they were compelled by a responsibility to act. This is certainly one factor in their decision. But the depth of private actor involvement in this conflict demands a more nuanced understanding of the full picture of incentives and disincentives that drive a company’s decision to enter into new, or expand upon existing, business relationships with and in a country at war. What risks, for example, do companies undertake in a war in which Russia has already demonstrated its conviction that private companies are viable military targets? The ViaSat hack was a reminder of the uncertainty that surrounds the designation of dual-use technology, and the impact that such designations have in practice. What role did public recognition play in companies’ decisions to provide products and services, and how might this recognition influence future earnings potential? For example, while their remarks differed in tone, both Elon Musk on Twitter and Microsoft in its special report on Ukraine publicly claimed partial credit for the defense of Ukraine.  

As the war continues into its second year, these questions are important to maintaining Ukraine’s cooperation with these entities. With a better understanding of existing and potential incentives, the companies, the United States, and its allies can make the decision to responsibly aid Ukraine much easier.  

Dependencies 

Private companies play an important role in armed conflict, operating much of the infrastructure that supports the information environment through which both state and non-state actors compete for control. The war in Ukraine has illustrated the willingness of private actors, from Ukrainian telecommunications companies to transnational cloud and satellite companies, to participate as partners in the defense of Ukraine. State dependence on privately held physical infrastructure is not unique to the information environment, but state dependence on infrastructure that is headquartered and operated extraterritorially is a particular feature. 

Prior to and throughout the war, the Ukrainian government has coordinated successfully with local telecommunication companies to expand, preserve, and restore mobile, radio, and internet connectivity to its population. This connectivity preserved what Russia was attempting to dismantle—a free and open Ukrainian information environment through which the Ukrainian government and population can communicate and coordinate. The Ukrainian government has relied on these companies to provide service and connectivity, working alongside them before and during the war to improve infrastructure and to communicate priorities. These companies are truly engaging as partners in Ukrainian defense, especially because this information infrastructure is not just a medium through which Russia launches attacks but an environment that Russia is attempting to seize control of. This dependence has not been unidirectional—the companies themselves are inextricably linked to this conflict through their infrastructure, employees, and customers in Ukraine. Each is dependent to some degree on the other and during times of crisis, their incentives create a dynamic of mutual need. 

The Ukrainian government has also relied on a variety of transnational companies though the provision of technology products or services and information infrastructure. As examined in this report, two areas where the involvement of these companies has been especially impactful are cloud services and satellite internet services. Cloud services have preserved data integrity and security by moving information to data centers distributed around the world, outside of Ukrainian territory and under the cyber-protection of those cloud service companies. Satellite services have enabled flexible and resilient connectivity, once again located and run primarily outside of Ukraine. These companies can provide essential services within the information environment and the physical environment of Ukraine, but are not fundamentally reliant on the integrity of the country. This dynamic is heightened by the fact that cloud service providers like Microsoft, Amazon Web Services, Google, and satellite internet service providers like Space X’s Starlink are operating within a market with global reach and very few competitors. While these companies and others have made the laudable decision to contribute to Ukrainian defense, the fact is that had they not, there are only a few, if any, other companies with comparable capabilities and infrastructure at scale. Additionally, there’s very little Ukraine or even the US government could have done to directly provide the same capabilities and infrastructure.  

Coordination 

Built into the discussions around dependency and incentives is the need for government and the private companies who own and operate information infrastructure to coordinate with each other from a more extensive foundation. While coordination with Ukrainian companies and some transnational companies emerged from sustained effort, many instances of private sector involvement were forged on an ad hoc basis and therefore could not be planned on in advance. The ad hoc approach can produce rapid results, as seen by Minister Fedorov’s tweet at Elon Musk and receipt of Starlink devices just days later. While this approach has been wielded by the Ukrainian government, and the Ministry for Digital Transformation in particular, to great effect, this very same example illustrates the complexity of transforming ad hoc aid into sustainable partnerships. Sustainability is especially important when states are facing threats outside of open war, across the continuum of insecurity and conflict where many of these capabilities and infrastructures will continue to be relied upon. Security and defense in the information environment requires states to work in coordination with a diverse range of local and transnational private actors. 

Recommendations 

Key recommendations from this paper ask the US government, in coordination with the Ukrainian government, to better understand the incentives that surround private sector involvement, to delineate states’ dependency on private information infrastructure, and to improve long-term public-private coordination through three pathways: 

• Define support parameters. Clarify how private technology companies can and should provide aid 
• Track support. Create a living database to track the patterns of technological aid to Ukraine from US private companies 
• Facilitate support requests. Add to the resilience of the Ukrainian information environment by facilitating US private aid.  

Define support parameters 

Private information infrastructure companies will continue to play a key role in this war. However, there are a number of unresolved questions regarding the decisions these companies are making about if, and how, to provide support to the Ukrainian government to sustain its defense. A significant barrier may be the lack of clarity about the risks of partnership in wartime, which may disincentivize action or may alter existing partnerships. Recent SpaceX statements surrounding the bounding of Starlink use is an example, at least in part, of just such a risk calculous in action. The US government and its allies should release a public directive clarifying how companies can ensure that their involvement is in line with US and international law—especially for dual-use technologies. Reaffirming, with consistent guidelines, how the United States defines civilian participation in times of war will be crucial for ensuring that such actions do not unintentionally legitimize private entities as belligerents and legitimate targets in wartime. At the direction of the National Security Advisor, the US Attorney General and Secretary of State, working through the Office of the Legal Advisor at the State Department, should issue public guidance on how US companies can provide essential aid to Ukraine while avoiding the designation of legitimate military target or combatant under the best available interpretation of prevailing law. 

Track support 

While a large amount of support for Ukraine has been given directly by or coordinated through governments, many private companies have started providing technological support directly to the Ukrainian government. Some private companies, especially those with offices or customers in Ukraine, got in touch directly with, or were contacted by, various Ukrainian government offices, often with specific requests depending on the company’s products and services.¹²⁶ 

However, the US government does not have a full and complete picture of this assistance, which limits the ability of US policymakers to track the implications of changing types of support or the nature of the conflict. Policymakers should have access to not only what kind of support is being provided by private US companies, but also the projected period of involvement, what types of support are being requested and denied by companies (in which case, where the US government may be able to act as an alternative provider), and what types of support are being supplied by private sector actors without a significant government equity or involvement. A more fulsome mapping of this assistance and its dependency structure would make it possible for policymakers and others to assess its impact and effectiveness. This data, were it or some version of it publicly available, would also help private companies providing the support to better understand how their contributions fit within the wider context of US assistance and to communicate the effect their products or services are having to stakeholders and shareholders. Such information may play a role in a company’s decision to partner or abstain in the future.

The US government should create a collaborative task force to track US-based private sector support to Ukraine. Because of the wide equities across the US government in this area, this team should be led by the State Department’s Bureau of Cyberspace and Digital Policy and include representatives from USAID, the Department of Defense’s Cyber Policy Office, the National Security Agency’s Collaboration Center, and the Cybersecurity and Infrastructure Security’s Joint Cyber Defense Collaborative. This task force should initially focus on creating a picture of public-private support to Ukraine from entities within the United States, but its remit could extend to work with allies and partners, creating a fulsome picture of international public-private support.

Facilitate support requests 

Tracking the technical support that is requested, promised, and delivered to the Ukrainian government is an important first step toward gaining a better understanding of the evolving shape of the critical role that the private sector is increasingly playing in conflict. But closer tracking, perhaps by an associated body, could go further by acting as a process facilitator. Government offices and agencies have long been facilitators of private aid, but now states are increasingly able to interact with, and request support from, private companies directly, especially for smaller quantities or more specific products and services. While this pathway can be more direct and efficient, it also requires a near constant churn of request, provision, and renewal actions from private companies and Ukrainian government officials.  

Private organizations have stepped into this breach, including the Cyber Defense Assistance Collaboration (CDAC), founded by Greg Rattray and Matthew Murray, now a part of the US-based non-profit CRDF Global. CDAC works with a number of US private technology companies, as well as the National Security and Defense Council of Ukraine and the Ukrainian think tank Global Cyber Cooperative Center, to match the specific needs of Ukrainian government and state-owned enterprises with needed products and services offered by companies working in coordination.¹²⁷

The growth and reach of this effort demonstrate the potential impact that a government-housed, or even a government-sponsored mechanism, could have in increasing the capacity to facilitate requests from the Ukrainian government, decreasing the number of bureaucratic steps required by Ukrainian government officials while increasing the amount and quality of support they receive. In addition, government facilitation would ease progress toward the previously stated recommendations by building in clarity around what kind of support can be provided and putting facilitation and aid tracking within a single process. As discussed above, this facilitation should start with a focus on US public-private support, but can grow to work alongside similar allied efforts. This could include, for example, coordination with the United Kingdom’s Foreign, Commonwealth and Development Office (FCDO) program, which “enables Ukrainian agencies to access the services of commercial cybersecurity companies.”¹²⁸ Crucially, this task force, helmed by the State Department’s Bureau of Cyberspace and Digital Policy, would act as a facilitator, not as a restricting body. Its mission in this task would be to make connections and provide information.  

In line with tracking, US government facilitation would enable government entities to communicate where assistance can be most useful, such as shoring up key vulnerabilities or ensuring that essential defense activities are not dependent on a single private sector entity, and ideally, avoiding dependency on a single source of private sector assistance. A company’s financial situation or philanthropic priorities are always subject to change, and the US government should be aware of such risks and create resilience through redundancy.  

Central to this resilience will be the provision of support to bolster key nodes in the Ukrainian telecommunications infrastructure network against not just cyber attacks but also against physical assault, including things like firewalls, mine clearing equipment, and power generators. Aiding the Ukrainian government in the search for another reliable partner for satellite communication devices that offer similar flexibility as Starlink is also necessary, and a representative from the Pentagon has confirmed that such a process is underway, following Musk’s various and contradictory statements regarding the future of SpaceX’s aid to Ukraine back in October.¹²⁹ Regardless, the entire SpaceX experience illustrates the need to address single dependencies in advance whenever possible. 

A roadblock to ensuring assistance redundancy is the financial ability of companies to provide products and services to the Ukrainian government without charge or to the degree necessary. While the US government does provide funding for private technological assistance (as in the Starlink example), creating a pool of funding that is tied to the aforementioned task force and overseen by the State Department’s Bureau of Cyberspace and Digital Policy, would enable increased flexibility for companies to cover areas of single dependence, even in instances that would require piecemeal rather than one-to-one redundancy. As previously discussed, many companies are providing support out of a belief that it is the right thing to do, both for their customers and as members of a global society. However, depending on whether that support is paid or provided for free, or publicly or privately given, a mechanism that provides government clarity on private sector support, tracks the landscape of US private support to Ukraine, and facilitates support requests would make it easier for companies to make the decision to start or continue to provide support when weighed against the costs and potential risks of offering assistance.

Looking forward and inward 

The questions that have emerged from Ukraine’s experience of defense in and through the information environment are not limited to this context. Private companies have a role in armed conflict and that role seems likely to grow, along with the scale, complexity, and criticality of the information infrastructures they own and operate. Companies will, in some capacity, be participants in the battlespace. This is being demonstrated in real time, exposing gaps that the United States and its allies and partners must address in advance of future conflicts.

Russia’s war on Ukraine has created an environment in which both public and private assistance in support of Ukrainian information infrastructure is motivated by a common aversion toward Russian aggression, as well as a commitment to the stability and protection of the Ukrainian government and people. This war is not over and despite any hopes to the contrary, similar aggressions will occur in new contexts, and with new actors in the future. It is crucial that in conjunction with examining and mitigating the risks related to the involvement of private technology companies in the war in Ukraine, the US government also examines these questions regarding its own national security and defense.

The information environment is increasingly central to not just warfighting but also to the practice of governance and the daily life of populations around the world. Governments and populations live in part within that environment and therefore atop infrastructure that is owned and operated by the private sector. As adversaries seek to reshape the information environment to their own advantage, US and allied public and private sectors must confront the challenges of their existing interdependence. This includes defining in what form national security and defense plans in and through the information environment are dependent upon private companies, developing a better understanding of the differing incentive structures that guide private sector decision-making, and working in coordination with private companies to create a more resilient information infrastructure network through redundancy and diversification. It is difficult to know what forms future conflict and future adversaries will take, or the incentives that may exist for companies in those new contexts, but by better understanding the key role that private information and technology companies already play in this domain, the United States and allies can better prepare for future threats.

About the Authors 

Emma Schroeder is an associate director with the Atlantic Council’s Cyber Statecraft Initiative, within the Digital Forensic Research Lab, and leads the team’s work studying conflict in and through cyberspace. Her focus in this role is on developing statecraft and strategy for cyberspace that is useful for both policymakers and practitioners. Schroeder holds an MA in History of War from King’s College London’s War Studies Department and also attained her BA in International Relations & History from the George Washington University’s Elliott School of International Affairs. 

Sean Dack was a Young Global Professional with the Cyber Statecraft Initiative during the fall of 2022. He is now a Researcher at the NATO Parliamentary Assembly, where he focuses on the long-term strategic and economic implications of Russia’s invasion of Ukraine. Dack graduated from Johns Hopkins School of Advanced International Studies in December 2022 with his MA in Strategic Studies and International Economics. 

Acknowledgements 

The authors thank Justin Sherman, Gregory Rattray, and Gavin Wilde for their comments on earlier drafts of this document, and Trey Herr and the Cyber Statecraft team for their support. The authors also thank all the participants, who shall remain anonymous, in multiple Chatham House Rule discussions and one-on-one conversations about the issue.

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

The post A parallel terrain: Public-private defense of the Ukrainian information environment appeared first on Atlantic Council.

The post Aziz in Dawn: <a href="https://www.dawn.com/news/1736201/banistan-ignorant-leaders-absurd-regulation">Banistan: Ignorant leaders, absurd regulation</a> appeared first on Atlantic Council.

Security

Satellite imagery indicates a build-up of air defense missile systems in southern Russia

Ukraine defense minister warns of new Russian offensive

New Russian fortifications indicate a spring offensive could be on the horizon

Tracking narratives

Russia alleges US bioweapons created COVID, targets Ukrainians

Pro-Russia Telegram channels target Israel following Iran strike

Italy targeted by Russian accusations as Rome prepares new weapons package for Ukraine

Satellite imagery indicates a build-up of air defense missile systems in southern Russia

Satellite imagery reviewed by the DFRLab suggests a new build-up of air defense missile systems in Russia’s southern military region between Rostov-on-Don and Krasnodar. The DFRLab used radar imagery forensics to detect and approximate the relocation of air defense systems near the Azov Sea. As noted by University College London Professor Ollie Ballinger, missile batteries tend to cast recognizable turbulence signals on radar imagery when their systems are activated. This phenomenon has also been documented in the Middle East and the Baltic Sea.

The Sentinel-1 satellite of the European Space Agency collects satellite imagery using radar technology. As military systems also use radar electromagnetic wavelengths in the 5gHz range, referred to as the C-Band in NATO nomenclature, these are exploitable as open-source evidence for military activity and weapons deployment.

The DFRLab monitored for deployments of such systems near a field south of Oktyabrskaya in Russia’s Krasnodar Oblast. These systems were likely located close to a military airbase. While the DFRLab cannot confirm their presence in this area nor identify the exact systems, other interference signal patterns along the eastern border of Luhansk and Donetsk could also be interpreted as evidence of more electromagnetic radar-casting defense systems.

—Valentin Châtelet, Research Associate, Brussels, Belgium

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Ukraine defense minister warns of new Russian offensive

Ukrainian Defense Minister Oleksii Reznikov warned that Russia might attempt to launch a new offensive before the first anniversary of the Ukraine invasion on February 24. According to Reznikov, Russia is concentrating as many as 500,000 troops along Ukraine’s borders, significantly exceeding the declared 300,000 soldiers. Reznikov speculated that the offensive could come from the east and the south simultaneously. The minister also emphasized that military assistance from allies is needed to repel a possible attack.

Ukrainian military intelligence also stated that Ukraine expects a new wave of fighting in the next two months. Meanwhile, Russian President Vladimir Putin held a meeting to discuss the restoration of infrastructure in Crimea, Belgorod, Bryansk, and Kursk following Ukrainian shelling. He noted that his administration is prioritizing ending Ukrainian shelling along border regions.

On the evening of February 1, Russian forces struck the center of Kramatorsk with a rocket. Three civilians were killed and more than 20 people were injured. At least eight apartments were damaged, with one destroyed. 

Meanwhile, Russian offensive operations have restarted in various locations. In the direction of Kupiansk, the Russian army shelled Dvorichna, Synkivka, Ivanivka, Kyslivka, Kotlyarivka, Tabayivka, Pischane, Novoselivske, and Stelmakhivka. The Russian army continued to attack villages and pressed Ukraine’s army positions toward Lyman, Zaporizhzhia, Kherson, Vuhledar, Avdiivka, and Bakhmut.

—Valentin Châtelet, Research Associate, Brussels, Belgium

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

New Russian fortifications indicate a spring offensive could be on the horizon

Russian armed forces have dug trenches in Zaporizhzhia and Kherson Oblasts that the DFRLab has reviewed extensively on social media and satellite imagery. The southern flank in the Russian-occupied Zaporizhzhia Oblast has seen a rise in the build-up of trenches and fortifications stretching from Polohy to Vesele. The DFRLab identified massive underground structures in three different locations, pointing at a Russian reinforcement in their southern positions.

On January 27, trenches stretching twenty-one kilometers and circling Berdyansk’s airport tipped off OSINT researchers to Russia’s expected escalation on the southern flank. The DFRLab identified and documented two other occurrences of defensive build-ups on the eastern bank of the Dnipro River.

Between mid-December and January 31, 2023, Russian soldiers dug up underground trenches in an odd-B shape in the vicinity of Vesele, a village forty kilometers northeast of Melitopol. The DFRLab identified two structures, along with other fortifications across neighboring fields north of Vesele. The other structure, located west of the underground trenches, seems to resemble a defense base immediately connected to the village by a road.

In Mykhailivka, a city facing Zaporizhzhia from the other side of the riverbank, the DFRLab located similar trenches and fortifications. These stretch up to fifteen kilometers long, protecting the entire city near the front line.

—Valentin Châtelet, Research Associate, Brussels, Belgium

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Russia alleges US bioweapons created COVID, targets Ukrainians

On January 30, Russia’s Ministry of Defense published a collection of conspiracy narratives alleging the United States operates a biological weapons program. The ministry published the initial text on the free and anonymous blogging platform telegra.ph, developed by Telegram for sharing long-form posts. 

The post begins with allegations that the US is involved in the emergence and spread of COVID-19. It names various US agencies and Microsoft founder Bill Gates as key actors in the pandemic. The ministry claims to have acquired more than “20,000 documents, reference and analytical materials, as well as surveyed witnesses and participants of the US biological programs.” The post concludes that these materials “confirm that the Pentagon aimed at creating elements of a biological weapon, and testing it on the population of Ukraine and other countries along the perimeter of the Russian borders.”

The defense ministry shared some of its “evidence” via the cloud service Disk Yandex. The link contains three folders containing unverified documents. The folders are titled “virological studies,” “experiments on Ukrainian citizens and military,” and “Rift Valley fever epidemic.” 

The Facebook account of the Russian embassy in the United States amplified the narrative and shared the documents. The documents also found their way to Kremlin propaganda platforms.

The DFRLab has tracked many instances of Russia spreading falsehoods about the US operating a biological weapons program since the start of the pandemic; Russia now employs similar narratives to justify its war against Ukraine.

—Eto Buziashvili, Research Associate, Tbilisi, Georgia

Pro-Russia Telegram channels target Israel following Iran strike

Pro-Russia Telegram channels targeted Israel following a suspected Israeli drone strike against an Iranian ammunition factory on January 28. A few weeks earlier, the United States sanctioned Iran’s defense and aviation sector for supplying Russia with drones that are being used against Ukraine.

The Telegram channels responded to the Iranian strike by spreading anti-Israel and antisemitic narratives. Russian military blogger Roman Saponkov endorsed calls for the “demilitarization of Israel.” The account Операция Z (“Operation Z”) used antisemitic expressions to describe Jewish people. Elsewhere, Kremlin propagandist Vladimir Solovyev shared a post accusing Israel of providing shelter to “Nazis from the ‘Azov’ terrorist group.” Other pro-war channels shared graphic photos with claims that Wagner had found the bodies of Israeli and Polish mercenaries fighting in Ukraine.

—Eto Buziashvili, Research Associate, Tbilisi, Georgia

Italy targeted by Russian accusations as Rome prepares new weapons package for Ukraine

Russia’s chief diplomat in Italy accused the country of engaging in anti-Russian discrimination, in an apparent attempt to pressure Italy to stop backing Ukraine and sway public opinion in favor of Russia. Earlier this week, Russian ambassador to Italy Sergey Razov published an open letter, ostensibly in response to comments made by Defense Minister Guido Minister Crosetto on why Ukraine needs international support. Razov accused the Italian government of putting in place “discriminatory restrictions” against Russian citizens. The letter was published on the Facebook account of the Russian embassy in Italy; at the time of writing, it had received more than 2,200 likes, 792 comments, and 698 reshares. 

In January, Italian media outlet Decode39 reported that the Russian embassy in Italy had published a series of social media posts “targeting Italy’s supposed military supplies to Ukraine in a bid to cast doubt on Rome’s logistical support and its effectiveness on the battlefield.” The social media posts were widely reshared and amplified the Kremlin narrative that falsely paints Ukrainians as “neo-Nazis.”   

Italy is poised to send a new package of military aid to Ukraine. “According to Defense Minister Crosetto, the package will contain air defense systems, namely Aspide surface-to-air missiles and the more advanced SAMP/T missile shield, of which some components will be supplied by Rome and others by Paris.  

Mattia Caniglia, Associate Director for Capacity Building, Brussels 

The post Russian War Report: Satellite imagery indicates a build-up of air defense missile systems in southern Russia appeared first on Atlantic Council.

On October 6, 2022, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and National Security Agency released a joint cybersecurity advisory outlining the top Common Vulnerabilities and Exposures that Chinese state-linked hacking groups have been actively exploiting since 2020 to target US and allied networks. Public reporting indicates that, for the better part of the past two decades, China has consistently engaged in offensive cyber operations, and as the scope of the country’s economic and political ambitions expanded, so has its cyber footprint. The number of China-sponsored and aligned hacking teams are growing, as they develop and deploy offensive cyber capabilities to serve the state’s interests—from economic to national security.

We brought together a group of experts to provide insights into China’s cyber behavior, its structure, and how its operations differ from those of other states.

#1 Is there a particular example that typifies the “Chinese” model of cyber operations?

Dakota Cary, nonresident fellow, Global China Hub, Atlantic Council; consultant, Krebs Stamos Group: 

“China’s use of the 2021 Microsoft Exchange Server vulnerability to access email servers captures the essence of modern Chinese hacking operations. A small number of teams exploited a vulnerability in a critical system to collecting intelligence on their targets. After the vulnerability became public and their operation’s stealth was compromised, the number of hacking teams using the vulnerability exploded. China has established a mature operational segmentation and capabilities-sharing system, allowing teams to quickly distribute and use a vulnerability after its use was compromised.” 

John Costello, former chief of staff, Office of the National Cyber Director: 

“No. China’s approach has evolved too quickly; its actors too heterogenous and many. What has remained consistent over time is the principal focus of China’s cyber operations, which, in general, is the economic viability and growth of China’s domestic industry and advancement of its scientific research, development, and modernization efforts. China does conduct what some would call ‘legitimate’ cyber operations, but these are vastly overshadowed by campaigns that are clearly intended to obtain intellectual property, non-public research, or place Chinese interests in an advantageous economic position.” 

Bulelani Jili, nonresident fellow, Cyber Statecraft Initiative, Digital Forensic Research Lab (DFRLab), Atlantic Council: 

“What is unique is how the party-state promotes surveillance technology and cyber operations abroad. It utilizes diplomatic exchanges, law enforcement cooperation, and training programs in the Global South. These initiatives not only advance the promotion of surveillance technologies and cyber tools but also support the government’s goals with regard to international norm-making in multilateral and regional institutions.” 

Adam Kozy, independent analyst; CEO and founder, SinaCyber; former official with the FBI’s Cyber Team and Crowdstrike’s Asia-Pacific Analysis Team: 

“There is not one typical example of Chinese cyber operations in my opinion, as operations have evolved over time and are uneven in their distribution of tooling, access to the vulnerability supply chain, and organization. However, one individual who typifies how the Chinese Communist Party (CCP) has co-opted domestic hacking talent for state-driven espionage purposes is Tan Dailin (谭戴林/aka WickedRose) of WICKED PANDA/APT41 fame. He first began as a patriotic hacker during his time at university in 2000-2002, conducting defacements during the US-Sino hacker war, but was talent spotted by his local People’s Liberation Army (PLA) branch, the Chengdu Military Region Technical Reconnaissance Bureau (TRB) and asked to compete in a hackathon. This was followed by an “internship” where he and his fellow hackers at the NCPH group taught attack/defense courses and appear to have played a role in the 2003-2006 initial Titan Rain attacks probing US and UK government systems. Tan and his friends continued to do contract work for gaming firms, hacking a variety of South Korean, Japanese, and US gaming firms, which gave them experience with high-level vulnerabilities that are able to manipulate at the kernel level and also afforded them stolen gaming certificates allowing their malware to evade antivirus detection. After a brief period where he was reportedly arrested by the Ministry of Public Security (MPS) for hacking other domestic Chinese groups, he reemerged with several new contracting entities that have been noted to work for the Ministry of State Security (MSS) in Chengdu. Tan has essentially made a very comfortable living out of being a cyber mercenary for the Chinese state, using his legacy hacking network to constantly improve and upgrade tools, develop new intrusion techniques, and stay relevant for over twenty years.” 

Jen Roberts, program assistant, Cyber Statecraft Initiative, Digital Forensic Research Lab (DFRLab), Atlantic Council: 

“While no one case study stands out to typify a “Chinese” model, Chinese cyber operations blend components of espionage and entrepreneurship and capitalize on China’s pervasiveness in the international economy. One example of this is the Nortel/Huawei example where espionage, at least in part, caused the collapse of the Canadian telecommunications company.”

#2 What role do non-state actors play in China’s approach to cyber operations?

Cary: “Chinese security services still have a marked preference for using contracted hacking teams. These groups often raise money from committing criminal acts, in addition to work on behalf of intelligence agencies. Whereas in the United States, the government may purchase vulnerabilities to use on an offensive mission or hire a few companies to conduct cyber defense on a network, the US government does not hire firms to conduct specific offensive operations. In China, the government may hire teams for both offensive and defensive work, including offensive hacking operations.” 

Costello: “Non-state actors play a myriad number of roles. Most notably, Department of Justice and Federal Bureau of Investigation indictments show clear evidence of contractual relationships between the MSS and non-state actors conducting cyber intelligence operations. Less conventional, Chinese hacktivists have on occasion played a limited but substantive role in certain cases, such as cyberattacks against South Korea’s Lotte group during the US Terminal High Altitude Area Defense (THAAD) system kerfuffle in 2017. Hypothetically, China’s military strategy calls for a cyber defense militia; but the contours or reality of mobilization, training, and reliability are unclear. China’s concept of ‘people’s war’ in cyberspace—a familiar adoption of Maoist jargon for new concepts—has been discussed but has yet to be seen in practice in any meaningful form.” 

Jili: “State investment and procurement of public security systems from private firms are driving the development of China’s surveillance ecosystem. Accordingly, private firm work and collaboration with the state are scaling Beijing’s means to conduct surveillance operations on targeted domestic populations that are perceived threats to regime stability. Crucially, given the financial incentives to collaborate with Beijing, private companies have limited reasons not to support state security prerogatives.” 

Kozy: “This question has the issue of mirroring bias. We tend to view things from a United States and Western lens when evaluating whether someone is a state actor or not, because we have very defined lines around what an offensive cyber operator can do acting on behalf of the US government. China has thrived in this grey area, relying on patriotic hackers with tacit state approval at times, hackers with criminal businesses, as well as growing its domestic ability to recruit talented researchers from the private sector and universities. The CCP has historically compelled individuals who would be considered traditionally non-state-affiliated actors to aid campaigns when necessary. Under an authoritarian regime like the CCP, any individual who is in China or ethnically Chinese can become a state actor very quickly. Actors like Tan Dailin do constitute a different type of threat because the CCP effectively co-opts their talents, while turning a blind eye to their criminal, for-profit side businesses that are illegal and have worldwide impact.” 

Roberts: “Chinese non-state actors are very involved in Chinese cyber operations. A wide variety of non-state entities, such as contractors and technology conglomerates (Alibaba, Huawei, etc.), have worked in tandem with the CCP on a variety of research, development, and execution of cyber operations. This relationship is fortified by Chinese disclosure laws and repercussions of violating them. While Russia’s relationship with non-state actors relies on the opaqueness of non-state groups’ relationships with the government, China’s relationship with non-state entities is much more transparent.”

#3 How do China’s cyber operations differ from those of other states in the region?

Cary: “China has the most hackers and bureaucrats on payroll in Asia. Its operations are not different in kind nor process, but scale. While Vietnam’s or India’s cyber operators are able to have some effect in China, they are not operating at the scale at which China is operating. The most significant differentiator—which is still only speculation—is that China likely collects from the backbone of the Internet via agreements or compromise of telecommunication giants like Huawei, China Unicom, etc., as well as accessing undersea cables.” 

Costello: “Scale. The scale of China’s cyber operations dwarfs those of other countries in the region—the complexity and sheer range of targeting, and the number of domestic technology companies whose increasingly global reach may be utilized for intelligence gain and influence. As China’s influence and global reach expands, so too does its self-perceived need to protect and further expand its interests. Cyber serves as a low-risk and often successful tool to accomplish this in economic and security realms.” 

Jili: “While most regional and global players’ cyber operations have a domestic bent, Beijing also actively promotes surveillance technology and practices abroad through diplomatic exchanges, law enforcement cooperation, and training programs. These efforts not only advance the proliferation of Chinese public security systems, but they also support the government’s goals concerning international norm-making in multilateral and regional institutions.” 

Kozy: “China is by far the most aggressive cyber power in its region. It can be debated that Russian cyber operatives are still more advanced in terms of sophistication, but China aggressively conducts computer network exploitations against all of its regional neighbors with specific advanced persistent threat (APT) groups across the PLA and MSS having regional focuses. Some of its neighbors such as India, Vietnam, Japan, and South Korea have advanced capabilities of their own to combat this, but there are regular public references to successful Chinese cyber campaigns against these countries despite significant defensive spending. Regional countries without cyber capabilities likely have long-standing compromises of critical systems.” 

Roberts: “China has a talent for extracting intellectual property and conducting large-scale espionage. While other threat actors in the region, like North Korea, also conduct espionage operations, North Korea’s primary focus is on operations that prioritize fiscal extraction to fund regime activity, while China seems much more intent on collecting data for a variety of purposes. Despite differing capacities, sophistication, and types of operations, the end goals for both states are not all that different—political survival.”

More from the Cyber Statecraft Initiative:

China’s surveillance ecosystem and the global spread of its tools

The 5×5—Russia’s cyber statecraft

The 5×5—The state of cybersecurity in the Middle East

#4 How have China’s offensive cyber operations changed since 2018?

Cary: “China’s emphasis on developing its domestic pipeline of software vulnerabilities is paying off. China has passed policies that co-opt private research on behalf of the security services, support public software vulnerability competitions, and invest in technology to automate software vulnerability discovery. Together, as outlined by Microsoft’s Threat Intelligence Center’s 2022 analysis, China is combining these forces to use more software vulnerabilities now than ever before.”

Costello: “China’s cyber operations have unsurprisingly grown in scale and sophistication. Actors are less ‘noisy’ and China’s tactical approach to cyber operations appears to have evolved towards more scalable operations, namely supply-chain attacks and targeting service providers. These tactics have the advantage of improving the return on investment for an operation or campaign, as they allow compromise of all customers who use the product or service while minimizing risk of discovery. Supply chain attacks or compromise through third-party services can also be more difficult to detect and identify. China’s cyber landscape is not homogenous, and there remains great variability in sophistication across the range of Chinese actors.

As reported by the Director of National Intelligence in the last few years, China has increasingly turned towards targeting US critical infrastructure, particular natural gas pipelines. This is an evolution, though whether it is ‘learning by doing,’ operational preparation of the battlespace, or nascent ventures by a more operationally-focused Strategic Support Force (reorganization into a Space and Cyber Corps from 2015-17) is unclear. Time will most certainly tell.”

Jili: “Since 2018, the party-state has been more active in utilizing platforms like BRICS (Brazil, Russia, India, China, and South Africa), an emerging markets organization, and the Forum on China-Africa Cooperation (FOCAC) to promote digital infrastructure products and investments in the Global South. Principally, through multilateral platforms like FOCAC, Beijing has promoted resolutions to increase aid and cooperation in areas like cybersecurity and cyber operations.”

Kozy: “Intrusions from China have continued unabated since 2018, with a select number of Chinese APTs having periods of inactivity due to COVID-19 shutdowns. The Cyber Security Law and National Intelligence Law, both enacted in 2017, provided additional legal authority for China’s intelligence services to access data and co-opt Chinese companies for use in vaguely worded national security investigations. Of note is China’s efforts to increase the number of domestic cybersecurity conferences and nationally recognized cybersecurity universities as part of ongoing recruitment pipelines for cyber talent. Though there was increased focus from the Western cybersecurity community on MSS-affiliated contractors after the formation of the PLA Strategic Support Force (PLASSF) in 2015, more PLA-affiliated APT groups have emerged since the pandemic with new tactics, techniques, and procedures. The new PLASSF organization means these entities may be compromising high-value targets and then assessing them for use for offensive cyber operations in wartime scenarios or cyber espionage operations.”

Roberts: “Since 2018, Chinese offensive cyber operations have increased in scale. China has reinvigorated its workforce capacity-building efforts to increase the overall quantity and quality of workers. It has tightened its legal regime, cracking down on external vulnerability disclosure. It has also begun significantly investing in disinformation campaigns, especially against Taiwan. This is evident by the Chinese influence in Taiwan’s 2018 and 2020 elections.”

#5 What domestic entities, partnerships, or roles exist in China’s model of cyber operations model that are not present in the United States or Western Europe?

Cary: “China’s emphasis on contracted hackers coincides with divergent levels of trust between the central government and some provincial-level MSS hacking teams. Some researchers maintain that one contracted hacking team pwns targets inside China to do internal security prior to visits by central government leaders. While there is scant evidence that these attitudes and beliefs make their way into operations against foreign targets, they do likely impact the distribution of responsibilities and operations in a way not seen in mature democracies. The politicization of intelligence services is particularly risky in China’s political system.”

Costello: “The extralegal influence of the CCP cannot be overstated. Though the National Security Law, National Intelligence Law, and other laws ostensibly establish a legal foundation for China’s security apparatus, the reality is that the party is not bound strictly to these laws—and they only demonstrate a public indicator of what power it may possess. The lack of any independent judiciary suggests unchecked power of the CCP to co-opt or compel assistance from any citizen or company for which it almost certainly has near-total leverage. While the suspicion of Chinese organizations can be overblown, the idea that the CCP has the power to utilize not each but any organization is sobering and the root of many of these concerns. The lack of rigorous rule of law, in these limited circumstances, is certainly a competitive advantage in the intelligence sphere.”

Jili: “Beijing has nurtured a tech industry and environment that actively support the party-state’s aims to bolster government surveillance and cyber capabilities. From large firms to startups, many companies work with the state to conduct vulnerability research, develop threat detection capabilities, and produce security and intelligence products. While these private firms rely on Chinese venture capital and state loans, they have grown to service a global customer base.”

Kozy: “Starting with the 2015 control of WooYun, China’s largest vulnerability site, the CCP has gained an incredible amount of control of the vulnerability supply chain within China, which affords its cyber actors access to high-value vulnerabilities for use in their campaigns. The aforementioned 2017 laws also made it easier for Chinese authorities to prevent domestic researchers from competing in cyber conferences overseas and improved access to companies doing vulnerability research in China. The CCP’s public crackdowns on Jack Ma, Ant Financial, and many others have shown that the CCP fears the influence its tech firms have and has quickly moved to keep its tech giants loyal to the party; a stark contrast to the relationships that the United States and European Union have with tech giants like Google, Facebook, etc.”

Roberts: “While corporate-government partnerships exist everywhere, what separates the United States and Western Europe from China is the scope and scale of the connective tissue that exists between the two entities. In China, this relationship has more explicit requirements in the cyber domain, especially when it comes to vulnerability disclosure.”

Simon Handler is a fellow at the Atlantic Council’s Cyber Statecraft Initiative within the Digital Forensic Research Lab (DFRLab). He is also the editor-in-chief of The 5×5, a series on trends and themes in cyber policy. Follow him on Twitter @SimonPHandler.

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

The post The 5×5—China’s cyber operations appeared first on Atlantic Council.

Speaking on January 18, Lavrov claimed a coalition of Western countries led by the United States was following in the footsteps of Napoleon and Hitler with the goal of destroying Russia. “They are waging war against our country with the same task: the final solution of the Russian question,” he said in direct reference to Hitler’s infamous “final solution” of the Jewish question.

Lavrov’s Holocaust comparison was met with widespread international criticism. In a strongly worded statement, EU foreign policy chief Josep Borrell said his Russian counterpart’s comments were “entirely misplaced, disrespectful, and trample on the memory of the six million Jewish people, and other victims, who were systematically murdered in the Holocaust. The Russian regime’s manipulation of the truth to justify their illegal war of aggression against Ukraine has reached another unacceptable and despicable low point.”

The Israeli Foreign Ministry branded Lavrov’s remarks “unacceptable,” while French diplomats said the Russian foreign minister’s attempt to compare international opposition to the invasion of Ukraine with the Holocaust was “outrageous and disgraceful.” Meanwhile, UK Foreign Secretary James Cleverly called Lavrov’s comments “totally abhorrent” while noting, “Russia is not the victim. Russia is the aggressor.”

In the US, national security spokesperson John Kirby expressed indignation at Lavrov’s attempt to draw parallels between the Nazi genocide and the response to Russia’s attack on Ukraine. “How dare he compare anything to the Holocaust, let alone a war that they started,” he told reporters at the White House. “It’s almost so absurd that it’s not worth responding to, other than the truly offensive manner in which he tried to cast us in terms of Hitler and the Holocaust.”

This was not Lavrov’s first flirtation with anti-Semitic historical distortions. During an appearance on Italian TV in spring 2022, Russia’s top diplomat sparked outrage by repeating the notorious anti-Semitic trope that Hitler was Jewish. When asked why Russia insists on calling Ukraine a “Nazi state” despite the fact that Ukrainian President Volodymyr Zelenskyy is Jewish, Lavrov replied that Nazi leader Adolf Hitler “also had Jewish blood.”

The fallout from Lavrov’s very public descent into the squalid world of anti-Semitic conspiracy theories was predictably severe. Following a chorus of international condemnation led by Israel, Vladimir Putin was eventually obliged to intervene. In early May, the Russian dictator called the Israeli Prime Minister to personally apologize on behalf of his foreign minister.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Phone
  This field is for validation purposes and should be left unchanged.

The international backlash over Lavrov’s blunders illustrates the limitations of the propaganda narratives developed by Moscow to justify the invasion of Ukraine. While captive audiences inside Russia have been largely convinced by attempts to blame hostilities on “Ukrainian Nazis” and the “Russophobic West,” these unsubstantiated arguments have proven far less persuasive internationally and have served to further undermine the Kremlin’s dwindling credibility.

Russian attempts to portray Ukrainians as Nazis are nothing new and can be traced back to Soviet wartime propaganda. The tactic has been enthusiastically revived by the Kremlin in recent years to dehumanize Ukrainians and legitimize attempts to extinguish Ukrainian independence. This plays well in modern Russia, where the Putin regime has fostered a cult-like reverence for the Soviet role in World War II that includes the demonizing of all opponents as “fascists.” However, the lack of any actual evidence to support these poisonous allegations has left outside observers deeply skeptical.

As Lavrov himself discovered during last year’s disastrous Italian TV interview, most people living beyond the suffocating confines of the Kremlin propaganda bubble regard the election of Ukraine’s Russian-speaking Jewish President Volodymyr Zelenskyy as convincing proof that Ukraine is anything but a Nazi state. Likewise, the consistent failure of Ukraine’s far right parties to secure more than 2% of the vote in national ballots makes a mockery of Moscow’s entire “Nazi Ukraine” narrative. In the eleven months since the full-scale invasion of Ukraine began, Russia has yet to identify any of the “Nazis” it claims to be fighting or define exactly what the stated war aim of “de-Nazification” means in practice.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

Lavrov’s lurid allegations of anti-Russian plots suffer from similar problems. While domestic audiences in Russia have been conditioned for decades to view their country as a blameless victim of irrational Western Russophobia, there is a growing consensus in the wider world that the international community has actually been much too slow to react to the mounting threats posed by Putin’s Russia.

Far from pursuing the destruction of Russia, the West responded to Moscow’s wars of aggression in Georgia and Ukraine with a series of misguided resets and endless policies of appeasement. Indeed, it was not until Putin launched the biggest European conflict since World War II last February that Western leaders finally and reluctantly acknowledged the necessity of countering the Kremlin. Even now, as Russia’s invasion approaches the one-year mark, the debate over Western support for Ukraine remains dominated by excessive caution and a debilitating desire to avoid escalation. These are self-evidently not the actions of an international coalition seeking “the final solution to the Russian question,” as Lavrov so absurdly claims.

It is still far too early for Ukraine to declare victory in the information war. Russian disinformation narratives continue to resonate on the vocal fringes of Western society while also appealing to widespread anti-Western sentiment in much of Asia, Africa, and South America. Nevertheless, the wholesale revulsion over Lavrov’s recent Holocaust remarks is a timely reminder of the increasingly unbridgeable gap separating Russia’s alternative reality from the real world.

Almost one year since the full-scale invasion of Ukraine began, only a handful of fellow pariah states are still prepared to stand with Russia on the global stage as international audiences reject Kremlin claims of phantom fascists and anti-Russian conspiracies. Instead, there is growing recognition that the war in Ukraine is an act of naked imperial aggression that threatens to destabilize the wider world.

Russia’s attack on Ukraine has been built on an unprecedented web of deceit and distortion. As these lies lose their power and the reality of Putin’s genocidal agenda becomes impossible to ignore, a consensus is emerging that the war in Ukraine will only end when Russia is decisively defeated.

Peter Dickinson is Editor of the Atlantic Council’s UkraineAlert Service.

Further reading

UkraineAlert Dec 26, 2022

Eight reasons for Ukrainian optimism in 2023

By Brian Mefford

Ukrainians have experienced an incredibly traumatic year but the country enters 2023 with reason for cautious optimism that Vladimir Putin’s criminal invasion can be decisively defeated, writes Brian Mefford.

European Union NATO

UkraineAlert Dec 25, 2022

Bakhmut: Fortress of freedom

By Andriy Yermak

Western support for Ukraine must remain strong in 2023 to prevent a Russian victory that would fuel a global authoritarian revival, warns the head of Ukraine’s Office of the President, Andriy Yermak.

Conflict European Union

UkraineAlert Jan 17, 2023

How Europe can help Ukraine defeat Russia and win the peace in 2023

By Andreas Umland

Continued European support for Ukraine will be crucial in 2023 and must feature a combination of intensification and innovation if Vladimir Putin’s invasion is to be decisively defeated, writes Andreas Umland.

Conflict Economic Sanctions

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Putin is facing defeat in the information war appeared first on Atlantic Council.

Security

Russian forces claim control of strategic Soledar

Tracking narratives

Russian hacker wanted by the FBI reportedly wins Wagner hackathon prize

Frenzy befalls French company accused of feeding Russian forces on New Year’s Eve

Former head of Russian space agency injured in Donetsk, mails shell fragment to French ambassador

Sputnik Lithuania’s former chief editor arrested

International response

New year brings new military aid for Ukraine

Ukrainian envoy to Georgia discusses deteriorating relations between nations

Russian forces claim control of strategic Soledar

Russia said on January 13 that its forces had taken control of the contested city of Soledar. Recent fighting has been concentrated in Soledar and Bakhmut, two cities in the Donetsk region that are strategically important to Ukrainian and Russian forces. Moscow has been trying to take control of the two cities since last summer. Over the past week, Russia has increased its presence on the fronts with the support of Wagner units. Russia wants control of the Soledar-Bakhmut axis to cut supply lines to the Ukrainian armed forces.  

On January 10, Russian sources claimed that Wagner forces had advanced into Soledar. Interestingly, Wagner financier Yevgeny Prigozhin denied the claim and said the forces were still engaged in fighting. Wagner’s presence was established in a camp near Bakhmut. Soldiers from the Wagner Group and other special forces deployed to Bakhmut after other military units had failed to break through the Ukrainian defense.  

On January 11, Ukrainian Deputy Defense Minister Anna Malyar said that heavy fighting was taking place in Soledar and that Russian forces had replaced the unit operating in the city with fresh troops and increased the number of Wagner soldiers among them. The same day, Prigozhin claimed that Wagner forces had taken control of Soledar. The Ukrainian defense ministry denied the allegation. On January 12, Ukrainian sources shared unconfirmed footage of soldiers driving on the main road connecting Bakhmut and Soledar with Sloviansk and Kostyantynivka to as evidence that the area remained under Ukrainian control.  

Elsewhere, on January 11, the Kremlin announced that Valery Gerasimov would replace Sergei Surovikin as commander of Russian forces in Ukraine. The unexpected move could be interpreted as evidence of a struggle for influence in Russian military circles. Surovikin is considered close to Prigozhin’s entourage, which has criticized senior officers recently, including Gerasimov. Some analysts believe that the change signals a possible military escalation from Russia. 

Furthermore, on January 8, Ukrainian forces repelled a Russian offensive the vicinity of Makiyivka and Stelmakhivka. Further north of Lysychansk, on January 11, Ukraine also repelled an attack on the city of Kreminna. In the neighboring Kharkiv region, aerial threats remain high. On the southern front, the city of Kherson and several cities across the Zaporizhzhia region remain targets of Russian attacks.  

Lastly, a new Maxar satellite image from nearby Bakhmut exemplifies the brutality of war on the frontline in Donetsk. The image shows thousands of craters, indicating the intensity of the artillery shelling and exchange of fire between Ukrainian and Russian forces.

—Valentin Châtelet, Research Associate, Brussels, Belgium

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Russian hacker wanted by the FBI reportedly wins Wagner hackathon prize

In December 2022, the Wagner Group organized a hackathon at its recently opened headquarters in St. Petersburg, for students, developers, analysts, and IT professionals. Wagner announced the hackathon on social media earlier that month. Organizers created the promotional website hakaton.wagnercentr.ru, but the website went offline soon after. A December 8 archive of the website, accessed via the Internet Archive Wayback Machine, revealed that the objective of the hackathon was to “create UAV [unmanned aerial vehicle] positioning systems using video recognition, searching for waypoints by landmarks in the absence of satellite navigation systems and external control.” Hackathon participants were asked to complete the following tasks: display the position of the UAV on the map at any time during the flight; direct the UAV to a point on the map indicated by the operator; provide a search for landmarks, in case of loss of visual reference points during the flight and returning the UAV to the point of departure, in case of a complete loss of communication with the operator.   

On December 9, Ukrainian programmers noticed that hakaton.wagnercentr.ru was hosted by Amazon Web Services and asked users to report the website to Amazon. Calls to report the channel also spread on Telegram, where the channel Empire Burns asked subscribers to report the website and provided instructions on how to do so. Empire Burns claims hakaton.wagnercentr.ru first went offline on December 9, which tallies with archival posts. However, there is no evidence that reporting the website to Amazon resulted in it being taken offline.   

Snapshots of hakaton.wagnercentr.ru from the Wayback Machine show the website was created in a Bitrix24 online workspace. A snapshot captured on December 13 shows an HTTP 301 status, which redirects visitors to Wagner’s main website, wagnercentr.ru. The Wagner website appears to be geo-restricted for visitors outside Russia. 

On December 23, a Wagner Telegram channel posted about the hackathon, claiming more than 100 people applied. In the end, forty-three people divided into twelve teams attended. The two-person team GrAILab Development won first place, the team SR Data-Iskander won second place, and a team from the company Artistrazh received third place. Notably, one of Artistrazh’s co-founders is Igor Turashev, who is wanted by the FBI for his connection to computer malware that the bureau claims infected “tens of thousands of computers, in both North America and Europe, resulting in financial losses in the tens of millions of dollars.” Artistrazh’s team comprised four people who won 200,000 Russian rubles (USD $3,000). OSINT investigators at Molfar confirmed that the Igor Turashev who works at Artistrazh is the same one wanted by the FBI.  

Wagner said that one of the key objectives of the hackathon was the development of IT projects to protect the interests of the Russian army, adding that the knowledge gained during the hackathon could already be applied to clear mines. Wagner said it had also invited some participants to collaborate further. The Wagner Center opened in St. Petersburg in early November 2022; the center’s mission is “to provide a comfortable environment for generating new ideas in order to improve Russia’s defense capability, including information.”

– Givi Gigitashvili, DFRLab Research Associate, Warsaw, Poland

Frenzy befalls French company accused of feeding Russian forces on New Year’s Eve

A VKontakte post showing baskets of canned goods produced by the French company Bonduelle being distributed to Russian soldiers on New Year’s Eve has sparked a media frenzy in France. The post alleges that Bonduelle sent Russian soldiers a congratulatory package, telling them to “come back with a win.” The post quotes Ekaterina Eliseeva, the head of Bonduelle’s EurAsia markets. According to a 2019 Forbes article, Eliseeva studied interpretation at an Russian state security academy.  

Bonduelle has issued several statements denying the social media post and calling it fake. However, Bonduelle does maintain operations in Russia “to ensure that the population has access to essential foodstuff.”  

French broadcaster TV 5 Monde discovered that Bonduelle’s Russia division participated in a non-profit effort called Basket of Kindness, sponsored by the Fund of Presidential Grants of Russia. Food and supplies were gathered by food banks to be delivered to vulnerable segments of the population. However, during the collection drive, Dmitry Zharikov, governor of the Russian city of Podolsk, posted on Telegram that the collections would also serve military families.   

The story was shared on national television in France and across several international outlets. The Ukrainian embassy in France criticized Bonduelle for continuing to operate in Russia, claiming it was “making profits in a terrorist country which kills Ukrainians.”

—Valentin Châtelet, Research Associate, Brussels, Belgium

Former head of Russian space agency injured in Donetsk, mails shell fragment to French ambassador

Dmitry Rogozin, former head of the Russian space agency Roscosmos, said he was wounded in Ukrainian shelling on December 21, 2022, at the Shesh hotel in Donetsk while “celebrating his birthday.” In response, Rogozin sent a letter to Pierre Lévy, the French ambassador to Russia, with a fragment of the shell.   

In the letter, Rogozin accused the French government of “betraying [Charles] De Gaulle’s cause and becoming a bloodthirsty state in Europe.” The shell fragment was extracted from Rogozin’s spine during surgery and allegedly came from a French CAESAR howitzer. Rogozin requested the fragment be sent to French President Emmanuel Macron. His message was relayed by Russian news agencies, and on Telegram by pro-Russian and French-speaking conspiracy channels.  

At the time of the attack, Rogozin was accompanied by two members of his voluntary unit, “Tsar’s wolves,” who were killed in the attack, according to reporting from RT, RIA Novosti, and others.  

– Valentin Châtelet, Research Associate, Brussels, Belgium

Sputnik Lithuania’s former chief editor arrested

On January 6, Marat Kasem, the former chief editor of Sputnik Lithuania, was arrested in Riga, Latvia, on suspicion of “providing economic resources” to a Kremlin propaganda resource under EU sanctions.  

The following day, pro-Kremlin journalists held a small demonstration in support of Kasem in front of the Latvian embassy in Moscow. Russian journalist Dmitry Kiselyov and politician Maria Butina attended the event. 

The demonstration was filmed by Sputnik and amplified with the Russian hashtag  #свободуМаратуКасему (#freedomForMaratKasem) on Telegram channels operating in the Baltic states, including the pro-Russian BALTNEWS, Своих не бросаем! | Свободная Балтика!, and on Butina’s personal channel. The news of Kasem’s arrest also reached the Russian Duma’s Telegram channel, which re-shared Butina’s post. 

– Valentin Châtelet, Research Associate, Brussels, Belgium

New year brings new military aid for Ukraine

International efforts in support of Ukraine are continuing in full force in 2023. On January 4, Norway announced it had sent Ukraine another 10,000 155mm artillery shells. These shells can be used in several types of artillery units, including the M109 self-propelled howitzer. On January 5, Germany confirmed it would provide Ukraine with Marder fighting vehicles and a Patriot anti-aircraft missile battery. German news outlet Spiegel also reported that talks are underway to supply Ukraine with additional Gepard anti-aircraft guns and ammunition. 

In addition, UK Foreign Secretary James Cleverly said the British government would supply Ukraine with military equipment capable of delivering a “decisive” strike from a distance. At the end of 2022, UK Defense Secretary Ben Wallace discussed the possibility of transferring Storm Shadow cruise missiles, with a range of up to 250 kilometers. Finland also reported that it is preparing its twelfth package of military assistance to Ukraine.  

US aid to Ukraine is also being reaffirmed with a $2.85 billion package on top of weapon deliveries. Additionally, the US plans to deliver fourteen vehicles equipped with anti-drone systems as part of its security assistance package. The company L3Harris is part of the Pentagon’s contract to develop anti-drone kits. This equipment would help protect Ukrainian civil infrastructure, which has been a frequent Russian target since October 2022.  

On January 6, French President Emmanuel Macron announced that France would supply Ukraine with units of the light AMX-10RC armored reconnaissance vehicle. These vehicles were produced in 1970 and have been used in Afghanistan, the Gulf War, Mali, Kosovo, and Ivory Coast. The French defense ministry also announced that the country was to deliver twenty units of ACMAT Bastion armored personnel carriers. 

On January 11, Ukrainian President Volodymyr Zelenskyy met with Presidents Andrzej Duda of Poland and Gitanas Nauseda of Lithuania in Lviv. During the visit, Duda announced that Poland would deliver fourteen units of the much-awaited German Leopard combat tanks, and Nauseda announced that his country would provide Ukraine with Zenit anti-aircraft systems. 

Meanwhile, the largest manufacturer of containers for the transport of liquified natural gas has ceased operations in Russia. French engineering group Gaztransport & Technigaz (GTT) said it ended operations in Russia after reviewing the latest European sanctions package, which included a ban on engineering services for Russian firms. The group said its contract with Russian shipbuilding company Zvezda to supply fifteen icebreakers to transport liquefied natural gas was suspended effective January 8.

—Valentin Châtelet, Research Associate, Brussels, Belgium

—Ruslan Trad, Resident Fellow for Security Research, Sofia, Bulgaria

Ukrainian envoy to Georgia discusses deteriorating relations between nations

On January 9, Andrii Kasianov, the Ukrainian Chargé d’Affaires in Georgia, published an article discussing the deteriorating relationship between the two countries. The article stated that the top issues affecting relations were military aid to Ukraine, bilateral sanctions against Russia, visa policies for fleeing Russians, and the legal rights of Mikheil Saakashvili, the imprisoned third president of Georgia, who is also a Ukrainian citizen. 

Kasianov noted that Tbilisi declined Kyiv’s request for military help, specifically for BUK missile systems, which were given to Georgia by Ukraine during Russia’s 2008 invasion. The diplomat said that the weapons request also included Javelin anti-tank systems supplied to Georgia by the United States.  

“Despite the fact that the Georgian government categorically refused to provide military aid, Ukraine opposes the use of this issue in internal political disputes and rejects any accusations of attempts to draw Georgia into a war with the Russian Federation,” Kasianov said. 

Since the Russian invasion of Ukraine, the Georgian Dream-led government has accused Ukraine, the US, and the EU of attempting to drag Georgia into a war with Russia.  

—Eto Buziashvili, Research Associate, Tbilisi, Georgia

The post <strong>Russian War Report: Russian hacker wanted by the FBI reportedly wins Wagner hackathon prize</strong>  appeared first on Atlantic Council.

Ukraine’s future prosperity is not just a matter of ending the war and moving toward membership of the European Union, however. Ahead lies the complex reconstruction of the country’s entire economy and national infrastructure. In order for this to succeed, there can be no return to pre-war conditions. Instead, Ukraine has a once-in-a-lifetime opportunity to reinvent itself as one of the most modern nations on the planet.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Email
  This field is for validation purposes and should be left unchanged.

Thanks to the unprecedented support of Ukraine’s international partners, today’s ambitious visions for a new Ukrainian economy are entirely feasible. This will in all likelihood be a green economy at the cutting edge of the digital revolution.

President Zelenskyy had already set Ukraine on the road to a digital future long before the horrors of Russia’s full-scale invasion. In the early days of his presidency in spring 2019, Zelenskyy identified digitalization as a national priority and vowed to create “a country in a smartphone.”

On the eve of the Russian invasion, Ukraine had already made significant progress in this direction. More than 10 million Ukrainians, or around one-third of the entire adult population, had installed the Diia app, which offered a range of public services and documents in digital format. The impact of this digitalization has been evident during the war, with Ukrainians frequently using virtual documents to identify themselves and pass checkpoints. 

The tech sector had also established itself as a key engine of the economy in pre-war Ukraine. By the end of 2021, the IT industry was generating around $6.8 billion in annual export earnings, representing approximately 10% of Ukraine’s overall export revenues.

These developments are encouraging and indicate that Ukraine can seize the unique opportunities that may soon emerge. At the same time, the post-war transformation of the country will force the Ukrainian authorities and the domestic tech industry to think on a far larger scale than ever before. International investments alone will dwarf anything seen in Ukraine since the country regained independence in 1991.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

Ukraine’s IT industry certainly has the potential to rise to the coming challenges. On the eve of the invasion, there were more than 250,000 IT engineers in the country working for companies that developed advanced solutions for many of the world’s biggest brands. To harness this potential and position the country for future success, Ukraine’s Ministry of Digital Transformation must engage with the world’s leading experts to develop an effective digital transformation strategy.

This strategy must address a series of core issues such as mastering digital skills, engineering digital infrastructure, the digitalization of public services, and the digital transformation of Ukraine’s business environment. Ukraine must adapt its education system to make sure the emerging generation of young Ukrainians are equipped with the necessary English-language and tech skills to drive the country’s transformation forward. Teachers will need to have expert knowledge, while schools must have sufficient internet access and tech tools.

These innovations need to be applied evenly across the country to make sure progress is consistent and no regions are left behind. This is especially important for regions liberated from Russian occupation. Digitalization must also extend to every branch of public services including healthcare, housing, and municipal services.

Even this very brief overview highlights the vast proportions of the undertaking that lies ahead for Ukraine. The envisaged digital revolution will require the involvement of experts in a wide variety of fields including law, education, energy, medicine, and security as well as IT itself.

The experience of the past ten months leaves little room for doubt that the global community will be ready to support Ukraine’s post-war digital transformation. While the Ukrainian Ministry of Digital Transformation will have the task of coordinating the creation of a digital transformation strategy, the Ministry can call on the support of a range of national governments, international financial institutions such as the World Bank and the EBRD, global development agencies, and many of the world’s largest tech companies.    

Today, while Ukraine’s heroic defense against Russian aggression is still underway, it is time to create a broad coalition of allies and establish expert working groups to develop a strategy development fund. The platform for this coalition can be the Digital for Freedom initiative already put forward by the Ministry of Digital Transformation in mid-2022.

Ukraine has already demonstrated that with enough military support, it can win the war. The country’s international partners must also be ready to begin the massive task of reconstruction as soon as circumstances allow. A comprehensive and ambitious digital transformation strategy can serve as one of the foundational documents for the coordination of efforts to make the new Ukraine an example of progress for the entire world.

Anatoly Motkin is president of the StrategEast Center, an independent institution working to develop Eurasia’s digital economy in collaboration with international financial institutions, development agencies, global tech companies, and Eurasian governments.

Further reading

UkraineAlert Dec 26, 2022

Eight reasons for Ukrainian optimism in 2023

By Brian Mefford

Ukrainians have experienced an incredibly traumatic year but the country enters 2023 with reason for cautious optimism that Vladimir Putin’s criminal invasion can be decisively defeated, writes Brian Mefford.

European Union NATO

UkraineAlert Dec 25, 2022

Bakhmut: Fortress of freedom

By Andriy Yermak

Western support for Ukraine must remain strong in 2023 to prevent a Russian victory that would fuel a global authoritarian revival, warns the head of Ukraine’s Office of the President, Andriy Yermak.

Conflict European Union

UkraineAlert Dec 22, 2022

Russia’s defeat is the top global priority for 2023

By Oleksii Reznikov

Ensuring that the Russian invasion of Ukraine ends in defeat is vital for the international security system and must be the strategic priority for 2023, writes Ukrainian Defense Minister Oleksii Reznikov.

Conflict European Union

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Post-war Ukraine needs a smart digital transformation strategy appeared first on Atlantic Council.

Europe Center nonresident senior fellow Kenneth Propp reviews the finalized version of the Organization for Economic Cooperation and Development’s (OECD) “Declaration on Government Access to Personal Data Held by Private Sector Entities,” which aims to document protections government have in place for access to individuals’ data.

The OECD declaration is a notable accomplishment because it demonstrates the surprising degree of commonality in data access safeguards applied by developed democracies’ national security and law enforcement agencies.

Kenneth Propp

About the author

Fellow

Kenneth Propp

Nonresident Senior Fellow

Europe Center

European Union Digital Policy

The post Propp in Lawfare: Gentlemen’s Rules for Reading Each Other’s Mail: The New OECD Principles on Government Access to Personal Data Held by Private Sector Entities appeared first on Atlantic Council.

During my brief time in the US, I held over 30 meetings with government officials as well as representatives of the defense, financial, and non-profit sectors. All were deeply immersed in the challenges facing Ukraine and were ready to offer genuine support. Topics of discussion included efforts to boost Ukrainian food exports, strengthen the country’s air defense systems, and facilitate the future reconstruction of Ukraine.

Every conversation also featured an anti-corruption component. This is essential in order to build the kind of transparent and effective partnerships that will help Ukraine move forward. Success will depend on a combination of the right systems and suitably qualified personnel.

Digital tools can play a key role in this process. Ukraine’s reputation as a digital innovator is already recognized across the Atlantic. Two years ago, Ukraine became the world’s first country to grant legal status to electronic passports for domestic use. Hundreds of public services for private citizens and businesses can already be accessed online. More recently, Ukraine occupied second place in Europe for data openness in the 2022 Open Data Maturity ranking.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Name
  This field is for validation purposes and should be left unchanged.

Ukraine’s digital progress can serve as a solid basis for the country’s recovery. While in the US, I had the opportunity to present plans for a Digital Reconstruction Management System (DRMS), which will serve as a comprehensive online platform that will ensure successful simultaneous implementation of multiple projects across Ukraine. The DRMS will make it possible to manage every stage of Ukraine’s reconstruction projects while providing real-time online information including spending data.

The concept is based on the principle of maximum transparency and the publication of open data in accordance with international norms such as the Open Contracting Data Standard. This digital solution will drive the development of an entire ecosystem. It will create opportunities for businesses around the world to participate in procurement tenders for the reconstruction of Ukraine.

Additional tools will make it possible to monitor contractors, while NGOs will be able to analyze data and create risk indicators. This approach will make the coming reconstruction of Ukraine a model of open governance and open contracting for the entire world.

Ukraine’s digital reconstruction system is set to be launched in early 2023. This initiative is the result of cooperation between the Ukrainian authorities, civil society, and international institutions. It is being implemented together with RISE Ukraine, a coalition of international and Ukrainian NGOs.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

Personnel choices will also play a key role in the further evolution of Ukraine’s anti-corruption architecture. Appointing the right people will be critical to this process. In the months and years ahead, Ukraine should look to recruit from within the ranks of the country’s armed forces.

There are currently more people than ever in uniform defending Ukraine. This includes men and women from a variety of professional backgrounds, including many who took up arms following successful careers as civil servants and human rights defenders. According to my friends who are currently serving in the trenches, this experience fundamentally changes a person’s worldview and civic position.

Military veterans will be highly motivated to safeguard Ukraine’s development and the country’s democratic institutions. That is why it is so important for Ukraine to receive support from the US and other international partners for initiatives that will make it possible to integrate veterans into the country’s ongoing anti-corruption efforts.

The provisional idea is to select people with the relevant educational and professional background for training in the most effective approaches to combating corruption. Successful candidates can then join Ukrainian law enforcement and the country’s anti-corruption institutions.

I am confident that by combining digital transparency with a targeted approach to personnel, it will be possible to achieve historic change in Ukraine. This message clearly resonated with our American partners during my recent visit to the United States. Our pursuit of a common goal is a source of inspiration and one more reason to believe Ukraine will win the war.

Oleksandra Azarkhina is Ukraine’s Deputy Minister for Communities, Territories, and Infrastructure Development.

Further reading

UkraineAlert Dec 26, 2022

Eight reasons for Ukrainian optimism in 2023

By Brian Mefford

Ukrainians have experienced an incredibly traumatic year but the country enters 2023 with reason for cautious optimism that Vladimir Putin’s criminal invasion can be decisively defeated, writes Brian Mefford.

European Union NATO

UkraineAlert Dec 22, 2022

Russia’s defeat is the top global priority for 2023

By Oleksii Reznikov

Ensuring that the Russian invasion of Ukraine ends in defeat is vital for the international security system and must be the strategic priority for 2023, writes Ukrainian Defense Minister Oleksii Reznikov.

Conflict European Union

UkraineAlert Dec 25, 2022

Bakhmut: Fortress of freedom

By Andriy Yermak

Western support for Ukraine must remain strong in 2023 to prevent a Russian victory that would fuel a global authoritarian revival, warns the head of Ukraine’s Office of the President, Andriy Yermak.

Conflict European Union

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Digitalization and transparency are vital for Ukraine’s reconstruction appeared first on Atlantic Council.

Like many dictators throughout history, Putin believed he could strengthen his position at home by waging a small, victorious war. However, he is now learning a painful lesson: if you stake your position as dictator on a quick victory but fail to deliver, you may suffer the fate of Khrushchev after the Cuban Missile Crisis or the Argentinian junta after their disastrous invasion of the Falklands. Losing a conflict that you are expected to win is so thoroughly demoralizing that it puts your entire reign at risk.

Many people now question why Putin embarked on such a reckless invasion at all. In fact, the Russian dictator has always been a betting man. His entire career has been marked by gambles that have paid off handsomely. However, with the full-scale invasion of Ukraine, his luck may finally have run out.

US President Joe Biden describes Putin as a rational actor who has miscalculated. This is probably true, but it is also important to recognize Putin’s miscalculation as a symptom of a flawed worldview that is disconnected from reality. In short, Putin fell into the same trap that eventually catches out many long-serving dictators; he drank his own Kool-Aid.

In a military context, believing in one’s own inflated prowess is catastrophically dangerous. Thanks to decades of propaganda, Russians take it for granted that their country is a military superpower. This myth has been shattered in Ukraine. Despite having less than one-third of Russia’s population, a far smaller economy, and being an emerging democracy rather than a militarized dictatorship, Ukraine has more than held its own for almost a year against the invading Russian army.

While the West has provided Ukraine with significant military aid, the extent of Western involvement in the war should not be overstated. So far, only about one percent of the relevant available Western weaponry has actually been sent to Ukraine. Key partners such as the US, UK, France, and Germany have resisted Ukrainian pleas for tanks, jets, and long-range missiles. Instead, they have provided anti-tank weapons, limited quantities of artillery, and shorter range missile systems. Nevertheless, this has proved sufficient to stop Russia’s offensive and liberate about half of the territory occupied by Putin’s troops during the initial stages of the invasion.

Subscribe to UkraineAlert

As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.

• Name
  First Last
• Email*
• 
  
  
• Email
  This field is for validation purposes and should be left unchanged.

Faced with mounting setbacks in Ukraine, Putin has become increasingly delusional. Rather than acknowledge Russia’s embarrassing defeats and catastrophic losses, he insists everything is going according to plan. This is creating opportunities for Russia’s far right forces, which do not suffer from the same limitations. While Kremlin officials absurdly attempt to portray retreats as “goodwill gestures,” the far right wins over the Russian public by speaking frankly about the country’s military disasters in Ukraine.

Until the invasion began in February 2022, the only political opposition in Russia was represented by jailed anti-corruption activist Alexei Navalny, who had attempted to play broadly by Western democratic rules. When the war started, the remnants of Russian civil society were ruthlessly stamped out. Prominent opposition figures were jailed or forced into exile, while new laws criminalized all forms of public dissent. These trends have intensified over the intervening nine months, extinguishing any lingering hopes of a serious democratic opposition to the Putin regime.

Instead, the most serious challenge to Putinism may come from a newly emerging political movement that is even further to the right on the political spectrum than Putin himself. At present, this is a disorganized but vocal movement that has found its voice in the many unofficial Russian “war correspondents” and social media accounts reporting on the invasion while bypassing the Russia’s Kremlin-controlled mainstream information space. Most write from a Russian nationalist perspective while employing ethnic slurs for Ukrainians. They are unambiguously pro-war and often apparently pro-Putin. However, their content is frequently at odds with Russia’s official propaganda and highly critical of the military officials leading the invasion.

Eurasia Center events

Online Event Thu, July 20, 2023 • 8:00 am ET

After Vilnius: What’s next on Ukraine’s path to NATO?

Eastern Europe NATO Security & Defense Ukraine

While there is currently no single nationalist leader, the most prominent figure among Russian ultra-nationalists is Yevgeny Prigozhin, the leader of the Wagner Group paramilitary force. Prigozhin once sought to distance himself from Wagner but has recently made his connection very public. He has released footage of his recruitment speeches and has opened a swanky head office in Saint Petersburg. This reflects the rising profile of Wagner itself. Formerly seen as a shadowy mercenary group used by the Kremlin in hybrid war hot spots such as Ukraine, Syria, and Africa to create a veneer of plausible deniability, Wagner has been one of the few Russian military units to perform credibly during the initial stages of the Ukraine invasion and has visibly grown in stature.

With his own public profile on the rise, Prigozhin has begun testing the boundaries by publicly deriding senior figures within the Russian military hierarchy. Meanwhile, his Wagner troops operate in Ukraine as an army-within-an-army, pursuing their own clearly defined battlefield objectives and openly positioning themselves as a military elite in contrast to the under-performing regular Russian army.

Wagner fighters have become the poster boys of the ultra-nationalists, who are themselves less prone to official delusions and more interested in the realities of hard power. Freedom from the constraints of the Kremlin propaganda machine is a major asset in their struggle for credibility among Russian audiences. This makes the far right a potentially formidable opponent in a future internal power struggle against the Putin regime.

It is hard to predict what the world could expect from a post-Putin Russia ruled by far right forces, but there is clearly little room for optimism. An ultra-nationalist successor regime would likely be even more inclined to wage war against Russia’s neighbors while ruthlessly targeting civilians. This extremism would be driven in part by the growing conviction within nationalist circles that Putin is failing in Ukraine precisely because he has not been ruthless enough in his leadership of the war.

Putin’s domestic position is not yet sufficiently weak to talk of an imminent fall from power, but it is already apparent that he is far weaker today than he was just one year ago. At the same time, the full-scale invasion of Ukraine has catapulted a wide range of formerly fringe nationalist figures into the Russian mainstream and transformed Yevgeny Prigozhin into a political heavyweight. This swing to the right has not yet been fully appreciated by many Western observers, but it offers alarming indications of where Russia may be heading politically and must be watched carefully in the months ahead.

Stanislav Shalunov is founder and CEO of NewNode and creator of FireChat.

Further reading

UkraineAlert Nov 10, 2022

Battle of Kherson: Russian retreat confirms Putin is losing the war

By Andriy Zagorodnyuk

The war is still far from over, but Ukraine’s victory in the Battle of Kherson may eventually come to be seen as one of the key turning points in the defeat of Vladimir Putin’s invasion, writes Andriy Zagorodnyuk.

Conflict Freedom and Prosperity

UkraineAlert Dec 13, 2022

Vladimir Putin: 2022 Loser of the Year

By Peter Dickinson

Russian leader Vladimir Putin is the biggest loser of 2022. His disastrous decision to invade Ukraine has left Russia internationally isolated and shattered the country’s reputation as a military superpower.

Belarus Central Asia

UkraineAlert Oct 17, 2022

Putin’s blackout blitz: Russia aims to freeze Ukrainians into surrender

By Suriya Evans-Pritchard Jayanti

Russia is seeking to plunge Ukraine into darkness ahead of the winter heating season by destroying the country’s energy infrastructure. Ukraine’s partners must step in to make sure Ukrainians are not frozen into surrender.

Conflict Energy Markets & Governance

The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.

Read more from UkraineAlert

UkraineAlert is a comprehensive online publication that provides regular news and analysis on developments in Ukraine’s politics, economy, civil society, and culture.

The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.

Learn more

The post Vladimir Putin’s failing invasion is fueling the rise of Russia’s far right appeared first on Atlantic Council.

One year ago, the global cybersecurity community looked back at 2021 as the year of ransomware, as the number of attacks nearly doubled over the previous year and involved high-profile targets such as the Colonial Pipeline—bringing media and policy attention to the issue. Now, a year later, the surge of ransomware has not slowed, as the number of attacks hit yet another record high—80 percent over 2021—despite initiatives from the White House and the Cybersecurity and Infrastructure Security Agency (CISA). The persistence of ransomware attacks shows that the challenge will not be solved by one government alone, but through cooperation with friends, competitors, and adversaries. 

Russia’s full-scale invasion of Ukraine, the landmark development of 2022, indicates that this challenge will likely remain unsolved for a while. Roughly three-quarters of all ransomware revenue makes its way back to Russia-linked hacking groups, and cooperation with the Kremlin on countering these groups is unlikely to yield much progress anytime soon. Revelations in the aftermath of Russia’s invasion confirmed suspicions that Russian intelligence services not only tolerate ransomware groups but give some of them direct orders. 

Ransomware was not the only cyber issue to define 2022, as other challenges continued, from operational technology to workforce development, and various public and private-sector organizations made notable progress in confronting them. We brought together a group of experts to review the highs and lows of the year in cybersecurity and look forward to 2023. 

#1 What organization, public or private, had the greatest impact on cybersecurity in 2022?

Rep. Jim Langevin, US Representative (D-RI); former commissioner, Cyberspace Solarium Commission: 

“I think we have really seen the Joint Cyber Defense Collaborative (JCDC) come into its own this year. We saw CISA, through JCDC, lead impressive and coordinated cyber defense efforts in response to some of the most critical cyber emergencies the Nation faced in 2022, including the Log4Shell vulnerability and the heightened threat of Russian cyberattacks after its invasion of Ukraine.” 

Wendy Nather, nonresident senior fellow, Cyber Statecraft Initiative, Digital Forensic Research Lab (DFRLab), Atlantic Council; head of advisory CISOs, Cisco: 

“I would argue that Twitter has had the most impact on cybersecurity. As a global nexus for public discourse, security research, threat intelligence sharing, media resources, and more, its recent implosion has disrupted essential communications and driven many cybersecurity stakeholders to seek connectivity elsewhere. We will probably continue to see the effects of this disruption well into 2023 and possibly beyond.” 

Sarah Powazek, program director, Public Interest Cybersecurity, UC Berkeley Center for Long-Term Cybersecurity: 

“CISA. The cross-sector performance goals and the sector-specific 100-Day Cyber Review Sprints this year are paving the way for a more complete understanding and encouragement of cybersecurity maturity in different industries. It is finally starting to feel like we have a federal home for nationwide cybersecurity defense.” 

Megan Samford, nonresident senior fellow, Cyber Statecraft Initiative, Digital Forensic Research Lab (DFRLab), Atlantic Council; vice president and chief product security officer for energy management, Schneider Electric: 

“I think all of us feel that it has to be the warfighting efforts that are going on in the background of the Ukraine war—these are the ‘known unknown’ efforts. If we take that off the table though, I would say it is not an organization at all, it is a standard (IEC 62443). As boring as it is to say that standards work, right now industry most needs time for the standards to be adopted to reach a minimum baseline. If we fail to achieve standardization, we will see regulation—both achieve the same things at different paces with different tradeoffs.” 

Gavin Wilde, senior fellow, Technology and International Affairs Program, Carnegie Endowment for International Peace: 

“The State Special Communications Service of Ukraine (SSSCIP), which has deftly defended and mitigated against Russian cyberattacks throughout Moscow’s war. SSSCIP’s ability to juggle those demands while coordinating and communicating with a vast array of state and commercial partners has improved the landscape for everyone.”

#2 What was the most impactful cyber policy or initiative of 2022? 

Langevin: “The Cyber Incident Reporting for Critical Infrastructure Act, or CIRCIA. Its impact lies not only in its effect—which will dramatically improve the federal government’s visibility of cyber threats to critical infrastructure—but also in the example it has set for how Congress, the executive branch, and the private sector can effectively work together to craft major legislation that will make the country fundamentally safer in cyberspace.” 

Nather: “I have to call out CISA’s election security support at this crucial point in our Nation’s fragile and chaotic state. It continues to provide excellent information and resources—particularly the wonderfully named “What to Expect When You are Expecting an Election” and video training to help election workers protect themselves and the democratic process. Reaching out directly to stakeholders and citizens with the education they need is every bit as important as the ‘public-private partnership’ efforts that most citizens never encounter.” 

Powazek: “CISA’s State and Local Cybersecurity Grant Program and Tribal Cybersecurity Grant Program. The programs will dole out $1 billion in cyber funding to state, local, tribal, and territorial governments over four years, with at least 25 percent of those funds earmarked for rural areas. If that money is invested well, it will be an incredible boon to critical public agencies struggling to improve their cybersecurity maturity, and it can better protect millions of people.” 

Samford: “Software bill of materials (SBOM), but not for the reasons people may think. SBOM is a very useful tool in managing risk, provided that organizations already have good asset inventory capability. In operational technology, asset inventory is an area that asset owners continue to struggle with, so the benefit from SBOM is more of a long-term journey. That is why I say SBOM, but not for the reasons people think. In my mind what I think was most impressive around SBOM was that it demonstrated that the industry can successfully rally and rapidly standardize around very specific asks. SBOM came together because it had three things: 1) common industry understanding of the problem; 2) existing tooling that, for the most part, did not require new training; and 3) government policy and right-sized program management.” 

Wilde: “The European Union’s proposed Cyber Resilience Act, which is poised to update and harmonize the regulatory environment across twenty-seven member states and set benchmarks for product and software security—particularly as both cybercrime and Internet-of-Things applications continue to proliferate. The proposals offer a stark contrast between a forward-looking regulatory regime, and a crisis-driven reporting and mitigation one.”

#3 What is the most important yet under-covered cyber incident of 2022?

Langevin: “I think it is worth reminding ourselves just how serious the ransomware attacks were that crippled the Costa Rican government this year. This was covered in the news, but from a policy perspective, I think it warrants a deeper conversation about what the United States can be doing on the international stage to double down on capacity-building and incident response efforts with allies, particularly those more vulnerable to such debilitating attacks. Part of that conversation needs to include a commitment to ensuring that our government actors, like the State Department’s Bureau of Cyberspace and Digital Policy, have the appropriate resources and authorities to effectively provide that assistance.”

Nather: “The Twilio breach (although Wired did a good job covering it). It is important because although SMS is a somewhat-reviled part of our security infrastructure, it is utterly necessary, and will continue to be long into the future.”

Powazek: “The Los Angeles Unified School District (LSUSD) ransomware attack by Vice Society was highly covered in the news, but I think the implications are resounding. LAUSD leaders refused to pay the ransom, maintained transparency with students and parents, and were able to move forward with minimal downtime. It was a masterclass in incident management, and I was thrilled to see a public institution take a stand against ransomware actors and recover quickly.”

Samford: “Uber’s chief information security officer (CISO) going to jail. This has turned the industry on its head and forced people to challenge what it means to be an executive in this industry and make decisions that can land you—not the chief executive officer or chief legal counsel—in jail. What is the compensation structure for this amount of risk taking? I have heard of CISOs being called the ‘chief look around the corner officer’ or the ‘chief translation officer,’ but now has the CISO become the ‘chief scapegoat officer?”

Wilde: “The US Department of Justice’s use of ‘search and seizure’ authority (Rule 41 of the federal criminal code) to neutralize a botnet orchestrated by the Russian GRU. So many fascinating elements of this story—including the legal and technical implications of the operation, as well as the cultural shift at DOJ—seem to have gone underexamined. Move over, NSPM-13…”

More from the Cyber Statecraft Initiative:

The cyber strategy and operations of Hamas: Green flags and green hats

GRU 26165: The Russian cyber unit that hacks targets on-site

Wargaming to find a safe port in a cyber storm

#4 What cybersecurity issue went unaddressed in 2022 but deserves greater attention in 2023?

Langevin: “I am hopeful that this answer proves to be wrong before the end of the year, but right now, it is the lack of a fiscal year (FY) 2023 budget. The federal government has a wide array of new cybersecurity obligations stemming from recent legislation and Biden administration policy, but agencies will struggle to fulfill these responsibilities if Congress does not provide appropriate funding for them to do so. Keeping the government at FY22 funding levels simply is not good enough; if we want to see real progress, we need to pass a budget.” 

Nather: “One trend I see is that there is almost no check on technological complexity, which is the nemesis of security. Simply slapping another ‘pane of glass’ on top of the muddled heap is not a long-term solution. I believe we will see more efforts to consolidate underlying infrastructure for many reasons, among them cost and ease of administration, but cybersecurity will be one of the loudest stakeholders.” 

Powazek: “The United States still does not have a scalable solution for providing proactive cyber assessments to folks who cannot afford to hire a consulting firm. There are lots of toolkits available, but some organizations do not even have the staff or time to consume them, and there is no substitute for face-to-face assistance. We could use more solutions like cybersecurity clinics and regional cyber advisors that address this market failure and help organizations increase resiliency to cyberattacks.” 

Samford: “Coordinated incident response as well as whistleblower protection. If you want safety-level protections in cybersecurity, you need safety-level whistleblower protections. In the culture of safety, based on decades of culture development and nurturing, whistleblowing is a key enabler. It is based on a basic truth that anyone in an organization can ‘stop the line’ if they see unsafe behavior. In cyber, we lack ‘stop the line’ power and, in many cases, individuals fail to report risk because of fear of attribution and retaliation. That is why, in my mind, the topic of whether or not whistleblower protection should become a cyber norm remains something that has gotten little attention but it is a critical decision point in how the cyber community wants to move forward. Will we have more of a tech-based culture or a safety-based culture?  

As far as coordinated incident response, we estimate that upward of 80 percent of the cyber defense capacity resides in the private sector, yet very few mechanisms exist to coordinate these resources alongside a government-led response. We have not yet figured out how to tap that pool of resources, and I fear that we are going to have to learn it quickly one day should such attacks occur that require rapid and consistent response coordination, such as a targeted campaigned cyberattack linked with physical impact on critical infrastructures. Using Incident Command System could solve for this and the ICS4ICS program is picking up this challenge.” 

Wilde: “Privacy and data protection. The ‘Wild West’ of data brokerages and opaque harvesting schemes that enables illicit targeting and exploitation of vulnerable groups poses as much a threat to national security as any foreign-owned applications or state intelligence agencies.”