Western intelligence agencies have warned that Russian cyber attacks have been targetting allied military assistance to Ukraine.
As a new joint advisory, several global intelligence services – Australia, Canada, the Czech Republic, Estonia, Germany, Latvia, the Netherlands, the UK, Ukraine and the US – have warned against malicious cyber activity waged by actors affiliated with Russia’s General Staff Main Intelligence Directorate (GRU), 161st Specialist Training Centre (Unit 29155).
The US Cybersecurity and Infrastructure Security Agency charged the actors with “espionage, sabotage and reputational harm” since at least 2020. However, the independent investigative researcher Bellingcat identified the unit’s malicious activity going back as far as Russia’s annexation of Crimea in 2014.
Various sources link 29155 to, among other things, the poisoning of former GRU officer Sergei Skripal in 2018, an attempted coup in Montenegro and the assassination of a Bulgarian arms dealer.
Since 2022, however, the group’s overall aim seems to have been “to target and disrupt efforts to provide aid to Ukraine,” ruled the UK National Cyber Security Centre.
Now, it is the first time that the allied intelligence services confirmed that it was Unit 29155 specifically that was responsible for deploying the ‘Whispergate’ malware against multiple victims across Ukraine prior to Russia’s invasion in 2022.
Logistical vulnerability
“They are aimed at the logistics sector in countries that provide aid to Ukraine or play a role in it,” said Peter Reesink, director vice admiral in the Dutch Military Intelligence and Security Service.
While this advisory update points out the intentions behind Russian cyber operations, it may also point to the need to assess the enduring vulnerability of Western logistical processes in delivering Ukraine’s requirements; this has not been up to scratch.
Two months ago, Spain directly revealed details of the delivery route for its donation of Leopard 2A4 tanks bound for Ukraine.
The assistance made a near-week-long journey by sea through to Poland, before onward transit over the border. This package would bring Spain’s total number of Leopard 2A4s to Ukraine to 20 vehicles. The Spanish government stated that the “multi-modal transport” had “begun” in mid-July.
Western logistical practices are also vulnerable in other ways. The US Government Accountability Office lately found that the Department of Defense (DoD) was unable to track American-made systems pledged by third-party donors to Ukraine. This, their report said, was due to “inconsistent communication” between the DoD and the State Department.
“DoD officials are often unaware of [third-party transfers] authorised by [the] State [Dept] until they are identified upon entry to Ukraine, if at all.”
Clearly, there is a lack of coordination and standard processes in which coalition donors deliver their military assistance to Ukraine. Every bullet and shell are of crucial importance as the war enters a uncertain stage with Ukraine’s incursion inside Russia failing to disrupt Russian advances in the Donbas region, particularly around the city of Pokrovsk.