Russian long-range strikes against Ukrainian cities continue, with at least ten drones being shot down while approaching Kyiv in the predawn darkness. This ongoing conflict has led to a counteroffensive by Ukraine, which is relying heavily on artillery barrages to reduce Russian positions. However, both sides are facing challenges due to the undergrowth that has regrown across the battlefields of southern Ukraine.
The UK’s Ministry of Defence believes that the undergrowth is impeding offensive operations for both sides. The combat zone, which was predominately arable land, has been left fallow for 18 months, allowing weeds and shrubs to accelerate under the warm and damp summer conditions. While the additional cover can provide camouflage for Russian defensive positions, it also makes it harder to clear defensive minefields. Additionally, the undergrowth makes it harder for either side to make advances as landmines are often laid on the surface, making them harder to detect.
NATO is closely watching the Wagner Group in Belarus, as there are concerns about possible action against NATO territories. The BBC has also reported on Russia’s ongoing campaign to destroy grain, which has led to criticism from the EU’s high representative for foreign affairs and security policy, Josep Borrell. He describes Russia’s withdrawal from the Black Sea Initiative as a cynical use of food as a weapon, predicting that it will fail to coerce vulnerable countries into forming a de facto alliance with Russia. Ukrainian President Zelenskyy believes that President Putin’s tactical aim is to collapse global food markets, leading to famine.
The cybersecurity landscape is also being impacted by Russian activities. The FSB, Russia’s security agency, has added new domains to its attack infrastructure in an effort to escape scrutiny. Recorded Future reports that BlueCharlie, also known as “Star Blizzard” or “Seaborgium,” has registered ninety-four new domains for its infrastructure. This infrastructure supports activities such as credential-harvesting, intelligence collection, and hack-and-leak operations, with Ukraine and NATO being the main targets.
Another threat group, Midnight Blizzard, believed to be operated by Russia’s SVR, is currently engaged in highly targeted social engineering attacks against Western targets. This campaign involves credential phishing using security-themed subdomains that utilize homoglyphs to trick victims. The goal of this SVR operation is espionage, and the stolen authentication tokens are used for further attacks.
The SVR’s activities are not limited to cyber operations. The hacktivist auxiliary group NoName057(16), which has previously targeted Ukraine, Poland, and Lithuania, has now conducted DDoS attacks against Spain. These attacks coincided with Spain’s elections and targeted organizations involved in administering the elections, as well as the travel, financial services, telecommunications, and news sectors. NoName057(16) runs a crowd-sourced botnet called “Project DDoSia,” which is installed on home PCs, mobile phones, and cloud servers by volunteers.
These recent developments highlight the ongoing tensions and conflicts between Russia and Ukraine, as well as the cybersecurity threats posed by Russian actors. As the situation continues to unfold, it is crucial for countries and organizations to enhance their defenses and collaborate to mitigate these threats.