Ukrainian small units have managed to successfully cross the Dnipro River and establish a presence on its eastern bank, according to a report by The Telegraph. While the crossings do not yet constitute a bridgehead, the tactical success has been confirmed by Russian milbloggers. Russian sources claim that company-sized elements of two Ukrainian naval infantry brigades conducted an assault across the Dnipro River onto the east bank of Kherson Oblast. Footage published on October 18 shows Ukrainian forces advancing north of Pishchanivka and into Poyma. The Russian Ministry of Defense acknowledged the crossings but dismissed them as failed raids intended to conduct sabotage. However, Russian milbloggers are expressing concerns about Russia’s ability to stop Ukrainian operations in the Kherson sector. Many of Russia’s better units that were deployed there have been withdrawn and redeployed to support Russia’s offensive further north.
In other news, the UK’s Ministry of Defence (MoD) reports that Russian claims of repairing the Kerch Strait Bridge have been verified. The bridge connects occupied Crimea with the Russian mainland. Russian Deputy Prime Minister Marat Khusnullin announced that the damage from Ukraine’s July 2023 strike on the Crimean bridge had been repaired ahead of schedule. However, the bridge still has restrictions on its use due to procedures enacted after the first Ukrainian attack in October 2022. The MoD assesses the bridge as a vulnerable asset and a significant security burden for Russia’s occupation of Crimea. It requires multi-domain protection, including the use of air defense systems and crews that would otherwise be deployed elsewhere. The confidence of Russian security forces in protecting the bridge is threatened by the ingenuity of Ukraine’s military and security services.
In a significant development in the cyber domain, members of the Ukrainian Cyber Alliance (UCA) claim to have hacked and taken down servers used by the Trigona ransomware gang. The UCA alleges to have exfiltrated all the data from the threat actor’s systems, including source code and database records, before wiping the servers. They exploited a recently described vulnerability in Atlassian’s Confluence Data Center and Server to gain remote access and elevate their privileges. The UCA has stated that if they find decryption keys in the exfiltrated data, they will make them publicly available for Trigona attack victims to recover their systems. Trigona is a Russian gang that has been operating since at least October 2022, and it functions as a privateer with the protection of the Russian government.
Furthermore, The Record reports on a joint US-Ukrainian “hunt-forward” mission that preemptively blunted a Russian cyber offensive in 2022. According to Illia Vitiuk, head of the SBU’s cyber division, the mission disrupted Russian offensive cyber operations before and immediately after Moscow’s general invasion in February 2022. Collaboration with US Cyber Command began in December 2021, and the joint operation successfully identified and removed much of the malware staged by the GRU in Ukrainian systems. While Russia’s wiper attacks during the invasion were troubling, they fell short of the anticipated devastation. Vitiuk credits early preparation and the joint operation for Ukraine’s successful defense.
Overall, the developments described above showcase ongoing tensions and activities in the Ukraine-Russia conflict. The Ukrainian military’s successful crossings of the Dnipro River demonstrate their determination and ability to strategically advance. The repair of the Kerch Strait Bridge provides Russia with a logistical advantage but also poses security challenges. The takedown of the Trigona ransomware gang by the Ukrainian Cyber Alliance highlights Ukraine’s cyber capabilities and its efforts to counter Russian cyber threats. Finally, the joint US-Ukrainian hunt-forward mission exemplifies the importance of international collaboration in defending against cyberattacks. These events are significant in the context of the ongoing conflict and reflect the complex dynamics at play in the region.