Middleboro Review 2: POLITICO NIGHTLY: Ukraine’s cyber lessons get tested

Thursday, February 24, 2022

POLITICO NIGHTLY: Ukraine’s cyber lessons get tested

With help from Myah Ward

A man takes the exit of an underpass in Kyiv, Ukraine. | Pierre Crom/Getty Images

ANOTHER CYBERATTACK HITS KYIV — Ukrainian government and banking websites again came under attack today, with Ukrainian officials confirming that the Distributed Denial of Service attack had been used to take the websites offline for the second time in a week.

But the Ukrainian government had clearly learned lessons from last week’s attacks, along with attacks in 2015 and 2016 by Russian hackers that temporarily turned off the lights in parts of the country — lessons they may need with the threat of Russian cyber actions still high.

The nature of the attacks might sound familiar: The incidents were similar in scope, with the Ministry of Foreign Affairs and the Security Service of Ukraine’s websites temporarily going down along with those of PrivatBank and OschadBank.

Ukrainian Deputy Prime Minister Mykhailo Federov confirmed the DDoS attack in a Telegram post this morning. Federov stated that the attack was quickly overcome and websites restored to normal operations, and within an hour, Ukraine’s State Service of Special Communications and Information Protection put out a statement acknowledging the attack.

The agency stated that the Ukrainian government is “working on countering the attacks, collecting and analyzing information,” and urged all victims of the DDoS attacks to contact Ukraine’s Computer Emergency Readiness Team.

Senate Intelligence Chair Mark Warner (D-Va.) said in an interview with Nightly that the quick response was “a good sign” for where Ukraine’s cyber capabilities stand.

“Even a week or 10 days ago, I was still concerned that American and Western assistance to the Ukrainian governmental and private sector in cyber was still not being fully received. I think it’s gotten better,” Warner said. “I don’t know specifics, but I think they clearly started to utilize some of those, because they’ve been able to get a lot of these, from the private sector at least, operations back up and operating quickly within hours.”

DDoS attacks are notoriously hard to definitively link to specific attackers due to their size and scale, as they involve the attacker overwhelming a network with traffic until it crashes. Despite this difficulty, the Biden administration and the United Kingdom both formally attributed last week’s DDoS attacks on Ukrainian websites within days to the Russian government, part of a strategy to call out Russia for its malicious actions in cyberspace. And for Kyiv’s part, a government statement today said such attacks “no longer even require detailed technical attribution,” naming the source only as “connected with the secret services of the aggressor country.”

“Russia likes to move in the shadows, and counts on a long process of attribution so it can continue its malicious behavior against Ukraine in cyberspace, including prepositioning for its potential invasion,” Anne Neuberger, the deputy national security adviser for cyber and emerging technology, told reporters last week at the White House. “In light of that, we are moving quickly to attribute the DDoS attacks.”

But even if Ukraine managed to get its systems back up and running quickly today, it is already facing further probing. Symantec Threat Intelligence and ESET Research both announced they had found evidence of destructive malware wipers in Ukrainian systems this afternoon that could be used to disrupt operations in the country.

“According to Symantec Threat Hunter telemetry, they have discovered new wiper attacks in Ukraine,” said Vikram Thakur, technical director at Symantec Threat Intelligence, a division of Broadcom Software. “We know of at least two organizations who have been targeted.”

The Biden administration made clear that it stood ready to help Ukraine face these potential further attacks.

“We are in communication with Ukraine regarding their cyber related needs, including as recently as today,” a White House spokesperson said. “We will move with urgency to assess the nature and extent of this incident, and continue to help Ukraine recover and expose those responsible. We are tracking developments closely and are prepared to respond with resolve to any further Russian escalation in Ukraine.”

Welcome to POLITICO Nightly. Reach out with news, tips and ideas at nightly@politico.com. Or contact tonight’s author at mmiller@politico.com, or on Twitter at @magmill95.

JOIN THURSDAY TO HEAR FROM MAYORS ACROSS AMERICA: The Fifty: America’s Mayors will convene mayors from across the country to discuss their policy agendas, including the enforcement of Covid measures such as vaccine and mask mandates. We’ll also discuss how mayors are dealing with the fallout of the pandemic on their local economies and workforce, affordable housing and homelessness, and criminal justice reforms. REGISTER HERE.

RUSSIA-UKRAINE

The Brandenburg Gate is lit in the blue and yellow colors of the Ukrainian national flag in solidarity with Ukraine and its people in Berlin. | Omer Messinger/Getty Images

— Russian troops ready: Russian military forces arrayed around Ukraine have reached a point where “they are literally ready to go now, if they get the order to go,” a senior Defense Department official warned today. Around 80 percent of the forces the U.S. estimates Russia would need to launch a large invasion of Ukraine are in place, including ground, air and sea assets.

— The line Biden won’t cross: As President Joe Biden responds with words of condemnation, economic sanctions and efforts to rally U.S. allies to stand up to Moscow, the president remains unwilling to send American troops to fight Russian forces in Ukraine. Biden is so dead set on avoiding the possibility of a U.S.-Russian military encounter that he pulled out of Ukraine scores of U.S. troops who had been training that country’s fighters. He also recently warned that he won’t send U.S. troops to evacuate Americans stuck in Ukraine, citing the risk of a clash.

— The West’s sanctions strategy: With their sanctions announcements over the last 24 hours, the U.S. and its allies all but revealed their Russia strategy: Each advance into Ukraine will trigger a larger response in the hopes of deterring Russian President Vladimir Putin from pushing any further. A European diplomat in the U.K. told POLITICO that Russian forces operating outside the Donbas would trigger the next round of sanctions, which another European official confirmed to NatSec Daily shortly thereafter. Beyond that, though, it’s unclear what lines Russia must cross to earn more financial reprimands and from whom.

— Ukraine imposes state of emergency: A top Ukrainian defense official called for a nationwide state of emergency today, a precaution that comes after Russia began an invasion of the country this week by ordering troops into two breakaway regions held by Moscow-backed separatists. Oleksiy Danilov, Secretary of Ukraine’s National Security and Defense Council, announced that the state of emergency would remain in effect for 30 days, with the option to be extended for another 30 days. Ukraine’s parliament must vote to enact the measure.

— Republicans divided on Russia-Ukraine: The GOP is all over the map politically, as Putin tries to redraw his own boundaries. Former President Donald Trump privately has signaled a split with more isolationist voices from the MAGA wing of the party who have excused Russia’s aggression, who themselves are at odds with more establishment Republicans over how to confront Russian aggression, if at all. To an extent, these camps reflect a new evolution of long-standing GOP foreign policy factionalism. But as Putin moves troops into Ukraine, Republicans’ divergent approaches to the crisis are complicating their pushback on Biden’s response to the crisis. Trump on Tuesday also praised Putin’s invasion of Ukraine as “genius” and “savvy.”

DON’T MISS CONGRESS MINUTES: Need to follow the action on Capitol Hill blow-by-blow? Check out Minutes, POLITICO’s new platform that delivers the latest exclusives, twists and much more in real time. Get it on your desktop or download the POLITICO mobile app for iOS or Android. CHECK OUT CONGRESS MINUTES HERE.

WHAT'D I MISS?

Texas Gov. Greg Abbott. | Brandon Bell/Getty Images

— Abbott orders Texas probe of medical procedures for transgender children: Texas Republican Gov. Greg Abbott this week ordered the state’s youth protection agency to investigate the use of gender-transition procedures on children, in a directive that included calls to launch inquiries into parents and medical providers who allegedly violate the law. Such procedures, the state’s conservative attorney general declared earlier this month, amount to child abuse under Texas law.

— DOJ shuts down China-focused anti-espionage program: The Biden administration is shutting down a Justice Department program that focused on countering Chinese espionage, following stumbles in a series of criminal cases and accusations that it amounted to racial profiling. Officials said today that the three-year-old effort, known as the China Initiative, was being cast aside largely because of perceptions that it unfairly painted Chinese Americans and U.S. residents of Chinese origin as disloyal.

— Biden pledge to put Black woman on Supreme Court followed Obama-era anger from activists: Biden’s campaign pledge to nominate the first Black woman to serve on the Supreme Court came against a backdrop of long-simmering anger among civil rights activists over former President Barack Obama’s decision not to make such a historic nomination during his eight years in office . Biden made his promise at the height of the 2020 Democratic presidential primary contest. But he was at Obama’s side as vice president when three vacancies emerged on the high court. None of Obama’s nominees were Black, and some observers saw few signs that the White House was striving to put a liberal Black justice on the court.

— North Carolina officials reject Cawthorn claim that Constitution’s insurrectionist ban no longer applies: The North Carolina attorney general’s office says a constitutional prohibition on insurrectionists seeking federal office could be applied to GOP Rep. Madison Cawthorn if a state board determines he aided or encouraged the Jan. 6, 2021, attack on the Capitol. In a late Monday court filing, state attorneys said a provision of the 14th Amendment — disqualifying insurrectionists from holding federal office — is not a defunct Civil War-era relic meant to apply only to former Confederates but a guard against future acts of insurrection. As a result, Cawthorn, who is fighting a challenge to his eligibility to run, could face that prohibition if the North Carolina State Board of Elections determines he meets the criteria, the state attorneys said.

NIGHTLY NUMBER

82 percent

The projected accuracy over a 14-day period of an algorithm the Pentagon has experimented with on “predictive bio-wearables” technology to try and predict Covid infections hours or days before symptoms start, according to preliminary results published in August. The project hit a new phase today when the Pentagon’s Defense Innovation Unit awarded a contract to Philips Healthcare, which is leading the health monitoring project. The contract award allows DIU to continue its work to advance the algorithm by tracking another 200 users.

PARTING WORDS

The International Space Station. | NASA via Getty Images

U.S.-RUSSIA COOPERATION? OUT OF THIS WORLD — The U.S. and Russia are poised to step up cooperation in space , even as the two nations remain locked in the worst confrontation in more than a generation back on Earth, Bryan Bender writes.

A seven-person crew of four Americans, two Russians and a German from the European Space Agency are hurtling around the globe aboard the International Space Station. On the ground, two NASA astronauts are wrapping up training with Roscosmos, Russia’s civilian space agency, while three Russian cosmonauts are training with NASA in Texas. And up to five NASA astronauts are scheduled to begin training in Russia next month ahead of more Russian rides to the space station.

“[T]his is the one area, despite what’s going on geopolitically. Safe, secure operations and cooperation on the ISS continues,” said Valda Vikmanis Keller, director of the Office of Space Affairs in the State Department’s Bureau of Oceans and International Environmental and Scientific Affairs.