While most of us following the illegal invasion of Ukraine by an increasingly erratic Vladimir Putin have been fixated on the military operations, another different war is taking place in cyberspace.

On Tuesday, the Ukrainian newspaper Pravda released the personal information of some 120,000 Russian soldiers obtained by a hack of one or more official Russian databases.

6,616 pages of names, registration numbers, and places of service of Russians personnel — *just for volume comparison*, and nothing else: that's more pages than were ever published out of the Snowden cache. pic.twitter.com/h6y05Ll4Ub

— Thomas Rid 🌻 (@RidT) March 1, 2022

Unfortunately, the initial reports didn’t support what actually took place. Subsequent analysis of the hacked data indicates that it is associated with individual units and not a list of soldiers currently in Ukraine. But, as Winston Churchill (or Mark Twain or someone else)  said, “A lie will go round the world while truth is pulling its boots on.” The data and the initial spin associated with it undoubtedly had an impact in Russia as well as being a boon for Russian scammers.

Another major front in this cyberwar is Russia itself. The websites of major Russian media have been hacked. For example, TASS has been repeatedly hacked and defaced with anti-war and anti-Putin slogans, and the estimates of Russian casualties compiled by the Ukrainian Defense Ministry have been posted. In addition, the news websites rbc.ru, kommersant.ru, fontanka.ru, and iz.ru have all been the targets of repeated hacker attacks.

One of the more interesting attacks has taken place in Belarus. The Belarus rail system has been targeted and is reportedly working on a much-reduced schedule under manual-dispatch rules.

Belarusian Railways allegedly hacked by Belarusian Cyber Partisans to slow troop transport https://t.co/gaFkZYLXFh #belarus #cyberwar #hacking #infosec #osint #russia #ukraine

— Niels Groeneveld (@nigroeneveld) March 1, 2022

Several Belarus banks have been shut down because of cyberattacks.

It seems to me that there are two separate campaigns underway. On the one hand, we have the “Anonymous” types who want the media attention. They hack the public pages of prominent media outlets and businesses, deface them, and talk about it on social media. On the other hand, the attack on the Belarus rail system seems more strategic. Its primary purpose seems to be to restrict Russian military movements into Ukraine. Notably, there was no defaced website to go along with that attack. Likewise, there was no contemporaneous claim of responsibility for the bank attacks.

One wonders if the unbelievable logistics FUBAR is not the result of the stereotypical slapdash Russian approach to supply and maintenance operations but an “invisible hand” attacking computer systems needed to manage fuel, ammunition, food, etc., spare parts. If this story is to be believed, it looks like Russian units are increasingly abandoning secure military communications for in-the-clear methods. Again, this could be the famed discipline of the Russian Army at play, or it could indicate a secure system infected with malware and no longer serviceable.

All in all, it is hard to tell exactly what is going on, but it seems like a substantial battle is taking place in cyberspace where the Russians are either barely holding their own or being overwhelmed.