Dealing with Disasters | The New ‘Kremlinology’ | Keeping Highly Enriched Uranium Safe, and more

The Office for Bombing Prevention Needs to Improve Its Management and Assessment of Capabilities to Counter Improvised Explosive Devices  (DHS OIG)
The Cybersecurity and Infrastructure Security Agency’s (CISA) Office for Bombing Prevention (OBP) needs to improve its management of the Department of Homeland Security’s counter-improvised explosive devices (C-IED) efforts, as well as its assessment of national, regional, and state C-IED capabilities.
Although designated to lead day-to-day implementation of Presidential Policy Directive 17: Countering Improvised Explosive Devices within DHS, OBP is not managing component participation or tracking milestone completion dates as required. This occurred because it does not have a policy delineating its roles and responsibilities in leading CIED efforts across the Department. In addition, although required by its Counter–IED Resource Guide, OBP does not have the necessary data to assess and report on national, regional, and state C-IED capabilities. Specifically, OBP’s CIED capability data is outdated because it does not have a policy requiring outreach to first responder special units to update this data. OBP also does not incorporate vital data rom its programs and training into its capability assessments. Finally, OBP cannot generate automated C-IED capability reports to identify national, regional, and state CIED gaps because its systems are not integrated and do not have the functionality to generate comprehensive reports at all levels.
Until OBP improves its management of DHS’ C-IED efforts and its assessment of C-IED capabilities, it cannot effectively build awareness and help protect the Nation against the threat posed by IED attacks.

Midwestern Lawmakers Are Trying to Replace Russian Oil with Ethanol  (Diana Kruzman, Grist)
Advocates of increased ethanol sales argue that it could lower fuel prices and help the climate. Both counts are hotly contested.

Food Delivery Leak Unmasks Russian Security Agents  (Bellingcat)
Russian tech giant Yandex has blamed one of its employees for the hacking and subsequent leak of data from Yandex Food, a popular food delivery service in Russia.
Among the many users affected are serving agents of Russia’s security services and military, who in several cases even ordered food to their places of work using their official email addresses.
This leak includes user emails, a large number of phone numbers, addresses, and orders made on the platform. Russia’s state media watchdog Roskomnadzor has strongly attempted to block its proliferation.
Some investigators have already uncovered leads for investigations into corruption from this data leak, namely the 170 million ruble (~$2 million USD) apartment of Russian president Vladimir Putin’s reported “secret daughter”.

Project Sapphire: How to Keep 600 Tons of Kazakh Highly Enriched Uranium Safe  (Togzhan Kassenova, War on the Rocks)
It was 3 a.m. on a freezing November night in 1994. Trucks carrying almost 600 kilograms of highly enriched uranium had just left a nuclear facility in an industrial town in eastern Kazakhstan. They were headed to the Ust-Kamenogorsk airport, where U.S. military planes were waiting to carry their dangerous cargo to the United States. As the weather worsened, the trucks began to slide on black ice.
“I just couldn’t imagine having to report to Washington that [one of the trucks with highly enriched uranium] slid right off into the Irtysh river,” recalls Andy Weber, who at the time served as chief of the political-military affairs section at the U.S. embassy in Kazakhstan. His counterpart from Kazakhstan’s National Security Committee, Gen. Vladimir Bozhko, was equally concerned: “It started raining heavily, and temperatures dropped below freezing. The road turned into a skating rink. And those were huge trailer trucks with containers full of uranium. You can imagine, if one of the containers dropped or a trailer overturned, what would happen.”
This treacherous ride was a culmination of a secret U.S.-Kazakh operation codenamed Project Sapphire. Looking back three decades later, the story of its success reveals that trust between countries can make the most challenging and high-stake cooperative security initiatives a reality.

Ransomware Attacks Straining Local US Governments and Public Services  (IC3)
The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities, and other services overseen by local governments, making them attractive targets for cyber criminals. Victim incident reporting to the FBI between January and December 2021 indicated local government entities within the GFS were the second highest victimized group behind academia.

Cyber Actors Target US Election Officials with Invoice-Themed Phishing Campaign to Harvest Credentials  (IC3)
The FBI is warning US election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials. If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems. As of October 2021, US election officials in at least nine states received invoice-themed phishing emails containing links to websites intended to steal login credentials. These emails shared similar attachment files, used compromised email addresses, and were sent close in time, suggesting a concerted effort to target US election officials.

War in Ukraine

What the New ‘Kremlinology’ Reveals about Putin’s Motives and Power  (Alexander Baturo, Washington Post)
Invading Ukraine may have left him weaker than he has been in a decade.

The Ukrainian Military Has Defied Expectations. Here Is How U.S. Security Aid Contributed  (Louis-Alexandre Berg and Andrew Radin, RAND)
Over the past weeks, the Ukrainian military has waged a surprisingly tough resistance against a much larger and more-capable Russian army. While it’s too early for a full accounting, Ukraine’s performance appears to be exceeding expectations.
But seven years ago, Ukraine’s military was unprepared and largely ineffective when Russia’s military seized Crimea (PDF). By 2022, Ukraine appears to have overcome at least some of the earlier challenges.
Did U.S. security assistance—roughly $2 billion between 2014 and 2020—make the Ukrainian military more effective? Our research points to one explanation for why U.S. security assistance may have had greater success in Ukraine.
Ukraine seems to be a case where security assistance made a positive contribution—although Ukraine’s own efforts are probably most important. The United States sent security assistance to Ukraine between 2014 and 2020, as part of a broader Western effort to strengthen the Ukrainian military.
Research suggests this type of assistance is often ineffective or counterproductive, however. Much larger programs in Iraq and Afghanistan failed to produce effective militaries, for example.

Why Democracies Win More Wars Than Autocracies  (Dan Reiter and Allan C. Stam, Washington Post)

Like Putin, dictators tend to start risky wars, our research shows

How Democracies Can Respond to the Invasion of Ukraine  (Laura Thornton, Lawfare)
Ukrainian President Volodymyr Zelenskyy’s passionate speech in Congress underscored the broader consequences of Russian President Vladimir Putin’s brutal war in Ukraine, tying it to the struggle for global democracy. He thanked President Biden for“his sincere commitment to the defense of Ukraine and democracy all over the world” and argued that “Ukrainian people are defending not only Ukraine” but are “fighting for the values of Europe and the world.” He is right. If the world allows such capture, a message is sent to Putin and to autocrats everywhere that democracy is up for grabs.

Complicity in a War of Aggression: Private Individuals’ Criminal Responsibility  (Nikola Hajdin, Just Security)
Under international law, Russia’s invasion of Ukraine without any doubt constitutes an act of “aggression” which manifestly violates the United Nations Charter. As such, it gives rise to individual criminal responsibility of those who were “in a position effectively to exercise control over or to direct the political or military action of a[n aggressive] State” (Art.8bis of the Rome Statute of the International Criminal Court (ICC)). Due to his overwhelming control over the state apparatus, President Vladimir Putin is an obvious candidate who satisfies this so-called leadership clause (“control or direct”), which I previously argued to be part of customary international law. The question that looms is who else apart from the top-state leadership may be responsible for aggressive war in Ukraine.
Could criminal liability extend, for example, to senior executives of the Wagner Group and other “private” actors involved in Russia’s aggression against Ukraine?

How the West Got Russia’s Military So, So Wrong  (Phillips Payson O’Brien, The Atlantic)
Good equipment and clever doctrine reveal little about how an army will perform in a war.