Skip to content

Search the site

This cybersecurity leader accurately predicted Russia's invasion. Here's what else he said about its outcome...

Wiper malware, strategy insight, more...

Former CrowdStrike CTO Dmitri Alperovitch accurately predicted Russia's invasion of Ukraine, noting before Christmas that there were a "substantial number of reasons for why this is the preferred route for Putin".

In a longer thread on mid-January he spelled out his thoughts.

With his prescience proven, The Stack is below sharing a lightly truncated version. His predictions of the use of wiper malware also stood up this week, with security professionals from multiple vendors (more below) identifying deployment on Ukrainian computers of "what appears to be a custom-written application with very few standard functions. The malware sample is 114KBs in size. (SentinelOne described samples as "a very small sliver of aperture into the attacks in Ukraine and subsequent spillover into neighboring countries and allies.")

Here's what Dmitri Alperovitch, who predicted Russia's invasion, said.

"The invasion will start with a fires - campaign missiles, multiple launch rocket systems, howitzers, self-propelled gun-mortars (Nona) and fixed-wing air strikes against UKR air-defenses, air bases, entrenched defensive positions, mobilization and command & control centers  The goal would be to quickly establish air dominance over the skies of Ukraine, impede mobilizations and take down major communication nodes used by Ukranians. With the enormous capabilities of Russia’s long-range fires, they can bring down absolute hell on those targets. The Ukrainians, lacking short and intermediate range air defenses, won't be able to do much in response. Russia also has some of the best electronic warfare (EW) systems in the world. They will be used to blind Ukrainian air defense in the initial hours before they are destroyed with fires. Expect to see extensive use of the new Orion UAVs as well. Russians may also target TV & radio transmitters, Internet exchanges, as well as use wiper malware against media and gov websites to make it harder for the UKR population to receive information."

[Ed: ESET, Symantec and SentinelOne all reported on new wiper malware in Ukraine this week.]

"They are also likely to launch psyops in cyberspace to sow confusion and despair  The fire campaign is likely to be followed by a ground invasion designed to encircle and destroy Ukrainian units to the east of the Dnieper river  With the forces Russia is positioning, they will be able to launch a ground attack from 4 directions:

- Belarus (west)
- Kursk, Bryansk and Belgorod regions (northeast)
- Rostov region (east) and
- Up from Crimea (south)

"Eastern Ukraine is exceptionally flat (except for Donets Ridge hills near Donetsk) and most of the significant forests are also in the west. This makes it very hard terrain to defend, as well as relatively ill-suited for an insurgency movement (unlike say Chechnya or Afghanistan)"

"In addition, we might see airborne (VDV) air assault units parachuting in to take strategic locations behind UKR lines and naval landing ships deployed in the Black Sea and Sea Azov conduct landings near Mariupol. Perhaps later even as far as Odessa if they are feeling ambitious  The goal of the simultaneous assaults supported by long-range fires and close air support would be to eliminate organized Ukrainian defensive units or push them to the west bank of the Dnieper. While all this is taking place, GRU Spetznaz operatives likely already deployed in eastern Ukraine will attempt to organize uprisings in major eastern cities with previously identified and armed collaborators, potentially with aid from VDV. The goal would be to take control of the eastern cities from within before the main Russian units arrive to enforce order and help eliminate any resistance.

"The Russians are highly likely to stop at the eastern bank of the Dnieper river and not attempt to cross it so as to avoid what would be a very tough fight in western Ukraine  However, they are also bringing in a lot of bridgelaying and engineering equipment to have the option to cross the river, but it will be a major challenge given how wide the Dnieper is in most places (and while under major fire from Ukraine artillery). The Belarus front gives them an option to execute a flanking maneuver and surround Kyiv without crossing the Dnieper but I think they are unlikely to do so and risk a Siege of Leningrad-style battle there. Such a maneuver will also leave them open to rear attacks from the west  With such overwhelming ground, air and naval force, assisted by on-the-ground operations by GRU and FSB (and cyber intel collection), the Russians could neutralize all major organized resistance in the east within 60 days. Eastern Ukraine is exceptionally flat (except for Donets Ridge hills near Donetsk) and most of the significant forests are also in the west. This makes it very hard terrain to defend, as well as relatively ill-suited for an insurgency movement (unlike say Chechnya or Afghanistan). One point to note here is that many past Ukrainian insurgencies, including the resistance to the Soviet rule in the 1930-50s was based in the west, a much more mountainous and dense forestry region  The insurgent leaders will no doubt try to organize urban resistance in the cities but given the remarkable capabilities of the Russian intelligence services and extremely brutal methods they employ, they will be able to identify and eliminate key leaders in fairly quick order. So having established control of the east, how does this solve Putin’s primary objectives?

"First, let’s discuss what those might be. They are multiple.

"1. Stop further NATO expansion to post-Soviet states. Yes, Putin and the rest of Russia’s elites (going back to Gorbachev and Yeltsin days) believe it is a threat. And no amount of Western pronouncements to the contrary will change that  Incidentally, the claims that NATO is a purely defensive alliance don’t square well with the Kosovo and Libya operations, which the Russians remember well. The fact that they were done for humanitarian reasons provides no consolation to the current Russian leadership  And for Putin - NATO expansion does not only mean membership. He is also very concerned about NATO’s involvement on the ground in Ukraine (and Georgia). Weapons sales, advisors and trainers, reconnaissance flights near Russian borders - he wants to put an end to it all

"2. Bring Ukraine back into Russia’s sphere of influence. In addition to stopping all NATO involvement in the country, he wants to reverse the pro-Western orientation of its policies. That includes ending any prospects for eventual EU membership  Putin has enjoyed remarkable success over the last few years in reestablishing firm Russian influence in much of the post-Soviet space. Armenia, Belarus and most recently Kazakhstan have been brought firmly into Russian sphere - and at very little cost  Ukraine invasion would nearly complete Putin’s project of restoring Russia’s power in its near abroad  Given the (justifiable) anti-Russian feelings among the majority of Ukrainians, he knows that the only way to get influence over Ukrainian government and their policies is through a change to their constitution and system of government.

"3. Diplomatically cement Russia’s ownership over Crimea. Realists realize that Crimea is not returning back to Ukraine. No Russian leader would allow it and Russia would go to war to keep it - and no one is going to be insane enough to fight them for it  In addition, the majority of the people in Crimea, except for the Tatar minority (and even they are warming up to Russian annexation), want to remain in Russia. Russia has dumped tens of billions of $ into Crimean infrastructure, remaking much of the peninsula, and integrating it deeply with the rest of Russia—physically, economically and politically. And economically life has objectively become significantly better for the people there  There is really no realistic imaginable scenario under which Crimea will rejoin Ukraine and Putin undoubtedly wants an official Ukrainian rejection of their claims on the peninsula

"4. Resolution to the Donbas crisis. Russia does not want to own Donbas or suffer the burden of supporting it economically, which is one reason it hasn’t annexed or recognized its independence  Plus Putin needs the pro-Russian voters in that region to have influence in Ukrainian government, so he will likely push for reintegration of Donbas in Ukraine but on its own terms and with high degree of autonomy (what he tried with the Minsk agreements). Putin knows he can’t get his way on any of these key points through negotiations with the US which is why he is so likely to launch a major invasion and a limited incursion will not achieve anything.

"So how does an invasion like one I outlined 👆 help him achieve these goals?

"The first thing that is likely to happen in an invasion is the fall of Zelensky government, who is already deeply unpopular and polling in the low 30s. It is no accident that his political opponent and former president Poroshenko recently returned to Ukraine despite the threat of arrest for treason. He smells blood in the water. Much of Ukrainian export industry - agriculture, metallurgy and heavy industry - is based on the eastern side of the Dnieper river, as well as in Odessa region. If Russia establishes de fecto control over these areas, Ukrainian GDP will plummet  The pressure on whichever government emerges on the western bank will be immense. The economy will be in tatters. There will be tens if not hundreds of thousands of refugees fleeing the Russian troops from the east. The military will be decimated. Putin is counting on this. His objective will likely be to pressure the Ukrainian side under these horrifying conditions into a settlement. The proposal could look something like this:

"Change the Ukrainian constitution to create a Lebanon-style power-sharing political system. For example, a PM elected from Western side and a President from the East. This would give Russia permanent influence in Ukraine through their proxies in the east. In addition, Putin will insist on recognition of Crimea as a Russian territory, broad autonomy for the East and a constitutional rejection of pursuit of accession to NATO and/or EU.

"In exchange, he will pullback his forces (at least overt ones) out of eastern Ukraine but will likely keep intelligence operatives to continue influence campaigns  This gamble may or may not work for Putin. Ukrainians may very well launch a do-or-die resistance campaign to the bitter end and refuse to accept any deal. People leading it will likely be targeted for assassination  But Putin probably thinks that the combination of a military and economic chokehold gives him a good chance to succeed  In summary, he is gambling that a rapid military operation in the East will result in a sufficient compellence campaign to bring Ukraine back into Russia’s sphere of influence, recognition of Crimea as a Russian territory, and resolution to Donbas  It will also establish a Putin Doctrine of no further NATO expansion into post-Soviet space. Any country that decides to flirt with NATO will know that it risks invasion and loss of independence  The risks to this operation are, of course, substantial. The military campaign may not turn out to be as easy as he thinks and may cost many more Russian lives than can be successfully hidden from the Russian public (as in past conflicts)  Russia will suffer economic sanctions, although most severe sanctions against its oil & gas industry and major banks like Sberbank, VTB and Gazprombank will likely not be put into place due to blowback on European and US economies, as well as impact on already high energy prices  There will be further militarization on Russia’s borders in NATO countries. Sweden and Finland may very well opt to join the alliance at some point in the future  However, if he achieves his primary objectives, these costs will look minor in comparison to the historic and strategic gains he will have acquired. That is the gamble that he is looking at. And the lives of thousands of innocent people in Ukraine are hanging in the balance."

See also: Amid war in Ukraine, CISOs, security professionals warn...