In hindsight, it was relatively easy for us to spot and highlight the real potential of a Russian invasion of Ukraine. We had been highlighting it for 11 months in our research, discussing it in monthly member meetings, analyzing when it may occur and through November and December began issuing reports saying Putin had likely made up his mind to invade. But that did not lessen the shock for when it did happen. It is hard to prepare for horrors like the world has seen unfold.
By arming members with forewarning and strategizing over how to prepare, including on topics like how to improve resiliency, our members were able to think through some parts of the new reality that now confronts us all. For several months we have also been advising members to think long term and take a strategic view. Many others will do very well at providing the day to day and now that every major media outlet in the free world is covering the war, there will be many sources of great analysis on the current tragedy. We believe OODA and our members should think of what can be provided that is unique. We will drive our research and reporting in that direction.
We should also point out, regarding the situation in Ukraine,
the methods we used for assessing the likelihood of invasion are fallible and are much less relevant now that there is a real war on. We will try to provide assessments when we feel we can add value but wars progress on their own horrible timelines that are hard to predict except in the broadest of ways.
But we do have a broad framework and high level assessment that can inform analysis as events unfold and perhaps points to a direction of the coming week in the war:
Initial Russian Intel: The Russians have been watching the US and allied militaries closely and have written extensively about the weapons and tactics of the 1990 Operations Desert Storm and then the opening moves and rapid execution of the 3 week long second gulf war in 2003. They seem to have tried to open this war against Ukraine with a “shock and awe” campaign of their own by sending precision weapons to blow up radars and key airport facilities and conducting paratrooper landings at key airports including at Kyiv while storming in at high speed with heaving armor. Never before has the Russian military or Soviet military before them attempted a maneuver campaign like this. It obviously failed.
New Russian Intent: After their first failures they were left with one option: They can go back to what they know and resort to approaches of destruction and attrition, the only thing that has ever worked for them. In battles of destruction and attrition, those with the most armor, artillery and troops generally win. Losers are all civilians, because of the total destruction unleashed on cities. Note, there are indications that this intent may fail too, with a Russian Army stuck in Ukraine with not enough supplies to make progress.
Likely Ukrainian Response to New Intent: In wars of destruction and attrition, the only potential for victory by the smaller force, historically, is to not play in the old attrition game and to leverage asymmetric approaches. In this case defenders should also leverage as many technology based capabilities as they can, especially more anti-tank weapons, anti-air weapons and longer range rifles. Anything that can increase lethality will help.
At this point there are two primary combatants, both of which intend to win. If Russia backs down it could mean the end of Putin’s reign. If Ukraine does not fight it means enslavement.
We will continue to track the many developments in the theater of war and globally and keep up production of relevant content on the site to inform your decisions. Please give us feedback to ensure we are aware of what you need to drive your decisions.
The Russian Invasion of Ukraine and Impact in Europe and globally.
The Russian aggression against Ukraine will have enduring impacts far beyond the region. All companies and all government organizations (including those at local and state levels) should evaluate the potential impact of these hostilities on operations. We are a nation interconnected with the world by complex supply chains and a global high speed internet and must be ready to deal with impacts.
There are many aspects of this to consider. For examine, the fact that many sanctions on Russia were initiated by corporations means Russia may consider these corporations as legitimate targets for attack, including cyber attack and attack against ownership of property inside Russia. Physical attack is thought less likely but should also be assessed as a potential now.
Meanwhile this war has opened the eyes of many in the free world to other threats including the threat from China. This is will very likely lead to more support for collective security alliances like NATO and also to higher levels of investment in defense for many free nations. The traditional (since the end of WWII) stance of Japan to have only a self defense force may soon end, and its shunning of nuclear weapons may also be up for question, something that was unthinkable just months ago. Japan has already dramatically increased its defense budget because of this.
Short term this war has spooked investors, caused massive sanctions against Russia that also impacted western businesses, interrupted supply of food from Ukraine to Europe and Africa, is slowing all Russian oil production (which may one day almost totally cease due to lack of western tech support) and caused increases in government spending at a time when deficits are already out of control.
The invasion is also causing some cracks in Russia’s relationship with Kazakhstan, which has for the most part been in Russia’s orbit until recently. Russia is now blocking the transport of Kazakhstan oil and gas to Europe, which Kazakhstan did not want to happen. Recall that Russia helped put down revolt in Kazakhstan in January just before the invasion. China’s relationship with Russia is changing because of the war. Xi’s visit to Russia in March 2023 resulted in many photo ops and pleasantries, but the outcomes make it pretty clear that China has no intention of backing Russia up and will likely continue to abuse the relationship with Russia. Russia has now agreed to settle many transactions with China in the Yuan.
For additional resources see:
Russia Threat Brief This special report captures insights into the capabilities and intent of the Russian Threat, with a special focus on the cyber domain. Our objective: provide insights that are actionable for business and government leaders seeking to mitigate risks through informed decisions. This report will be dynamically updated so we encourage you to bookmark it for future reference.
Global Risk and Geopolitical Sensemaking. This page serves as a dynamic resource for OODA Network members looking for insights into the geopolitical dynamics driving global risks. This collection of resources includes content produced exclusively for OODA members
Thinking Strategically About What Comes Next and How To Mitigate Risk
We are also continuing to produce research for members designed to fuel your decision-making on these topics. Recent research includes:
A No Hype Assessment on Starling Security: Starlink is a great system, but it was not designed for combat and has limitations when being used in this role. Many mitigation measures are in place that can make it harder on adversaries to exploit these limitations. This post reviews provides insights onto these mitigation measures.
The OODA C-Suite Report: Operational Intelligence for Decision-MakersWhat is the value of an informed decision? At OODA Loop, we seek to surface decision intelligence that provides meaningful perspective for leaders and analysts looking to make the most informed decisions possible. The topics examined in this assessment represent developments that fit the category of operating in a VUCA world, identifying and responding to Gray Rhino risks, or opportunities from advancements in emerging technology domains. These are issues we think our members should be tracking and map to collection requirements for our team to keep you as informed as possible.
John Boyd on Patterns of Conflict and the OODA Loop John Boyd studied. He studied fighter pilot tactics, studied aeronautical engineering, studied bureaucrats and how to avoid their traps, studied evolution and biology, and studied history. And Boyd synthesized in a way that only a real practitioner of war could to produce a briefing called Patterns of Conflict that is still having a big impact on the world today.This post summarizes some key points worth reflecting on as the world views and reacts to the Russian invasion of Ukraine.
Thinking Strategically About What Comes Next and How To Mitigate Risk As we have previously mentioned, the Russian aggression against Ukraine will have impacts far beyond the region. All companies and all government organizations (including those at local and state levels) should evaluate the potential impact of these hostilities on operations. We are a nation interconnected with the world by complex supply chains and a global high speed internet and must be ready to deal with impacts.
Twitter List For Tactical Information: This Twitter list of vetted resources that have reported accurately on tactical moves in the Ukrainian theater can be used to quickly capture the gist of a dynamic military situation.
C-Suite Guide: Improving Cybersecurity Posture Before Russia Invades Ukraine: The capabilities of Russia to conduct cyber espionage and cyber attack have been battle tested and are hard to thwart even during daily “peacetime” operations. They include well resourced capabilities of the military and intelligence services and also deep technical expertise in the Russian business ecosystem and in organized crime which operates as part of Russian national power. Proof points of Russian capabilities include the massive and sophisticated Solar Winds attacks which leveraged low and slow, well thought out plans to achieve access to multiple well-protected targets. Ransomware successes by Russian based criminal networks are also instructive as to the capability of Russian cyber threat actors. The use of malicious self replicating code (worms/virus/trojan) to spread malicious code into infrastructure is also well proven with decades of practice including fielding software that replicates from unclassified to classified systems in the military and spreads throughout critical infrastructure. This post goes beyond an articulation of the threat into recommendations leaders seeking to mitigate cyber threats from Russia including threats before, during and after a Ukraine invasion.
What The C-Suite Needs To Know About The Threat To Space Based Systems (and what to do about it): OODA recently updated the analysis below on threats to space based assets (with a focus on what the C-Suite needs to know) because of tensions with Russia and continued testing of satellite destruction capabilities the most recent of which (Nov 2021) caused significant increases in dangerous space debris. We recommend this be read in conjunction with our report on what the C-Suite needs to know about the cybersecurity threats due to the coming Russian invasion of Ukraine, see links in the document for more.
Will China Replicate Russia’s Cyber Offensives in a Taiwan Reunification?: The current situation in the Ukraine has garnered the world’s attention with stakeholders watching attentively as the crisis unfolds. Such regional hotspots have the potential of spilling over into neighboring countries and pulling in governments from all over the world in some capacity. The threat of armed conflict escalating into a major global engagement is always a possibility. China and Taiwan are eagerly watching the crisis as well, but largely for different reasons. While Taiwan is interested to see how friendly governments come to Ukraine’s aid, China is observing how Russia may go about reclaiming territory of the former Soviet Union, in the attempts of gaining insight into how such an act can be accomplished successfully, should Moscow do just that.
A Warning for the U.S. Chip Industry: Russian Retaliation Could Hit Supply of Key Materials: Russia may retaliate against the U.S. threat of trade sanctions and export curbs by blocking access to key materials like neon and palladium. Ukraine supplies over 90% of U.S. semiconductor-grade neon. This type of supply chain-based retaliation has become a priority concern for the White House, which is encouraging a broad diversification of the supply chain in the event Russia limits access to these key materials.
In 2022, the Strategic Impact of Global Intermodal Supply Chain Gridlock on IT Supply Chain Remains High: The OODA Loop Research Team has been tracking the impact on supply chains from the onset of the pandemic.
Russia’s Long Game, Leadership Lessons, and Learning from Failure: In February of 2021, Matt Devost spoke to Rob Richer, a highly regarded advisor to international executives and global government leaders including several heads of state. Rob has a well-informed perspective on international risks and opportunities and an ability to analyze and distill observations in a way that is meaningful for your decision-making process. In light of the conditions in Europe, this portion of their initial OODAcast conversation is timely and includes a discussion of Richer’s time as the head of CIA Russian Operations, his perspective on U.S./Russian relations (especially the role of cyber), leadership, the role of failure, and decision-making.
Charity Wright on China’s Digital Colonialism: Charity Wright is a Cyber Threat Intelligence Analyst with over 15 years of experience at the US Army and the National Security Agency, where she translated Mandarin Chinese. Charity now specializes in dark web cyber threat intelligence, counter-disinformation, and strategic intelligence at Recorded Future. Her analysis has provided deep insights into a variety of incidents, activities and strategic moves by well resourced adversaries, primarily actors operating in China.
The January 2022 OODA Network Member Meeting: Putin, Russia, Gray Zone Conflict Capabilities and The Future of Europe: To help members optimize opportunities and reduce risk, OODA hosts a monthly video call to discuss items of common interest to our membership. These highly collaborative sessions are always a great way for our members to meet and interact with each other while talking about topics like global risks, emerging technologies, cybersecurity, and current or future events impacting their organizations. We also use these sessions to help better focus our research and better understand member needs.
CISA Insights Bulletin Urges U.S. Preparation for Data Wiping Attacks :In what felt like coordinated attacks last Friday, data-wiping malware (masquerading as ransomware) hit Ukrainian government organizations and was quickly followed by an aggressive unattributed cyber attack on Ukrainian government sites. The attacks prompted the release of a CISA Insights Bulletin urging U.S. organizations to strengthen their cybersecurity defenses.
Additional Context on OODA Reporting on Russia’s Military-Technical Maneuvers in Europe: We are conscious of our need to keep our usual variety of News Brief and OODA Analysis, but for obvious reasons, this week is top-heavy with Russian, NATO, and Ukrainian coverage. We intend on keeping our focus on providing context you need vice the blow by blow of major moves. Like in other domains we endeavor to provide the “So What?” and “What’s Next?” you need to help drive your decisions.
OODA Research Report- The Russian Threat: This special report captures insights into the capabilities and intent of the Russian Threat, with a special focus on the cyber domain. Our objective: provide insights that are actionable for business and government leaders seeking to mitigate risks through informed decisions.
About the Author
Bob Gourley
Bob Gourley is an experienced Chief Technology Officer (CTO), Board Qualified Technical Executive (QTE), author and entrepreneur with extensive past performance in enterprise IT, corporate cybersecurity and data analytics. CTO of OODA LLC, a unique team of international experts which provide board advisory and cybersecurity consulting services. OODA publishes OODALoop.com. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.
Subscribe to OODA Daily Pulse
The OODA Daily Pulse Report provides a detailed summary of the top cybersecurity, technology, and global risk stories of the day.