In what security experts say is an unprecedented wartime leak, Ukrainian newspaper Ukrayinska Pravda published what it claims are the personal details of 120,000 Russian service personnel fighting in Ukraine. The nearly 6,000 pages of information, if accurate, contain names, registration numbers, and place of service for well over half of the estimated number of Russian soldiers who have invaded Ukraine.
The data was obtained by a Ukrainian think tank called The Center for Defense Strategies, which was created to monitor defense reforms and develop key government policies affecting Ukraine’s security and defense sector, with a particular focus on building independent analytical capabilities “at the level of the United States and Britain.” The Center is headed by former Ukraine Defense Minister Andriy Zahorodniuk. Its board includes international security expert Alina Frolova, state asset management expert Oleksiy Martsenyuk, former Ukrainian Foreign Minister Volodymyr Ohryzko, and economic and energy security expert Oleksandr Kharchenko.
High-profile Western security experts also sit on the Center’s board. Among them are the former U.S. Ambassador to Ukraine William Taylor, former Commander-In-Chief of U.S. European Command General Wesley Clark, former Special Defense Advisor to the Ukrainian Defense Ministry from Britain Phil Jones, and Professor of the Department of War Studies at King’s College Neville Bolt.
One of the “most devastating leaks of all time”
Thomas Rid, Professor of Strategic Studies at Johns Hopkins University’s School of Advanced International Studies, said in a tweet that if the leak is confirmed as accurate, “we’re probably looking at one of the best-timed and most devastating leaks of all time.” Elad Ratson, Former Israeli diplomat and an expert in the field of digital diplomacy and digital communications, tweeted that if the leak is valid, “This would mark the 1ˢᵗ use #doxing as a weapon of war in the history of warfare!”
The Center’s objective in leaking the data is unclear. Rid said that, “We know from history that a leak of personnel names has a powerful psychological effect on the organization in question. It creates an acute sense of vulnerability, in a very personal way, for those in charge, and for those exposed.” Rid also cautioned that some of the data appears to be dated.
One of the most significant leaks, if not the most extensive, of military personnel data occurred in 2007 when defense contractor SAIC failed to properly secure a database containing the personal and sensitive information of around 500,000 U.S. military customers and their families. One special forces officer whose data were exposed in that leak is former Combat Commander and Green Beret Dale Buckner, currently CEO of Global Guardian, an international security firm.
“My entire security clearance was leaked along with several hundred thousand others by SAIC,” Buckner tells CSO. The difference between the SAIC exposure and the leak reported by Ukrayinska Pravda is that “our enemies, if you will, have not tried to manipulate me, they haven’t reached out to me. They’re not reaching out to soldiers directly to try and create a psychological operation to shape our view of the world or conflict or anything else.”
Russian soldiers are now prime targets for anti-Russian messaging
The lack of direct action in the case of the SAIC leak stands in contrast to the danger Russia faces if the leak contains accurate data on soldiers currently fighting in Russia. “What’s different about this is you have Russian soldiers who are on a steady diet of propaganda within Russia, and now they are outside of Russia. They’re seeing and being given access on cell phones and on laptops where they’re at in Ukraine; they’re being exposed to the West.”
“They’re getting messaging and seeing news stories about what’s happening with the U.S. and NATO and how Vladimir Putin is being looked at and how Russia is being characterized around the world. They would never see that in Russia,” Buckner says.
The soldiers are also now prime targets for further anti-Russia messaging and even malware infestation. These actions will likely demoralize and weaken what has been described in Western and Ukrainian media as an already-dispirited Russian military invasion force. Hacking organizations “can find those individuals and reach out to them in any way, shape or form email, text, whatever it is, or try to reach out to a family member through an address,” Buckner says.
Bringing psychological warfare directly to the individual
“They can now start a psychological profile and bring psychological warfare directly to the individual, to 120,000 people,” Buckner says, “and a majority of them could be serving in Ukraine or soon be in Ukraine. The number one threat to the Russians is that there are people from the West, probably inside Ukraine or Eastern Europe, that if they have that information, they can now run a psychological profile and then influence those Russian soldiers who we frankly couldn’t reach prior to that leak. The morale is already relatively low, and now they’re going to be profiled and receive a steady diet of messaging.”
“They’re seeing their compatriots being killed, their aircraft being shot out of the sky, their tanks being taken down. They’re seeing the nationalism of Ukraine. You can take the morale of a large portion of 120,000 potentially, and you can absolutely put it at the bottom of the ocean and just destroy whatever preconceived notion of Russian nationalism they had. That’s why this could be so important.”
In terms of the data source, Buckner says it doesn’t matter so long as the data is accurate. “Every single government agency in every modern country in the world is now targeted 24/7, every millisecond of every second for the rest of our lives. Then they’re being targeted by organizations trying to seek information like this. Any personally identifiable information that can be taken can now be manipulated and utilized. So, it doesn’t matter.”
Buckner says that Ukraine has a prime opportunity to deprogram Russian soldiers once they are profiled. “The Ukrainians, if they’re smart, are going take that information; they’re going target those people. And they’re going to start putting in very different thoughts than what the Russians have programmed those soldiers to think and therefore destroy their morale.”
Access to devices opens the door to malware
According to Buckner, once state-backed or activist hackers get a bead on the Russian soldiers’ communications devices, they can install spyware or malware on those devices. “Ransomware, malware, manipulation. It’s all there for the taking,” he says.
Moreover, central intelligence agencies can develop full-fledged profiles on the soldiers almost instantaneously with only two data points. “I can plug those into classified databases that are global,” Buckner says. “It creates an association matrix of everything and everyone that your entire life touches, and it happens in a millisecond. Your assumption has to be that the U.S. and Western NATO countries have that list, and they’re talking, and they’re going to pin the rose on one of these nation-states to go after these 120,000,” Buckner says.
CSO contacted several U.S. government organizations, including the Defense Intelligence Agency, U.S. Cyber Command, NSA, and the Department of Defense, for comment and received no meaningful responses.