OperationSpiderweb
The Spiderweb attack occurred today (). This is a quick writeup, and doesn't include sources to the (disconnected) intel notebook, but allows for easier sharing. It is also being written after reading a lot of OSINT info earlier so I've lost track of some of the source material.
Key background points:
- Russia lost up to about a third of its strategic air assets.
- Most of these were in the open due to requirements from the New START treaty. While an Obama era treaty with the same malicious DoS, it's still the reality.
- Russia did stop participating in the treaty in 2023, meaning no inspections have been done, but this may be a concession on their part.
- Russia does not have the ability to replace these assets; though it's worth noting that Ukraine is only still a country due to foreign military hardware being sent over.
- The attack was launched via containers on trucks at 3 or 4 airfields
(including one 4000km+ inside Russia), using "autonomous" drones;
the containers self-destructed after launching the drones.
- AN: It's unclear whether it was actually autonomous or remotely piloted. Video was streamed back, at least.
- AN: Some reports say they were fiber optic guided, but this is unlikely due to the self-destruct mechanism built into the containers.
- The drones (or the truck-based infrastructure) used Russian telecommunications infastructure to transmit back.
- AN: Ukraine has also historically used Starlink for battlefield comms (as one element).
- The drones appear to have used Ardupilot1, which likely means unencrypted control communications.
- AN: The MavLink protocol claims have not been verified, not has it been verified that the control protocol is unencrypted (which is unlikely).
- There was also a strike on the northern fleet command administrative
center, with some reports suggesting that a nuclear sub may have
been hit.
- AN: It is unlikely that a sub was hit, and it is more likely that one or more ships were hit.
- There are claims that one of the strikes was launched from NATO territory2, which would represent a significant escalation.
AN: Potential responses:
- Oreshnik strikes, similar to those used in Dnipro in November 2024.
- The claim that a strike was launched from NATO territory raises serious concerns that Russia may decide to expand the scope of its targeting. This is an ongoing escalation of NATO's role in the conflict.
- Russia could destroy Ukraine's power grid kinetically, essentially paralyzing the country.
- Russia could start attacking Starlink constellations.
- Cyber attacks on Ukrainian or European infrastructure.
- US infrastructure is also incredibly vulnerable.
- Sandworm, written in 2020 (before the invasion) documents some of the history here.
Vulnerabilities in the homeland:
- The requirement to have strategic bombers in the open applies to
the US as well, meaning we are vulnerable to the same types of
attacks.
- Furthermore, an attack on soft targets like this raises the ante for any other soft targets, to include civilians.
- CCP-backed entities have bought up significant land near military
bases in the US. It would be trivial to smuggle in components or
even assemble the drones in the US.
- This is particularly relevant as many of the drone and electronics mnufacturers are Chinese based, and therefore subject to the CCP. They could easily support custom firmware (e.g. without geofencing) to support CCP strikes.
- AN: There are a significant number of truck drivers in the US who are not Americans. This would be a useful pool for recruitment.
- The Russia-China-Venezuelan triad is incredibly well positioned to
conduct deniable strikes inside the US, or to conduct a major
attack.
- AN: For example, the industrial accidents last year (e.g., the East Palestine derailment) were largely not accidents.
- AN: It's outside the scope of this INTSUM, but there is significant open-source and virtually guaranteed non-public intelligence that indicates Venezuelan special operations teams are inside the US.