Since the onset of the Russian invasion of Ukraine in February, cyberwarfare has played a key role in the strategy of both sides.
For my first writeup to this blog, I’ll be doing a deep-dive into, arguably, the single largest leak of personal data the Russian Military has suffered since the onset of the war, the “Pravda” leak. A dataset containing full details of just under 100,000 Russian soldiers, and one that was heavily misreported, falsely attributed, and largely misunderstood by the wider community and mainstream news.
I’ve decided to split this writeup into two parts due to how massive this dataset is, and how complex it is to fully analyse, part one will have a wider scope, analysing the misattribution of the Pravda leaks and the data contained within. Whereas part two will be a more technical exploration of the dataset itself, crawling the web for social media profiles of the soldiers mentioned, and attempting to analyse and extract key information, IE: troop movements.
Before we address the meat of this research, being the 100k Russian Military leaks (Also currently known as the “Pravda” leaks), it’s important for me to show what’s already been done, and what’s lead me to this point:
- Christopher Ahlberg produced a great initial analysis via gigasheet of the excel data here.
- DFRlab has produced some amazing work pre-war, tracking troop and equipment movements, and post-war using the data provided in this leak.
The Leak
Onto the leak itself, its impact and its misattribution.
The so called “Pravda” leaks were first misattributed to “anonymous” by mainstream news:
This being the earliest "public” source, is dated at the 1st of March, however this leak was being analysed by myself and a number of others over Discord only a couple of days after the invasion on the 24th of February, although the leak itself was obtained on the 25th, the day after the invasion begun:
The dataset was originally collated and created by the Centre for Defence Strategies of Ukraine (CDSU), and shared privately with a number of people and organisations before being sent to Pravda to “go public”.
When the dataset was originally collated by the CDSU is unknown, and the people responsible for the datasets creation, primarily Andriy Zahorodniuk, were not willing to comment.
The data
The .xlsx file contains 97,267 entries for Russian Soldiers, including full names, dates of birth, date of enlistment, rank, ID number and Section number among other details.
Initial analysis of the data shows that the latest edits are from 2021, with some of the data contained being as old as 2007.
Preliminary testing of the data, which involved attempting to track down randomly selected individuals from the dataset provided mixed results, however enough people were successfully tracked down and verified to confirm the validity of the dataset.
Further investigation will involve an automated parse and analysis of all 97,267 entries in an attempt to track down all those directly listed in the leak.
Impact
This was the first time in history a “dox” has been used in warfare.
The timing of this leak was ingeniously planned by the CDSU, being made public just under a week after the invasion of Ukraine had begun, although not verifiable, it is highly likely the dataset was created before the invasion due to how quickly the data was collated and published.
Directly corelating the impact of this leak to quantifiable datapoints is difficult, nearing impossible, the effect this leak was designed to have, and most likely did have, is intangible and psychological, a huge hit to the morale of the soldiers contained within the leak, the commanders responsible for them, and even soldiers not directly listed, creating a unique sense of vulnerability, both for those directly affected, and those that witnessed it happen. Although there are many factors at play regarding the low morale among Russian troops in Ukraine, cyberwarfare, and this leak in-particular, has no doubt played an important role in Russia’s plummeting troop morale, and the war at large.
Footnote
This was my first serious writeup, something short and sweet, and a good way to practice my writing skills while the main research is being conducted, which might take some time, with a full-time degree, work, surgery and Christmas coming up.
