Category Archives: Russia

Increased Alarm over Intrusion into U.S. and Sandia/Los Alamos

Posted on by

WASHINGTON (AP) — Federal authorities expressed increased alarm Thursday about an intrusion into U.S. and other computer systems around the globe that officials suspect was carried out by Russian hackers. The nation’s cybersecurity agency warned of a “grave” risk to government and private networks.

The Cybersecurity and Infrastructure Security Agency said in its most detailed comments yet that the intrusion had compromised federal agencies as well as “critical infrastructure” in a sophisticated attack that was hard to detect and will be difficult to undo.

CISA did not say which agencies or infrastructure had been breached or what information taken in an attack that it previously said appeared to have begun in March.

“This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the agency said in its unusual alert. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”

President Donald Trump, whose administration has been criticized for eliminating a White House cybersecurity adviser and downplaying Russian interference in the 2016 presidential election, has made no public statements about the breach.

President-elect Joe Biden said he would make cybersecurity a top priority of his administration, but that stronger defenses are not enough.

“We need to disrupt and deter our adversaries from undertaking significant cyberattacks in the first place,” he said. “We will do that by, among other things, imposing substantial costs on those responsible for such malicious attacks, including in coordination with our allies and partners.”

The cybersecurity agency previously said the perpetrators had used network management software from Texas-based SolarWinds t o infiltrate computer networks. Its new alert said the attackers may have used other methods, as well.

Over the weekend, amid reports that the Treasury and Commerce departments were breached, CISA directed all civilian agencies of the federal government to remove SolarWinds from their servers. The cybersecurity agencies of Britain and Ireland issued similar alerts.

A U.S. official previously told The Associated Press that Russia-based hackers were suspected, but neither CISA nor the FBI has publicly said who is believed be responsible. Asked whether Russia was behind the attack, the official said: “We believe so. We haven’t said that publicly yet because it isn’t 100% confirmed.”

Another U.S. official, speaking Thursday on condition of anonymity to discuss a matter that is under investigation, said the hack was severe and extremely damaging although the administration was not yet ready to publicly blame anyone for it.

“This is looking like it’s the worst hacking case in the history of America,” the official said. “They got into everything.”

The official said the administration is working on the assumption that most, if not all, government agencies were compromised but the extent of the damage was not yet known.

This hack had nothing to do with President Trump firing Director Krebs at CISA even though Associated Press keeps suggesting. But things just took a turn for the bad bad side –>

Sandia National Laboratories - From the Manhattan Project to a National Lab Sandia

Texas A&M System part of team awarded lucrative Los Alamos National Lab contract | The Texas Tribune Los Alamos

The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said.

On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies after being briefed by Rocky Campione, the chief information officer at DOE.

They found suspicious activity in networks belonging to the Federal Energy Regulatory Commission (FERC), Sandia and Los Alamos national laboratories in New Mexico and Washington, the Office of Secure Transportation and the Richland Field Office of the DOE. The hackers have been able to do more damage at FERC than the other agencies, the officials said, but did not elaborate.

Federal investigators have been combing through networks in recent days to determine what hackers had been able to access and/or steal, and officials at DOE still don’t know whether the attackers were able to access anything, the people said, noting that the investigation is ongoing and they may not know the full extent of the damage “for weeks.”

Spokespeople for DOE did not immediately respond to requests for comment.

The attack on DOE is the clearest sign yet that the hackers were able to access the networks belonging to a core part of the U.S. national security enterprise. The hackers are believed to have gained access to the federal agencies’ networks by compromising the software company SolarWinds, which sells IT management products to hundreds of government and private-sector clients.

DOE officials were planning on Thursday to notify the House and Senate Energy committees, House and Senate Energy and Water Development subcommittees, House and Senate Armed Services committees, and the New Mexico and Washington State delegations of the breach, the officials said.

The FBI, Cybersecurity and Infrastructure Security Agency, and Office of the Director of National Intelligence acknowledged the “ongoing” cybersecurity campaign in a joint statement released on Wednesday, saying that they had only become aware of the incident in recent days.

“This is a developing situation, and while we continue to work to understand the full extent of this campaign, we know this compromise has affected networks within the federal government,” the statement read.

NNSA is responsible for managing the nation’s nuclear weapons, and while it gets the least attention, it takes up the vast majority of DOE’s budget. Similarly, the Sandia and Los Alamos National Labs conduct atomic research related to both civil nuclear power and nuclear weapons. The Office of Secure Transportation is tasked with moving enriched uranium and other materials critical for maintaining the nuclear stockpile.

Hackers may have been casting too wide a net when they targeted DOE’s Richland Field Office, whose primary responsibility is overseeing the cleanup of the Hanford nuclear waste site in Washington state. During World War II and the Cold War, the U.S. produced two- thirds of its plutonium there, but the site hasn’t been active since 1971.

The attack on the Federal Energy Regulatory Commission may have been an effort to disrupt the nation’s bulk electric grid. FERC doesn’t directly manage any power flows, but it does store sensitive data on the grid that could be used to identify the most disruptive locations for future attacks.

Space Command Alarmed at Russia’s Anti-Satellite Weapons Test

Posted on by

WASHINGTON — Russia conducted its second test this year of a direct ascent anti-satellite missile test, according to a U.S. Space Command, yet again drawing sharp criticism from the U.S.

“Russia has made space a war-fighting domain by testing space-based and ground-based weapons intended to target and destroy satellites. This fact is inconsistent with Moscow’s public claims that Russia seeks to prevent conflict in space,” said Space Command head Gen. James Dickinson in a statement. “Space is critical to all nations. It is a shared interest to create the conditions for a safe, stable and operationally sustainable space environment.”

U.S. SPACECOM nominee Dickinson says countries must be ...

Space Command said the direct-ascent anti-satellite missile tested is a kinetic weapon capable of destroying satellites in low Earth orbit. A similar anti-satellite missile test by India in March 2019 that destroyed the nation’s own satellite on orbit drew criticism from observers, who noted that the debris created from the threat could cause indirect damage to other satellites.

Russia has completed tests of its Nudol ballistic-missile system several times in recent years, including in April of this year. Nudol can be used as an anti-satellite weapon and is capable of destroying satellites in low Earth orbit. According to the CSIS Aerospace Security Project’s “Space Threat Assessment 2020,” Russia conducted its seventh Nudol test in 2018.

Under the Trump administration, the U.S. has used the development and testing of anti-satellite weapons by Russia and China as a justification for creating both Space Command and the U.S. Space Force in 2019.

“The establishment of U.S. Space Command as the nation’s unified combatant command for space and U.S. Space Force as the primary branch of the U.S. Armed Forces that presents space combat and combat support capabilities to U.S. Space Command could not have been timelier. We stand ready and committed to deter aggression and defend our nation and our allies from hostile acts in space,” Dickenson said.

Acting Secretary of Defense Christopher C. Miller made similar comments last week as the White House released a new National Space Policy, which calls for the U.S. to defeat aggression and promote norms of behavior in space

“Our adversaries have made space a war-fighting domain, and we have to adapt our national security organizations, policies, strategies, doctrine, security classification frameworks and capabilities for this new strategic environment. Over the last year we have established the necessary organizations to ensure we can deter hostilities, demonstrate responsible behaviors, defeat aggression and protect the interests of the United States and our allies.”

***

Kilopower  An illustration of a Kilopower nuclear reactor on the moon. Development of surface nuclear power technologies is a key element of the roadmap included in Space Policy Directive 6. Credit: NASA

The White House released a new space policy directive Dec. 16 intended to serve as a strategic roadmap for the development of space nuclear power and propulsion technologies.

Space Policy Directive (SPD) 6, titled “National Strategy for Space Nuclear Power and Propulsion,” discusses responsibilities and areas of cooperation among federal government agencies in the development of capabilities ranging from surface nuclear power systems to nuclear thermal propulsion, collectively known as space nuclear power and propulsion (SNPP).

“This memorandum establishes a national strategy to ensure the development and use of SNPP systems when appropriate to enable and achieve the scientific, exploration, national security, and commercial objectives of the United States,” the 12-page document states.

SPD-6 sets out three principles for the development of space nuclear systems: safety, security and sustainability. It also describes roles and responsibilities for various agencies involved with development, use or oversight of such systems.

Much of the document, though, is a roadmap for the development of nuclear power and propulsion systems. It sets a goal of, by the mid-2020s, developing uranium fuel processing capabilities needed for surface power and in-space propulsion systems. By the mid to late 2020s, NASA would complete the development and testing of a surface nuclear power system for lunar missions that can be scalable for later missions to Mars.

SPD-6 calls for, by the late 2020s, establishing the “technical foundations and capabilities” needed for nuclear thermal propulsion systems. It also sets a goal of developing advanced radioisotope power systems, versions of radioisotope thermoelectric generators (RTGs) long used on NASA missions, by 2030.

Many of the initiatives outlined in SPD-6 are already in progress. NASA has been working with the Department of Energy (DOE) on a project called Kilopower to develop surface nuclear reactors, including efforts to seek proposals to develop a reactor for use on the moon. NASA has also been studying nuclear thermal propulsion, an initiative backed by some in Congress who have set aside funding in NASA’s space technology program for that effort.

“We have these individual initiatives going on — nuclear thermal power, the Kilopower activities — and what we’re trying to do is pull together a common operating picture for Defense, NASA and DOE,” said a senior administration official, speaking on background about SPD-6.

That roadmap and schedule is also intended to prioritize those activities. Surface nuclear power is needed in the nearer term to support lunar missions later in the decade, particularly to handle the two-week lunar night. Nuclear thermal propulsion, as well as alternative nuclear electric propulsion technologies, are less critical since they are primarily intended to support later missions to Mars.

“Those things are important for going to Mars,” the official said of nuclear propulsion, “but first we’re doing the moon and leveraging terrestrial capabilities and technologies to put that foothold on the moon.”

Another issue addressed in SPD-6 is the use of different types of uranium. Tests in 2018 as part of the Kilopower program used highly enriched uranium, or HEU. That project, and discussions by NASA and DOE to use HEU for flight reactors, raised concerns in the nuclear nonproliferation community. They were worried that it could set a precedent for renewed production of HEU, which is also used in nuclear weapons.

SPD-6 restricts, but does not prohibit, the use of HEU in space nuclear systems. “Before selecting HEU or, for fission reactor systems, any nuclear fuel other than low-enriched uranium (LEU), for any given SNPP design or mission, the sponsoring agency shall conduct a thorough technical review to assess the viability of alternative nuclear fuels,” it states.

“We want to keep those proliferation concerns foremost in our minds,” a senior administration official said. “We don’t want to necessarily rule out HEU if that’s the only way to get a mission about, but we want to be very deliberate about it.”

The policy, an official said, “sets an extremely high bar” for non-defense use of HEU on space systems, citing progress on high-assay low enriched uranium, which can provide power levels similar to HEU systems with only a modest mass penalty.

The White House released SPD-6 a week after it issued a new national space policy during a meeting of the National Space Council. That broader policy briefly addressed space nuclear power and propulsion, discussing roles for various agencies, but did not mention the roadmap or other details found in SPD-6.

Many thought the release of the national space policy would conclude the administration’s work on space policy, making SPD-6 something of a surprise. A senior administration official said work on various space policy directives and the national space policy had been slowed down by the coronavirus pandemic, but wouldn’t rule out additional announcements in the remaining five weeks of the Trump administration.

AG Barr Resigns

Posted on by

Image

Image

Politico lists a critique of the relationship between President Trump and AG Barr.

Now, what action items has AG Barr launched in recent weeks and what may be expected…

  • Barr had sounded frequent alarms in advance of the election about the potential for fraud, particularly through foreign interference in mail-in balloting, infuriating Democrats who emphasized there was no evidence such a plot was afoot.
  • Barr unilaterally appointed U.S. Attorney John Durham to review the origins of the Trump-Russia probe, known as Crossfire Hurricane — and in October, he elevated Durham’s ongoing inquiry into a full-fledged special counsel investigation.
  • Barr also appointed U.S. Attorney Jeffrey Jensen to review the FBI’s handling of the investigation of former National Security Adviser Michael Flynn, a probe that became the basis of Barr’s decision to recommend dismissing charges against him. The U.S. District Court judge in that case, Emmet Sullivan, considered the Justice Department’s reasons as “dubious” and likely a pretextual effort to protect an ally of the president, but he ultimately dropped the matter after Trump pardoned Flynn.
  • The US attorney’s office in Delaware is led by David Weiss, who was appointed by Trump and sworn into the position in February 2018. A spokesperson for the US attorney’s office in Delaware declined to comment, citing the ongoing nature of the investigation of Hunter Biden, the Biden family which has become comprehensive including money-laundering, foreign agency crimes and income tax fraud.

AG Barr has appointed Jeffrey Rosen to the position of Acting Attorney General. For reference his credentials include:

  1. Taking the lead on the antitrust case against Google.
  2. Driving the sensitive litigation that the White House had an interest in, including a lawsuit against Mr. Trump’s former national security adviser, John Bolton, over the publication of his book in June.
  3. Mr. Rosen also led the Justice Department’s charge against Purdue Pharma LP. It agreed to plead guilty to three felonies related to its marketing and distribution of powerful painkiller OxyContin as part of an $8.34 billion settlement over tactics the government said helped fuel the opioid crisis.

Additionally, Richard Donoghue has been elevated at the DoJ. Donoghue served in the Judge Advocate General’s Corps, United States Army, where he was a Military Magistrate Judge, Prosecutor, Defense Counsel, and Contract Litigator. He also served in the 82nd Airborne Division. Donogue worked at the United States District Court for the Eastern District of New York before leaving to serve as Principal Associate Deputy Attorney General and Counselor to the U.S. Attorney General. Donogue was selected to serve as United States Attorney in January 2018. In 2020, it was announced that Donoghue would leave the Eastern District to serve as Principal Associate Deputy Attorney General at the United States Department of Justice

*** You should consider that AG Barr is a veteran of how Washington DC works and in his last days has crafted an operational playbook not only for the White House Office of Legal Counsel but to the Department of Justice. Interesting items are on deck that do include the Biden family, the still open wounds of the existing and former FBI officials, China operatives in the U.S. embedded with Democrat politicians and then cases against Google and Big Tech and the matter of a fraudulent election system in also front and center. Sadly, we must be wait and hence we need to judge slowly.

Details: Cozy Bear, Solarwinds, FireEye and the Hack of the US Govt

Posted on by

Cozy Bear (also called APT29, a known unit of Russia’s SVR foreign intelligence service) appears to have been behind the attack, the Wall Street Journal reports. Moscow denies any involvement in the incident. Reuters adds that the Kremlin thinks the Americans should have been more mutual, more cooperative.

FireEye calls the backdoor “Sunburst.” Microsoft’s Security Response Center has a detailed account of how the malware functions. Both FireEye and Microsoft have upgraded their security products to include measures for detecting and protecting against the attack. SolarWinds urges its customers to “upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible.”

Global cybersecurity firm FireEye hacked by foreign ... source

When FireEye Inc. discovered that it was hacked this month, the cybersecurity firm’s investigators immediately set about trying to figure out how attackers got past its defenses.

It wasn’t just FireEye that got attacked, they quickly found out. Investigators discovered a vunerability in a product made by one of its software providers, Texas-based SolarWinds Corp.

“We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds,” said Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye’s incident response arm.

After discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said.

In part: Washington — U.S. government agencies were ordered to scour their networks for malware and disconnect potentially compromised servers after authorities learned that the Treasury and Commerce departments had been hacked in a months-long global cyberespionage campaign. The campaign was discovered when a prominent cybersecurity firm learned it had been breached.

In a rare emergency directive issued late Sunday, the Department of Homeland Security’s cybersecurity arm warned of an “unacceptable risk” to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier.

“This can turn into one of the most impactful espionage campaigns on record,” said cybersecurity expert Dmitri Alperovitch.

The apparent conduit for the Treasury and Commerce Department hacks – and the FireEye compromise – is a hugely popular piece of server software called SolarWinds. It’s used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies that will now be scrambling to patch up their networks, said Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.

On its website, SolarWinds says it has 300,000 customers worldwide, including all five branches of the U.S. military, the Pentagon, the State Department, NASA, the National Security Agency, the Department of Justice and the White House. It says the 10 leading U.S. telecommunications companies and top five U.S. accounting firms are also among customers.

The DHS directive – only the fifth since such directives were created in 2015 – said U.S. agencies should immediately disconnect or power down any machines running the impacted SolarWinds software.

“We believe that this vulnerability is the result of a highly-sophisticated, targeted and manual supply chain attack by a nation state,” said SolarWinds CEO Kevin Thompson said in a statement. He said it was working with the FBI, FireEye and intelligence community. More here.

***  SolarWinds of Austin posts sharp rise in revenue - Austin ... source

Many more details on consequence –>

It turns out that the attackers also compromised the Department of Homeland Security. SolarWinds revealed to the Securities and Exchange Commission that the breach may affect 18,000 customers.

It appears that, in March 2020, someone managed to modify the SolarWinds Orion software during the build process—that is, the process that translates the human-readable code and merges it into a form that a computer can execute. This timing is based on both the Microsoft and FireEye analyses, as well as the reported versions affected by SolarWinds.

This modification included a sophisticated and stealthy Trojan program, designed to remotely control any computer that installed SolarWinds Orion. When customers installed the latest update, the Trojan program would start running on the victims’ computers. This is considered a software “supply chain attack”: The intended victims received a polluted copy of the Orion software directly or indirectly from SolarWinds.

What Now?

Christmas is now officially cancelled for three groups. The first is for the IT staff working for the perhaps 18,000 SolarWinds customers affected by the breach, who are going to have to spend the next weeks rebuilding their networks and going over everything with a fine-toothed comb looking for various backdoors. This is going to be a lot of work to sort out. The only good thing is that most of the customers don’t have secondary backdoors to worry about, because the biggest problem faced by the attacker was simply the target-rich environment. Each effort at exploitation increases the risk of discovery, and in the end, there are only so many people who can conduct these attacks.

The second group is the U.S. intelligence community. This attack started in March with the first exploitation starting in April. Either they didn’t know about it—a failure in the “defend forward” philosophy—or they did know about it, in which case they also failed to defend forward. There are going to be tough questions that the intelligence community will need to answer internally.

The final group is the Russian government. This was an amazingly valuable intelligence feed, capturing U.S. government communication leading up to the transition as well as critical insights into U.S. financial controls. Now the feed has gone dark and Russia has lost a hugely powerful asset. But then again, these are a bunch of Russian spies, so in the immortal words of every sysadmin: “fsck those guys”.

More here.

Could Crimea Soon be Free of Russian Occupation/Annexation?

Posted on by

Just a few days ago…

Crimea | History, Map, Geography, & People | Britannica

France24: The UN General Assembly on Monday adopted a resolution urging Russia to end its “temporary occupation” of Crimea, which Moscow took over in 2014, “without delay.”

The resolution on the militarization of the peninsula of Crimea, the port of Sevastopol and parts of the Black Sea and the Sea of Azov was adopted by 63 countries, with 17 voting against and 62 abstaining.

The resolution is non-binding but has political significance. It was put forward by 40 countries, including Britain, France, Germany and the Baltic states, as well the United States, Australia, Canada and Turkey.

The resolution “urges the Russian Federation, as the occupying Power, immediately, completely and unconditionally to withdraw its military forces from Crimea and end its temporary occupation of the territory of Ukraine without delay.”

Facing the “continuing destabilization of Crimea owing to transfers by the Russian Federation of advanced weapon systems, including nuclear-capable aircraft and missiles, weapons, ammunition and military personnel to the territory of Ukraine,” the resolution called on Russia to stop all such transfers “without delay.”

Fighting between Ukrainian troops and forces backed by Russia has left more than 13,000 dead since 2014, when Russia annexed Crimea and pro-Russian forces in the east of Ukraine rebelled against Kiev.

At the UN Security Council, tensions between Russia and western countries over the conflict remain in sharp focus, as was shown by an informal meeting last week by Moscow on the 2015 Minsk accords between Ukraine and Russia, which were sponsored by France and Germany.

Berlin and Paris sparked Russian fury by boycotting the meeting, described by European countries as an international platform offered to the Donbass separatists, several of whom had been invited to speak by Moscow.

*** Analysis: Why Russia's Crimea move fails legal test - BBC News  source

Is Crimea Now Costing Russia More Than It Is Worth?

Paul Goble
In the euphoria that surrounded Vladimir Putin’s annexation of Ukraine’s Crimea six years ago, most Russians were more than willing to spend money to integrate that region into the Russian Federation. But at that time, they had little idea just how much that process would cost. Not only did that aggressive breach of international law trigger Western sanctions against Russia, but the authorities in Moscow also never gave the public an honest estimate of just how much money would need to be spent, nor for how long, even after the Kremlin proclaimed the peninsula’s absorption an accomplished fact. Were the Russian economy doing well, that might not matter; but it is not (see EDM, May 6, 12, 18, November 30), and the subsidies going to Crimea are, of course, unavailable to support the domestic needs of the increasingly hard-pressed Russian people in Russia proper. That contradiction could, therefore, encourage Putin to try to launch a new military advance to cover these losses.

Russian regional affairs analyst Anton Chablin points out that the recently released budget figures for 2021 show enormous spending on Crimea is set to continue. Moscow plans to channel no less than 102 billion rubles ($1.5 billion) to support 68 percent of the budget of Crimea. That figure is larger than the subsidies going to Dagestan and Chechnya: 96.7 billion rubles ($1.4 billion) and 78.8 billion rubles ($1.1 billion), respectively. When the Russian economy was somewhat healthier, Russians generally ignored those costs as the generous outlays to the country’s newest imperial possession were not considered a serious problem. But now, the situation has changed; and the numbers Chablin cites will likely lead an increasing number of Russians to ask whether Crimea is worth it. Although such a mental shift may not push Moscow to return Crimea to Ukraine, it could certainly further undermine Russian support for Putin and make it more likely he will launch some new offensive to rebuild “patriotic” fervor around himself (Akcent.site, December 7).

The first signs of popular unhappiness about this spending are likely to emerge as the State Duma (lower chamber of parliament) considers the budget, Chablin writes. Deputies almost certainly will focus on three things: 1) the growth in Moscow’s subsidies rather than the declines the Kremlin had promised in earlier years; 2) the overly optimistic predictions about tax collection made by the Russian regime in Crimea that are unlikely to be met and that will force Moscow to pay out even more than it is budgeting; and, especially offensive to many in the current environment, 3) the fact that the administration on the peninsula continues to spend ever more money on itself rather than on things like vacation resorts that might benefit average Russians (Akcent.site, December 7).

From the beginning of the annexation, independent Russian observers did point out that the direct costs associated with integrating Crimea would be far larger than and last longer than the Kremlin promised. Historian Arkady Popov, for example, said that the Kremlin’s pledge to end subsidies amounting to a trillion rubles ($160 billion) after only five or six years was absurd. Not only was that amount, in fact, more than Moscow could possibly afford—it exceeded the projected subsidies to the North Caucasus and the Russian Far East over the same period—but it was actually far less than would be needed given the collapse of the economy in Crimea since Russia occupied it (Ej.ru, September 28, 2015). And even then, there were Russians complaining that Moscow had “billions” for Crimea but no money to refurbish their decaying housing
(Forum-msk.org, March 26, 2014).

In the intervening years, various experts have attempted to put a price on Moscow’s assistance to Crimea; however, the Russian government has done what it can to obscure what it has been spending. Perhaps the best estimate came last year. It was prepared by economist Sergei Aleksashenko, who, in a book-length study, asserts that Crimea had by then cost Russia 1.5 trillion rubles ($23.5 billion). That figure, he points out in the piece, equals approximately 10,000 rubles ($160) for every man, woman and child in the Russian Federation. Or put another way, Aleksashenko continues, Moscow is now spending on Crimea 357 times the amount it is spending on the Russian Academy of Sciences, even though he concedes that a majority of Russians, as of 2019, did not think that the annexation was having a negative impact on their lives (Forbes.ru, March 24, 2019).

That passive acceptance may now be changing. For one thing, these budget figures are coming to light at a time of pandemic-induced suffering. And for another, Russians are increasingly aware of the collateral financial costs associated with Crimea that are not being counted in those base subsidy amounts. Among the largest of these associated costs, which has attracted significant attention recently, is what Moscow may be forced to spend in the coming months to ensure that the peninsula has enough drinking water (see EDM, February 26, August 12). Those estimated expenses are sufficiently great that Putin might decide on an alternative solution: launching a new military campaign against Ukraine to gain control of water supplies that Crimea lost access to when Russia occupied it (see EDM, May 21). If that were to happen, what may seem like a minor budgetary dispute could reignite the military conflict between Moscow and Kyiv, with all the far-reaching consequences that would involve.