Ukraine's battle of the airwaves
A look at three aspects of wartime radio in Ukraine: the interception of communications between Russian soldiers, how broadcasters are using radio to combat censorship online, and the mysterious silence of a radio transmitter known as 'The Russian Lady'
Written, produced, and edited by Tom Hannen. Additional filming by Rod Fitzgerald & Nicola Stansfield
You can enable subtitles (captions) in the video player
There is an invisible layer to the war in Ukraine. You can't see it or touch it, but it's vital to every aspect of decision making in warfare. This invisible layer is the radio noise. And hidden in the radio noise are signals. We're going to look at three aspects of radio in Ukraine, the interception of communications between Russian soldiers--
--how broadcasters are using radio to combat censorship online, and the mysterious silence of a number station known as the Russian Lady.
Why would a 21st century Russian army send so many unencrypted radio signals on the battlefields of Ukraine? And how can we confirm their legitimacy?
This, as far as we can tell, is a recording of a Russian soldier in Ukraine, but the people who captured it were far away and weren't using radio equipment directly. A software-defined radio is a computer with a radio receiver and an antenna attached. It can pick up radio transmissions across a wide range of frequencies at the same time. The cheapest ones are about 30 pounds.
So you can watch a waterfall of radio signals from across the spectrum and spot one you're interested in, then choose exactly how you want to decode the signal just with the click of a button, no extra equipment required. Connect it to the internet and, suddenly, 100s of people from around the world can stream any radio signal your antenna can pick up. And many people are very interested in monitoring them. Couple those web servers with a chat room app like Discord, and you can create an open-source intelligence team of volunteers, which is what Boyan Malashev did.
My name is Boyan Malashev. Well, Ukrainian Radio Watchers is a really brilliant community that it's made by a lot of people who give a lot of their time and their efforts in trying to listen the Russian communications. When the war could get so intensive, many people actually started to join. We were shared in platforms like Reddit and Twitter, so many people started to understand about us, started to join because most of them wanted to get translations about what is happening.
And we had pretty active translators doing this. I think in the server we have 100 translators. Sometimes, I listen, and sometimes I record. But the main thing I do in the server and how I help the server is by developing the Discord server and making the website.
The recordings and the main function of the community, it's made by the people who are in it. I do not know anything about radios and communications, but it's important because we are dealing with war crimes; we are dealing with deaths; we are dealing with trying to help people who are actually in war right now. We heard how commanders and officers are arranging airstrikes with locations. We are trying to find the call signs of them.
The question of whether we can trust the recordings is a bit of an open one. This is obviously still a conflict, and what we do know is that Ukrainians themselves have been exceptionally good in terms of their information warfare, in terms of their communications about how successful they've been versus the Russians. That said, there, I think, is very little doubt that some of these communications are genuine. Some of the content would be exceptionally hard to fake. And when you put together all of the other material that we've seen, for example, pictures on social media of captured Russian troops, pictures of the radio equipment they were using, all of that together paints a picture that would be very hard to fake.
When you hear the conversations, you can feel it first, and then you have-- we have the experts who can check if this could be manipulated or not. And as we're monitoring a whole day of conversations, we can know that what is happening, it's not fake because sometimes something is happening and-- while they're arranging attack. And in the next seconds, attack actually happens.
We could see that in the news. We could see that the airstrikes actually happened. So yes, we have some evidence that the conversations we monitored are authenticated.
Both sides are fighting quite an aggressive information campaign, so you do have to be wary of that within analysis. Do the things that we're hearing in these transmissions marry up with what we're seeing on the ground? Do they compare well with what other sources are reporting? So if we have seen that there are Russian soldiers carrying unencrypted radios or notionally unencrypted radios, and now we are hearing unencrypted transmissions that have been intercepted, that all points towards that information being something that we can use to form an assessment and begin to construct analysis.
The image of this pretty invincible, very tough Russian war machine has taken a huge knock. I mean, even Western intelligence analysts expected Russia to win pretty easily. They thought that Russia had overwhelming military might, far superior technology, and battlefield experience in places like Syria and, before that, in wars in Georgia, and so on.
As it turns out, the Russian military effort has been much more chaotic than anybody anticipated. And I think that is a big blow to the image of the Russian military and indeed to the image of Russia that Putin has so carefully sculpted because I think a lot of what Putin is trying to do is to say, take us seriously as a great power. He couldn't really do that on an economic level, but Russia could always point to its enormous military might. And now, even that looks slightly less credible than it did before this conflict.
There is another group listening to Russian troops in Ukraine. They call themselves ShadowBreak and were originally a VC-funded security company focused on mapping and other intelligence services. Samuel Cardillo is their founder and head of technology.
We're ShadowBreak. It's a company created, like, three years ago, founded by VC. We're mainly a geospatial intelligence company. Intelligence is our core business. The thing here is that everything we're doing concerning Ukraine has being totally free. The company has unlocked $500,000 of personal money to help Ukraine.
We started a logistic supply run and all the things to serve people within Ukraine, and we're trying to help because I think it's our duty. In terms of military backgrounds, well, I've been serving in the army for three years in the intelligence-- in the Israeli Army. I've been doing intelligence for a very long time. I have a family background in intelligence.
There's been a shift in the last few years, certainly since the Syrian civil war, towards a real prominence of open-source intelligence, open-source reporting. And of course, the great example of this is Bellingcat, which began reporting on munitions that were being photographed by Syrians in the very early stages of the Syrian conflict. Ever since then, we've seen this proliferation of open-source intelligence outfits, websites piecing together information about conflicts and making it public sometimes for commercial gain, sometimes simply because it's viewed as a sort of public good. And a lot of these organisations are funded by donations, by charities by government grants that kind of thing.
There is an open question about all of this, this new world, this frontier, about where the money does always come from and then whose interests might lie behind some of these organisations. Russia, in particular, has repeatedly and baselessly, I should add, slandered organisations like Bellingcat and accused them of being stooges for Western intelligence agencies. Ultimately, a lot of these organisations you have to judge on the content that they are putting out there and the stuff that they are making available.
And I guess that the fundamental factor is that this is publicly available information. It is open-source intelligence. And the better of these organisations make clear what their workings are. They show why they have arrived at certain assumptions, and then, sort of in a kind of Wikipedia format, invite others out there to challenge their conclusions.
The fact that we're kind of expanding within the signal intelligence is a little bit weird. We had to kind of understand a lot of new things and recruit translators, and it's completely new for the company. Right now, most of the people are working with us are volunteers. We have few people who are on full-time salary but very few at this moment for this operation.
There's a big question about where the aerials and where the SDR systems themselves are located because the nearer they are to the battlefield, the clearer the signals they can intercept.
So there is public web SDR which are located outside of Ukraine. And then, we have secured logistical supply at this point. And we're doing things to have web SDR within Ukraine which gives us access to UHF frequencies, which let us listen as well to radio handles, which are shorter waves basically, like nearer troops.
Both ShadowBreak and Ukrainian Radio Watchers say that there have been cyber attacks against many of the servers they use for listening.
I don't know who is behind that, but we've seen clearly cyber attacks against some web SDR. They get hacked and stuff like that. So we could assume it's like either trolls or people who don't want all the people to listen to those frequencies. So we don't know. But yeah, we made our own, and we're still working on making our own kind of private web SDR things, which is also part of the money we've unlocked.
I think many of them are under DDoS attack, which is attacking of hackers so they can stop their services. Maybe some of them were bombed and-- for example, the antenna is broken, or the whole equipment is dead. The number of the web SDRs in Russia and Ukraine are going down, which is a big problem for us because without the web SDRs we cannot do anything.
Boyan also says he's planning to go into Ukraine in order to set up an SDR.
We are thinking to do our own web SDR. I got some connections in my country with people who are actually travelling to Ukraine to bring supplies. So we can-- some day in the next two weeks, we are setting up a web based here in Bulgaria, and we are setting up SDR in Ukraine.
Setting up a system like this was risky even before the current invasion. Last year, Stanislav Stetsenko, a resident of Crimea, was arrested by the Russian Federal Security Service under suspicion of being a Ukrainian informant and was facing up to 25 years in prison if found guilty. So we know how people are tuning into these transmissions, but it still leaves the question, if they know they can be intercepted, why are the Russians using unencrypted radios in a war zone?
The amount of communications we're hearing in clear seems to indicate that Russian military may have a problem with crypto and key distribution as secure communications require some form of encryption. And how that encryption typically works is a series of keys are provided to anybody on the network, and the traffic can only be encrypted or decrypted using those keys. And that requires a level of management in a military to ensure the keys change daily, for instance-- they may change hourly-- and that they're distributed to everybody who needs them. And then, everybody who is using those keys has the correct encryption and decryption equipment attached to their radios or embedded in their radios and software.
That indicates that the modernization that the Russian ministry of defence has been parading and promoting has potentially been less successful than they were actually making out. It indicates a potential vulnerability in the way that the Russians are actually conducting war. Some of the things that we've identified are the Russians using civilian radios that you can buy on-- I mean, you can buy them on eBay.
They're not that hard to find. They're not that expensive. These would use sections of the electromagnetic spectrum that are open access to everybody.
We've spent a large portion of our professional lives trying to understand what is happening within the Russian military, particularly in light of the reforms that were launch 10 years ago, the "new look" Russian military as it was termed. I think our analysis of the data herein has always been the Russians have kind of got their mojo if you like and after years of malaise had been upgrading their military, taking the steps they need to make this military and an army that is fit for the kind of wars it's going to be fighting in the 21st century. And when suddenly you see that that military is doing something as basic as transmitting clear traffic on HF, I think that brings into a wider question. It's a bit like, well, if they're not doing that correctly, well, what else is going wrong? And this, I think, provides other clues into perhaps the health of the Russian army, writ large, in this conflict so far.
Is Putin aware of what's happening on the ground? One suspects that his intelligence is probably pretty limited. He has a very tight circle of advisors, and he is an autocrat. He's a fairly scary guy. And so the extent to which people will want to bring him unwelcome messages that the war is not going that well may be limited because the commanding officers of the armed forces may feel that that reflects badly on him. And that could well be one of Russia's problems as they attempt to adapt to what's going on.
In military communications, there's an awful lot of traffic that needs to be carried. If you think of it in terms of your internet at home, your internet is carrying a lot of data, full-motion video. It can carry voice, things like that. And the military needs its radio communications to do all of those things but spread out over a wide area.
So typically, they would have-- for a certain size formation, they would have what we'd call a trunk network, which is designed to carry most of that information. Think of it as like the trunk of a tree, and then you kind of have the branches going off it into tactical communications and things like that. That's what we would expect to see because that provides the frontline soldier in his or her tank with the ability to reach back to their officers, and their officer's officers, and their officer's officer's officers all the way up to Moscow if needs be. Most of those communications would be encrypted, but instead what we're seeing is mounting evidence that these networks haven't been put in place. They haven't been built.
So users on Discord servers like Ukrainian Radio Watchers and ShadowBreak are identifying unusual signals, then they tell other users which frequencies to listen on, work out how the signals should be decoded. They record them. They translate them and timestamp the audio so that they can be published to a wider audience. There's another reason why so many Russian users are using Discord.
Some of the Russians also care to get the news. What is the opinion about the other people for them? What is happening about Russia in the other countries' news?
Discord isn't blocked in Russia unlike Instagram, Facebook, and the BBC website. To circumvent blocks like these, the BBC has resuscitated an old radio format that, up until recently, it had been rapidly shutting down around the world. Shortwave.
It's certainly the case that BBC's shortwave radio, which incidentally is where I started my career during the Cold War, was a big player back in those eras. But that was the pre-internet era. If they're restarting these services now, it could reflect a couple of things.
One could be a slight sort of Cold War instinct that this was something that was terribly important in the last great struggle with Moscow. But also, that actually the Russians are really tightening control of some of new media, that, for example, messaging apps, or YouTube, or Facebook, things that had a lot of impact in Russia may now be much more restricted. So you may have to go back to some of the old, tried, tested, and we might have thought rather historic means of communication-- may regain a new relevance.
This all links back to this Russian perception of Western information warfare, and the perception that the West is able to control the narrative and influence a population externally. So by the BBC extending its shortwave radio, it's possible that some Russian citizens perhaps will still be able to hear what's going on in the West. You know, everything old is new again.
Some of the oldest, most mysterious radio signals date back to World War I, and these kinds of signals are still transmitting now.
So number stations are one of the great mysteries of the radio portion of the electromagnetic spectrum. They've been around for a long time. They're very mysterious, almost spooky things to listen to.
What you typically get with a numbers station is you get a series of digits that are repeated in an automated voice, not unlike the kind of telephone automation you hear when you're calling a call centre or something like that. And it will be a series of seemingly random numbers, and nobody really knows what they're for. But there's several number stations all over the world transmitting out of all kinds of places.
And one theory is that they are a means of communicating covertly with people, perhaps spies for instance, deployed beyond the borders of a particular country. And the theory as to how it would work is that the series of numbers-- they're usually in sequences of five different numbers. Each refer to a particular thing.
There are, of course, Discord servers dedicated to following number stations. One number station in particular began acting strangely just as the war in Ukraine broke out. SO6s, known as the Russian Lady, usually transmits null messages during the last few days of every month. Usually, it sends out numbers according to a fixed format, short messages of less than 10 groups of five digits at a time. Suddenly, just before it went off air, it sent out a message longer than 192 unpaired groups, which is very unusual.
It has been silent ever since.
Well, number stations are, in many senses, is a hang up from the Cold War. But then again, arguably this entire conflict is a hang up from the Cold War, so it's not necessarily so easy to write them off as totally insignificant. But ultimately, there are various ways that intelligence agencies communicate with many of their deep cover operatives. Number stations historically were a method used by the KGB in the Cold War and, of course, by other powers. And on some level, they continue to presumably have utility probably as a backup means of communication.
Is this a hang up from the Cold War? Look, there are elements of it in the sense that I think Putin is attempting to reverse some of the losses that he felt that the Soviet Union, now Russia, experienced after the end of the cold war, in particular, territorial losses and losses of a sphere of influence. So I suppose you could see it as a kind of effort to reverse some of the losses that Moscow felt it experienced after 1989. And Putin, after all, has referred to the collapse of the Soviet Union as one of the greatest geopolitical catastrophes of the 20th century. And I feel he feels that he's trying to correct some of those wrongs.
There's a famous quote by Field Marshal Montgomery made during the second World War about air power-- "If we lose the war in the air, we lose the war, and lose it quickly." Does this now apply to air waves, radio signals as well?
I think that's still the case for the air power, but I think it's now also the case for the electromagnetic spectrum. I think we're dealing with a domain we cannot see. We cannot sense the electromagnetic spectrum as humans.
We have no means of being able to do that. But just because we can't sense it, it doesn't diminish its importance. Control of the electromagnetic spectrum may not lead to victory or defeat in its own right, but it will certainly be a significant contribution to whichever side prevails in this conflict.