Category Archives: Intelligence

SPOTREP: Operation “Spiderweb”. A paradigm shift in modern warfare – by Emilio Palmieri

Intelligence, Security, Surveillance, Technology,

WHAT WE KNOW (SALT report)

Size. 117 first-person view (FPV) armed Unmanned Arial Vehicles (UAVs).    

Activity. Complex and coordinated remotely controlled precision strikes against strategic and nuclear bombers aircrafts hosted in five major Russian air bases.  

Location. Russian Federation, cities of Belaya, Dyagilevo, Ivanovo Severny, Olenya, and Ukrainka (more than 4000 km of territorial reach).

Time. June 1st, 2025.

Battle Damage Assessment (BDA). In the OSINT-sphere it has been reported that 41 aircrafts (the real number is still disputed though) were destroyed or disabled. Type of aircrafts targeted:

  • Tu-9: Soviet-era long-range strategic bomber equipped with turboprop engines capable of a max load up to 16 missiles, used by Russia to launch far-reaching h-55, Kh-555, and the newer Kh-101/102 cruise missiles;
  • Tu-22M3: supersonic long-range bomber of conventional and nuclear strike forces, capable of carrying Kh-22 cruise missiles;
  • A-50: AWACS-type aircraft used as C-4 (Command, Control, Communication, Computer) platform to detect air defense systems, coordinate missile strikes, and guide fighter aircraft. The loss severely limits Russia’s situational awareness and air command capabilities;
  • Tu-160: supersonic strategic bomber, capable of carrying both nuclear and conventional cruise missiles, including the Kh-101 and Kh-102, is a key component of Russia’s long-range strike and nuclear deterrent force.

The amount of estimated material damage is up to $7 billion in direct losses.

WHAT WE DO NOT KNOW

Strategic level unknowns. In order to get a clear intelligence picture, at this time the following unknowns should be filled with the aim of understanding the operational posture of the Russian Federation as a consequence of the complex attack.

The first-level, time-essential information requirement to be fetched would be to gather, process and assess – with the aim of planning against – the kinetic intentions of Russia against Ukraine in the long-run[1].

A second-order information requirement may be the same type of reaction against a (Russian-deemed) enabler nation/s somehow involved in the Operation – like the US or others – that supposedly took part in the development and/or implementation of the decisive action. The goal would be to gauge Russian willingness of planning and executing a long-term retaliatory campaign, possibly thru proxies (in order to assure deniability) or by using active measures (assassinations, information/influence operations, sabotage, cyber ops), even linking up with other State-related adversaries (like China or Iran) by involving them in wreaking havoc in a persistent fashion.

A broader third-level information requirement – the “what if scenariomakes reference to the employment of multiple packs of armed drones on the part of China and Iran, both directly or thru proxy forces, against US and allied objectives. A possible indicator of the scenario might be referring to the swarms of drones that persistently loitered over identified portion of the US, specifically in close vicinity of military installations. The most concerning incident developed in December 2023 at Langley Air Force Base in Virginia, whereas during the course of 17 nights, clusters of drones, likely off-the-shelf products, were observed flying over the base, which is home to some of America’s most advanced fighter jets, including the F-22 Raptor.

WHAT WE THINK

The Operation carries the features of a bot-based, stand-off positioned, direct-action type of special operation. However, this time around, the Ukrainian kinetic activity marks a paradigm shift in the conduct of modern warfare. The hybridity[2] of different tools combined and synchronized together that were employed to pull off the Operation can be deemed as the epitome of the evolving operational setting. Using a neologism, an assortment of ingredients were mixed up in order to serve the “soupfare of the day”, a kinetic broth targeting one of the most precious air assets in the hands of the Russian Federation. The necessity to disable, dismantle or destroy enemy air capabilities with the aim of degrading the “vertical dominance” in a conventional military confrontation is as old as the introduction of aircrafts in the battlefields: examples of such approaches can be gleaned in the Falklands or in the Gulf Wars. But here the difference is twofold: on the one hand, the “boom” executed by the Ukrainians is of unmanned origin. As for previous historical examples, Commandos of different sorts were infiltrated into the enemy terrain to conduct direct interdicting actions (with risks of mission failures and physical exposition of the force). On the other hand, for the Operation “Spiderweb”, as the name evocatively hints and due to the magnitude of the efforts, the planning process must have been time-consuming and must have involved a network of known and unknown (the latter greatly outnumbering the former) actors. For the previous kinetic actions, because of the limited extent of the engagement, a small but identifiable number of individuals, like commanders, operators, intelligence officers, were part of the planning and execution phases of the dismantling operations.

It is safe to assume that all of the phases of the operational process – planning, preparation, execution – were acted upon. Planning, with development of the enemy situation in order to analyze the center of gravity and then identify the critical vulnerabilities of the target. Preparation, with the lengthy process of getting the UAVs, concealed in delivery boxes boarded on contracted trucks, to the target area. Execution, with the launch of dispersed complex attacks aimed at producing massive damage with the effect of seeding strategic dilemmas.

The subsequent are first impression factors relating to the incident that might be highlighting the trajectory featuring a new phase of the constantly changing character of war:

Secrecy. Operation “Spiderweb” has underlying the sacredness of secrecy when developing and implementing a complex attack of this scale. The principal, which is a baseline assumption in operational planning and conduct, is more and more amplified in light of the strategic effects and magnitude of the kinetic decisive action. It is a ballet of information penetration activities by the Ukrainians against the Russians, and counter-penetration measures: a protractive blend of offensive and defensive counterintelligence undertakings. In the planning and preparation phase of the operation, the gathering[3] and processing[4] of intelligence information pertaining to the pattern of life of the targeted enemy system – basically the daily routine – must have been patiently developed in order to identify those critical vulnerabilities that were subsequently exploited, like the logistical scheme of maneuver of the trucks carrying the box, or attacked[5]. In the implementation phase, basically using the mythological Trojan Horse ruse, the Ukrainians were able to shape the operational environment in their favor and bring to successful completion the attack. 

Operation Security (OPSEC). Ancillary to the principle of secrecy, OPSEC is meant to be protecting “classified information such as physical security, information security, and personnel security in order to promote operational effectiveness by denying adversaries indicators of sensitive or classified activities, capabilities, or intentions”. Similar to the Operation “Pager” carried out in September 2024 by the Israelis against members of the Lebanese Hizbollah[6] by weaponizing beeper devices, the Operation in argument is another embodiment of the practice of successful OPSEC, even in a target-countries like Russia that is gotten used to practicing strict control not only over citizens and activities, but also abroad – especially in Ukraine – thru the use of a reseau of informants.    

Swarming tactics. The tactical employment of UAVs in swarm formations is not a new approach in the military strategic thinking. Back in 2000, authors John Arquilla and David Ronfeldt wrote “Swarming and the Future of Conflict”, wherein it was envisioned the “deployment of small, dispersed, networked maneuver units”. Even though the application of the concept was mainly focused on swarming of directed fires seeking devastating effects against the enemy in a conventional military confrontation, the authors slightly touched upon the usage of UAVs on the battlefield, at the time at the early stages of their operational employment. Anyhow, the concept still holds true: dispersed, networked, and interconnected clusters of drones that perform swarming attacks can achieve greater effects on enemy targets.

Strategic and psychological significance. If the reported DBA, both in terms of number and quality of targeted air assets, is confirmed, the outcome of the Operation has direct strategic effects in that it has severely crippled the kinetic air superiority of the Russian Federation. The decisive action is a typical example Effect-Based Operations (EBOs): the doctrinal evolution of the concept identifies EBOs as “operations conceived and planned in a systems (enemy) framework that considers the full range of direct, indirect, and cascading effects, which may—with different degrees of probability—be achieved by the application of military, diplomatic, psychological, and economic instruments”. As easily identifiable, Operation “Spiderweb” brings together all of the factors highlighted in the definition: the enemy system is the object of the complex attack; first, second and cascading effects on critically vulnerable components of the targeted enemy system are the desired impacts; different instruments of national power have been applied to achieve both the objective and the intended effects. Additionally and in the long-run, EBOs associated to the Operation could be generating second and third order effects also in the Russian cognitive and psychological domains: the results of the kinetic, dispersed engagements could be affecting the organizational and operational models of the Russian Armed Forces by means of raising dilemmas, distrust and disruption.

Relative Superiority. The Operation – which possesses the hallmarks to characterize it as a special operation[7] – has also demonstrated the application of the principles[8] – instrumental to get victory – in achieving relative superiority over the enemy, which is the “condition that exists when a smaller force gains a decisive advantage over a larger or well defended enemy”. The concept was firstly identified and disserted by Admiral (R) William McRaven, former SOCOM[9] Commander, in a thesis[10] that became a book in 1996 under the title “Spec Ops: Case Studies in Special Operations Warfare: Theory and Practice”. The value of the concept of relative superiority lies in its ability to illustrate which positive forces influence the success of a mission and to show how the frictions of war affect the achievement of the goal. Once relative superiority is achieved, the attacking force is no longer at a disadvantage and has the initiative to exploit the enemy’s weaknesses and secure victory. Operation “Spiderweb” has proved how the Ukrainians applied the 6 principles over the course of the operation process in that they: developed a plan that, even if not linear, possessed a general simplicity in its essential design; as mentioned before, prepared the conduct of the plan by employing the utmost security (OPSEC) and repetition thru rehearsals; executed the deceive action thru the application of speed, surprise and purpose.

Implications. By exploiting initial lessons identified from the analysis of Operation “Spiderweb”, implications for Western Armies need to be fleshed out: they mostly refer to the relevancy of designing and developing a Counter-UAV (C-UAV) concept of operation (CONOPS) – which entails detecting, identifying, and neutralizing or disabling unauthorized or malicious UAV – along with a shift of the role of Electronic Warfare[11] (EW) as a supporting and ancillary effort to the C-UAV.

Strategic penetration. Another factor worth being highlighted is the strategic penetration that was achieve in executing the Operation. The wide territorial extent and the deep penetration of the UAVs assets once they reached the target areas mounted on the trucks and were liberated from the boxes in hot-spots that were deemed safe by Russia in light of the distance from their western flank, emphasize another aspect: the combination of AI into the flight systems which allowed UAVs to navigate by following the terrain, avoiding obstacles, and executing precision strikes with extreme accuracy but minimal human manning. AI-based target recognition, integrated with GPS navigation, adaptive flight correction systems and real-time image processing, enabled these UAVs to operate effectively even in heavily affected EW environments, like the ones in and around the Russian military bases. FPV drones were remotely controlled through Russian mobile telecommunications networks, including 4G and LTE connections: these networks provided sufficient bandwidth to support real-time video transmission and command inputs across vast distances, letting the Ukrainian drones evade the enemy defenses, both physical and electromagnetic, and execute the mission.

[1] Very recent news confirmed that Russia already reacted in a near-term fashion by launching a barrage of drones and ballistic missiles across Ukraine, specifically targeting the Capital

[2] By mixing a clandestine logistics chain, AI and GPS-guided technologies, swarming and disperse employment of UAV assets and mobile strike capability, Operation “Spiderweb” will be recognized as a change in traditional military doctrines based off linear, centralized, rigid and vertical command&control (C2) platforms.

[3] Thru Close-target Reconnaissance and other collection disciplines, first of all human intelligence (HUMINT) activities.

[4] By fusing in an organized manner the already gleaned data and information so that actionable intelligence can be disseminated.

[5] Phases entailed the smuggling of drones and launch equipment across the border. The payloads were hidden inside civilian-looking vehicles such as cargo trucks and mobile wooden homes that were strategically stationed near the bases and remotely open to let the UAVs fly outside and hit the selected targets.

[6] We delved into the Operation with the SPOTREP: The sabotage campaign in Lebanon. The weaponization of dual-use tools dated September 19th, 2024.

[7] A special operation is conducted by forces specially trained, equipped, and supported for a specific target whose destruction, elimination, or rescue (in the case of hostages), is a political or military imperative

[8] Simplicity, security, repetition, surprise, speed and purpose.

[9] Special Operation Command is a unified combatant command within the US military responsible for coordinating and overseeing special operations forces.

[10] Dated 1993 when the Officer attended the Naval Postgraduate School (NPS) in Monterey.

[11] EW is a military action that utilizes electromagnetic energy to control the electromagnetic spectrum, attack an enemy, or impede their operations. It involves exploiting, disrupting, or interfering with electromagnetic signals like radio waves, radar, and infrared to gain information or neutralize enemy capabilities.

07Mag/24

Russian sabotage campaigns: the new European front of the War – by G. Porrino & A. Bolpagni

Intelligence, , , ,

Since February 2024, at least ten operations between arson attacks and train sabotage have been planned, several of which have been intercepted by the intelligence services of the countries targeted. Where operations were successful, pictures and related videos were disseminated on PMC Wagner’s main Telegram channels. Such acts of sabotage do not constitute an isolated case, but rather part of a broader operation.

Continue reading
29Set/23

Time to be realistic about Swarmcast2.0 – by Ali Fisher

Intelligence, Security, Terrorism, , , ,

For all the meetings, presentations and reports from embedded academics and industry groups, purporting to show success against Salafi-Jihadi groups, the movement is still comfortably able to disseminate content through Swarmcast2.0.

The Western metanarrative has long been accepted by the orthodoxy of Terrorism Studies. However, while claims of success resonate at events hosted by industry funded bodies, the challenge encapsulated by Swarmcast2.0 remains. Salafi-Jihadi groups and the media mujahidin maintain persistent networks which function across multiple platforms simultaneously.

Continue reading
26Giu/23

PMC Wagner and Allied Mercenaries, Aftermath of the March by – Federico Borgonovo & Giulia Porrino

Communication, Intelligence, Security, Terrorism, , , ,

During the Russian-Ukrainian conflict, PMC Wagner exploited online and offline support of some military groups, including:

  • Española, a parallel battalion of Russian ultras led by Alexander Shum and with a special training centre near San Petersburg.
  • Rusich, a reconnaissance, sabotage and assault group, directly attached to the PMC Wagner.
  • Serb members, active since the deployment in Syria. Those are linked with several ultras’ communities.
  • Níðhöggr (Nidhogg), a little unit near to the Scandinavian right-wing militia funded by an actual Wagner member.  

All these units were orbiting around the PMC Wagner as embedded support groups. Starting from their online propaganda we theorized a pro-Wagner alliance system (figure 1).

Continue reading
15Mar/23

Correlation Is Not Causation: Wagner e migranti come attori della guerra cognitiva – by Giulia Porrino

Communication, Intelligence, Migration, Terrorism, ,

Nella giornata di lunedì il Ministro della Difesa Guido Crosetto e il Ministro degli Affari Esteri Antonio Tajani hanno denunciato la presenza della PMC Wagner dietro l’aumento degli sbarchi sulle coste italiane, triplicati rispetto allo stesso periodo nel 2022. Secondo i Ministri si tratta di una strategia di guerra cognitiva che i mercenari russi stanno attuando per destabilizzare l’Europa. Non si è fatta attendere la risposta di Prigozhin (su Telegram), che ha negato di essere al corrente di quanto sta accadendo.

Continue reading
07Feb/23

Towards a more progressive approach to studying the Salafi-Jihadi movement – by Ali Fisher

Intelligence, Sociology, Technology, Terrorism, , , ,

The ongoing struggle against the Salafi-Jihadi movement will require reflection on multiple levels to achieve a genuinely progressive and evidence-based approach. This reflection will focus on developing an authentic understanding of:

  • Their core purpose – their theology expressed in hundreds of thousands of pages of text, along with days of audio and video content.
  • The strategic communication approaches which underpin their da’wa; the missionary work often referred to by Western research as recruitment or radicalization. Such understanding will include how Salafi-Jihadi groups exploit the internet for strategic communication.
Continue reading
26Dic/22

Medical Intelligence – Prima Conferenza Internazionale

Intelligence, , ,

Medical Intelligence: First International Conference – Milano 26 gennaio 2023 – Università Cattolica del Sacro Cuore, Università Vita-Salute San Raffaele, Università Campus Bio-Medico, Società Italiana di Intelligence, Società Italiana di Medicina Legale e delle Assicurazioni, NATO Rapid Deployable Corps – Italy.

Iscrizioni: MedInt@itstime.it Continue reading