As Petro Poroshenko and terrorist leaders announced the ceasefire on midnight local time, it held for mere minutes (aside from a provocation shelling by cossacks apparently uncontrolled by Luhansk), when a series of events happened, perhaps best told through Kremlin’s media.
Эдуард Басурин: После начала перемирия ВСУ открыли миномётный огонь по ополченцамhttp://t.co/4yqSomYlYE
— RT на русском (@RT_russian) February 14, 2015
[DNR Ministry of Defense speaker] Eduard Basurin: After the ceasefire started, Ukrainian troops opened mortar fire on the rebels
Александр Захарченко собрал экстренное совещание по факту нарушения ВСУ «режима тишины»http://t.co/lgfgKv3oRC
— RT на русском (@RT_russian) February 14, 2015
[DNR Prime Minister] Alexander Zakharchenko calls emergency meeting on Ukraine’s “silence regime” violation.
However, no proof emerged of these allegations, until, minutes later…
Лидер «Правого сектора» Дмитрий Ярош заявил о продолжении наступления под Дебальцево http://t.co/6lMllmEwpd — RT на русском (@RT_russian) 14 февраля 2015
“Right sector leader Dmitry Yarosh claims to continue assault at Debaltseve”
The article, putting the blame on Russian media’s favorite “fascist” boogeyman, cited the website of Ukraine’s National Guard, another Ukrainian force villified by the Kremlin. However, Yarosh’s “Volunteer Ukrainian Corps” does not belong to the National Guard (unlike many other originally volunteer units), its status still quite vague – according to Ukrainian-language wiki, it hasn’t been legalized yet. Yarosh’s facebook page contains no claims of ceasefire violation. More importantly, the news at the National Guard’s website appeared to be dated February 14, the day before the ceasefire came into effect, a fact quickly spotted in Ukrainian social media.
Новость про Яроша на сайте Нацгвардии ОТ ЧЕТЫРНАДЦАТОГО ФЕВРАЛЯ. КремлеСМИ же подают это как от 15-го. Вбросы. pic.twitter.com/4qrpD3DV2z
— ЄВРОМАЙДАН (@euromaidan) 15 февраля 2015
“The Yarosh news at the National Guard website is dated FEBRUARY FOURTEENTH. Kremlin media presenting it as news from Feb 15. Provocation.”
As this was noted, something even more strange happened: the date at the National Guard website quickly shifted to Feb 15:
Смотрим два скрина рашисты увидели свою ошибку с числами и поменяли их, но скрины та остались! Сайт НГ – взломан! pic.twitter.com/ZkrG8Hy5Ok
— Fucking Yalta (@FuckingYalta) 15 февраля 2015
“See the two screenshots: the Russians saw their date mistake and changed it, but we still have the screenshots!”
As of writing this article, the cached version of the page still showed the date as Feb 14. An even earlier version of the page shows news of National Guard tank units joining the battle, later replaced by the suspicious Yarosh article. Perhaps another damning piece of evidence is the poor Ukrainian grammar in the article, typical of Russian trolls posing as Ukrainians via Google Translate.
@ReggaeMortis1 точно взломали( так гугл-переводчик переводит! pic.twitter.com/1adNqMYBGr — Все Буде Ok (@vse_bude_ok) 15 февраля 2015
“Definitely hacked! It’s the same as Google Translate translates it!”
Finally, some strange behaviour could be observed from a volunteer terrorist spotting account “Stopterrorua” which stopped its usual activities to post the “Yarosh news” more than once without any comments.
The hack, despite quickly being picked apart by vigilant Ukrainian twitter users (and, as of writing this article, already deleted), will definitely be used to accuse Ukraine of violating ceasefire, both domestically and internationally. This also indicates that in a hybrid war, threats comes on all levels, and the Ukrainian government seriously needs to reconsider its cybersecurity and information policy to counter these types of assaults in the future.