Beyond Ukraine

by: Joe Gleason, AHT Director of International Risk Management

Russia’s brutal invasion of Ukraine has created hardship and human suffering impacting millions of people. As they have done in so many conflicts, international aid and development workers are at the forefront of trying to alleviate some of that suffering, providing emergency humanitarian support to refugees fleeing the conflict, medical care to those directly impacted by the violence and a host of other support. And of course, aid and development workers are among those directly impacted by the conflict –becoming refugees themselves and, tragically, falling victim to the violence. And reports are emerging from cities under Russian occupation of NGO leaders and other civil society activists being detained – yet another level of risk.

Working in conflict zones – and the risks that come with that work – is hardly new for NGOs. But the risks associated with the war in Ukraine reverberate far beyond the immediate region including:

• Russian pushback. With crippling sanctions that have tanked their economy, increasing global isolation and fiercer than expected Ukrainian resistance, Russia is likely to take action against countries and organizations aiding the Ukrainians. Particularly vulnerable will be those operating in countries nominally aligned with Russia which include former Soviet states like Azerbaijan or Kazakhstan or countries like Mali that recently invited Russian mercenaries to replace western military forces. Potential risks may be increased harassment of NGOs and their staff – inspections or investigations, cyber intrusions, questioning of personnel, challenges to legal presence, detention of staff, etc.

In Russia itself – where few international aid and development organizations operate due to already onerous NGOs laws – official have threatened to nationalize the assets of Western companies that exit Russia. And the threat of politically motivated detention is real as evidenced by the arrest of a US basketball player Brittney Griner (and the continued detention of Paul Whelan and Trevor Reed).

• Cyber risks. Russia has long used information and cyber operations as a part of wider efforts to pressure adversaries and there are now reports that a number of NGOs providing support to Ukrainians have been targeted by malware attacks. Those types of attacks are likely to increase as the conflict continues.
• Food shortages. Russia and Ukraine are major suppliers of wheat and other basic foodstuffs for many parts of the developing world. Without access to a steady supply of these foodstuffs, supplies will dwindle and prices skyrocket, with a likely increase civil unrest in parts of the world already challenged by drought and instability. It’s worth remembering that one of the drivers of the demonstrations that became the Arab Spring was rising food prices.

What can organizations do to manage these risks?

• Update risk assessments to reflect the current, heightened environment – including security, operational and cyber risks – and adjust plans accordingly. While many of these risks are already present in some form, the likelihood of occurrence and the potential severity may change which should, in turn, necessitate changes in risk management measures. Some risks – such as those associated with increased food insecurity – may impact security and contingency planning but also programmatic activity.
• Review operating posture in Russian aligned countries. Working in these countries has rarely been easy for NGOs, from challenges registering and obtaining work permits to dealing with intrusive government security services. And those challenges are likely to increase as Russia seeks to increase pressure on organizations or countries supporting Ukraine. Prepare teams for an increase in pressure and harassment including interference in banking, challenges to legal presence, office inspections or closures as well as questioning and detention of staff. Back up information offsite, update emergency reporting and response plans and ensure key external resources are identified and teams know how to access them.
• Refresh cyber risk management systems and incident response measures. Given the nature of the risk, it’s important to review and update cyber security systems across the board – from how issues (intrusions, data loss, etc.) would be identified and reported, incident management plans, and key external resources that would be available to support incident response. Raise awareness of the increased risks and refresh basic cyber risk hygiene across the organization to reduce likelihood of spear phishing and other user-activated threats.
• Refresh understanding of key resources and how they can support. Local and global resources provide critical support in mitigating risks and responding to incidents. Ensure key personnel understand the role of these resources along with how and when to engage them. Examples of these resources include local, in country legal resources and the crisis consultants embedded in special risks insurance policies, both of which may be essential responding to the detention of team members as well as the incident response resource within the cyber insurance policy.

While many of these risks are more acute for NGOs and international aid and development organizations, they apply to a wide range of entities especially those ceasing or suspending work in Russia. And saying that all of these risks are dynamic is an understatement: as the conflict grinds on Russia may seek to take action to distract from battlefield losses, increased military or humanitarian support for Ukraine or stiffening sanctions. And they may push allies to demonstrate support through action as well, increasing risks to those operating in Russian aligned countries. These risks are likely to be with us for the foreseeable future so important to consider where the fit in an organization’s risk management.