Year in review: The biggest spy-related stories of 2019, part III

End of Year ReviewSince 2008, when we launched intelNews, it has been our end-of-year tradition to take a look back and highlight what we believe were the most important intelligence-related stories of the past 12 months. In anticipation of what 2020 may bring in this highly volatile field, we present you with our selection of the top spy stories of 2019. They are listed below in reverse order of significance. This is part three in a three-part series. Part one is available here. Part two is available here.

04. No shortage of high-profile assassinations and abductions in 2019. There was no shortage of assassinations, assassination attempts, suspicious deaths and abductions in 2019. In January, the Dutch government officially accused Iran of ordering the contract murders of two Iranian men on Dutch soil in 2015 and 2017. The accusation prompted Iran to expel two Dutch diplomats from Tehran, which in turn prompted Holland to recall its ambassador from the Iranian capital. In March, a medical examination suggested that Mikhail Yuriyevich Lesin, a former senior adviser to Russian President Vladimir Putin, who died allegedly by falling while intoxicated in a luxury hotel room in Washington, may in fact have been strangled to death. According to the medical examiner —whose name has been redacted in the declassified report— the state of Lesin’s hyoid bone showed signs of “hanging or manual strangulation” or asphyxiation. Also in March, Daniel Forestier, a former paramilitary officer in France’s Directorate-General for External Security (DGSE), who was under investigation for allegedly plotting to kill General Ferdinand Mbahou, a senior Congolese opposition figure, was shot dead in the French Alps. According to a police report, Forestier had been shot five times in the chest and head in what a public prosecutor described as “a professional job”. In August, German authorities accused Moscow of ordering the assassination in Berlin of Zelimkhan Khangoshvili, a 40-year-old Chechen separatist who was shot in the head in broad daylight by a man wearing a wig and carrying a pistol fitted with a silencer. In October, Yossi Cohen, the chief of the Mossad —Israel’s main external intelligence agency— said in an interview that he had authorized “more than a few” assassinations during his tenure and warned that more may be on the way. In October, Iranian authorities announced the capture of Ruhollah Zam, a Paris-based Iranian dissident, who was reportedly lured out of France and then abducted by Iranian agents in a third country. It was later reported that the Iranian government may have used a female intelligence officer to lure Zam from his home in France to Iraq, where he was abducted by Iranian security forces and secretly transported to Iran. In November, Ibragim Eldzharkiev, a senior counter-terrorism officer in the Russian police, was gunned down along with his brother in a downtown Moscow street, in what authorities described as a contract killing.

03. Saudi Arabia hired Twitter employees to spy on users. In November US authorities charged two Saudi-born employees of the social media firm Twitter with spying on American soil. They also charged a member of staff of Saudi Arabia’s royal family with handling the two employees. They were allegedly recruited in 2015, on orders from the Saudi government, to spy on the identities of anonymous Twitter users who posted negative views of Saudi Arabia’s ruling dynasty. The employees gave the Saudis private information that included the email addresses, IP addresses and dates of birth of up to 6,000 Twitter users, who had posted negative comments about the Saudi royal family on social media. One of the two Twitter employees reportedly managed to escape to the oil kingdom before he was captured by the FBI. Remarkably, only a day after the US Department of Justice charged the three Saudi citizens with engaging in espionage on American soil, Saudi officials hosted in Riyadh Gina Haspel, the director of the CIA, reportedly to discuss “the longstanding Saudi-US partnership”.

02. A wiretapping scandal of vast proportions was unearthed in Spain. At the beginning of 2019, a Spanish court widened an investigation into an illegal network that spied on scores of politicians, business executives, journalists and judges for over 20 years. At the center of the case is José Manuel Villarejo, a 67-year-old former police chief, who allegedly spied on hundreds of unsuspecting citizens on behalf of corporate competitors and individual wealthy clients. A year earlier, five active police officers and an employee of Spain’s tax revenue service admitted to working for Villarejo’s network. They disclosed information about Operation KITCHEN, an espionage effort that targeted Luis Bárcenas, a senator and party treasurer of Spain’s conservative Partido Popular, who was eventually jailed for 33 years for his role in the so-called Gürtel case. The Gürtel case was the largest corruption scandal in modern Spanish history, and brought down the conservative government of Prime Minister Mariano Rajoy in July of 2017. The BBVA, Spain’s largest bank, is also accused of having made illicit payments of nearly $11.1 million to Villarejo for over 13 years.

01. US weapons given to UAE and Saudi Arabia are diverted to al-Qaeda. Weapons supplied to the Saudi and Emirati governments by the United States and other Western nations are ending up in the hands of al-Qaeda-linked Sunni militias in Yemen, according to two separate investigations. The weapons are being supplied to Saudi Arabia and the United Arab Emirates (UAE) by the West on the understanding that they will be used in the war in Yemen, in support of the country’s Sunni-dominated government. Since 2015, the Yemeni state has been at war with an Iran-backed alliance of rebel groups from Yemen’s Shiite communities, known as the Houthi movement. In an effort to support Yemen’s Sunni government, Western countries have supplied Saudi Arabia and the UAE with more than $5 billion-worth of weaponry. However, a report published in February by Amnesty International alleged that some of that weaponry, including machine guns, mortars and even armored vehicles, are being deliberately diverted to Sunni militia groups in Yemen, which have al-Qaeda links. A separate investigation aired by CNN claimed that weaponry given by Washington to the Saudi and Emirati militaries has been ending up in the hands of Salafist militias in Yemen. Among them is the Sunni Abu al-Abbas Brigade, which is closely linked to al-Qaeda in the Arabian Peninsula (AQAP).

This is part three in a three-part series; Part one is available here. Part two is available here.

Author: J. Fitsanakis and I. Allen | Date: 2 January 2020 | Permalink

Year in review: The biggest spy-related stories of 2019, part II

Year in ReviewSince 2008, when we launched intelNews, it has been our end-of-year tradition to take a look back and highlight what we believe were the most important intelligence-related stories of the past 12 months. In anticipation of what 2020 may bring in this highly volatile field, we present you with our selection of the top spy stories of 2019. They are listed below in reverse order of significance. This is part two in a three-part series. Part one is available here. Part three is available here.

07. Western spy agencies hacked into Russia’s version of Google. Media reports tend to portray Western intelligence agencies as constantly defending themselves against cyber attacks from abroad —notably from North Korea, Iran and Russia. The reality of cyber espionage is far more complicated, as intelligence agencies from all sides adopt defensive and offensive postures, often concurrently. One example of this complexity emerged in last June, when the Reuters news agency reported that Western spy agencies used a malware described as the “crown jewel” of cyber-espionage tools to hack into Russia’s version of Google. The hackers targeted Yandex (Яндекс), the largest technology venture company in the Russian Federation and the fifth most popular search engine in the world. Yandex also provides services such as mapping and email in Russia and several other countries in Central Asia and the Middle East. The hackers appeared to be interested in acquiring technical information about how Yandex authenticates user accounts. That information could potentially enable them to impersonate Yandex users and access private information such as email messages, geolocation information, and other sensitive data. Reuters said that the hackers attempted to breach Yandex for purposes of espionage, not sabotage or disruption, or stealing intellectual property for commercial purposes.

06. The CIA may have lost 17 of its spies in Iran. If the announcements from Tehran are to be believed, the United States Central Intelligence Agency lost at least 17 spies in Iran in the months leading up to March 2019. According to Iran’s Ministry of Intelligence, the Islamic Republic busted an alleged “CIA network” operating in sensitive private sector companies and government agencies that relate to defense, aerospace and energy. At least some of the 17 alleged spies have reportedly been sentenced to death, though their exact number remains unknown. As we explained in July, losing 17 assets in one big sweep sounds fantastical. However, if it is true, it would mark one of the biggest intelligence-collection disasters in the CIA’s 72-year history. What may be equally worrying for the CIA is that the Iranians claim to have visually identified a number of CIA case officers, whose job is to recruit and handle foreign assets. If the Iranians are telling the truth, many units at the CIA will be in recovery mode for quite some time.

05. NATO allies use spy agencies to back opposing sides in Libyan War. The chaos that is the Libyan Civil War deepened this year, largely because foreign countries are backing opposing sides in the conflict. In April, several European Union member-states, led by Italy, criticized France for blocking a joint resolution calling on all warring factions in Libya to cease all hostilities and return to the negotiations table. France has joined the United States, Saudi Arabia, and the United Arab Emirates, in supporting the Libyan National Army (LNA), which is led by Field Marshal Khalifa Haftar. Haftar is an old adversary of the Libyan leader Muammar al-Gaddafi, who lived in the United States under Washington’s protection for several decades. In 2011 he returned to Libya in order to launch a military campaign from the eastern city of Tobruk. Since that time, he has led the LNA in a war of attrition against the United Nations-backed Government of National Accord (GNA), which is based in the Libyan capital Tripoli. The GNA is supported by Italy, and more recently Turkey, which has offered to send troops to help the GNA in its war against the LNA. It is wroth noting that, in 2017, two leading international legal scholars accused Haftar of having ordered his troops to commit war crimes. Ryan Goodman, a professor and former special counsel to the general counsel of the United States Department of Defense, and Alex Whiting, a Harvard University law professor who served as an international criminal prosecutor at the International Criminal Court, said that in September of 2015, Haftar openly urged his troops to “to take no prisoners” in battle.

This is part two in a three-part series; Part one is available here. Part three is available here.

Author: J. Fitsanakis and I. Allen | Date: 1 January 2020 | Permalink

Year in review: The biggest spy-related stories of 2019, part I

End of Year ReviewSince 2008, when we launched intelNews, it has been our end-of-year tradition to take a look back and highlight what we believe were the most important intelligence-related stories of the past 12 months. In anticipation of what 2020 may bring in this highly volatile field, we present you with our selection of the top spy stories of 2019. They are listed below in reverse order of significance. This is part one in a three-part series. Part two is here. Part three is available here.

10. Germany’s BND now boasts the world’s largest spy headquarters. In February, German Chancellor Angela Merkel inaugurated the Zentrale des Bundesnachrichtendienstes, which is the new headquarters of the German Federal Intelligence Service (BND). The BND, which operates as Germany’s foreign-intelligence service, is now believed to be the owner of the largest headquarters of any spy agency in the world. Interestingly, the German spy agency employs fewer than 7,000 employees, which is only a fraction of the employees employed by the BND’s American, Russian or Chinese equivalents. Some analysts have interpreted this development as part of Germany’s attempt to reassert itself as a major player in the global security landscape, especially following the election of US President Donald Trump, whom Berlin views as being disinterested in European security. During her inauguration speech, Chancellor Merkel said that the world was becoming “increasingly confusing”, which made the need for a “strong and efficient [German] foreign intelligence service […] more urgent than ever”. Interestingly, the new complex features a sizeable visitor’s center that is open to the public, making the BND the world’s first foreign intelligence agency with a public-access visitors’ facility.

09. Israel extends intelligence document classification period to 90 years. Israel, home of one of the world’s most active intelligence communities, augmented the secrecy of its espionage apparatus by raising the classification period of official intelligence documents to 90 years. Until the end of last January, government documents produced by Israel’s spy agencies, such as its external spy organization, the Mossad, or its domestic security agency, the Shin Bet, could remain hidden from public view for up to 70 years. In 2018, Israel’s Supreme Council of Archives, a body within the Israel State Archives that advises the Office of the Prime Minister on matters of classification, recommended against extending the classification period by more than five years. But in early 2019, Israeli Prime Minister Benjamin Netanyahu rejected the recommendation and managed to pass an amendment to the classification regulations, which will keep documents secret for 90 years from now on. The Israeli newspaper Ha’aretz, which published news of the amended regulation, said that documents from 1949, the year that the Shin Bet and the Mossad were founded, would normally have been published this year. But now they will remain hidden from public view until 2039. Documents relating to more recent cases will not be released until 2100.

08. The CIA kept a secret communication channel with North Korea for 10 years. The overtures made in recent years by US President Donald Trump to North Korea surprised many —but probably not the United States Central Intelligence Agency. In an article published in July, The Wall Street Journal claimed that an intelligence channel between the CIA and North Korean intelligence officials has been active for at least a decade. The previously unreported channel has led to a number of public meetings, such as the 2014 visit to Pyongyang by James Clapper, the then US Director of National Intelligence, as well as an earlier visit to the North Korean capital by former US President Bill Clinton in 2009. However, most of the contacts have been secret. They include several visits to North Korea by CIA official Joseph DeTrani before and after Clinton’s visit, as well as two trips to Pyongyang by CIA Deputy Director Michael Morell, in 2012 and 2013. His successor, Avril Haines, also visited North Korea, said The Journal, but noted that the channel went “dormant late in the Obama administration”. Upon becoming CIA director following the election of Trump to the presidency, Mike Pompeo was briefed about the secret channel’s existence and decided to resume it, with Trump’s agreement. That led to his eventual visit to North Korea along with Andrew Kim, who at the time headed the CIA’s Korea Mission Center. Eventually, this channel of communication facilitated the high-level summit between Trump and Supreme Leader Kim Jong-un in June 2018 in Singapore.

This is part one in a three-part series; Part two is here. Part three is available here.

Author: J. Fitsanakis and I. Allen | Date: 31 December 2019 | Permalink

Former CIA officer connected with abduction of Muslim cleric flees Europe

Sabrina De SousaA former officer in the United States Central Intelligence Agency, who was convicted of involvement in the 2003 abduction of a Muslim cleric in Italy, says she fled Europe for the United States in fear of her safety. Sabrina De Sousa, 63, was a diplomat at the US consulate in Milan, Italy, when a CIA team abducted Hassan Mustafa Osama Nasr from a Milan street in broad daylight. Nasr, who goes by the nickname Abu Omar, is a former member of Egyptian militant group al-Gama’a al-Islamiyya, and was believed by the CIA to have links to al-Qaeda. Soon after his abduction, Nasr was renditioned to Egypt, where he says he was brutally tortured and raped, and held illegally for years before being released without charge.

Upon Nasr’s release from prison, Italian authorities prosecuted the CIA team that abducted him —apparently without Italy’s permission or consent. They were able to trace the American operatives through a substantial trail of evidence they left behind, including telephone records and bill invoices in luxury hotels in Milan and elsewhere. In 2009, De Sousa was among 22 CIA officers convicted in absentia in an Italian court for their alleged involvement in Nasr’s abduction. The US government has refused to extradite the 22 officers to Italy to serve prison sentences. However, those convicted are now classified as international fugitives and risk arrest by Interpol and other law enforcement agencies, upon exiting US territory.

De Sousa was arrested in Lisbon, Portugal, in 2015. Portuguese authorities threatened to extradite her to Italy, but in 2017 the Italian government partially commuted her sentence to house arrest and reduced it from seven to four years. There were reports at the time that Italy had bowed to diplomatic pressure from Washington. On Monday, however, Italian newspaper Il Corriere della Sera said that De Sousa had fled Europe and returned to the US in fear for her personal safety. The former CIA officer told the paper that she decided to return to the US after senior American officials, including CIA Director Gina Haspel and Secretary of State Mike Pompeo, visited Italy earlier this month. Pompeo traveled to Rome for an official visit on October 1, while Haspel met with senior Italian intelligence officials on October 9.

De Sousa told Il Corriere della Sera that Haspel’s visit to Italy “verified for the Italian government that the American administration had washed its hands of my situation”. For this reason, and “terrified of the consequences that I could face” in Italy, “I decided to leave”, said De Sousa. She did not elaborate on the precise connection between her partially commuted sentence and Pompeo and Haspel’s visit to Italy. She added that recent changes to the US Whistleblower Act made it possible for her to openly discuss further details on her case, but did not elaborate. Her Italian lawyer, Andrea Saccucci, spoke to the Reuters news agency and confirmed that his client had left Europe for the US.

Author: Joseph Fitsanakis | Date: 30 October 2019 | Permalink

Colombian spy chief resigns over fake dossier that linked militants to Venezuela

Comando Conjunto de InteligenciaColombia’s military spy chief has resigned, after the Colombian president was found to have misused intelligence at a United Nations speech to blame Venezuela for allegedly aiding paramilitary groups. For many years, authorities in Bogotá have accused Venezuela of aiding armed groups such as the National Liberation Army (ELN) and the Revolutionary Armed Forces of Colombia (FARC). These groups have been engaged in a decades-long guerrilla war against the Colombian state. In 2017, the largest of these groups, the FARC, laid down its weapons and signed a peace treaty with the Colombian government. But the ELN has refused to follow suit, while a number of hardline FARC leaders recently announced that they would be resuming their armed struggle against the Colombian authorities.

In recent months, the rise of Venezuela’s Western-supported opposition leader Juan Guaidó has further-fueled tensions between Colombia and Venezuela. Bogotá has come out in support of Guaidó, while many anti-government Venezuelans, some of them armed, have sought refuge in Colombia. Colombia rejects Venezuela’s claims that it is giving shelter to terrorists and argues instead that it is providing humanitarian aid to Venezuelan refugees. In turn, it accuses Caracas of sheltering ELN and FARC guerrillas, a claim that the Venezuelan government strongly denies.

Last week, during the United Nations General Assembly in New York, Colombian President Iván Duque unveiled a dossier of evidence that purportedly proved beyond doubt Venezuela’s collusion with Colombian paramilitaries. Duque told the United Nations gathering that the collusion was supervised by no other than the President of Venezuela, Nicolás Maduro. But within hours of Duque’s speech, reporters who scrutinized the dossier found that much of the photographic evidence in it had been downloaded from the Internet. Moreover, the photographs were not taken in Venezuela, as Duque claimed in his speech, but in Colombia.

The revelations have dominated the news headlines in Colombia and Venezuela in the past week, with the Colombian government engaging in damage control. On Monday, General Oswaldo Peña, Colombia’s military intelligence chief, resigned over the fake dossier. General Peña directed the Comando Conjunto de Inteligencia (Joint Intelligene Command) of the Colombian Armed Forces, which was seen as the primary spy agency behind the information contained in the dossier. In his resignation letter, General Peña wrote that “as a general of the [Colombian] Republic” he was fully aware that he needed to take responsibility for his activities and the activities of his subordinates. President Duque has not commented on the general’s resignation.

Author: Joseph Fitsanakis | Date: 03 October 2019 | Permalink

Facebook says it disabled disinformation campaign linked to Saudi government

Facebook ArabicFacebook has disabled a large network of fake accounts that it says were involved in an extensive disinformation operation tied to the government of Saudi Arabia. The social media company said on Thursday that the operation concentrated on spreading state-approved propaganda that extolled the Saudi royal family and its policies in the Middle East. The operation employed over 350 fake accounts, which collectively had nearly 1.5 million followers. It is believed that the Saudi propaganda scheme was also active on Instagram, the popular image- and video-sharing service, which is owned by Facebook.

According to Facebook’s Office of Cybersecurity Policy, the Saudi disinformation operation used an interconnected network of fake accounts that were made to look like they represented local news outlets in a number of Middle Eastern countries. The accounts circulated carefully written news reports that presented Saudi officials and the Kingdom in a positive light. Major themes in posts included the philanthropic work of Saudi Arabia’s Crown Prince, Mohammed bin Salman, and the economic and social policies he has instituted since his ascent to power. Other posts expressed support for Saudi’s involvement in Yemen, where the Saudi government is leading an anti-Shiite military campaign. Several posts criticized Qatar, which Saudi Arabia accuses of sponsoring terrorism, and Iran, which is Riyadh’s most formidable regional rival. For several months last year, the fake news network circulated posts that expressed strong skepticism about claims that the Saudi government ordered the murder of one of its leading critics, Jamal Khashoggi, in Istanbul, Turkey.

Although Facebook, regularly deletes fake accounts for what it calls “inauthentic behavior”, it almost never issues statements tying groups of accounts to specific governments. However, according to Nathaniel Gleicher, the head of Facebook’s Cybersecurity Policy Office, “investigators were able to confirm that the individuals behind this are associated with the government of Saudi Arabia”. Gleicher added that the disinformation campaign spent over $100,000 promoting its posts online. Most were in the Arabic language and targeted countries in the Middle East and North Africa, he said. The social media giant’s announcement came 48 hours after a report in The Washington Post quoted several cyber security experts who said many government’s other than Russia’s use social media to spread disinformation, including those of Israel, China and Saudi Arabia.

Author: Joseph Fitsanakis | Date: 02 August 2019 | Permalink

Analysis: Sri Lanka attacks may indicate ISIS is moving east, say experts

Sri Lanka ISISThe April 21 suicide attacks in Sri Lanka, which were claimed by the Islamic State, may indicate that the militant group is moving east in search of fertile recruiting ground, according to some observers. In the words of The New York Times’ Rukmini Callimachi and Eric Schmitt, the attacks “reminded the world in dramatic fashion that [the Islamic State] does not need to control territory to be a major threat”. In fact, as the loss of its Middle Eastern territory has forced the Islamic State to decentralize, the group has begun to turn to its peripheral affiliates further afield. These “will become more dangerous” as the core of the Islamic State weakens, according to Callimachi and Schmitt.

But the Sri Lanka attacks may also demonstrate that the Islamic State is moving further east in search of either territory to conquer or new groups of committed fighters to incorporate into its ranks. It follows that Sri Lanka is one of several East Asian countries that face major threats by the group, as the latter tries “to ignite creating fear in societies already battling so much division”, says Ash Gallagher, an American war correspondent based in East Asia. Writing for the British newspaper The Independent, Gallagher notes that not only is the Islamic State already established in Afghanistan (where it has “swallowed whole units of Taliban fighters”, according to The Times), but it is becoming increasingly powerful in the Philippines. Experts have been warning for a while that the number of foreign Islamic State fighters entering the Philippines has been growing, and the momentum they generate among local Islamist groups may prompt them to declare a new caliphate in the near future. In fact, a caliphate was declared there in May 2017 by local Islamist leaders who had previously declared their allegiance to the Islamic State. By October, government forces had defeated the so-called “East Asia Wilayah”, a self-declared overseas province of the Islamic State, by retaking Marawi, the capital city of Mindanao’s Lanao del Sur province, from Islamic State rebels. The military operation became known as “the battle of Marawi” and is thought to have been the longest urban battle in the postwar history of the Philippines. More than 1,200 people died in the five-month battle, most of them civilians. Hundreds of thousands remain displaced to this day as a result of the fighting. Read more of this post