German think-tank researcher arrested on suspicion of spying for Chinese intelligence

July 7, 2021 by Leave a comment

Shanghai

A GERMAN POLITICAL SCIENTIST, who worked for years as a senior member of a prominent Munich-based think-tank, has been arrested by German authorities on suspicion of spying for Chinese intelligence. In line with German privacy laws, the man has been named only as “Klaus L.”. He is believed to be 75 years old and to live in Munich.

According to reports, the suspect worked since the 1980s for the Hanns Seidel Stiftung, a political research foundation named after a former chairman of the conservative Christian Social Union (CSU) of Bavaria. The Munich-headquartered foundation is the informal think-tank of the CSU, which is the Bavarian arm of German Chancellor Angela Merkel’s Christian Democratic Union.

As part of his job, Klaus L. traveled frequently to countries in Africa, Asia and Europe, as well as former Soviet states. It is also believed that, for over 50 years, he had worked as a paid informant for the German Federal Intelligence Service (BND) —Germany’s foreign intelligence agency, which is equivalent to the United States Central Intelligence Agency. According to a government press statement, Klaus L. would provide the BND with information relating to his foreign travels, conference attendance and other “certain issues” of interest to the spy agency. In return, the BND allegedly funded some of his travel and conference expenses, and provided him with a regular stipend.

But in the summer of 2010, Klaus L. was allegedly approached by Chinese intelligence during a trip to the city of Shanghai. According to German counterintelligence, he was persuaded by the Chinese to cooperate with Chinese intelligence operatives, and did so until the end of 2019. In November of that year, German police searched his home in Munich, as part of an investigation into his activities. In May of this year, Klaus L. was charged with espionage and on July 5 he was formally arrested.

Interestingly, Klaus L. does not deny that he provided sensitive information to China. He argues, however, that he informed his BND handler about his contacts with the Chinese, and that these were known to German intelligence. He therefore claims that his Chinese contacts were part of a German counterintelligence operation targeting the Chinese government. His trial is scheduled for this fall.

Author: Joseph Fitsanakis | Date: 07 July 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

News you may have missed #912: Analysis edition

July 5, 2021 by 1 Comment

Trojan Shield

SolarWinds: How Russian spies hacked US government departments. Last year, in perhaps the most audacious cyber attack in history, Russian military hackers sabotaged a tiny piece of computer code buried in a popular piece of software called SolarWinds. After it was installed, Russian agents went rummaging through the digital files of the US departments of Justice, State, Treasury, Energy, and Commerce —among others— and for nine months, they had unfettered access to top-level communications, court documents, even nuclear secrets. On July 4, the CBS television show 60 Minutes aired a special segment on this topic.

Why did the FBI’s encrypted phone sting not target US suspects? In 2018, a San Diego-led federal sting secretly launched an encrypted communications company as part of Operation TROJAN SHIELD (pictured). Over the next few years, FBI agents, working with law enforcement partners in Australia, New Zealand and Europe, seeded thousands of spyware-infected phones into the hands of criminals and used them to build cases against 300 organized crime groups around the world, from Australian biker gangs to Italian mafia cells. But one country was off limits for investigating agents: the United States. The San Diego Union-Tribune’s Kristina Davis explains why.

Opinion: Clearance holders need to protect America by studying espionage. John William Davis, retired counterintelligence officer who instructed the threat portion of the US Department of the Army’s Operations Security Course, argues that “many, many techniques for recruiting spies continue much as they did over preceding years. We can learn from the past and apply what we learn to the future.”

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Main suspect in potentially momentous hacker-for-hire case seeks plea deal in NY

July 2, 2021 by Leave a comment

Computer hacking

IN A DRAMATIC CASE, described by observers as “unusual”, a suspect in a hacker-for-hire scheme of potentially global proportions has told United States government prosecutors he is ready to discuss a plea deal. The case centers on Aviram Azari, a highly sought-after private detective who served in an Israeli police surveillance unit in the 1990s before launching a private career in investigations.

Azari was arrested in Florida in 2019 during a family vacation, and was shortly afterwards indicted in New York on charges of aggravated identity theft, conspiracy to commit computer hacking, and wire fraud. These charges reportedly date back to 2017 and 2018. Azari’s alleged objective was to target carefully selected individuals in order to steal their personal information, including email usernames and passwords. Last year, The New York Times reported that the case against Azari is connected with a potentially massive hacker-for-hire scheme code-named DARK BASIN.

Further information about DARK BASIN was published by Citizen Lab, a research unit of the University of Toronto’s Munk School of Global Affairs and Public Policy, which focuses on information technology, international security and human rights. It said DARK BASIN was orchestrated by an India-based firm called BellTroX InfoTech Services. It also claimed that the company is one of a number of hacker-for-hire firms based in India. These companies are said to be employed by private detectives in Western countries, who are usually hired by large multinationals or wealthy individuals.

Accordingly, the targets of DARK BASIN activities appear to have been investment firms based in the US and elsewhere, as well as government officials, pharmaceutical companies, lawyers, large banks, and even environmental activists who campaign against large multinationals. Additionally, some of DARK BASIN’s thousands of targets appear to be people involved in high-stakes divorce proceedings. Perhaps more alarmingly, among DARK BASIN’s targets are journalists around the world, who seem to have been targeted systematically in efforts to reveal their sources of information.

Azari has pleaded not guilty. But the fact that he his lawyer has now communicated his client’s desire to seek a plea deal with US government prosecutors may be a major game-changer in this case, which may have global ramifications. The Reuters news agency, which reported the latest developments on this case this week, said it reached out to the US Attorney’s Office in Manhattan, but spokesmen there declined to provide any information on Azari’s case.

Author: Joseph Fitsanakis | Date: 02 July 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Senior Serb intelligence officials given prison sentences for war crimes

July 1, 2021 by Leave a comment

Jovica Stanisic Franko Simatovic

TWO SENIOR FORMER OFFICIALS in the now defunct domestic security apparatus of Serbia have been given prison sentences totaling 24 years, after being found guilty of war crimes by a United Nations court. The crimes of the two officials stem from the Yugoslav Wars, a series of bloody ethnic conflicts that followed the breakup of the former Yugoslavia in 1991.

The two former officials, Jovica Stanišić, 70, and Franko “Frenki” Simatović, 71, deny that they trained Serbian elite police units in methods of exterminating non-Serb populations in various regions of the former Yugoslavia. The two men were initially acquitted of all charges against them by the International Criminal Tribunal for the former Yugoslavia (ICTY). But the initial ruling was quashed, and the two men were tried again, this time by United Nations Mechanism for International Criminal Tribunals, which took over ICTY’s operations after its mandate ended.

Stanišić directed the State Security Service (SDB), which operated under the Ministry of Internal Affairs of Serbia as the country’s primary domestic security agency. Simatović was an intelligence officer who, from 1991 until 1998, commanded the feared Special Operations Unit, known as JSO. The JSO was an elite police force that operated under Stanišić’s SDB. Prosecutors accused the two men of working under direct orders by Serb President Slobodan Milošević, with the aim of ethnically cleansing non-Serbian populations. Milošević died in 2006 in prison at The Hague, Netherlands, where he was held facing charges of genocide and crimes against humanity.

On Wednesday, each of the two men were given 12 years in prison. Simatović has already served eight years in prison, and Stanišić close to five. Both continue to deny the charges against them, and their lawyers said they would appeal the convictions.

Author: Joseph Fitsanakis | Date: 01 July 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Secret recordings show Peru’s jailed ex-spy chief trying to change election results

June 30, 2021 by Leave a comment

Vladimiro MontesinosAUDIO RECORDINGS RELEASED LAST week appear to show Peru’s imprisoned former spy chief, Vladimiro Montesinos, trying to organize bribes for judges in an effort to alter the outcome of the recent presidential election. From 1990 to 2000, Montesinos headed Peru’s intelligence service, Servicio de Inteligencia Nacional (SIN). He worked in close cooperation with his political patron, Alberto Fujimori, who is currently serving a lengthy prison sentence for corruption and human-rights abuses. Like his boss, Montesinos is currently serving a 25-year prison sentence for setting up a sophisticated network of illegal activities during his SIN tenure. The crimes he committed include drug trafficking, bribing, extortion, as well as embezzlement.

Despite his dramatic fall from power, Fujimori remains popular in Peru. Earlier this month, his daughter, Keiko Fujimori, a rightwing populist, fought a neck-and-neck election contest with leftist school teacher and trade unionist Pedro Castillo. Castillo was provisionally declared the winner of the second and final round of the general election, with 50.12 percent of the votes cast, having received 44,263 more votes than Fujimori. The United States, the European Union and the Organization of American States declared the election as free and fair. But Fujimori, who has vowed to pardon her father and release him from prison if she wins, claims that Castillo’s victory was the result of widespread fraud. Now the National Jury of Elections, set up by the National Office of Electoral Processes, is auditing the election results across the nation.

The plot thickened on Saturday, when a veteran lawmaker, Fernando Olivera, released over a dozen recordings of conversations between the jailed Montesinos and a retired military commander, Pedro Rejas, who is a political ally of Fujimori. In the recordings, Montesinos is heard instructing Rejas to arrange monetary bribes for judges who staff the National Jury of Elections. The purpose of the bribes, says Montesinos, is to secure a victory for Fujimori. He also warns Rejas that if Fujimori does not win the election, she will probably end up in prison for corruption, like her father.

The prison authority of the Peruvian Navy, which oversees the maximum security prison that houses Montesinos, has confirmed that the recordings released by Olivera are authentic, and says it has launched an investigation into the matter. There are also some who believe that Rejas’ involvement in Montesinos’ conspiracy may indicate willingness by the Peruvian Armed Forces to organize a coup, in case Castillo becomes Peru’s next president. Meanwhile, Fujimori has said she felt “indignation” when listening to the recordings of Montesinos’ attempts to secure her electoral victory. She described Montesinos as a “criminal” who “betrayed all Peruvians” as head of the SIN.

Author: Joseph Fitsanakis | Date: 30 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Kremlin spy participated in secret meeting to fund Italian separatist party

June 29, 2021 by 1 Comment

Kremlin, Russia

AN ALLEGED EMPLOYEE OF Russian intelligence was present during a secret meeting in Moscow, in which politicians and investors discussed a plan to fund a northern Italian separatist political party. The party, Lega Nord (Northern League, or LN) was established in 1991 as an amalgamation of northern Italian separatist groups whose members seek greater autonomy and are opposed to Italy’s membership in the European Union. Under its current leader, Matteo Salvini, the LN has adopted an hard-line anti-immigration stance and has associated itself with United Russia, the political home of Russian President Vladimir Putin.

In July of 2019, the investigative news website BuzzFeed released audio recordings of a secret meeting that allegedly took place in Moscow’s Hotel Metropol, between members of the LN and Russian emissaries of the Kremlin. The discussion reportedly concerned a plan to sell Russian oil to an Italian firm connected to the LN at a markedly discounted price, which would allow it to compete with Italy’s state-owned energy supplier and at the same time enrich the LN’s election campaign coffers by nearly $70 million.

According to an investigation by Italian authorities, participants at that meeting were Salvini’s former spokesperson, Gianluca Savoini, as well as two other Italians, who managed investment banks and were also supporters of the LN. There were also three Russian participants, including a Kremlin lawyer who works for the Russian Ministry of Energy, and a Russian former banker and tycoon with clsoe ties to President Putin. But the third Russian had not been identified. Until now.

The Italian newspaper L’Espresso, which has led the investigative reporting into the alleged scandal, reports that the Milan Prosecutor’s Office has identified the third Russian participant as Andrey Yuryevich Kharchenko, an alleged employee of Russian intelligence. The paper said that Kharchenko’s identity was supplied to the Italian government by “another Western state” that has been targeted by Russian intelligence in recent years. The investigation into the alleged scandal continues.

Author: Joseph Fitsanakis | Date: 29 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Sensitive UK defense documents found in bus stop by member of the public

June 28, 2021 by 1 Comment

UK Ministry of DefenceSensitive documents belonging to the British Ministry of Defense were found by a member of the public behind a bus stop last week, in what the BBC described as “a major embarrassment” for the British government. The documents number 50 pages; most are marked “official sensitive”, which is a low level of classification, but it means they are still subject to security requirements.

The BBC said it was contacted by “a member of the public, who wishes to remain anonymous”, after he or she found the documents dumped behind a bus stop in the southeastern county of Kent, which borders greater London,. The papers were reportedly in a deteriorated state, as they had been exposed to the elements -including rain- for several days.

According to the BBC, the sensitive documents most likely originated in the office of a senior Ministry of Defense official. They include printouts of email exchanges, as well as a number of PowerPoint slides concerning several timely topics. Among them is a presentation about HMS Defender, a Type 45 Destroyer belonging to the Royal Navy. It is followed by a presentation on the tense maritime incident that took place between Britain and Russia off the coast of Crimea last week.

Another document concerns the defense priorities of the administration of United States President Joe Biden, especially as they relate to the Indo-Pacific region and China. Several emails concern the future of the British military presence in Afghanistan, following the pending withdrawal of US forces from there in September. Yet another set of documents addresses British defense contracts that may irk some of the former European Union member state’s European allies.

The British Defense Ministry said last week it was investigating the details of “an incident” in which sensitive papers were “recovered by a member of the public”. It added that one of its employees, who had been entrusted with the documents, had reported them missing in the days prior to their recovery.

Author: Joseph Fitsanakis | Date: 28 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , ,

US court rejects challenge of pre-publication review by ex-intelligence employees

June 24, 2021 by 1 Comment

4th US Circuit Court of Appeals in Richmond, Virginia

A COURT OF APPEALS in the United States state of Virginia has rejected a lawsuit by former intelligence employees who claimed that the system of pre-publication review violated their freedom of speech. The case centered on the requirement for current and former employees of American intelligence agencies to submit for review any material they intend to publish in the unclassified domain, in case it contains government secrets.

The lawsuit originated in 2019, when it was brought before a court by five former employees of the Central Intelligence Agency, the National Security Agency, the Office of the Director of National Intelligence, and the Department of Defense. All five plaintiffs intended to publish books on topics including the history of the CIA, government surveillance, as well as the prevalence of sexual violence and racism in the US armed forces.

The plaintiffs claimed that the pre-publication review system is unclear and confusing, that its scope is too broad, and that the process takes too long. They also claimed that many of the edits made on their manuscripts aimed to protect government agencies from embarrassment and criticism, rather than protect national security. Furthermore, they claimed that many of the alleged secrets that were edited out of manuscripts referred to information that was already available in the open domain. All five plaintiffs were represented by lawyers from the Knight First Amendment Institute at Columbia University and the American Civil Liberties Union. The government was represented by the US Department of Justice.

Last year, a US District Court in the US state of Maryland dismissed the claim on the grounds that the government was justified in wanting to protect its secrets, and that the pre-publication system was intricate but unambiguous. On Wednesday, the 4th US Circuit Court of Appeals in Richmond, Virginia, upheld the District Court’s ruling. In a unanimous vote, the court’s three judges concluded that, by voluntarily agreeing to submit to the pre-publication review system, the plaintiffs had waived their right to challenge the system’s legality under the 1st Amendment of the US Constitution.

Author: Ian Allen | Date: 24 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , ,

Afghans who spied for CIA say they fear retaliation once US forces withdraw

June 23, 2021 by Leave a comment

Antony Blinken

AFGHAN CIVILIANS WHO WERE recruited by the United States Central Intelligence Agency as local assets say they fear retaliation by a resurgent Taliban once American forces withdraw from Afghanistan in September. Last April, US President Joe Biden announced that American troops would leave Afghanistan by September 11. The date will mark the 20th anniversary of the terrorist attacks of September 11, 2001, which caused Washington to send troops to Afghanistan in response.

The CIA has been a major component of America’s presence in Afghanistan over the past two decades. When operating in the Central Asian country, CIA officers have routinely relied on local people to collect intelligence, provide translation services, and guard its facilities and personnel. These local assets were typically paid in cash for their services, which were secret in nature and often life-threatening.

Now many of these local assets —possibly thousands— are apprehensive of the pending withdrawal of their American protectors from Afghanistan, and fear retaliation from a resurgent Taliban. According to The Wall Street Journal, these local CIA assets say that “their lives are now at risk”. A large number of them have submitted applications for a US Special Immigrant Visa. This is a State Department program that aims to offer protection to local people who have carried out “sensitive and trusted activities” on behalf of American government personnel abroad.

But the Special Immigrant Visa process is complicated and expensive, and is currently plagued by major delays. The Wall Street Journal reports that, even though the law stipulates Special Immigrant Visa requests must be processed within nine months, applications are currently taking between three to five years to be adjudicated. The Department of State says it is currently working through a backlog of 18,000 applications from around the world. The situation is particularly dire for Afghan CIA assets, says the paper, because many find it difficult to prove they ever worked for the CIA. The spy agency’s record-keeping was minimal throughout its time in Afghanistan, especially in the opening years of the conflict, according to the report. Furthermore, some local assets may not even be named in CIA documentation, so as to protect their identity.

In response to calls for faster processing of Special Immigrant Visa requests, US Secretary of State Antony Blinken (pictured) said earlier this month: “We’re determined to make good on our obligation to those who helped us, who put their lives on the line, put their families’ lives on the line working with our military, working with our diplomats”.

Author: Joseph Fitsanakis | Date: 23 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Germany arrests Russian PhD student on suspicion of spying for Moscow

June 22, 2021 by 3 Comments

University of Augsburg

A RUSSIAN DOCTORAL STUDENT in mechanical engineering, who is studying in a Bavarian university, has been arrested by German police on suspicion of spying for Moscow, according to official statements and reports in the German media. According to a press statement issued by the Federal Public Prosecutor General’s office in the city of Karlsruhe, the PhD student was arrested on Friday, June 18.

The student was subsequently identified by the German authorities only as “Ilnur N.”, in accordance with German privacy laws. On Monday, however, local media identified the suspected spy as Ilnur Nagaev, a doctoral candidate at the University of Augsburg, which is located 50 miles northwest of Munich. Nagaev reportedly works as a research assistant there, while pursuing his doctoral studies in mechanical engineering.

German authorities maintain that the suspect began working “for a Russian secret service” in early October of 2020, and possibly earlier. He is also accused of having met with an unidentified “member of a Russian foreign secret service” at least three times between October 2020 and June of this year. According to German federal prosecutors, Nagaev shared unspecified information with his alleged Russian handler, and received cash in return at the end of each meeting.

German police reportedly searched Nagaev’s home and work office looking for further clues about the case. In the meantime, a judge at the Bundesgerichtshof (Federal Court of Justice) in the Federal Court of Justice in Karlsruhe, which is Germany’s highest court on matters of ordinary jurisdiction, ordered that Nagaev be kept in pre-trial detention, pending a possible indictment. Neither the Russian nor the German federal governments have commented on this case.

Author: Joseph Fitsanakis | Date: 22 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

No prison for Australian former spy who disclosed controversial espionage operation

June 21, 2021 by Leave a comment

Bernard Collaery

A FORMER AUSTRALIAN SPY, who prompted international outcry by revealing a controversial espionage operation by Canberra against the impoverished nation of East Timor, has been given a suspended prison sentence. The case against the former spy, known only as “Witness K.”, first emerged in 2013. It is believed that Witness K. served as director of technical operations in the Australian Secret Intelligence Service (ASIS), Australia’s foreign-intelligence agency.

In 2013, Witness K. revealed an espionage operation that targeted the impoverished Pacific island nation of Timor-Leste, also known as East Timor. He alleged that ASIS officers, disguised as a renovation crew, bugged an East Timorese government complex. The information gathered from the spy operation allegedly allowed the Australian government to gain the upper hand in a series of complex negotiations that led to the 2004 Certain Maritime Arrangements in the Timor Sea (CMATS) treaty. The treaty awards Australia a share from profits from oil exploration in the Greater Sunrise oil and gas field, which is claimed by both Australia and East Timor.

In 2013, the East Timorese government took Australia to the Permanent Court of Arbitration in The Hague, claiming that the Australian government was in possession of intelligence acquired through illegal bugging. The claim was supported by Witness K., who argued that ASIS’ espionage operation was both “immoral and wrong” because it was designed to benefit the interests of large energy conglomerates and had nothing to do with Australian national security. It is worth noting that Witness K. said he decided to reveal the ASIS bugging operation after he learned that Australia’s former Minister of Foreign Affairs, Alexander Downer, had been hired as an adviser to Woodside Petroleum, an energy company that was directly benefiting from the CMATS treaty.

Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Analysis: The mysterious case of IDF ‘Officer X’ who died in an Israeli prison

June 18, 2021 by 2 Comments

Aviv Kochavi

The State of Israel has been in turmoil for several weeks, after it became known that an outstanding officer in one of the elite technological units of the Israel Defense Forces (IDF) Intelligence Division (Israel Military Intelligence, or IMI) was found dead while in custody in a military prison. He had been serving an eight-month sentence on suspicion of causing serious security damage to a critical intelligence technological system. The IDF’s chief of staff, Major General Aviv Kochavi (pictured), said in relation to the case: “The officer from the IMI committed very serious offenses. He committed them on purpose, for reasons I cannot describe. He almost [revealed] a big secret and we stopped it in the [last] minute”.

After the officer’s death, it was revealed by the IDF that his arrest was not a case of treason, or espionage and that he acted for personal, rather than for ideological, nationalistic or financial motives. Following public pressure about IDF’s handling of the matter and the unclear circumstances of the officer’s death, the IDF has provided some more details.

Officer X, who, according to an American website was named Tomer Aiges, was a 25-year-old captain with three honorary awards by the IMI. He had graduated from high school while simultaneously receiving a BSc in computer sciences at the age of 18. Before enlisting in the IDF, he worked in several hi-tech companies in Israel. People who worked with him there testified that he was a young man with extraordinary technical abilities, which is why he was recruited to the technology unit of the IMI.

There are two main issues of concern among the Israeli public. One is how the officer was held in custody for a long time without being brought to trial, even though a serious indictment —the details of which are not known— was filed against him, and when no one except his parents knew about it. To the young man’s acquaintances it seemed that he had mysteriously disappeared. What is more, much of his page on Facebook was deleted and no further updates appeared following his arrest. It was reported that during his arrest, there was a process of criminal mediation, in which the State of Israel sought to sentence him to ten years in prison.

The second problematic issue concerns the circumstances of his death. There are many questions about to how he could have died when his detention cell was under non-stop surveillance by closed-circuit cameras. Further questions remain as to why the investigation into the circumstances of his death has yet to be completed. There have been demands by Israeli former intelligence officers to hand over the investigation to a civilian inquiry committee headed by a Supreme Court judge, as there is grave concern that the IDF could be hiding information that could demonstrate it was negligent in protecting the officer’s life.

The publication of additional details about this case is subject to a strict ban by the Israeli military censorship —it should be noted that Israel is the only Western country that exercises security censorship. The Israeli public is eagerly awaiting the publication of further details about the circumstances of the death of the intelligence officer, Officer X.

Dr. Avner Barnea is research fellow at the National Security Studies Center of the University of Haifa in Israel. He served as a senior officer in the Israel Security Agency (ISA).

Author: Avner Barnea | Date: 18 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

Russian actors had access to Dutch police computer network during MH17 probe

June 17, 2021 by Leave a comment

Flight MH17

Russian hackers compromised the computer systems of the Dutch national police while the latter were conducting a criminal probe into the downing of Malaysia Airlines Flight 17 (MH17), according to a new report. MH17 was a scheduled passenger flight from Amsterdam to Kuala Lumpur, which was shot down over eastern Ukraine on July 17, 2014. All 283 passengers and 15 crew on board, 196 of them Dutch citizens, were killed.

Dutch newspaper De Volkskrant, which revealed this new information last week, said the compromise of the Dutch national police’s computer systems was not detected by Dutch police themselves, but by the Dutch General Intelligence and Security Service (AIVD). The paper said that neither the police nor the AIVD were willing to confirm the breach, but added that it had confirmed the breach took place through multiple anonymous sources.

On July 5, 2017, the Netherlands, Ukraine, Belgium, Australia and Malaysia announced the establishment of the Joint Investigation Team (JIT) into the downing of flight MH-17. The multinational group stipulated that possible suspects of the downing of flight MH17 would be tried in the Netherlands. In September 2017, the AIVD said it possessed information about Russian targets in the Netherlands, which included an IP address of a police academy system. That system turned out to have been compromised, which allowed the attackers to access police systems. According to four anonymous sources, evidence of the attack was detected in several different places.

The police academy is part of the Dutch national police, and non-academy police personnel can access the network using their log-in credentials. Some sources suggest that the Russian Foreign Intelligence Service (SVR) carried out the attack through a Russian hacker group known as APT29, or Cozy Bear. However, a growing number of sources claim the attack was perpetrated by the Main Directorate of the Russian Armed Forces’ General Staff, known commonly as GRU, through a hacker group known as APT28, or Fancy Bear. SVR attackers are often involved in prolonged espionage operations and are careful to stay below the radar, whereas the GRU is believed to be more heavy-handed and faster. The SVR is believed to be partly responsible for the compromise of United States government agencies and companies through the supply chain attack known as the SolarWinds cyber attack, which came to light in late 2020.

Russia has tried to sabotage and undermine investigation activities into the MH17 disaster through various means: influence campaigns on social media, hacking of the Dutch Safety Board, theft of data from Dutch investigators, manipulation of other countries involved in the investigation, and the use of military spies. The Dutch police and public prosecution service were repeatedly targeted by phishing emails, police computer systems were subjected to direct attacks, and a Russian hacker drove a car with hacking equipment near the public prosecution office in Rotterdam.

The above efforts are not believed to have been successful. But the attack that came to light in September 2017 may have been. The infected police academy system ran “exotic” (meaning uncommon) software, according to a well-informed source. The Russians reportedly exploited a zero day vulnerability in that software. After the incident, the national police made improvements in their logging and monitoring capabilities, and in their Security Operations Center (SOC). It is not currently known how long the attackers had access to the national police system, nor what information they were able to obtain.

Author: Matthijs Koot | Date: 17 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , , ,

FBI warns some QAnon online supporters plan to transition to ‘real-world violence’

June 15, 2021 by Leave a comment

QAnon - IA

A NEW INTELLIGENCE REPORT warns that some supporters of the QAnon conspiracy theory, who in the past have limited their activities to the online domain, may now be transitioning to “real-world violence”. The unclassified report (pdf) was co-produced by the Federal Bureau of Investigation and the Department of Homeland Security. It was released on Monday by Senator Martin Heinrich (D-NM), who called for coordinated action to protect national security from QAnon militants.

Adherents of the QAnon conspiracy theory view former President Donald Trump as a central figure in a behind-the-scenes battle against a sinister cabal of enemies, known as the “deep state”. According to the QAnon theory, Trump’s first term in office would culminate in a victory against this “deep state”. The latter is believed by QAnon conspiracy theorists to consist of Satan-worshiping cannibals who traffic children for sex. These cannibals would be routed during “The Storm”, a final reckoning between Trump and the “deep state”, which would result in the arrest and execution of all “deep state” officials.

When Trump failed to get re-elected last year, some QAnon adherents attempted to bring about “The Storm” by joining the mob who attached the US Capitol Complex —an unprecedented violent action that resulted in the death of five people. According to the Associated Press, at least 20 QAnon adherents have so far been charged with federal crimes relating to the January 6 attack on the US Capitol.

The new intelligence report by the FBI and the DHS warns that, frustrated by Trump’s departure from the office of the presidency, some QAnon adherents, including leading figures in the movement, are now promoting a new conspiracy theory. According to this new theory, Trump is now operating as a “shadow president” who is continuing his secret battle against the Satan-worshiping cannibals. The latter purportedly include President Joe Biden and most senior Democrats in office, who will eventually be unseated by Trump and his movement.

Not all QAnon adherents believe in this new theory, according to the report. Indeed, some supporters of QAnon are feeling disillusioned and are now “pulling back”, after realizing that they can no longer “trust the plan” spelled out by Q —the mysterious figure that supposedly is at the center of the QAnon theory. This is not necessarily good news, however, according to the report. This is because some disillusioned QAnon supporters are now deciding that, rather than waiting for Q’s promised actions to occur, they should act to make them happen.

These QAnon supporters believe that they must no longer limit their role in the movement to simply being “digital soldiers” in support of Q. Instead, they are now “pivoting” toward “engaging in real-world violence”, the report suggests. This newfound role includes planning actions that aim to physically harm “perceived members of the ‘cabal’ such as Democrats and other political opposition”, the report warns.

Author: Ian Allen | Date: 15 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

FBI thanks French police for high-profile arrest of Luxembourg’s former top spy

June 14, 2021 by Leave a comment

Luxembourg City

AGENTS OF THE UNITED States Federal Bureau of Investigation visited the northeastern French city of Nancy last week, reportedly to thank its local police force for arresting a former senior officer in Luxembourg’s spy agency. The case is said to be connected to a notorious cyptocurrency-based fraud scheme, which some claim may be the largest in history.

Frank Schneider headed the operations directorate of the Service de Renseignement de l’État Luxembourgeois (SREL), Luxembourg’s intelligence agency. Although he left the service in 2008, his name came up frequently in the context of a spy scandal that eventually brought down Luxembourg’s prime minister, Jean-Claude Juncker. The former spy was eventually acquitted of illegal conduct in that case —but he now appears to be in legal trouble of a different kind.

According to reports, US authorities have been looking for a man referred to in French media as “Frank S.” in connection to a massive Ponzi scheme that allegedly involves OneCoin, a Bulgarian-based cyptocurrency firm. British newspaper The Times has described the scheme as “one of the biggest scams in history”. It is believed that the OneCoin scheme defrauded victims around the world of over $4 billion.

Schneider was reportedly arrested on April 29 in Audun-le-Tiche, a small town on the French-Luxembourg border and not far from the Belgian and German borders. His arrest took place pursuant to an international warrant, which was later confirmed to have been issued by authorities in New York. It was reported at the time that Schneider’s arrest involved the deployment of members of Brigade de recherche et d’intervention —France’s equivalent of the Special Weapons And Tactics (SWAT) teams in the US.

The former spy is currently being held in detention at the Nancy-Maxéville prison, and is highly likely to be extradited to the US. American authorities have until June 28 to submit a formal extradition request to the Nancy office of the prosecutor.

Author: Joseph Fitsanakis | Date: 14 June 2021 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

Older posts

Newer posts