Israeli couple who spied for Iran made ample use of digital applications

November 11, 2024 by 3 Comments

Israel and IranTHE ISRAEL SECURITY AGENCY (ISA) recently announced the arrests of an Israeli couple of Azeri origin on suspicion of spying for Iran. The couple, both 32 years old, were allegedly recruited by an Iranian handler of Azeri origin named Elshan Agheev. As part of their activities, and for about two years, the couple gathered intelligence on critical infrastructure and security sites in Israel, and even conducted surveillance on an academic working for the Institute for National Security Studies, allegedly in order to kill her.

The case demonstrates how software that is easily accessible on the Internet makes it possible to encrypt information communicated between a handler and an agent, as well as how money is transferred to the agent. The official indictment reveals details about the couple’s modus operandi, including the identity of the particular software the spies used to communicate with their Iranian handler.

One of the applications the couple used is Zangi, which facilitates the exchange of encrypted instant messages. According to the company’s website, Zangi offers voice and video calling, text messaging, and file transfer services “without registration and without data collection”. In fact, according to Zangi, the data is saved on the user’s device only. In addition to using the Zangi application, the couple also appear to have used the Zolotaya Korona money-transfer platform. The couple allegedly used the platform in order to receive payments by their Iranian handlers, and to transfer funds to other parties involved in Iranian-led espionage activities inside Israel.

Another application allegedly used by the couple is Ecos Dos, a digital wallet for storing and transferring digital currencies. Ecos Dos is a software wallet that can be installed on a computer or mobile phone. It supports a wide variety of crypto-currencies and is used to store and transfer cryptocurrencies. It is known for its simplicity of use and friendly interface. It is popular among users who wish to maintain anonymity when transacting in digital currencies. It does not require identifying a user’s details when operating, so anyone can create an account and receive funds anonymously.

The suspects are also believed to have used a software called Encryptor in order to encrypt information. This software allows files and folders to be encrypted so that only those who have the encryption key can open them. The couple allegedly used Encryptor to encrypt the information they collected before passing it on to their Iranian handlers, thus making it difficult for Israeli authorities to decipher the information.

The use of these applications attests to the sophistication of the Iranian spy network that was recently busted in Israel, and its efforts to hide its activities inside the Jewish state. The recent indictment against the couple details a collection of serious security offenses, including aiding the enemy in war and providing information to the enemy to harm the security of the state. Iran is clearly stepping up its efforts to recruit Israeli citizens for espionage and terrorist activities.

Author: Avner Barnea | Date: 11 November 2024 | Permalink

Dr. Avner Barnea is research fellow at the National Security Studies Center of the University of Haifa in Israel. He served as a senior officer in the Israel Security Agency (ISA). He is the author of We Never Expected That: A Comparative Study of Failures in National and Business Intelligence (Lexington Books, 2021).

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , ,

Review calls for Europe-wide intelligence agency to prevent hybrid attacks

November 4, 2024 by 4 Comments

European Commission report coverA HIGHLY ANTICIPATED REVIEW of the European Union’s intelligence readiness to face conventional and hybrid threats has called for the establishment of a dedicated Europe-wide intelligence agency. Such an agency must rely on EU member states “trust[ing] each other” in order to confront increasingly aggressive espionage, sabotage, and other types of threats by outside actors like Russia, the report said.

Ursula von der Leyen, who presides over the EU’s powerful executive branch, known as the European Commission, assigned the review last March. It was led by Sauli Niinistö, former president of Finland, who was tasked with providing a set with proposals aimed to enhance the resilience of the EU in the face of current threats in the tactical and strategic domains. The final report, available here in PDF, was made publicly available in Brussels on Wednesday.

Among several recommendations, the report proposes the establishment of a “fully fledged intelligence cooperation service at the EU level”, which could serve the EU’s urgent “strategic and operational needs”. Such needs include countering espionage threats within EU institutions, as well as devising Europe-wide networks of defense against sabotage targeting EU critical infrastructure. Part of the new agency’s mission should be to prevent foreign intelligence services from operating “anywhere in the EU”, the report said.

In her public statement upon receiving the report, President von der Leyen stated that the EU should begin to think pre-emptively, rather than reactively, about conventional and unconventional threats to its security. Such a process should begin through “improving the flow of information gathering and intelligence gathering”, initially through existing EU-wide security bodies, such as the European Union Intelligence and Situation Centre (EU-IntCEN) and the European Centre for Information Policy and Security (ECIPS).

Author: Joseph Fitsanakis | Date: 04 November 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Israeli citizens arrested on suspicion of working for Iranian intelligence

October 28, 2024 by 2 Comments

Ronen Bar Israeli Security AgencyTHE ISRAELI SECURITY AGENCY (ISA) has announced the arrest of 18 Israeli citizens suspected of working for Iranian Intelligence. Among them are seven Israelis, who immigrated to Israel from Azerbaijan, and are suspected of having been in contact for two years with Iranian intelligence. Some of the seven were caught carrying out surveillance against a senior Israeli Air Force officer, whom they were reportedly planning to assassinate.

Israeli authorities accuse the suspects of photographing and collecting information on military bases and facilities, including Air Force bases, Iron Dome battery sites, a power plant, and other energy infrastructure facilities. The suspects are also accused of having received from their Iranian handlers a set of maps of Israeli strategic sites, including the Golani Brigade’s training base, where four Israeli soldiers were killed by a drone attack last week. In over two years, the suspects allegedly performed approximately 600 missions under the direction of two handlers from Iranian intelligence. They did so in return for hundreds of thousands of shekels, which were paid to them in cash and various crypto-currencies.

Another Israeli citizen, who was arrested on suspicion of spying for Iranian intelligence in return for payments, has been named as Vladimir Varehovsky, 35, from Tel Aviv. Among other tasks, Varehovsky is suspected of gathering information about an Israeli scientist, whom he agreed to murder in exchange for a $100,000 payment. The suspect had reportedly acquired weapons for the assigned task, but the ISA arrested him before he could carry it out.

In another counterintelligence operation, the ISA arrested seven young Palestinians from the east of Jerusalem, who have been charged with working for Iranian Intelligence. The main suspect recruited the other six to carry out tasks for a fee. Tasks included setting cars on fire, gathering information about a city mayor in Israel, and plotting to assassinate one of the country’s top scientists. The suspects used social media for recruitment purposes. They were reportedly arrested before they were able to execute their missions. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , ,

Possible Russian role probed in incendiary devices found in Britain and Germany

October 21, 2024 by 2 Comments

DHLAUTHORITIES IN BRITAIN AND Germany are reportedly investigating the possibility that the Russian intelligence services may be behind two fires that occurred in shipping warehouses last summer. The fires occurred in late July in facilities belonging to DHL, a German logistics firm headquartered in Bonn.

On September 1, the German government issued a warning about unknown suspects allegedly shipping “unconventional incendiary devices” throughout Europe. The warning referenced a fire that occurred at a DHL logistics center in the east German city of Leipzig. Germany’s Federal Office for the Protection of the Constitution (BfV) warned at the time that “further incendiary incidents” were anticipated, but provided no further details.

Late last week, British newspaper The Guardian reported that an incident like the one that occurred in Leipzig had taken place in a DHL warehouse in Minworth, a suburb of the city of Birmingham, located in the British Midlands region. In subsequent reporting, the paper alleged that British and German authorities have been investigating a link between the two incidents. Moreover, authorities are reportedly probing the possibility that the incidents may be part of a wider campaign by Russian military intelligence to sabotage Western European transportation and shipping networks.

Meanwhile, Lithuanian media revealed on Friday that a suspect had been arrested in Lithuania in connection with the two fires in Britain and Germany. The reports suggested that the two incendiary devices had been shipped from Lithuania by the same individual. However, there have been no updates about who may be behind the apparent sabotage campaign.

Author: Joseph Fitsanakis | Date: 21 October 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

US-based Afghan man who planned election-day attack ‘worked as CIA guard’

October 14, 2024 by 1 Comment

CIAAN AFGHAN NATIONAL BASED in the United States, who was allegedly planning to carry out a terrorist attack during the upcoming Election Day, previously worked for the Central Intelligence Agency (CIA) as a guard, reports claim. According to the US Department of Justice, Nasir Ahmad Tawhedi, 27, was arrested by the Federal Bureau of Investigation (FBI) on October 7, alongside a number of co-conspirators who have so far not been named.

Tawhedi’s arrest occurred shortly after he purchased two AK-47 assault rifles, 10 magazines, and several rounds of ammunition from an FBI employee posing as a seller of the merchandise. The suspect allegedly told at least two FBI informants working on the case that he intended to use the weaponry to target “large gatherings of people” on Election Day. Tawhedi is also reported to have boasted that he expected to die in the attack. His indictment suggests that he planned to carry out the attack on behalf of the Islamic State of Iraq and al-Sham (ISIS).

Tawhedi has lived in the US for a little over three years, having arrived on US soil soon after Washington began withdrawing its forces from Afghanistan, following a two decades-long military campaign. Like thousands of other Afghans, Tawhedi was able to enter the US through an emergency entry privilege known as a “humanitarian parole”. He then applied for a Special Immigrant Visa, which is customarily offered by the US government as a form of protection to foreign nationals who have provided services to its military and security agencies. According to reports, Tawhedi’s Special Immigrant Visa application had been approved and was in the last stages of being officially issued.

Last week, the American television network NBC reported that Tawhedi had been employed as a guard by the CIA in Afghanistan. The network cited “two sources with knowledge of the matter”. Later on the same day, another American television network, CBS News, said it had been able to independently verify the earlier report by NBC. It is notable that, according to both NBC and CBS, Tawhedi worked as a guard for a CIA facility, rather than an informant or an asset for the intelligence agency.

The recent media reports about Tawhedi have yet to answer the question of whether he had been communicating with identifiable ISIS handlers, or whether he was independently radicalized through his online activity. It is also not known whether Tawhedi was a supporter or an affiliate of ISIS during his stint with the CIA, or whether he became radicalized after arriving in the US in September 2021.

Author: Joseph Fitsanakis | Date: 14 October 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Leaked documents reveal plans for extensive Russian influence campaign in Israel

September 30, 2024 by 4 Comments

2023 Israeli judicial reform protestsLEAKED INFORMATION PUBLISHED BY leading German media outlets has revealed Russia’s plans for an influence campaign targeting Israel. The information was leaked earlier this month by the German newspaper Süddeutsche Zeitung and German television stations Norddeutscher Rundfunk (NDR) and Westdeutscher Rundfunk (WDR), as well as by Israeli news outlets. It allegedly came from Social Design Agency (SDA), a Moscow-based firm hired by the Kremlin, which operates in Israel and several countries in the West.

Founded in 2017, the SDA is reportedly one of a host of firms and organizations that are collaborating with Russian intelligence in its efforts to influence public opinion worldwide. Earlier this year, the United States imposed sanctions on SDA, “for providing services to the government of Russia in connection with a foreign malign influence campaign”. The SDA’s founder is Ilya Gambashidze, who is said to be in direct contact with Russian President Vladimir Putin and other Kremlin officials.

Israel has been a central target of SDA’s Russian influence campaign. The country’s internal situation, with mass demonstrations against the legal reform is “perfect for launching a campaign to influence public opinion”, an SDA document from 2023 reads. The document accurately describes the political and social situation in Israel and names a number of influential Russian expatriates whose activities should be monitored.

According to the leaked documents, the purpose of the planned campaign was to raise support for Russia in its war against Ukraine, and strengthen the proportion of Israelis who espouse anti-Ukrainian sentiments. Another central goal was to ensure that no party in the Knesset —the IsraeliQ Quote parliament— would support a possible transfer of military aid to Ukraine.

From the documents, it appears that the conclusions formulated by the SDA were infused into around 50 cartoons distributed every month on social networks, around 20 fictitious articles appearing on websites pretending to be legitimate, and many reactions on various social networks. Among other things, the company distributed through paid ads on Facebook cartoons showing Ukrainian President Volodymyr Zelensky burning the Israeli flag, as well as cartoons accusing Israeli leftists of supporting Hamas.

One of the main revelations of the recent leaks is that the Arab community in Israel constitutes a target of the Russian influence campaign. For example, a fake Arabic-language article that was circulated online claimed that Israel did not have in its possession enough precision weapons, because it had given them to Ukraine. The article went on to claim that the lack of such weapons would lead to failures on the battlefield. “The good news should be heard by all believers living under occupation”, the article states. “The policy of the occupation government will soon lead to its defeat. We will wait for a spark to ignite our war of liberation, in which the entire Muslim world will support us”. The purpose of the article appears to be to prompt the Israeli-Arab population to turn against the Israeli government based on Israel’s alleged weakness, and to support Israel’s enemies. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

US government wants to ban Chinese-made smart cars over espionage, sabotage fears

September 23, 2024 by 3 Comments

Chinese car industryTHE UNITED STATES DEPARTMENT of Commerce is proposing new regulations that seek to ban the sale of Chinese-made cars in the United States, over concerns that they could be used for espionage or sabotage. Several reports on the proposal noted that it was hurriedly introduced last week as a “national security action,” rather than a trade-related dispute between the US and China.

American government officials said that the new proposals come out of lengthy investigations into the software and technical specifications of Chinese cars. The investigations raised concern about “[c]ertain technologies originating from the [People’s Republic of China] or Russia” that are often found in Chinese-made cars. Such technologies include vehicle cameras, microphones, tracking devices, and several software packages that connect the cars to the world wide web.

Washington is concerned that these devices, and the software that runs them, could be used to collect the personal data of users, or to facilitate espionage activities on a large scale. Concerns have also been raised by US officials that Chinese-made smart cars could be remotely manipulated and used for sabotage during wartime. According to the US Department of Commerce, a central source could potentially “take control of all [the Chinese-made] vehicles operating in the US all at the same time, causing crashes, block[ed] roads, etc.”

When asked by reporters to justify the proposed regulations, Jake Sullivan, White House national security adviser, replied that the US had “already seen ample evidence of the [People’s Republic of China] pre-positioning malware on our critical infrastructure for the purpose of disruption and sabotage. And with potentially millions of vehicles on the road, each with 10- to 15-year lifespans, the risk of disruption and sabotage increases dramatically”.

Author: Ian Allen | Date: 23 September 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Spain and US reject claims they planned to assassinate Venezuelan officials

September 16, 2024 by 1 Comment

Nicolás MaduroTHE GOVERNMENTS OF SPAIN and the United States have strongly rejected allegations they were involved in an operation that aimed to kill leading Venezuelan officials, including the country’s President Nicolás Maduro. The allegations were made by a senior Venezuelan cabinet minister, following the arrests on Sunday of three Americans, as well as two Spanish and one Czech citizens. The six men have been charged with plotting to destabilize the Venezuelan government by killing Maduro and other top officials.

The allegations against the six foreign men were aired on live television by the Venezuelan Minister of the Interior Diosdado Cabello, who is a close ally of Maduro. Cabello accused the US Central Intelligence Agency (CIA) of “leading this operation” with the participation of special forces troops. The Venezuelan official went on to claim that at least one of the American citizens who were arrested over the weekend is a member of the US Navy Sea, Air, and Land (SEAL) Teams, commonly known as Navy SEALs.

Cabello referred to the six men as “mercenaries” with prior service in Colombia, Iraq, and Afghanistan. He added that they had been in contact with “French mercenaries in Eastern Europe” who had supplied them with “hundreds of weapons”. Cabello told reporters that Venezuelan authorities had seized over 400 rifles when they arrested the six men. The Venezuelan cabinet minister also claimed that the two Spanish citizens were employees of National Intelligence Center, Spain’s primary intelligence organization.

Late yesterday, however, Spanish officials issued strong denials of Cabello’s allegations. One Spanish government spokesperson told the Agence France Presse news agency that Madrid “denied and categorically rejected” Venezuela’s claims. Meanwhile, a statement issued by the US Department of State rejected as “categorically false […] any claims of US involvement in a plot to overthrow Maduro”. The French and Czech governments had yet to issue any official statements as of late last night.

Meanwhile, the BBC reported yesterday that the Spanish government has requested that Venezuelan authorities provide details of the detainees and that the Spanish embassy in Caracas is seeing to gain access to the two Spanish detainees.

Author: Joseph Fitsanakis | Date: 16 September 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , ,

Spy’s release by higher court shows Austria is unable to find its intelligence footing

September 9, 2024 by 1 Comment

Egisto OttON JUNE 26, THE longwinded case of Austria’s counter intelligence failure regarding a possible inside threat took yet another —quite surprising— turn: the state court of Vienna (Landesgericht Wien) released from pre-trial detention (Untersuchungshaft) Egisto Ott, a former member of the Federal Office for the Protection of the Constitution and Counterterrorism (BVT) —Austria’s now-dissolved domestic intelligence agency. Ott, who was accused of spying against Austria, had been arrested (again) at the end of March on suspicion of obtaining classified information for which he could provide no reason, as well as for presumably selling it. Among the suspected recipients of the classified information were Russian assets and —more or less directly— Russian intelligence.

However, the three-judge panel called to decide on the detention complaint came to the conclusion that, while there remains a strong suspicion (dringender Tatverdacht) against Ott, the reasons for his further detention were not sufficiently given. In the judges’ view, all activities that could carry a pre-trial detention were committed before Ott was arrested and released for the first time in 2021. Back then, Ott had also been released after a short detention, following a decision by the same court. Briefly summarized, in 2021 the Landesgericht concluded that Ott could no longer spy against Austria as he did not have access to classified information, having been removed from the domestic intelligence agency years earlier. Additionally, since the BVT was in the process of reorganization and reformation at that point, the judges deemed the possibility of further criminal behavior by Ott to be unrealistic.

The recent assessment that Ott did not conduct additional punishable offences following his first release is surprising, since the prosecutor alleged —with a certain undertone directed against the initial decision to release Ott, which can be noted in the arrest warrant— that Ott had resumed his information-gathering and handling activities immediately upon being set free in 2021. Specifically, Ott is accused of having unlawfully retrieved data from the Central Register of Residents (Zentrales Melderegister) on March 24 of that year and then passing it on. The information accessed by Ott concerned the Bulgarian investigative journalist Christo Grozev, who was living in Austria at the time. Consequently, Grozev had to leave Vienna, since his life was deemed to be in severe danger. Today, whenever Grozev returns to Austria to visit members of his family who remain there, he has to do so under heavy protection by the Austrian authorities.

Between June and November 2022, when Ott had been released from his first pre-trial detention, there was also an alleged transfer to Russia of three mobile phones, or their data, as well as a highly-encrypted SINA-workstation laptop. However, the judges of the Landesgericht concluded that, while information or intelligence provided to foreign services does not have to be secret to constitute criminal espionage against Austria, “concrete and vital interests of Austria” have to be violated by such a transfer. The judges did not deem that the evidence furnished by the prosecutor met their criteria. Die Presse, Austria’s ‘newspaper of record’, published a detailed explanation of the court decision. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

Profile of Tang Yuanjun, alleged asset for Chinese intelligence 2018-2023

September 5, 2024 by 1 Comment

Yuanjun TangTANG YUANJUN WAS ARRESTED by the United States Federal Bureau of Investigation (FBI) in August 2024. He allegedly worked as a Chinese Ministry of State Security (MSS) asset between 2018 and 2023. He reported on the following categories of information that were of interest to the MSS:

  • Prominent U.S.-based Chinese democracy activists and dissidents.
  • US Chinese-American Member of Congress Xiong Yan, from New York.
  • Immigration claims from dissidents wanting to leave China for the US.

According to the US Department of Justice (DoJ), Tang expressed his desire to see his aging family in China. A prominent dissident such as Tang would not be able to travel to China without being arrested, unless his travel had been approved by authorities. An acquaintance helped him establish secure online contact with the MSS. After being recruited, Tang reported to the MSS using an email account, encrypted chats, text messages and audio and video calls. Tang helped the MSS infiltrate a group chat on WhatsApp; used by numerous People’s Republic of China (PRC) dissidents and pro-democracy activists to communicate about pro-democracy issues and express criticism of the PRC government. In fact, this was what users called a “super group”. It is a group that consists of many other groups. Members could not even identify who was the sponsor of the group chats [1].

In addition, Tang reportedly video-recorded a June 2020 Zoom discussion commemorating the anniversary of the Tiananmen Square massacre in the PRC. The Zoom online discussion was led by Zhou Fengsuo, Director of the June 4th Memorial Museum in New York City and a leading advocate for democracy in China. The Ministry of Public Security also infiltrated these discussions with the assistance of Zoom China and US based employees [2].

Tang was Secretary General of the overseas headquarters of the China Democratic Party United Headquarters in New York City. This non-profit organization assists mainland Chinese dissidents in immigration and asylum applications for the US. Tang allegedly provided information on these individuals to the MSS [3]. Tang also allegedly identified ten immigration attorneys to support MSS efforts to place assets in the US. Other dissident organizations in New York and Los Angeles provide similar visa application services to generate income.

In 2022, reportedly Tang met with the MSS in Changchun City, Jilin Province, China, where an officer installed a software on Tang’s phone which Tang believed to be a “bug” that caused all photographs and videos captured on the phone to be transmitted to the MSS. In his role as leading democracy advocate Tang encouraged dissidents to attend protests in Manhattan and Washington DC. He used the compromised phone to take photographs of the events. The Chinese Communist Party (CCP) then used the photographs as evidence against overseas dissidents. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , ,

Dutch prime minister bans wireless devices from meetings to ward off espionage

September 2, 2024 by 2 Comments

Dick SchoofTHE NETHERLANDS’ NEW PRIME minister has officially banned the use of all wireless devices from cabinet meetings, reportedly to defend against espionage operations from foreign actors. The move comes following warnings by Dutch intelligence services that the country is being targeted by Russian and Chinese spies with more intensity than at any time since the Cold War.

The current Dutch government, led by the far-right Freedom Party (PVV), was formed following the general election of November 2023. Although the PVV, headed by populist Geert Wilders, emerged as the leading political force in the Netherlands with 23% of the vote, it found it difficult to form a governing coalition. In June of this year, following lengthy negotiations, a rightwing coalition was formed between the PVV, the People’s Party for Freedom and Democracy (VVD), the Farmer-Citizen Movement (BBB), and the New Social Contract (NSC).

A key feature of the agreement was that none of the individual parties’ leaders, including Wilders, could serve as prime minister. Instead, the three parties settled on Dick Schoof as a form of compromise. The 67-year-old Schoof led the Netherlands’ Immigration and Naturalization Service from 1999 until he was appointed to head the Ministry of Security and Justice in 2010. From 2013 to 2018, he became the National Coordinator for Security and Counterterrorism —the Netherlands’ main counter-terrorism unit, which operates as part of the Ministry of Security and Justice.

In 2018, Schoof was appointed director-general of the General Intelligence and Security Service (AIVD), the nation’s primary intelligence agency. The AIVD is tasked with foreign and domestic duties, as well as signals intelligence. Prior to his prime ministerial post, the culmination in Schoof’s career as a public servant came with his appointment as secretary-general of the Ministry of Justice and Security, in 2020. In 2021, after 30 years of being a member, Schoof officially left the Labor Party (PvdA), the Netherlands’ mainstream social-democratic, left-of-center political party. In subsequent public comments he appeared to endorse the PVV, but never officially joined it.

Speaking to reporters last week, Schoof said he was “taking a different approach” to security at cabinet meetings, which was “based on his former job in the intelligence community”. He added, “maybe I have a bit more experience with that sort of thing” and stressed that banning wireless devices from cabinet meetings was “a completely natural measure” for him. Members of the Dutch cabinet “agreed immediately” with the new measure, said the new prime minister.

Author: Joseph Fitsanakis | Date: 02 September 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , ,

Is Israel preparing to carry out intelligence operations on US soil?

August 26, 2024 by 2 Comments

Amichai ChikliSEVERAL WEEKS AGO, ISRAEL’S Minister of Diaspora Affairs, Amichai Chikli, reportedly met with the chief executive officer (CEO) of Israeli private intelligence company Black Cube. According to Israeli newspaper The Marker, the purpose of the alleged meeting was to propose an intelligence operation to be carried out on American soil by Black Cube, on behalf of the Israeli government. The intelligence operation would allegedly target a United States-based organization that stands at the forefront of demonstrations against Israel on university campuses in the United States —demonstrations that the state of Israel views as anti-Semitic.

According to The Marker report, the alleged meeting between Minister Chikli and the CEO of Black Cube, Dan Zorla, took place in a private residence in Herzliya near Tel Aviv. Minister Chikli was personally involved in the discussions with Black Cube, with the understanding that intelligence operations carried out by the firm on American soil would not be officially attributed to the State of Israel. However, it is unclear whether such intelligence operations were indeed authorized to proceed.

The organization against which Chikli reportedly asked Black Cube to target is “Students for Justice in Palestine”. The group has staged numerous demonstrations on university campuses across the United States since the outbreak of the Israel-Hamas war last October.

The alleged use of a private intelligence company against an American-based organization, whose leaders are primarily American citizens, may be perceived as a violation of American sovereignty. Such an activity could further-damage the relationship between Israel and the American government and stigmatize Israel’s image among the American public.

Following the publication of The Marker report, the Ministry of Diaspora Affairs claimed the proposal for the intelligence operation had been initiated by Black Cube and that Ministry officials ultimately rejected it. Still, at least three different sources appear to confirm the exact opposite —namely, that the spying initiative was prompted by the Ministry. Black Cube reportedly rejected it based on concerns that such a high-risk operation could damage the company’s standing with the United States government and harm its ability to do business on American soil in the future.

An official statement issued by the Ministry of Diaspora Affairs said: “Since the beginning of the war, the ministry has held meetings with dozens of organizations seeking to assist the efforts of the State of Israel in various fields. At the company’s [Black Cube’s] request, a meeting was held with the ministry’s professional echelon, and at the end of it, it was decided not to proceed with any engagement”. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , ,

Israel releases findings of internal probe into October 7 intelligence disaster

August 12, 2024 by 17 Comments

Hamas GazaTHE OFFICIAL INTERNAL INVESTIGATION into the performance of Israel’s Military Intelligence Directorate (MID) during the run-up to the Hamas attack of October 7, 2023, has been released. Known as The Road to War, the report addresses the central question of: how did the MID –the main military intelligence body of the Israel Defense Forces, or IDF– miss all the signs of the pending Hamas attack, and how did all the available warnings go unheeded?

To compline the report, the Intelligence Directorate of the IDF investigated how the most significant intelligence failure in the history of the State of Israel occurred, as well as how the MID analysts and other members of the intelligence community failed to notice the attack that Hamas had been planning.

According to the findings of the investigation, Hamas began planning its attack between seven and eight years ago, which means that Israeli intelligence should have been able to observe the relevant warnings as early as 2016. However, the IDF’s intelligence division missed the early signs.

It appears that the MID assumed Hamas had been deterred by Israel. There was also a prevailing assumption that the group’s military wing, led by Yahya Sinwar, had settled on improving the economic situation of Gaza Strip residents while securing its internal sovereign status in the Gaza Strip. The MID intelligence analysts were uniformly immersed in the concept that Hamas “did not want to and could not” go to war against Israel.

The main findings of the investigation are as follows: Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , ,

At least four Russians released in prisoner exchange with West are verified ‘illegals’

August 5, 2024 by 2 Comments

SVR hqAT LEAST FOUR OF the eight Russians released by the United States and its allies last week, in exchange for 16 people held in Russian prisons, are verified ‘illegals’ —the term used to describe Russian non-official-cover intelligence personnel. All four operated using third country identity documents, including passports. In every case but one, these identity documents had been illegally acquired.

In intelligence parlance, the term ‘illegals’ emerged during the Cold War to describe Russian intelligence personnel who operated without any formal association with Russian diplomatic facilities. In many cases, these operatives used third country passports. This enabled them to operate with an unusual degree of flexibility and evade the attention of rival intelligence services. At the same time, however, the absence of diplomatic credentials prevented these operatives from claiming diplomatic immunity if caught. It thus exposed them to the possibility of lengthy prison terms upon discovery.

THE TWO GRU ILLEGALS

Among the prisoners exchanged last week was Pavel Alekseyevich Rubtsov. Rubtsov was born in the Soviet Union as the grandson of a Spanish evacuee, who had been taken to Moscow as a child by the leftist Spanish Republic during the Spanish Civil War. At the age of 9, Rubtsov moved with his mother to Spain, where he had his name legally changed to Pablo González Yagüe and grew up in Catalonia and the Basque Country. He was arrested in Poland in 2022 and charged with participating in foreign intelligence activities against Poland on behalf of the Main Directorate of the Russian Armed Forces’ General Staff, which is commonly known as GRU.

IntelNews has previously reported on the case of Mikhail Valeryevich Mikushin, who was also released and returned to Russia on Thursday. Mikushin lived for several years in Canada and Norway using a Brazilian passport under the name of José Assis Giammaria. When he was arrested by Norwegian authorities, Mikushin was working as a researcher on arctic security affairs for the Arctic University of Norway. Among other things, Mikushin was a volunteer researcher for a UiT GreyZone, a scholarly project that studies contemporary hybrid threats and grey zone warfare. Like Yagüe, Mikushin is also believed to have been employed by the GRU.

THE TWO SVR ILLEGALS

Arguably the most unusual case of illegals among those unveiled last week is that of Artem Dultsev and Anna Dultseva. The couple moved from Argentina to Ljubljana, the capital of Slovenia, in 2017. They brought with them their two young children, a boy and a girl, both of whom appear to have been born in Argentina. Artem Dultsev’s Argentinian passport bore the name Ludvig Gisch, born in 1984 in the West African country of Namibia. Dultsev posed as an information technology executive. His wife, Anna Dultseva, who operated an art gallery, used the cover name Maria Rosa Mayer Munos and went by Mayer. Read more of this post

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , , , , , , , , , , , ,

South Korea’s top HUMINT agency probes potentially catastrophic data breach

July 29, 2024 by 1 Comment

North South KoreaIN A HIGHLY UNUSUAL move, authorities in Seoul have publicly acknowledged a data leak that may have resulted in the outing of a number of South Korean undercover human intelligence (HUMINT) operatives abroad. The South Korean Ministry of National Defense said on Sunday it was investigating an alleged link of highly sensitive data belonging to the Korea Defense Intelligence Command (KDIC).

Formed under American tutelage in 1946, KDIC is today considered South Korea’s most secretive intelligence agency. It operates under the Defense Intelligence Agency (DIA), which makes it part of the Ministry of National Defense’s chain of command. Unlike DIA’s civilian counterpart, the National Intelligence Service, KDIC rarely surfaces in unclassified news reporting, and it almost never issues press releases. Its operations primarily involve HUMINT activities, thus making it South Korea’s most active HUMINT-focused agency.

Predictably, KDIC’s primary intelligence target is North Korea. The agency gathers much of its intelligence on the North through an extensive network of undercover officers operating with diplomatic credentials. KDIC also handles non-official cover (NOC) operatives, who are located mostly in Asia. There have been periodic claims in the unclassified literature that some KDIC NOCs have operated inside North Korea at times –though such claims remain speculative.

On Saturday, the Seoul-headquartered Yonhap News Agency alleged that classified information relating to KDIC had been “leaked”. According to Yonhap, the leak included personally identifiable information about KDIC official and non-official cover personnel stationed abroad. The report claimed that the leak was discovered by South Korean authorities a month ago, and that the discovery had resulted in the recall of several KDIC undercover operatives serving overseas “due to concerns over their identities being exposed”.

The Yonhap report claimed that, according to an ongoing probe, the leak may have originated from a personal laptop computer belonging to a civilian KDIC employee. The employee has since claimed that the laptop had been hacked, but some investigators believe the suspect may have “intentionally left the laptop vulnerable to hacking by North Koreans”.

According to an official statement released on Sunday by the Ministry of National Defense, the case is “currently under investigation by military authorities”.

Author: Joseph Fitsanakis | Date: 29 July 2024 | Permalink

Filed under Expert news and commentary on intelligence, espionage, spies and spying Tagged with , , , , , , , ,

Older posts

Newer posts