Russia says it foiled major foreign cyber attack on its financial system

FSB - IARussian authorities say they prevented a large-scale cyber attack by “a foreign intelligence service”, which had been designed to destabilize the country’s financial system and subvert its economy. In an official statement published on its website last week, Russia’s Federal Security Service (FSB) said the perpetrators of the foiled attack had planned to carry it out on December 5. The spy agency, which stems from the Soviet-era KGB, said that the cyber attack had been designed to bring down computer systems belonging to some of Russia’s largest banking institutions.

Text to the statement by the FSB, the planned attack consisted of several components. One component included the use of social media and text messages to be spread through the mobile phone system. The goal was to spread rumors claiming that Russia’s financial system was facing imminent collapse and create panic in the Russian stock exchange. The FSB alleged that several large cities throughout Russia were to be targeted under the foiled plan. The spy agency claimed that the attack originated from a “foreign intelligence service”, but did not identify any countries as culprits of the operation. However, it said that a Ukrainian web hosting company had been used as a base from which to launch the attack through servers located in the Netherlands. On Friday, the Ukrainian web host, BlazingFast, denied that its systems had been used to prepare an attack on the Russian financial sector. In a statement published on Facebook, the company said it had not been contacted by Russian authorities, and assumed that the FSB had “been able to handle the situation without the need of BlazingFast’s cooperation”. It added that it was willing “to cooperate with any legal entity” to investigate Russia’s accusations.

In August of this year, the FSB disclosed that “a meticulously coded and sophisticated virus” had been found on the computer networks of at least 20 major Russian agencies and organizations. As intelNews reported at the time, the targets appeared to have been carefully selected by the malware’s authors. They included government bodies, weapons laboratories and defense contractors located throughout Russia.

Author: Ian Allen | Date: 06 December | Permalink

Analysis: Is Putin planning to restore the Soviet-era KGB?

SVR hqLast week, following the results of Russia’s parliamentary election, Russian media run a story suggesting that the Kremlin is planning to implement far-reaching changes to the country’s intelligence apparatus. According to the Moscow-based daily Kommersant, the administration of President Vladimir Putin is considering merging Russia’s two major intelligence and counterterrorism agencies into one. Specifically, the Russian Foreign Intelligence Service, or SVR, will merge with the FSB, the Federal Security Service, according to Kommersant. The merger will create a new amalgamated intelligence agency that will be named “Ministry of State Security”, or MGB, in Russian. The last time this title was used was from 1946 to 1953, during the last years of the reign of Soviet Premier Joseph Stalin. It was one of several agencies that were eventually combined to form the Soviet KGB in 1954.

If the Kommersant article is accurate, Russia’s two main intelligence agencies will merge after an institutional separation that has lasted a quarter of a century. They were separated shortly after the official end of the Soviet Union, in 1991, when it was recognized that the KGB was not under the complete control of the state. That became plainly obvious in August of that year, when the spy agency’s Director, Vladimir Kryuchkov, helped lead a military coup aimed at deposing Soviet Premier Mikhail Gorbachev. The two new agencies were given separate mandates: the SVR inherited the mission of the KGB’s foreign intelligence directorates and focused on collecting intelligence abroad; the FSB, on the other hand, assumed the KGB’s counterintelligence and counterterrorist missions. A host of smaller agencies, including the Federal Agency of Government Communications and Information (FAPSI), the Federal Protective Service (FSO) and others, took on tasks such as communications interception, border control, political protection, etc.

Could these agencies merge again after 25 years of separation? Possibly, but it will take time. An entire generation of Russian intelligence officers has matured under separate institutional roofs in the post-Soviet era. Distinct bureaucratic systems and structures have developed and much duplication has ensued during that time. If a merger was to occur, entire directorates and units would have to be restructured or even eliminated. Leadership roles would have to be purged or redefined with considerable delicacy, so as to avoid inflaming bureaucratic turf battles. Russian bureaucracies are not known for their organizational skills, and it would be interesting to see how they deal with the inevitable confusion of a possible merger. It could be argued that, if Putin’s goal is to augment the power of the intelligence services —which is doubtful, given their long history of challenging the power of the Kremlin— he would be better off leaving them as they are today.

Author: Joseph Fitsanakis | Date: 04 October 2016 | Permalink

Sophisticated spy malware found on Russian government computers

FSB - IAAccording to the predominant media narrative, the United States is constantly defending itself against cyber-attacks from countries like China and Russia. But, as intelNews has argued for years, this narrative is misleading. Recent intelligence disclosures clearly show that the US cyber-security posture is as offensive as that of its major adversaries. Additionally, China and Russia have to defend their computer networks as much as America does. Last weekend’s report from Moscow helps restore some of the balance that is missing from media reporting on cyber-security. According to the Russian Federal Security Service (FSB), a meticulously coded and sophisticated virus has been found on the computer networks of at least 20 major Russian agencies and organizations. The targets appear to have been carefully selected by the malware’s authors. They include government bodies, weapons laboratories and defense contractors located throughout Russia.

The FSB said that once installed, the virus gave its handler control of the infected computer system. It permitted an outside hacker to turn on a computer’s microphone or camera, and capture screenshots. It also stealthily installed keylogging software, thus allowing an outside party to monitor keyboard strokes on an infected system. Based on its functions, the malicious software seems to be designed to conduct deep surveillance on infected computers and their physical surroundings. The FSB would not attribute the malware to a specific hacking group or nation. But it said it believed that the malware attack was “coordinated”, “planned and planned professionally”. It also said that the coding of the virus “required considerable expertise”. In a brief statement released Saturday, the FSB said that aspects of the coding of the virus, as well as other identifying information, resembled those detected in preceding hacking attacks on computer servers in Russia and other countries. The statement did not elaborate, however.

The news about hacked Russian computers comes less than two weeks after it was claimed that Russian government-backed hackers stole electronic data belonging to the Democratic National Convention (DNC) in the United States. The Democratic Party’s presidential candidate, Hillary Clinton, publicly accused the Russian government of orchestrating the hacking of the DNC computer systems in an attempt to damage her campaign.

Author: Ian Allen | Date: 01 August 2016 | Permalink

Video footage shows alleged CIA spy tackled outside US Moscow embassy

US embassy scuffleA Russian television station has aired footage allegedly showing a Russian guard stationed outside the United States embassy in Moscow trying to stop an American diplomat from entering the embassy. The Kremlin claims that the alleged US diplomat was in fact a Central Intelligence Agency officer who was returning to the embassy in disguise following a spy operation. As intelNews reported on July 1, the incident took place in the early hours of Monday, June 6. The American diplomat was making his way to the front entrance of the US embassy complex, which is located in the Presnensky District in downtown Moscow.

According to American sources, the diplomat was approached by an employee of the Russian Federal Security Service, the FSB, which regularly stations security personnel around the sizeable US embassy complex. The FSB claims that the guards are there to protect US diplomats, though it is common knowledge that the Russian agency, which is responsible for counterespionage, is primarily there to monitor activities in and around the US embassy. American sources claim that the diplomat presented the Russian guard with proof of identification when asked to do so. But he was then physically attacked and struck repeatedly by the FSB officer, which left him with several injuries, including a broken shoulder. The diplomat managed to enter the embassy grounds and had to be flown out of the country for urgent medical treatment. He has not returned to Russia.

On Thursday, Russian television channel NTV aired video footage purporting to show the altercation between the US diplomat and the FSB guard. The video aired on NTV shows a man exiting a taxi in a hurry and heading to what appears to be the US embassy’s front-perimeter entrance. However, as the man makes heads for the entrance, a uniformed individual jumps out of a guard station located nearby and tackles the man, throwing him on the ground. A scuffle ensues, during which the alleged diplomat is seen desperately trying to reach the entrance of the US embassy, which is American soil. He eventually manages to enter the embassy grounds, despite the effort of the uniformed guard to prevent him from entering. The same NTV report identified the American diplomat as Daniel Van Dyken and showed the photograph of a man said to be him. The report states that Van Dyken serves as third secretary of the US embassy’s Political Department.

Last week, Russian Foreign Ministry spokeswoman Maria Zakharova alleged that the diplomat in question was an intelligence officer. “It is well known”, said Zakharova, “that this very diplomat was in fact an agent of the CIA and was returning [to the US embassy], in disguise, after conducting an intelligence operation the previous night”. She also said that the Russian government employee involved in the altercation was a “police officer” who was attacked by the alleged spy when he asked to be shown proof of identification. Instead of supplying identification documents, the American diplomat “struck the guard in the face with his elbow before disappearing into the embassy”, said Zakharova. The US State Department and the CIA have refused to comment on Zakharova’s allegations.

Author: Ian Allen | Date: 08 July 2016 | Permalink

Diplomat involved in fight with US embassy guard is CIA spy, says Russia

FSB - IAThe Russian government says that an American diplomat, who was allegedly beaten up by a Russian security guard outside the United States embassy compound in Moscow, is an undercover spy. The man, who has not been named, was stationed in the Russian capital by the State Department as an accredited diplomat with immunity from prosecution in Russia. However, The Washington Post reported earlier this week that the American diplomat was severely beaten by a Russian government employee while attempting to enter the US embassy compound.

The alleged incident is reported to have taken place in the early hours of Monday, June 6. The American diplomat was making his way to the front entrance of the US embassy complex, which is located in the Presnensky District in downtown Moscow. According to American sources, the diplomat was approached by an employee of the Russian Federal Security Service, the FSB, which regularly stations security personnel around the sizeable US embassy complex. The FSB claims that the guards are there to protect US diplomats, though it is common knowledge that the Russian agency, which is responsible for counterespionage, is primarily there to monitor activities in and around the US embassy. American sources claim that the diplomat presented the Russian guard with proof of identification when asked to do so. But he was then physically attacked and struck repeatedly by the FSB officer, which left him with several injuries, including a broken shoulder. According to The Washington Post, the diplomat managed to enter the embassy grounds and had to be flown out of the country for urgent medical treatment. He has not returned to Russia.

The US government believes the attack was intentional. But what caused it? One theory entertained by The Washington Post is that the diplomat was in fact an officer of the Central Intelligence Agency working in Moscow under official cover, pretending to be a State Department employee. According to this theory, the FSB was chasing the American diplomat through the streets of Moscow after a spy operation that went awry. The Russians then tried unsuccessfully to prevent him from entering the US embassy, which constitutes American soil.

On Thursday, Russian Foreign Ministry spokeswoman Maria Zakharova alleged that the diplomat in question was an intelligence officer. “It is well known”, said Zakharova, “that this very diplomat was in fact an agent of the CIA and was returning [to the US embassy], in disguise, after conducting an intelligence operation the previous night”. She also said that the Russian government employee involved in the altercation was a “police officer” who was attacked by the alleged spy when he asked to be shown proof of identification. Instead of supplying identification documents, the American diplomat “struck the guard in the face with his elbow before disappearing into the embassy”, said Zakharova. The US State Department and the CIA refused to comment on Zakharova’s allegations.

Author: Ian Allen | Date: 01 July 2016 | Permalink

Russia claims arrest of alleged CIA-trained spy

Lubyanka SquareThe Russian government says it has arrested a senior Ukrainian intelligence officer, who was allegedly trained by the United States Central Intelligence Agency and tasked with infiltrating the Russian secret services. In a statement published on Thursday, Russia’s Federal Security Service, known as FSB, said the alleged infiltrator is a “senior level employee” of the SBU, the Security Service of Ukraine. The SBU is Ukraine’s primary counterterrorism and counterintelligence agency, with much of its output focused on the Russian Federation.

The FSB statement identified the Ukrainian man as Lieutenant Colonel Yuriy Ivanchenko, but did not release further information about his background and identity, nor did it specify the details of his activities in Russia. According to the Russians, Ivanchenko allegedly entered the country in recent weeks, ostensibly in order to visit family members who live in Russia. But his real goal, according to the FSB, was to make contact with Russian intelligence and infiltrate the country’s security structure. Moscow says that Ivanchenko had planned to pose as a willing spy, namely an employee of Ukrainian intelligence who was offering to provide information to Russia. He was not a genuine spy, however, but rather a ‘dangle’ —namely someone posing as a genuine spy, but who is in fact attempting to deceive a rival intelligence agency by knowingly giving it misleading or inaccurate information.

Moreover, the Russians claim that Ivanchenko was being jointly run by the SBU and the CIA, and that the American intelligence agency had trained him to pose as a ‘dangle’ in order to collect information about FSB activities in Ukraine. The goal of the CIA, said Moscow, was to “lure an FSB employee and capture him with incriminating information”. However, the FSB statement said that Ivanchenko’s SBU connection and CIA affiliation were known to Russia prior to his arrival in the country, as he had previously tried to offer his services to Moscow. He was therefore arrested and will be deported in the coming days with a persona non grata (unwelcome person) designation. The CIA and SBU have not commented on Russia’s allegations.

Author: Joseph Fitsanakis | Date: 01 April 2016 | Permalink

ISIS members attempting to target Russians in Thailand, FSB warns

ThailandRussian intelligence officials have warned authorities in Thailand that the Islamic State is planning to strike at Russian targets in the Southeast Asian country. Thai authorities received the warning in a memorandum dated November 27, 2015, which came from the Russian Federal Security Service (FSB). The document, marked ‘urgent’, warned of a series of coordinated attacks against Russian-related businesses and facilities in several cities across Thailand. Several Thai news sites, as well as CNN in the United States, said they had seen the memo. It was allegedly forwarded last week from the Royal Thai Police Special Branch division to police units across the country. It warned that the FSB had identified at least 10 Syrian citizens, all members of the Islamic State of Iraq and Syria (ISIS), who had entered Thailand between October 15 and October 31.

According to the FSB memorandum, the ISIS operatives had entered Thailand in three separate groups, arriving to the country from different international destinations. The largest of the groups, consisting of 4 members, is believed to have traveled to the coastal city of Pattaya (pictured), in eastern Thailand. Two more operatives went to Phuket Island in the Andaman Sea, while two other Syrians traveled to capital Bangkok. The two remaining members of the group went “to an unknown location”, said the FSB memorandum. After receiving the FSB memorandum, the Royal Thai Police issued a warning that ISIS may be trying to harm “Russians and Russia’s alliance with Thailand”. They also called for heightened security around tourist spots frequented by Russian tourists.

Phuket and Pattaya are busy resort destinations for Russian tourists, nearly 2 million of whom visit Thailand each year, many of them in December. The Russian Federation maintains consulates in both cities, in addition to the Russian embassy in Bangkok. When asked by reporters on Friday about the FSB memo, Royal Thai Police officials said they had not been able to locate the alleged ISIS members, but added that security had been increased across the country. General Thawip Netniyom, who heads the country’s National Security Council, said no “unusual movement” had been detected, and insisted that “everything is safe” in the country.

Author: Ian Allen | Date: 07 December 2015 | Permalink