Nerve agent used in Skripal attack ‘could have killed thousands’ say experts

GRUThe amount of poison smuggled into Britain for a near-fatal attack on Russian former spy Sergei Skripal was powerful enough to kill “thousands of people”, according those leading the investigation into the incident. Skripal, a former military intelligence officer, was resettled in the English town of Salisbury in 2010, after spending several years in a Russian prison for spying for Britain. But he and his daughter Yulia almost died in March of this year, after being poisoned by a powerful nerve agent that nearly killed them. The attack has been widely blamed on the Russian government, though the Kremlin denies that it had a role in it.

Investigators from Britain and other Western countries have identified the poison used in the attack on the Skripals as novichok. The term (meaning ‘newbie’ in Russian) was given by Western scientists to a series of rarely used nerve agents that were developed the Soviet Union and Russia between 1971 and the early 1990s. It is believed that the poison was smuggled into the United Kingdom hidden inside an imitation perfume bottle, which had been fitted with a custom-made pump used to apply the poison. British authorities have determined that the assailants sprayed the poison on the doorway —including the handle— of the Skripals’ house in Salisbury. They then discarded the perfume bottle, containing the leftover novichok, in a garbage can before leaving the country in a hurry. The bottle was eventually recovered by Salisbury resident Charlie Rowley. His partner, Dawn Sturgess, died of poisoning after she applied some of the contents of the bottle on her wrists. British government scientists have since been examining the contents of the perfume bottle found inside Sturgess’ home.

On Thursday, BBC Television’s Panorama investigative program aired an episode entitled “Salisbury Nerve Agent Attack: The Inside Story”. Among those interviewed was Dean Haydon, a British Deputy Assistant Commissioner who is leading the ongoing investigation into the Salisbury attack. He told Panorama that “a significant amount” of novichuk was left behind by the assailants inside the discarded perfume bottle. The amount of poison in the discarded bottle could have been used to kill “thousands”, he said, adding that the way it was applied to the Skripals’ home was “completely reckless”. The BBC program’s producers also spoke to a British government chemical weapons scientist, identified only as “Tim”, who is credited with having identified the substance used on the Skripals. He told the program that less than 100g of novichuk was used against the Skripals, leaving the vast majority of the nerve agent inside the bottle. Given that novichuk is “one of the deadliest substances known”, which has a “unique ability to poison individuals at very low concentrations”, the scientist said he was shocked by the amount of poison that was smuggled into Britain by the assailants.

The assailants have been identified by British intelligence as Dr. Alexander Yevgenyevich Mishkin (cover name “Alexander Petrov”) and Colonel Anatoliy Chepiga (cover name “Ruslan Boshirov”). Both men are said to be employees of the Russian military intelligence agency known as the Main Directorate of the General Staff of the Armed Forces, commonly referred to as the GRU. Moscow denies that it had any role in the attack on the Skripals.

Author: Joseph Fitsanakis | Date: 22 November 2018 | Permalink

Advertisements

Russia claims ‘misunderstanding’ led to arrests of four spies in Holland

Sergei LavrovRussia’s minister of foreign affairs has downplayed the arrest and expulsion of four Russian military intelligence officers in Holland last April, saying that the incident was caused by a “misunderstanding”. Last Thursday, the US government named and indicted seven officers of the Main Directorate of the General Staff of Russia’s Armed Forces, known as GRU. The seven are alleged to have participated in cyber-attacks on international agencies, private companies and government computer networks in at least half a dozen countries around the world since 2015. Four of the men named last week were reportedly detained in April of this year while trying to hack into the computer network of the Organization for the Prohibition of Chemical Weapons (OPCW). Headquartered in The Hague, the OPCW oversees efforts by its 193 member states to detect and eliminate chemical weapons stockpiles around the world. In the past year, the OPCW has been probing the failed attempt to poison the Russian former double spy Sergei Skripal in England, which the British government has blamed on Moscow.

On Monday, Russia’s Minister of Foreign Affairs Sergei Lavrov dismissed Washington’s accusations against the GRU and said that the Dutch authorities had overreacted in detaining the four Russian officers in April. Following a meeting in Moscow with his Italian counterpart Enzo Moavero Milanesi, Lavrov said that the visit of the four GRU officers in Holland had been “customary”, adding that “there was nothing clandestine in it”. The GRU specialists were in Holland in order to secure computer servers used at the Russian embassy there. “They were not trying to hide from anyone once they arrived at the airport”, said Lavrov. They then “checked into a hotel and paid a visit to our embassy”, he added. Had they been engaged in espionage, the men would have taken strict precautions, said the Russian foreign affairs minister. They were eventually “detained by Dutch police without any reason or explanations, and were not allowed to contact our embassy”, said Lavrov. Eventually they were “asked to leave the country”, but it was “all because of a misunderstanding”, he concluded.

The Russian official did not address the information provided a series of photographs released by Holland’s Ministry of Defense, which show a car used by the four Russians at the time of their arrest in April. The photographs show that the car was equipped with WiFi antennas and transformers. A wireless server and batteries can also be seen in the photographs. Lavrov said that the allegations against the GRU were meant to draw attention to Russia and distract Western citizens from “widening divisions that exist between Western nations”.

Author: Joseph Fitsanakis | Date: 09 October 2018 | Research credit: S.F. | Permalink

Britain sees Russian government hackers behind Islamic State cyber group

Cyber CaliphateA new report by the British government alleges that the so-called ‘Cyber Caliphate’, the online hacker wing of the Islamic State, is one of several supposedly non-state groups that are in fact operated by the Russian state. The group calling itself Cyber Caliphate first appeared in early 2014, purporting to operate as the online wing of the Islamic State of Iraq and Syria (ISIS), which was later renamed Islamic State. Today the Cyber Caliphate boasts a virtual army of hackers from dozens of countries, who are ostensibly operating as the online arm of the Islamic State. Their known activities include a strong and often concentrated social media presence, as well as computer hacking, primarily in the form of cyber espionage and cyber sabotage.

But an increasing number of reports, primarily by Western government agencies, have claimed in recent years that the Cyber Caliphate is in fact part of a Russian state-sponsored operation, ingeniously conceived to permit Moscow to hack Western targets without retaliation. On Wednesday, a new report by Britain’s National Cyber Security Centre (NCSC) described the Cyber Caliphate and other similar hacker groups as “flags of convenience” for the Kremlin. The report was authored by the NCSC in association with several British and European intelligence agencies. American spy agencies, including the National Security Agency and the Federal Bureau of Investigation, also helped compile the report, according to the NCSC. The report names several hacker groups that have been implicated in high-profile attacks in recent years, including Sofacy, Pawnstorm, Sednit, Cyber Berkut, Voodoo Bear, BlackEnergy Actors, Strontium, Tsar Team, and Sandworm. Each of these, claims the NCSC report, is “an alias of the Main Directorate of the General Staff of Russia’s Armed Forces”, more commonly known as the GRU. The report concludes that Cyber Caliphate is the same hacker group as APT 28, Fancy Bear, and Pawn Storm, three cyber espionage outfits that are believed to be online arms of the GRU.

The NCSC report echoes the conclusion of a German government report that was leaked to the media in June of 2016, which argued that the Cyber Caliphate was a fictitious front group created by Russia. In 2015, a security report by the US State Department concluded that despite the Cyber Caliphate’s proclamations of connections to the Islamic State, there were “no indications —technical or otherwise— that the groups are tied”. In a statement issued alongside the NCSC report on Wednesday, Britain’s Secretary of State for Foreign and Commonwealth Affairs, Jeremy Hunt, described the GRU as Moscow’s “chosen clandestine weapon in pursuing its geopolitical goals”. The Russian government has denied these allegations.

Author: Ian Allen | Date: 05 October 2018 | Permalink

Western spy agencies thwarted alleged Russian plot to hack Swiss chemical lab

OPCW HagueWestern intelligence agencies thwarted a plot involving two Russians intending to travel to a Swiss government laboratory that investigates nuclear, biological and chemical weapons, and hack its computer systems. According to two separate reports by Dutch newspaper NRC Handelsblad and Swiss newspaper Tages-Anzeiger, the two were apprehended in The Hague in early 2018. The reports also said that the Russians were found in possession of equipment that could be used to compromise computer networks. They are believed to work for the Main Intelligence Directorate, known as GRU, Russia’s foremost military intelligence agency. The apprehension was the result of cooperation between various European intelligence services, reportedly including the Dutch Military Intelligence and Security Organization (MIVD).

The laboratory, located in the western Swiss city of Spiez, has been commissioned by the Netherlands-based Organization for the Prohibition of Chemical Weapons (OPCW) to carry out investigations related to the poisoning of Russian double agent Sergei Skripal and his daughter Yulia in March of this year. It has also carried out probes on the alleged use of chemical weapons by the Russian-backed government of President Bashar al-Assad in Syria. In the case of the Skripals, the laboratory said it was able to duplicate findings made earlier by a British laboratory.

Switzerland’s Federal Intelligence Service (NDB) reportedly confirmed the arrest and subsequent expulsion of the two Russians. The Swiss agency said it “cooperated actively with Dutch and British partners” and thus “contributed to preventing illegal actions against a sensitive Swiss infrastructure”. The office of the Public Prosecutor in the Swiss capital Bern said that the two Russians had been the subject of a criminal investigation that began as early as March 2017. They were allegedly suspected of hacking the computer network of the regional office of the World Anti-Doping Agency in Lausanne. The Spiez laboratory was a target of hacking attempts earlier this year, according to a laboratory spokesperson. “We defended ourselves against that. No data was lost”, the spokesperson stated.

On April 14, Russian Minister of Foreign Affairs Sergei Lavrov stated that he had obtained the confidential Spiez lab report about the Skripal case “from a confidential source”. That report confirmed earlier findings made by a British laboratory. But the OPCW, of which Russia is a member, states that its protocols do not involve dissemination of scientific reports to OPCW member states. Hence, the question is how Foreign Minister Lavrov got hold of the document.

As intelNews reported in March, in the aftermath of the Skripals’ poisoning the Dutch government expelled two employees of the Russian embassy in The Hague. In a letter [.pdf] sent to the Dutch parliament on March 26 —the day when a large number of countries announced punitive measures against Russia— Holland’s foreign and internal affairs ministers stated that they had decided to expel the two Russian diplomats “in close consultation with allies and partners”. The Russians were ordered to leave the Netherlands within two weeks. It is unknown whether the two expelled Russian diplomats are the same two who were apprehended in The Hague, since none have been publicly named.

A November 2017 parliamentary letter from Dutch minister of internal affairs Kajsa Ollongren, states[4] that Russian intelligence officers are “structurally present” in the Netherlands in various sectors of society to covertly collect intelligence. The letter added that, in addition to traditional human intelligence (HUMINT) methods, Russia deploys digital means to influence decision-making processes and public opinion in Holland.

Author: Matthijs Koot | Date: 17 September 2018 | Permalink

Same hacker group is targeting French and German elections, says report

Konrad Adenauer FoundationThe same group cyber-spies that attacked the campaign of French presidential candidate Emmanuel Macron is now attacking German institutions that are connected to the country’s ruling coalition parties, according to a report by a leading cyber-security firm. The Tokyo-based security software company Trend Micro published a 41-page report on Tuesday, in which it tracks and traces the attacks against French and German political targets over the past two years. The report, entitled From Espionage to Cyber Propaganda: Pawn Storm’s Activities over the Past Two Years, concludes that the hackers are seeking to influence the results of the national elections in the European Union’s two most powerful nations, France and Germany.

The Trend Micro report focuses on a mysterious group that cyber-security experts have dubbed Pawn Storm —otherwise known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM. It says that the group has launched an aggressive phishing campaign against German political institutions, which has intensified in the past two months. The group allegedly set up fake computer servers in Germany and the Ukraine, and used them to try to infiltrate the computer networks of two elite German think-tanks, the Konrad Adenauer Foundation (KAF) and the Friedrich Ebert Foundation (FEF). The KAF is connected with the Christian Democratic Union party, which is led by Germany’s Chancellor, Angela Merkel. The FEF has strong ties with the centrist Social Democratic Party, which is part of Germany’s governing alliance.

The report’s leading author, cyber-security expert Feike Hacquebord, told the Reuters news agency that the hackers were possibly seeking to infiltrate the two think-tanks as a means of gaining access to the two political parties that are connected with them. Some cyber-security experts in Europe and the United States have said that the Russian Main Intelligence Directorate, the country’s military intelligence agency, known as GRU, is behind the cyber-attacks on France, Germany and the United States. But the Trend Micro report did not attempt to place blame on Moscow or any other country for the cyber-attacks. The Kremlin has denied involvement with the alleged hacking operations.

Author: Ian Allen | Date: 26 April 2017 | Permalink

Head of Russian military intelligence dies unexpectedly at 58

Igor SergunThe director of Russia’s powerful military intelligence agency has died unexpectedly at 58, according to the Kremlin, which has yet to release precise information about the circumstances of his death. General Igor Sergun had led the Main Intelligence Directorate, known as GRU, since 2011, when he replaced his predecessor, Colonel General Aleksandr Shlyakhturov, in a Kremlin-instigated reshuffle. The Russian government said at the time that Shlyakhturov, who had spearheaded a major shake-up of the GRU since his appointment in 2009, had “reached retirement age” and gave no other reason for his sudden replacement. General Sergun’s death was announced in a statement posted on the official website of the Kremlin on January 4. It said that the GRU director had “suffered a sudden death” on January 3. It gave no further details as to the exact cause or circumstances surrounding the general’s death.

General Sergun was a career GRU officer, having joined the service as soon as he graduated from the Military Academy of the Soviet Army in 1984. Under his leadership, the GRU —Russia’s largest intelligence agency, which operates under the supervision of the General Staff of the Russian Armed Forces— became increasingly important in Moscow’s foreign policy maneuvers. The agency was central during the Russian military campaign in Georgia in 2008, and observers considered its role during the onset of the eastern Ukraine crisis in 2013 as indispensable for Russia. This view was reflected early in 2014, when the European Union and the United States imposed economic sanctions on General Sergun, accusing him of coordinating “the activities of GRU officers in eastern Ukraine”.

The January 4 online statement by the Kremlin quoted Russian President Vladimir Putin, who reportedly contacted the late general’s family to offer his condolences. The Russian leader was quoted as saying that General Sergun had given his “life in its entirety to the service of the homeland and the Armed Forces” of the Russian Federation. The late general was “respected for their professionalism, strength of character, honesty and integrity”, said the statement. Moscow has not yet announced Sergun’s replacement at the helm of the GRU.

Author: Ian Allen | Date: 05 January 2016 | Permalink

Nazi letter to one of history’s greatest double spies found in Tokyo

Richard SorgeA congratulatory letter sent by a senior Nazi official to Richard Sorge, a German who spied for the USSR, and is sometimes credited with helping Moscow win World War II, has been found in Japan. The letter was sent by Joachim von Ribbentrop, a senior German Nazi Party member and Adolf Hitler’s Minister of Foreign Affairs. It is directly addressed to Sorge, who was himself a member of the Nazi Party, but spied for the USSR throughout the 1930s and early 1940s.

Born in what eventually became Soviet Azerbaijan to a German father and a Russian mother, Sorge fought as a German soldier in World War I and received commendations for his bravery. But he became a communist in the interwar years and secretly went to Moscow to be trained as a spy by the Fourth Directorate of the Soviet Red Army, which was later renamed GRU —Soviet military intelligence. He then traveled back to Germany as a non-official-cover principal agent for the USSR, joined the Nazi Party and became a journalist for Die Frankfurter Zeitung, one of Germany’s leading newspapers at the time. When the paper sent him to Tokyo to be its Japan correspondent, Sorge struck a friendship with German Ambassador to Tokyo Eugen Ott, who eventually hired him as his trusted press secretary and advisor. It was from him that Sorge found out that Hitler was preparing to violate his non-aggression pact with the USSR, and promptly notified Moscow. His warnings, however, were dismissed as fantastical by Soviet leader Joseph Stalin, whose government was caught by complete surprise by the eventual German onslaught. Several months later, when Sorge told Moscow that German ally Japan was not planning to invade Russia from the east, Stalin took the tip seriously. The information provided by Sorge partly allowed Stalin to move hundreds of thousands of Soviet troops from the Far East to the German front, which in turn helped beat back the Nazi advance and win the war.

The letter was found by Yoshio Okudaira, a document expert working for Japanese antique book dealer Tamura Shoten in Tokyo. It was among a stack of World War II-era documents brought to the antique dealer by a resident of the Japanese capital. The documents belonged to a deceased relative of the man, who was reportedly unaware of their contents or significance. According to the Deutsche Welle news agency, the letter was addressed to Sorge on the occasion of his 43rd birthday, and is dated 1938. It was written by von Ribbentrop’s personal secretary and includes a signed black-and-white photograph of Hitler’s foreign-affairs minister. The accompanying note commends the double spy on his “exceptional contribution” to the Third Reich as press secretary of the German embassy in Tokyo.

Okudaira, the document expert who realized the significance of the letter, said it is of historical interest because it confirms the high level of trust that the Nazi Party had in Sorge, who was never suspected by Berlin or by his German colleagues in Tokyo of having any connection with the Soviet government. However, Sorge’s espionage was eventually uncovered by Japanese counterintelligence, who promptly arrested and tortured him severely, before executing him in November of 1941. In 1961, the Soviet government awarded him posthumously the title of Hero of the Soviet Union, which was the country’s highest distinction during the communist era.