Elite Russian spy unit used French Alps region as logistical base

Chamonix FranceAn elite group Russian military intelligence officers, who have participated in assassinations across Europe, have been using resorts in the French Alps as logistical and supply bases, according to a new report. The report concerns Unit 29155 of the Main Directorate of the General Staff of the Russian Armed Forces, commonly known as GRU. According to The New York Times, which revealed its existence of 29155 in October, the unit has been operating for at least 10 years. However, Western intelligence agencies only began to focus on it in 2016, after it was alleged that an elite group of Russian spies tried to stage a coup in the tiny Balkan country of Montenegro.

Unit 29155 is believed to consist of a tightly knit group of intelligence officers led by Major General Andrei V. Averyanov, a hardened veteran of Russia’s Chechen wars. The existence of the unit is reportedly so secret that even other GRU operatives are unlikely to have heard of it. Members of the unit frequently travel to Europe to carry out sabotage and disinformation campaigns, kill targets, or conduct other forms of what some experts describe as the Kremlin’s hybrid war. They are believed to be responsible for the attempt on the life of Sergei Skripal, a former GRU intelligence officer who defected to Britain. He almost died in March 2018, when two Russian members of Unit 29155 poisoned him in the English town of Salisbury.

On Wednesday, a new report in the French newspaper Le Monde claimed that Unit 29155 used the French Alps as a “rear base” to carry out operations throughout Europe. According to the paper, the information about the unit’s activities in France emerged following forensic investigations of the activities of its members by British, Swiss, French and American intelligence agencies. In the same article, Le Monde published the names of 15 members of Unit 29155, which allegedly stayed in various French alpine towns and cities between 2014 and 2018. The paper said that they traveled to France from various countries in Europe, such as Spain, the United Kingdom, Switzerland, or directly for Russia.

The alleged Russian spies stayed in France’s Haute-Savoie, which borders Switzerland, and is among Europe’s most popular wintertime tourist destinations. The area includes the world-famous Mont Blanc mountain range and the picturesque alpine towns of Annemasse, Evian and Chamonix. Several members of the unit visited the region repeatedly, said Le Monde, while others entered France once or twice, in connection with specific spy missions. It is believed that the reasoning behind their trips to the French Alps was to blend in with the large numbers of international tourists that travel to the region throughout the year. However, the unit also utilized several other areas in Eastern Europe as rear bases, including cities and towns in Moldova, Montenegro and Bulgaria, said Le Monde.

Author: Joseph Fitsanakis | Date: 05 December 2019 | Permalink

Russia has a dedicated spy unit to destabilize Europe, Western officials claim

GRURussian intelligence maintains an elite spy unit whose sole goal is to run operations that have the potential to subvert European political and economic systems, according to a new report by The New York Times. The unit is behind a string of intelligence operations in recent years, which range from espionage to disinformation campaigns and even assassinations.

The Times cited “four Western officials” who said that the group is known as Unit 29155 and operates within the Main Directorate of the General Staff of the Russian Armed Forces, commonly known as GRU. It has allegedly been in existence for at least 10 years, but it only recently appeared on the radar of Western intelligence agencies. The latter began to take note of Unit 29155 in 2016, after it was alleged that an elite unit of Russian spies tried to stage a coup in the tiny Balkan country of Montenegro. The former Yugoslav Republic was seeking to join the North Atlantic Treaty Organization at the time. It was claimed that the Russian intelligence operatives carried out a failed attempt to kill its prime minister and instigate a pro-Russian coup.

According to the paper, Western intelligence officials do not have a clear picture of the structure of Unit 29155, nor are they able to predict where it will strike next. But they believe that it consists of a very tightly knit group of intelligence officers led by Major General Andrei V. Averyanov, a hardened veteran of Russia’s Chechen wars. The existence of the unit is so secret that even other GRU operatives are unlikely to have heard of it, said The Times. Members of the unit frequently travel to Europe to carry out sabotage and disinformation campaigns, kill targets, or conduct other forms of what some experts describe as the Kremlin’s hybrid war. They tend to travel on the cheap, in order to economize and avoid attention, said the paper.

The Times said it reached out to the Kremlin with a number of questions about Unit 29155. It received a response from Kremlin spokesman Dmitri S. Peskov, who suggested that the questions be directed instead to Russia’s Defense Ministry. But the ministry did not return any messages.

Author: Joseph Fitsanakis | Date: 09 October 2019 | Permalink

Austria issues international arrest warrant for alleged Russian spy

Igor Egorovich ZaytsevThe Austrian government has issued an international arrest warrant for a Russian man who allegedly recruited a retired colonel in the Austrian Federal Army to spy for Moscow. The arrest warrant was issued on Tuesday by the public prosecutor’s office in the city of Salzburg. It identifies the Russian man as Igor Egorovich Zaytsev. Austrian officials allege that the Moscow-born Zaytsev is in fact an intelligence officer for the Main Directorate of the General Staff of the Russian Armed Forces. Known as GRU, the organization is Russia’s primary military-intelligence agency.

In an accompanying press statement issued on Tuesday, the Austrian Ministry of the Interior said that Zaytsev had facilitated the “betrayal of state secrets” and that his actions had been “to the detriment of the Republic of Austria”. The arrest warrant accuses Zaytsev of having participated in the “intentional disclosure of a military secret”, but does not provide details. However, in a subsequent statement, Austrian police directly linked the search for Zaytsev with an espionage case that was reported in the Austrian media last year. The statement said that Zaytsev is believed to have recruited a man known as “Martin M.” to spy on Austria. This appears to refer to the arrest last November of a 70-year-old colonel in the Austrian Army, who was stationed in Salzburg. He is believed to have spied for Russia from at least 1992 until his arrest. Austrian media reported that the accused spy was believed to have given Russia information on a range of weapons systems used by the Austrian Army and Air Force, as well as the personal details of high-ranking officers in the Austrian Armed Forces.

Soon after the arrest of “Martin M.”, Austrian authorities arrested a second man, identified only as “O.”, who is also suspected on having spied for Russia. According to the Vienna Public Prosecutor’s Office, “O.” was an employee of the Austrian Office for Protection of the Constitution and Counterterrorism, known as BVT. He had been investigated on suspicion of espionage for more than a year prior to his arrest. The man’s arrest took place alongside simultaneous raids at two residential addresses associated with him, according to reports. No further details have been made available since the arrest. It is not known whether Zaytsev’s is also connected with the case of “O.”.

Author: Joseph Fitsanakis | Date: 26 July 2019 | Permalink

Reports allege third man was involved in poisoning of Sergei Skripal

Sergei SkripalNew reports from Russian investigative sites claim that a third man using a fake name was involved in the attempted assassination of former double spy Sergei Skripal in England last year. Skripal, a former military intelligence officer, was resettled in the English town of Salisbury in 2010, after spending several years in a Russian prison for spying on behalf of Britain. But he and his daughter Yulia almost died in March 2018, after they were poisoned with a powerful nerve agent that nearly killed them. The attack has been widely blamed on the Russian government, though the Kremlin denies it had any role in it. Two assailants have so far been identified by British intelligence. They have been named as Dr. Alexander Yevgenyevich Mishkin —cover name ‘Alexander Petrov’— and Colonel Anatoliy Chepiga —cover name ‘Ruslan Boshirov’. Both are said to be employees of the Russian military intelligence agency known as the Main Directorate of the General Staff of the Armed Forces, commonly referred to as the GRU. The two men spoke on Russian television last year, denying any involvement in the attack on the Skripals. Their whereabouts since their television interview remain unknown. Moscow denies that it had any role in the attack.

In October of last year, the Russian investigative news site Fontanka claimed that a third man under the name of Sergey Fedotov, may have been involved in the attack on Skripal. Last Thursday, another Russian investigative news site, Bellingcat, said that the name Sergey Fedotov appears to have been created out of thin air for operational purposes by Russia’s intelligence services. According to Bellingcat, Fedotov appears to have no past prior to 2010, when his identity was invented using the same techniques that the fake identities of ‘Petrov’ and ‘Boshirov’ were concocted by the GRU. Moreover, Fedotov’s records show that he traveled extensively in the Middle East, Asia and Europe between 2010 and 2015. The Russian news site claims that he was in Bulgaria in late April 2015, when Emilian Gebrev, a wealthy local defense industry entrepreneur, fell violently ill. Gebrev was hospitalized for signs of poisoning along with his son and one of his company’s executives for several days, eventually making a full recovery. As the Bulgarian businessman was being taken to hospital, Fedotov skipped his return flight out of Sofia and instead drove to Istanbul, Turkey, where he bought a one-way airline ticket to Moscow, says Bellingcat.

The BBC’s Gordon Corera said he contacted the Russian embassy in London and the Kremlin in Moscow. Both sources strongly refuted the Bellingcat report. A Kremlin spokesman cautioned the BBC to be skeptical about Bellingcat’s report, since “we don’t know what [its] authors based their work on [or] how competent they are”. British Police told Corera that they were “still investigating whether further suspects were involved” in the attack on Skripal and were “not prepared to discuss” details pertaining to “an ongoing investigation”.

Author: Joseph Fitsanakis | Date: 11 February 2019 | Permalink

Nerve agent used in Skripal attack ‘could have killed thousands’ say experts

GRUThe amount of poison smuggled into Britain for a near-fatal attack on Russian former spy Sergei Skripal was powerful enough to kill “thousands of people”, according those leading the investigation into the incident. Skripal, a former military intelligence officer, was resettled in the English town of Salisbury in 2010, after spending several years in a Russian prison for spying for Britain. But he and his daughter Yulia almost died in March of this year, after being poisoned by a powerful nerve agent that nearly killed them. The attack has been widely blamed on the Russian government, though the Kremlin denies that it had a role in it.

Investigators from Britain and other Western countries have identified the poison used in the attack on the Skripals as novichok. The term (meaning ‘newbie’ in Russian) was given by Western scientists to a series of rarely used nerve agents that were developed the Soviet Union and Russia between 1971 and the early 1990s. It is believed that the poison was smuggled into the United Kingdom hidden inside an imitation perfume bottle, which had been fitted with a custom-made pump used to apply the poison. British authorities have determined that the assailants sprayed the poison on the doorway —including the handle— of the Skripals’ house in Salisbury. They then discarded the perfume bottle, containing the leftover novichok, in a garbage can before leaving the country in a hurry. The bottle was eventually recovered by Salisbury resident Charlie Rowley. His partner, Dawn Sturgess, died of poisoning after she applied some of the contents of the bottle on her wrists. British government scientists have since been examining the contents of the perfume bottle found inside Sturgess’ home.

On Thursday, BBC Television’s Panorama investigative program aired an episode entitled “Salisbury Nerve Agent Attack: The Inside Story”. Among those interviewed was Dean Haydon, a British Deputy Assistant Commissioner who is leading the ongoing investigation into the Salisbury attack. He told Panorama that “a significant amount” of novichok was left behind by the assailants inside the discarded perfume bottle. The amount of poison in the discarded bottle could have been used to kill “thousands”, he said, adding that the way it was applied to the Skripals’ home was “completely reckless”. The BBC program’s producers also spoke to a British government chemical weapons scientist, identified only as “Tim”, who is credited with having identified the substance used on the Skripals. He told the program that less than 100g of novichok was used against the Skripals, leaving the vast majority of the nerve agent inside the bottle. Given that novichok is “one of the deadliest substances known”, which has a “unique ability to poison individuals at very low concentrations”, the scientist said he was shocked by the amount of poison that was smuggled into Britain by the assailants.

The assailants have been identified by British intelligence as Dr. Alexander Yevgenyevich Mishkin (cover name “Alexander Petrov”) and Colonel Anatoliy Chepiga (cover name “Ruslan Boshirov”). Both men are said to be employees of the Russian military intelligence agency known as the Main Directorate of the General Staff of the Armed Forces, commonly referred to as the GRU. Moscow denies that it had any role in the attack on the Skripals.

Author: Joseph Fitsanakis | Date: 22 November 2018 | Permalink

Russia claims ‘misunderstanding’ led to arrests of four spies in Holland

Sergei LavrovRussia’s minister of foreign affairs has downplayed the arrest and expulsion of four Russian military intelligence officers in Holland last April, saying that the incident was caused by a “misunderstanding”. Last Thursday, the US government named and indicted seven officers of the Main Directorate of the General Staff of Russia’s Armed Forces, known as GRU. The seven are alleged to have participated in cyber-attacks on international agencies, private companies and government computer networks in at least half a dozen countries around the world since 2015. Four of the men named last week were reportedly detained in April of this year while trying to hack into the computer network of the Organization for the Prohibition of Chemical Weapons (OPCW). Headquartered in The Hague, the OPCW oversees efforts by its 193 member states to detect and eliminate chemical weapons stockpiles around the world. In the past year, the OPCW has been probing the failed attempt to poison the Russian former double spy Sergei Skripal in England, which the British government has blamed on Moscow.

On Monday, Russia’s Minister of Foreign Affairs Sergei Lavrov dismissed Washington’s accusations against the GRU and said that the Dutch authorities had overreacted in detaining the four Russian officers in April. Following a meeting in Moscow with his Italian counterpart Enzo Moavero Milanesi, Lavrov said that the visit of the four GRU officers in Holland had been “customary”, adding that “there was nothing clandestine in it”. The GRU specialists were in Holland in order to secure computer servers used at the Russian embassy there. “They were not trying to hide from anyone once they arrived at the airport”, said Lavrov. They then “checked into a hotel and paid a visit to our embassy”, he added. Had they been engaged in espionage, the men would have taken strict precautions, said the Russian foreign affairs minister. They were eventually “detained by Dutch police without any reason or explanations, and were not allowed to contact our embassy”, said Lavrov. Eventually they were “asked to leave the country”, but it was “all because of a misunderstanding”, he concluded.

The Russian official did not address the information provided a series of photographs released by Holland’s Ministry of Defense, which show a car used by the four Russians at the time of their arrest in April. The photographs show that the car was equipped with WiFi antennas and transformers. A wireless server and batteries can also be seen in the photographs. Lavrov said that the allegations against the GRU were meant to draw attention to Russia and distract Western citizens from “widening divisions that exist between Western nations”.

Author: Joseph Fitsanakis | Date: 09 October 2018 | Research credit: S.F. | Permalink

Britain sees Russian government hackers behind Islamic State cyber group

Cyber CaliphateA new report by the British government alleges that the so-called ‘Cyber Caliphate’, the online hacker wing of the Islamic State, is one of several supposedly non-state groups that are in fact operated by the Russian state. The group calling itself Cyber Caliphate first appeared in early 2014, purporting to operate as the online wing of the Islamic State of Iraq and Syria (ISIS), which was later renamed Islamic State. Today the Cyber Caliphate boasts a virtual army of hackers from dozens of countries, who are ostensibly operating as the online arm of the Islamic State. Their known activities include a strong and often concentrated social media presence, as well as computer hacking, primarily in the form of cyber espionage and cyber sabotage.

But an increasing number of reports, primarily by Western government agencies, have claimed in recent years that the Cyber Caliphate is in fact part of a Russian state-sponsored operation, ingeniously conceived to permit Moscow to hack Western targets without retaliation. On Wednesday, a new report by Britain’s National Cyber Security Centre (NCSC) described the Cyber Caliphate and other similar hacker groups as “flags of convenience” for the Kremlin. The report was authored by the NCSC in association with several British and European intelligence agencies. American spy agencies, including the National Security Agency and the Federal Bureau of Investigation, also helped compile the report, according to the NCSC. The report names several hacker groups that have been implicated in high-profile attacks in recent years, including Sofacy, Pawnstorm, Sednit, Cyber Berkut, Voodoo Bear, BlackEnergy Actors, Strontium, Tsar Team, and Sandworm. Each of these, claims the NCSC report, is “an alias of the Main Directorate of the General Staff of Russia’s Armed Forces”, more commonly known as the GRU. The report concludes that Cyber Caliphate is the same hacker group as APT 28, Fancy Bear, and Pawn Storm, three cyber espionage outfits that are believed to be online arms of the GRU.

The NCSC report echoes the conclusion of a German government report that was leaked to the media in June of 2016, which argued that the Cyber Caliphate was a fictitious front group created by Russia. In 2015, a security report by the US State Department concluded that despite the Cyber Caliphate’s proclamations of connections to the Islamic State, there were “no indications —technical or otherwise— that the groups are tied”. In a statement issued alongside the NCSC report on Wednesday, Britain’s Secretary of State for Foreign and Commonwealth Affairs, Jeremy Hunt, described the GRU as Moscow’s “chosen clandestine weapon in pursuing its geopolitical goals”. The Russian government has denied these allegations.

Author: Ian Allen | Date: 05 October 2018 | Permalink