Holland expels two Iranian diplomats, but stays silent on reasons

Iran embassy HagueHolland has expelled two Iranian diplomats without saying why, leading to speculation that the expulsions may be related to the arrests of members of an alleged Iranian sleeper cell in Belgium, Germany and France last week. On Friday, a spokesperson from Holland’s General Intelligence and Security Service (AIVD) told reporters that “two persons accredited to the Iranian embassy” in the Hague “were expelled from the Netherlands on June 7”. The spokesperson continued saying that, although the AIVD was able to confirm that the two unnamed persons had been expelled from the country, they would “not provide any further information”. When journalists contacted Holland’s Ministry of Foreign Affairs, they were told that there would be no comment on the matter from the Dutch government.

Late on Friday, the Reuters news agency cited an unnamed “European government official and a Western intelligence source” who said that the two Iranian embassy personnel were expelled from Holland “up to two months ago”. But Holland’s state-owned Dutch Broadcast Foundation (NOS) reported that the expulsions took place on June 7. No further information appears to be publicly available. However, assuming that the expulsions took place last week, and not two months ago, they appear to have coincided with the arrests of members of an alleged Iranian sleeper cell on June 30 and July 1. As intelNews reported last week, the arrests began on June 30, when members of Belgium’s Special Forces Group arrested a married Belgian couple of Iranian descent in Brussels. The couple were found to be carrying explosives and a detonator. On the following day, July 1, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria. On the same day, a fourth person, who has not been named, was arrested by authorities in France, reportedly in connection with the three other arrests.

All four individuals appear to have been charged with a foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris. The NCRI is led by Mujahedin-e Khalq (MEK), a Marxist militant group that has roots in radical Islam and Marxism. Until a few years ago, the MEK was designated as a terrorist group by the European Union and the United States, but has since been reinstated in both Brussels and Washington. There is also speculation that last week’s expulsions in Holland may be related to the assassinations of dissident Iranian expatriates in Holland in 2015 and 2017, which have been blamed on the government in Tehran.

On Saturday, the Iranian Ministry of Foreign Affairs summoned the Dutch ambassador to protest against the expulsions of its diplomats, while a ministry spokesperson warned that “the Islamic Republic reserves the right to retaliate”. Reuters quoted an unnamed “senior Iranian official” who said that “all these arrests and expulsions are part of our enemies’ attempts to harm efforts to salvage the nuclear deal”, a reference to the Joint Comprehensive Plan of Action.

Author: Joseph Fitsanakis | Date: 09 July 2018 | Research credit: M.K. | Permalink

Advertisements

Ukraine, Russia, spied on Dutch investigators of MH17 plane disaster, TV report claims

MH17 crashDozens of Dutch security officers, legal experts, diplomats and other civil servants were systematically spied on by Ukrainian and Russian intelligence services while probing the aftermath of the MH17 disaster, according to a report on Dutch television. Malaysia Airlines Flight 17, a scheduled passenger flight from Amsterdam to Kuala Lumpur, was shot down over eastern Ukraine on July 17, 2014. All 283 passengers and 15 crew on board, 196 of them Dutch citizens, were killed. In the aftermath of the disaster, the Dutch Safety Board spearheaded the establishment of the multinational Joint Investigation Team (JIT), which is still engaged in a criminal probe aimed at identifying, arresting and convicting the culprits behind the unprovoked attack on Flight MH17. As part of the JIT, dozens of Dutch officials traveled to Ukraine to initiate the investigation into the plane crash and repatriate victims’ bodies and belongings. Their activities were conducted with the support of the Ukrainian government, which is party to the JIT.

But on Tuesday, Holland’s RTL Niews broadcaster said that members of the Dutch JIT delegation were subjected to systematic and persistent spying by both Ukrainian and Russian government operatives. According to RTL, Dutch investigators found sophisticated eavesdropping devices in their hotel rooms in Ukraine, and believed that their electronic devices had been compromised. Citing “inside sources” from the Dutch government, the broadcaster said that, during their stay in Ukraine, members of the Dutch JIT delegation noticed that the microphones and cameras on their wireless electronic devices would turn on without being prompted. They also noticed that the devices would constantly try to connect to public WiFi networks without being prompted. Upon their return to Holland, Dutch officials had their wireless devices examined by Dutch government security experts. They were told that numerous malware were discovered on the devices.

RTL Niews said that the question of whether valuable information relating to the MH17 investigation was stolen by foreign spies remains unanswered. But it noted that the members of the Dutch JIT delegation were warned about possible espionage by foreign powers prior to traveling to Ukraine. During their stay there, they were not allowed to send messages in unencrypted format and were only permitted to hold sensitive conversations in especially designated rooms inside the Dutch embassy in Kiev. The Dutch government did not respond to questions submitted to it by RTL Niews. But it issued a statement saying that its security experts had briefed and trained the Dutch JIT delegation prior to its trip to Ukraine. Members of the delegation were told that foreign parties would seek to collect intelligence, because the MH17 investigation was taking place in a “conflict area with significant geopolitical interest” for many parties. They were therefore advised to “assume that they were being spied on [and] adjust [their] behavior accordingly” while in Ukraine, the Dutch government’s statement said.

Author: Ian Allen | Date: 28 June 2018 | Permalink

Analysis: New legal framework for Dutch intelligence services becomes law

Wet op de Inlichtingen- en Veiligheidsdiensten
On May 1, 2018, the legal framework for the Dutch intelligence community changed as the new Intelligence and Security Services Act became operational. Previously, both chambers of parliament discussed and accepted the Act on February 14 and July 11, 2018. A group of Amsterdam-based students, however, were worried that the Act —which includes the power to intercept cable-bound communication in bulk— would induce a surveillance state. They initiated a public referendum, which was held on March 21, 2018.

In what was an intense and prolonged public debate in the months leading up to the referendum, critics of the new Act advanced their views against it. Among them was the digital civil rights group Bits of Freedom, which argued that the power to intercept cable-bound communication in bulk would destroy “the core value of our free society, that a law-abiding citizen will not be monitored”. The Act also allows the General Intelligence and Security Service (known by its Dutch acronym AIVD) and the Military Intelligence and Security service (abbreviated as MIVD) to exchange large sets of unevaluated data with their foreign counterparts without prior approval by the new independent review commission. The services see this quid pro quo data sharing as essential for their counter-terrorism mission. But in the view of opponents, the fact that unevaluated and unanalyzed datasets are exchanged is unacceptable.

Additionally, Bits of Freedom was opposed to the real-time access to databases of partners (such as tax authorities, other governmental agencies, but also banks) that was granted to the intelligence and security services. They argued that the oversight bodies and the responsible minister should have to sign off on this (it should be noted however, that such database access will be only granted on a hit/no-hit basis, so there will be no free searches. Finally, and more broadly, it was argued that the new Act contained too many “open norms”. This was in line with the cabinet’s goal to formulate a new act that would be more independent of technological developments —the Act of 2002 was not, and therefore the update was seen as necessary. But it also remains unspecified in which specific circumstances and under what criteria and norms the new powers can and cannot be applied. Read more of this post

Report from Holland: Cable-bound interceptions and ‘dragnets’

Wet op de Inlichtingen- en VeiligheidsdienstenFor the past year, the Netherlands has had a new law governing its two secret services, the AIVD and the MIVD. The new Intelligence and Security Services Act (Wet op de inlichtingen- en veiligheidsdiensten or Wiv) was and still is heavily criticized, especially because it allows untargeted access to cable-bound telephone and internet traffic. Under the previous law, which dates from 2002, the intelligence services were only allowed to conduct bulk interception of wireless transmissions, like satellite and radio communications —besides of course the traditional targeted telephone and internet taps aimed at individual targets.

That prohibition of bulk cable tapping is not the only thing that makes Dutch intelligence services different from those of many other countries. Probably the biggest difference is the fact that the Wiv applies to both foreign and domestic operations, as if the two secret services were responsible for both domestic security and foreign intelligence.

The General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst, or AIVD) covers the civilian domain, and focuses at Jihadist terrorism, radicalization, rightwing and leftwing extremism, counter-intelligence and countering cyber threats. This is mostly domestic, but the AIVD also has a small branch that gathers foreign intelligence from and about a select range of countries. The Military Intelligence and Security Service (Militaire Inlichtingen- en Veiligheidsdienst, or MIVD) covers military issues, and is therefore more foreign-orientated than its civilian counterpart. The MIVD is responsible for the security of Dutch armed forces and for collecting foreign intelligence in military matters, while at the same time providing support of Dutch military missions abroad, like for example in Mali. When it comes to Signals Intelligence (SIGINT), the AIVD and MIVD combined their efforts in a joint unit called the Joint SIGINT Cyber Unit (JSCU), which became operational in 2014. The JSCU is responsible for most of the technical interception capabilities, from traditional wiretaps to cyber operations. The JSCU is not allowed to conduct offensive cyber operations. The latter are conducted by the Defence Cyber Command (DCC) of the Dutch armed forces. Read more of this post

Report from Holland: A heated debate over a new intelligence and security act

Wet op de Inlichtingen- en VeiligheidsdienstenOn March 21, the Dutch public cast their vote about the new Intelligence and Security Services Act, in Dutch Wet op de Inlichtingen- en Veiligheidsdiensten (or WIV). In this two-part post, we report about the debate currently taking place. In our first contribution, the discussion itself will be analyzed. In our second post, we will focus on the new special powers that the Act grants the Dutch intelligence community, more specifically the practice of cable-bound interception, which is central here.

First the discussion. Public unrest about the new intelligence act came rather late. In August, a group of concerned students from Amsterdam was able to collect more than ten thousand signatures for a consultative referendum on the Intelligence and Security Services Act, to which the House of Representatives agreed on 14 February, and the Senate on 11 July 2017. The students were supported by a variety of digital civil liberties organizations, including Amnesty International and Bits of Freedom, and successfully petitioned 300,000 signatures. By law (which has been abolished in the meantime) the Dutch government was required to hold a consultative referendum about the new Act.

What conclusions they will draw from a ‘yes’ or ‘no’ majority, based on whatever turn-out percentage, is unclear. Some leaders of the coalition parties, such as the Christian-Democratic parliamentary leader Sybrand Buma, have stated that they will ignore the referendum altogether. A bit late to the party (parliament has discussed and accepted the new Act throughout 2017), the concerned students and digital civil rights groups claim their goal is to start a discussion about the ‘tapping law’ or ‘vacuum cleaner capability’, most often referred to as the ‘dragnet law’ in popular metaphors. Although this complex and comprehensive law settles a variety of intelligence matters, the discussion has focused almost exclusively on the ‘dragnet’: the interception of communication traffic that runs through fiber optic cables, and the consequences of the application of this special power for the privacy of Dutch citizens. Read more of this post

Dutch spies identified Russian hackers who meddled in 2016 US election

Cozy BearDutch spies identified a notorious Russian hacker group that compromised computer servers belonging to the Democratic Party of the United States and notified American authorities of the attack, according to reports. In 2016, US intelligence agencies determined that a Russian hacker group known as Cozy Bear, or APT29, led a concerted effort to interfere in the US presidential election. The effort, which according to US intelligence agencies was sponsored by the Russian government, involved cyber-attacks against computer systems in the White House and the Department of State, among other targets. It also involved the theft of thousands of emails from computer servers belonging to the Democratic National Committee, which is the governing body of the Democratic Party. The stolen emails were eventually leaked to WikiLeaks, DCLeaks, and other online outlets. Prior descriptions of the Russian hacking in the media have hinted that US intelligence agencies were notified of the Russian cyber-attacks by foreign spy agencies. But there was no mention of where the initial clues came from.

Last Thursday, the Dutch current affairs program Nieuwsuur, which airs daily on Holland’s NPO 2 television, said that the initial tipoff originated from the AIVD, Holland’s General Intelligence and Security Service. On the same day, the Dutch newspaper De Volkskrant published a detailed account of what it described as AIVD’s successful penetration of Cozy Bear. According to these reports, AIVD was able to penetrate Cozy Bear in mid-2014, before the hacker group intensified its campaign against political targets in the US. Citing “six American and Dutch sources who are familiar with the material, but wish to remain anonymous”, De Volkskrant said that the AIVD was able to detect the physical base of the Cozy Bear hackers. The latter appeared to be working out of an academic facility that was adjacent to Moscow’s Red Square. The AIVD team was then able to remotely take control of security camera networks located around the facility. Eventually, the Dutch team hacked into another security camera network located inside the buildings in which the hackers worked. They soon began to collect pictures and footage of Cozy Bear members, which they then compared with photos of “known Russian spies”, according to De Volkskrant.

The paper said that the AIVD team continued to monitor Cozy Bear’s activities until at least 2017, while sharing intelligence with the Central Intelligence Agency and the National Security Agency in the US. The intelligence was allegedly instrumental in alerting US spy agencies about Russian government-sponsored efforts to meddle in the 2016 presidential election. Several newspapers, including The Washington Post in the US and The Independent in Britain, contacted the AIVD and the MIVD —Holland’s military intelligence agency— over the weekend. But the two agencies said they would not comment on reports concerning Cozy Bear.

Author: Joseph Fitsanakis | Date: 29 January 2018 | Research credit: E.J. & E.K. | Permalink

Headstone for unmarked grave of Nazi spy who died undetected in wartime Britain

Jan Willem Ter BraakThe unmarked grave of a Dutch-born Nazi spy, who killed himself after spending several months working undercover in wartime Britain, will be marked with a headstone, 76 years after his death by suicide. Born in 1914 in The Hague, Holland, Englebertus Fukken joined the National Socialist Movement in the Netherlands, the Dutch affiliate of the National Socialist German Workers’ Party led by Adolf Hitler, in 1933. In 1940, shortly after the German invasion of Holland, Fukken, who had been trained as a journalist, was recruited by the Abwehr, Nazi Germany’s military intelligence. Abwehr’s leadership decided to include Fukken in the ranks of undercover agents sent to Britain in preparation for Operation SEA LION, Germany’s plan to invade Britain.

Between October 31 and November 2, 1940, the 26-year-old Fukken was secretly parachuted over the Buckinghamshire village of Haversham in central England. British authorities found his discarded parachute a few days later, but by that time Fukken had made his way on foot to the city of Cambridge. Fukken’s precise mission remains unknown. Speculation that he was sent to Britain to assassinate the country’s wartime leader, Sir Winston Churchill, is dismissed as fantastical by most historians. What is known is that Fukken carried with him false Dutch papers identifying him as Jan Willem Ter Braak, and a suitcase that contained a radio transmitter supplied to him by the Abwehr.

In Cambridge, Fukken took lodgings with a local family, posing as a member of the Free Dutch Forces, anti-Nazi Dutch officials who had fled to London after the German invasion of Holland and formed a government in exile. Fukken spent the next four months living undercover in Cambridge, and did not register with the authorities, as required. He traveled on most days to locations in England bombed by the Luftwaffe, inspecting the damage and reporting back to his Abwehr handlers in Hamburg by radio or by mail, using secret writing techniques. But his failure to register with the authorities meant that he had no access to ration cards, which were required to purchase food in wartime Britain. He then attracted the attention of the local authorities, after presenting them with a forged ration card that was detected during inspection by a police officer. Fearing arrest, he quickly moved lodgings, but was unable to solve the problem of access to food. Repeated attempts to get the Abwehr to exfiltrate him failed, and his calls for money and usable ration cards were not facilitated, as the Nazi leadership in Berlin had begun to shelve Operation SEA LION. Read more of this post