Russia claims ‘misunderstanding’ led to arrests of four spies in Holland

Sergei LavrovRussia’s minister of foreign affairs has downplayed the arrest and expulsion of four Russian military intelligence officers in Holland last April, saying that the incident was caused by a “misunderstanding”. Last Thursday, the US government named and indicted seven officers of the Main Directorate of the General Staff of Russia’s Armed Forces, known as GRU. The seven are alleged to have participated in cyber-attacks on international agencies, private companies and government computer networks in at least half a dozen countries around the world since 2015. Four of the men named last week were reportedly detained in April of this year while trying to hack into the computer network of the Organization for the Prohibition of Chemical Weapons (OPCW). Headquartered in The Hague, the OPCW oversees efforts by its 193 member states to detect and eliminate chemical weapons stockpiles around the world. In the past year, the OPCW has been probing the failed attempt to poison the Russian former double spy Sergei Skripal in England, which the British government has blamed on Moscow.

On Monday, Russia’s Minister of Foreign Affairs Sergei Lavrov dismissed Washington’s accusations against the GRU and said that the Dutch authorities had overreacted in detaining the four Russian officers in April. Following a meeting in Moscow with his Italian counterpart Enzo Moavero Milanesi, Lavrov said that the visit of the four GRU officers in Holland had been “customary”, adding that “there was nothing clandestine in it”. The GRU specialists were in Holland in order to secure computer servers used at the Russian embassy there. “They were not trying to hide from anyone once they arrived at the airport”, said Lavrov. They then “checked into a hotel and paid a visit to our embassy”, he added. Had they been engaged in espionage, the men would have taken strict precautions, said the Russian foreign affairs minister. They were eventually “detained by Dutch police without any reason or explanations, and were not allowed to contact our embassy”, said Lavrov. Eventually they were “asked to leave the country”, but it was “all because of a misunderstanding”, he concluded.

The Russian official did not address the information provided a series of photographs released by Holland’s Ministry of Defense, which show a car used by the four Russians at the time of their arrest in April. The photographs show that the car was equipped with WiFi antennas and transformers. A wireless server and batteries can also be seen in the photographs. Lavrov said that the allegations against the GRU were meant to draw attention to Russia and distract Western citizens from “widening divisions that exist between Western nations”.

Author: Joseph Fitsanakis | Date: 09 October 2018 | Research credit: S.F. | Permalink

Western spy agencies thwarted alleged Russian plot to hack Swiss chemical lab

OPCW HagueWestern intelligence agencies thwarted a plot involving two Russians intending to travel to a Swiss government laboratory that investigates nuclear, biological and chemical weapons, and hack its computer systems. According to two separate reports by Dutch newspaper NRC Handelsblad and Swiss newspaper Tages-Anzeiger, the two were apprehended in The Hague in early 2018. The reports also said that the Russians were found in possession of equipment that could be used to compromise computer networks. They are believed to work for the Main Intelligence Directorate, known as GRU, Russia’s foremost military intelligence agency. The apprehension was the result of cooperation between various European intelligence services, reportedly including the Dutch Military Intelligence and Security Organization (MIVD).

The laboratory, located in the western Swiss city of Spiez, has been commissioned by the Netherlands-based Organization for the Prohibition of Chemical Weapons (OPCW) to carry out investigations related to the poisoning of Russian double agent Sergei Skripal and his daughter Yulia in March of this year. It has also carried out probes on the alleged use of chemical weapons by the Russian-backed government of President Bashar al-Assad in Syria. In the case of the Skripals, the laboratory said it was able to duplicate findings made earlier by a British laboratory.

Switzerland’s Federal Intelligence Service (NDB) reportedly confirmed the arrest and subsequent expulsion of the two Russians. The Swiss agency said it “cooperated actively with Dutch and British partners” and thus “contributed to preventing illegal actions against a sensitive Swiss infrastructure”. The office of the Public Prosecutor in the Swiss capital Bern said that the two Russians had been the subject of a criminal investigation that began as early as March 2017. They were allegedly suspected of hacking the computer network of the regional office of the World Anti-Doping Agency in Lausanne. The Spiez laboratory was a target of hacking attempts earlier this year, according to a laboratory spokesperson. “We defended ourselves against that. No data was lost”, the spokesperson stated.

On April 14, Russian Minister of Foreign Affairs Sergei Lavrov stated that he had obtained the confidential Spiez lab report about the Skripal case “from a confidential source”. That report confirmed earlier findings made by a British laboratory. But the OPCW, of which Russia is a member, states that its protocols do not involve dissemination of scientific reports to OPCW member states. Hence, the question is how Foreign Minister Lavrov got hold of the document.

As intelNews reported in March, in the aftermath of the Skripals’ poisoning the Dutch government expelled two employees of the Russian embassy in The Hague. In a letter [.pdf] sent to the Dutch parliament on March 26 —the day when a large number of countries announced punitive measures against Russia— Holland’s foreign and internal affairs ministers stated that they had decided to expel the two Russian diplomats “in close consultation with allies and partners”. The Russians were ordered to leave the Netherlands within two weeks. It is unknown whether the two expelled Russian diplomats are the same two who were apprehended in The Hague, since none have been publicly named.

A November 2017 parliamentary letter from Dutch minister of internal affairs Kajsa Ollongren, states[4] that Russian intelligence officers are “structurally present” in the Netherlands in various sectors of society to covertly collect intelligence. The letter added that, in addition to traditional human intelligence (HUMINT) methods, Russia deploys digital means to influence decision-making processes and public opinion in Holland.

Author: Matthijs Koot | Date: 17 September 2018 | Permalink

Police investigate mysterious disappearance of close WikiLeaks associate

Arjen KamphuisPolice in Norway and Holland have opened formal investigations into the whereabouts of a Dutch cybersecurity expert and senior associate of WikiLeaks, who disappeared without trace on August 20. Arjen Kamphuis, a 47-year-old online privacy specialist, is known for his book Information Security for Journalists, which offers advice on investigative reporters working on national security and intelligence matters. Additionally, Kamphuis, who has Dutch citizenship, is a close associate of Julian Assange, founder of the international whistleblower website WikiLeaks.

According to reports, Kamphuis was last seen in Bodo, a town of 50,000 people located in Norway’s arctic region. Witnesses say that on August 20, Kamphuis checked out of his hotel in the center of Bodo and headed on foot to the town’s main railway station, where he planned to catch a train to Trondheim, Norway’s third largest city. From there he was scheduled to fly to the Dutch capital Amsterdam on August 22. However, it is not known whether Kamphuis ever boarded the 10-hour, 500-mile train ride to Trondheim. He certainly did not board his flight to Amsterdam and has not been heard from since he left his Bodo hotel on August 20. The French news agency Agence France Presse cited Norwegian police spokesman Tommy Bech, who said that Norwegian authorities were unaware of Kamphuis’s current whereabouts. He refused to speculate about what may have happened to Kamphuis after he left his hotel in Bodo, but said that the Norwegian police had opened a formal investigation into his disappearance, in association with police in Holland.

The Dutch cybersecurity expert’s disappearance comes as the fate of his close associate and WikiLeaks founder Julian Assange appears increasingly uncertain. The Australian-born Assange has been living in self-confinement inside the Ecuadorian embassy in London for six years. During that time, the Ecuadorian government has offered Assange protection against charges of rape and sexual assault that have been filed against him in Sweden, which the WikiLeaks founder dismisses as a political conspiracy against him. This past summer, however, Ecuador’s new President, Lenin Moreno, said that Assange would need to leave his embassy quarters soon. Assange is also wanted in the United States for leaking classified government documents through the WikiLeaks platform.

Author: Joseph Fitsanakis | Date: 05 September 2018 | Permalink

Holland expels two Iranian diplomats, but stays silent on reasons

Iran embassy HagueHolland has expelled two Iranian diplomats without saying why, leading to speculation that the expulsions may be related to the arrests of members of an alleged Iranian sleeper cell in Belgium, Germany and France last week. On Friday, a spokesperson from Holland’s General Intelligence and Security Service (AIVD) told reporters that “two persons accredited to the Iranian embassy” in the Hague “were expelled from the Netherlands on June 7”. The spokesperson continued saying that, although the AIVD was able to confirm that the two unnamed persons had been expelled from the country, they would “not provide any further information”. When journalists contacted Holland’s Ministry of Foreign Affairs, they were told that there would be no comment on the matter from the Dutch government.

Late on Friday, the Reuters news agency cited an unnamed “European government official and a Western intelligence source” who said that the two Iranian embassy personnel were expelled from Holland “up to two months ago”. But Holland’s state-owned Dutch Broadcast Foundation (NOS) reported that the expulsions took place on June 7. No further information appears to be publicly available. However, assuming that the expulsions took place last week, and not two months ago, they appear to have coincided with the arrests of members of an alleged Iranian sleeper cell on June 30 and July 1. As intelNews reported last week, the arrests began on June 30, when members of Belgium’s Special Forces Group arrested a married Belgian couple of Iranian descent in Brussels. The couple were found to be carrying explosives and a detonator. On the following day, July 1, German police arrested an Iranian diplomat stationed in Iran’s embassy in Vienna, Austria. On the same day, a fourth person, who has not been named, was arrested by authorities in France, reportedly in connection with the three other arrests.

All four individuals appear to have been charged with a foiled plot to bomb the annual conference of the National Council of Resistance of Iran (NCRI) that took place on June 30 in Paris. The NCRI is led by Mujahedin-e Khalq (MEK), a Marxist militant group that has roots in radical Islam and Marxism. Until a few years ago, the MEK was designated as a terrorist group by the European Union and the United States, but has since been reinstated in both Brussels and Washington. There is also speculation that last week’s expulsions in Holland may be related to the assassinations of dissident Iranian expatriates in Holland in 2015 and 2017, which have been blamed on the government in Tehran.

On Saturday, the Iranian Ministry of Foreign Affairs summoned the Dutch ambassador to protest against the expulsions of its diplomats, while a ministry spokesperson warned that “the Islamic Republic reserves the right to retaliate”. Reuters quoted an unnamed “senior Iranian official” who said that “all these arrests and expulsions are part of our enemies’ attempts to harm efforts to salvage the nuclear deal”, a reference to the Joint Comprehensive Plan of Action.

Author: Joseph Fitsanakis | Date: 09 July 2018 | Research credit: M.K. | Permalink

Ukraine, Russia, spied on Dutch investigators of MH17 plane disaster, TV report claims

MH17 crashDozens of Dutch security officers, legal experts, diplomats and other civil servants were systematically spied on by Ukrainian and Russian intelligence services while probing the aftermath of the MH17 disaster, according to a report on Dutch television. Malaysia Airlines Flight 17, a scheduled passenger flight from Amsterdam to Kuala Lumpur, was shot down over eastern Ukraine on July 17, 2014. All 283 passengers and 15 crew on board, 196 of them Dutch citizens, were killed. In the aftermath of the disaster, the Dutch Safety Board spearheaded the establishment of the multinational Joint Investigation Team (JIT), which is still engaged in a criminal probe aimed at identifying, arresting and convicting the culprits behind the unprovoked attack on Flight MH17. As part of the JIT, dozens of Dutch officials traveled to Ukraine to initiate the investigation into the plane crash and repatriate victims’ bodies and belongings. Their activities were conducted with the support of the Ukrainian government, which is party to the JIT.

But on Tuesday, Holland’s RTL Niews broadcaster said that members of the Dutch JIT delegation were subjected to systematic and persistent spying by both Ukrainian and Russian government operatives. According to RTL, Dutch investigators found sophisticated eavesdropping devices in their hotel rooms in Ukraine, and believed that their electronic devices had been compromised. Citing “inside sources” from the Dutch government, the broadcaster said that, during their stay in Ukraine, members of the Dutch JIT delegation noticed that the microphones and cameras on their wireless electronic devices would turn on without being prompted. They also noticed that the devices would constantly try to connect to public WiFi networks without being prompted. Upon their return to Holland, Dutch officials had their wireless devices examined by Dutch government security experts. They were told that numerous malware were discovered on the devices.

RTL Niews said that the question of whether valuable information relating to the MH17 investigation was stolen by foreign spies remains unanswered. But it noted that the members of the Dutch JIT delegation were warned about possible espionage by foreign powers prior to traveling to Ukraine. During their stay there, they were not allowed to send messages in unencrypted format and were only permitted to hold sensitive conversations in especially designated rooms inside the Dutch embassy in Kiev. The Dutch government did not respond to questions submitted to it by RTL Niews. But it issued a statement saying that its security experts had briefed and trained the Dutch JIT delegation prior to its trip to Ukraine. Members of the delegation were told that foreign parties would seek to collect intelligence, because the MH17 investigation was taking place in a “conflict area with significant geopolitical interest” for many parties. They were therefore advised to “assume that they were being spied on [and] adjust [their] behavior accordingly” while in Ukraine, the Dutch government’s statement said.

Author: Ian Allen | Date: 28 June 2018 | Permalink

Analysis: New legal framework for Dutch intelligence services becomes law

Wet op de Inlichtingen- en Veiligheidsdiensten
On May 1, 2018, the legal framework for the Dutch intelligence community changed as the new Intelligence and Security Services Act became operational. Previously, both chambers of parliament discussed and accepted the Act on February 14 and July 11, 2018. A group of Amsterdam-based students, however, were worried that the Act —which includes the power to intercept cable-bound communication in bulk— would induce a surveillance state. They initiated a public referendum, which was held on March 21, 2018.

In what was an intense and prolonged public debate in the months leading up to the referendum, critics of the new Act advanced their views against it. Among them was the digital civil rights group Bits of Freedom, which argued that the power to intercept cable-bound communication in bulk would destroy “the core value of our free society, that a law-abiding citizen will not be monitored”. The Act also allows the General Intelligence and Security Service (known by its Dutch acronym AIVD) and the Military Intelligence and Security service (abbreviated as MIVD) to exchange large sets of unevaluated data with their foreign counterparts without prior approval by the new independent review commission. The services see this quid pro quo data sharing as essential for their counter-terrorism mission. But in the view of opponents, the fact that unevaluated and unanalyzed datasets are exchanged is unacceptable.

Additionally, Bits of Freedom was opposed to the real-time access to databases of partners (such as tax authorities, other governmental agencies, but also banks) that was granted to the intelligence and security services. They argued that the oversight bodies and the responsible minister should have to sign off on this (it should be noted however, that such database access will be only granted on a hit/no-hit basis, so there will be no free searches. Finally, and more broadly, it was argued that the new Act contained too many “open norms”. This was in line with the cabinet’s goal to formulate a new act that would be more independent of technological developments —the Act of 2002 was not, and therefore the update was seen as necessary. But it also remains unspecified in which specific circumstances and under what criteria and norms the new powers can and cannot be applied. Read more of this post

Report from Holland: Cable-bound interceptions and ‘dragnets’

Wet op de Inlichtingen- en VeiligheidsdienstenFor the past year, the Netherlands has had a new law governing its two secret services, the AIVD and the MIVD. The new Intelligence and Security Services Act (Wet op de inlichtingen- en veiligheidsdiensten or Wiv) was and still is heavily criticized, especially because it allows untargeted access to cable-bound telephone and internet traffic. Under the previous law, which dates from 2002, the intelligence services were only allowed to conduct bulk interception of wireless transmissions, like satellite and radio communications —besides of course the traditional targeted telephone and internet taps aimed at individual targets.

That prohibition of bulk cable tapping is not the only thing that makes Dutch intelligence services different from those of many other countries. Probably the biggest difference is the fact that the Wiv applies to both foreign and domestic operations, as if the two secret services were responsible for both domestic security and foreign intelligence.

The General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst, or AIVD) covers the civilian domain, and focuses at Jihadist terrorism, radicalization, rightwing and leftwing extremism, counter-intelligence and countering cyber threats. This is mostly domestic, but the AIVD also has a small branch that gathers foreign intelligence from and about a select range of countries. The Military Intelligence and Security Service (Militaire Inlichtingen- en Veiligheidsdienst, or MIVD) covers military issues, and is therefore more foreign-orientated than its civilian counterpart. The MIVD is responsible for the security of Dutch armed forces and for collecting foreign intelligence in military matters, while at the same time providing support of Dutch military missions abroad, like for example in Mali. When it comes to Signals Intelligence (SIGINT), the AIVD and MIVD combined their efforts in a joint unit called the Joint SIGINT Cyber Unit (JSCU), which became operational in 2014. The JSCU is responsible for most of the technical interception capabilities, from traditional wiretaps to cyber operations. The JSCU is not allowed to conduct offensive cyber operations. The latter are conducted by the Defence Cyber Command (DCC) of the Dutch armed forces. Read more of this post

Report from Holland: A heated debate over a new intelligence and security act

Wet op de Inlichtingen- en VeiligheidsdienstenOn March 21, the Dutch public cast their vote about the new Intelligence and Security Services Act, in Dutch Wet op de Inlichtingen- en Veiligheidsdiensten (or WIV). In this two-part post, we report about the debate currently taking place. In our first contribution, the discussion itself will be analyzed. In our second post, we will focus on the new special powers that the Act grants the Dutch intelligence community, more specifically the practice of cable-bound interception, which is central here.

First the discussion. Public unrest about the new intelligence act came rather late. In August, a group of concerned students from Amsterdam was able to collect more than ten thousand signatures for a consultative referendum on the Intelligence and Security Services Act, to which the House of Representatives agreed on 14 February, and the Senate on 11 July 2017. The students were supported by a variety of digital civil liberties organizations, including Amnesty International and Bits of Freedom, and successfully petitioned 300,000 signatures. By law (which has been abolished in the meantime) the Dutch government was required to hold a consultative referendum about the new Act.

What conclusions they will draw from a ‘yes’ or ‘no’ majority, based on whatever turn-out percentage, is unclear. Some leaders of the coalition parties, such as the Christian-Democratic parliamentary leader Sybrand Buma, have stated that they will ignore the referendum altogether. A bit late to the party (parliament has discussed and accepted the new Act throughout 2017), the concerned students and digital civil rights groups claim their goal is to start a discussion about the ‘tapping law’ or ‘vacuum cleaner capability’, most often referred to as the ‘dragnet law’ in popular metaphors. Although this complex and comprehensive law settles a variety of intelligence matters, the discussion has focused almost exclusively on the ‘dragnet’: the interception of communication traffic that runs through fiber optic cables, and the consequences of the application of this special power for the privacy of Dutch citizens. Read more of this post

Dutch spies identified Russian hackers who meddled in 2016 US election

Cozy BearDutch spies identified a notorious Russian hacker group that compromised computer servers belonging to the Democratic Party of the United States and notified American authorities of the attack, according to reports. In 2016, US intelligence agencies determined that a Russian hacker group known as Cozy Bear, or APT29, led a concerted effort to interfere in the US presidential election. The effort, which according to US intelligence agencies was sponsored by the Russian government, involved cyber-attacks against computer systems in the White House and the Department of State, among other targets. It also involved the theft of thousands of emails from computer servers belonging to the Democratic National Committee, which is the governing body of the Democratic Party. The stolen emails were eventually leaked to WikiLeaks, DCLeaks, and other online outlets. Prior descriptions of the Russian hacking in the media have hinted that US intelligence agencies were notified of the Russian cyber-attacks by foreign spy agencies. But there was no mention of where the initial clues came from.

Last Thursday, the Dutch current affairs program Nieuwsuur, which airs daily on Holland’s NPO 2 television, said that the initial tipoff originated from the AIVD, Holland’s General Intelligence and Security Service. On the same day, the Dutch newspaper De Volkskrant published a detailed account of what it described as AIVD’s successful penetration of Cozy Bear. According to these reports, AIVD was able to penetrate Cozy Bear in mid-2014, before the hacker group intensified its campaign against political targets in the US. Citing “six American and Dutch sources who are familiar with the material, but wish to remain anonymous”, De Volkskrant said that the AIVD was able to detect the physical base of the Cozy Bear hackers. The latter appeared to be working out of an academic facility that was adjacent to Moscow’s Red Square. The AIVD team was then able to remotely take control of security camera networks located around the facility. Eventually, the Dutch team hacked into another security camera network located inside the buildings in which the hackers worked. They soon began to collect pictures and footage of Cozy Bear members, which they then compared with photos of “known Russian spies”, according to De Volkskrant.

The paper said that the AIVD team continued to monitor Cozy Bear’s activities until at least 2017, while sharing intelligence with the Central Intelligence Agency and the National Security Agency in the US. The intelligence was allegedly instrumental in alerting US spy agencies about Russian government-sponsored efforts to meddle in the 2016 presidential election. Several newspapers, including The Washington Post in the US and The Independent in Britain, contacted the AIVD and the MIVD —Holland’s military intelligence agency— over the weekend. But the two agencies said they would not comment on reports concerning Cozy Bear.

Author: Joseph Fitsanakis | Date: 29 January 2018 | Research credit: E.J. & E.K. | Permalink

Headstone for unmarked grave of Nazi spy who died undetected in wartime Britain

Jan Willem Ter BraakThe unmarked grave of a Dutch-born Nazi spy, who killed himself after spending several months working undercover in wartime Britain, will be marked with a headstone, 76 years after his death by suicide. Born in 1914 in The Hague, Holland, Englebertus Fukken joined the National Socialist Movement in the Netherlands, the Dutch affiliate of the National Socialist German Workers’ Party led by Adolf Hitler, in 1933. In 1940, shortly after the German invasion of Holland, Fukken, who had been trained as a journalist, was recruited by the Abwehr, Nazi Germany’s military intelligence. Abwehr’s leadership decided to include Fukken in the ranks of undercover agents sent to Britain in preparation for Operation SEA LION, Germany’s plan to invade Britain.

Between October 31 and November 2, 1940, the 26-year-old Fukken was secretly parachuted over the Buckinghamshire village of Haversham in central England. British authorities found his discarded parachute a few days later, but by that time Fukken had made his way on foot to the city of Cambridge. Fukken’s precise mission remains unknown. Speculation that he was sent to Britain to assassinate the country’s wartime leader, Sir Winston Churchill, is dismissed as fantastical by most historians. What is known is that Fukken carried with him false Dutch papers identifying him as Jan Willem Ter Braak, and a suitcase that contained a radio transmitter supplied to him by the Abwehr.

In Cambridge, Fukken took lodgings with a local family, posing as a member of the Free Dutch Forces, anti-Nazi Dutch officials who had fled to London after the German invasion of Holland and formed a government in exile. Fukken spent the next four months living undercover in Cambridge, and did not register with the authorities, as required. He traveled on most days to locations in England bombed by the Luftwaffe, inspecting the damage and reporting back to his Abwehr handlers in Hamburg by radio or by mail, using secret writing techniques. But his failure to register with the authorities meant that he had no access to ration cards, which were required to purchase food in wartime Britain. He then attracted the attention of the local authorities, after presenting them with a forged ration card that was detected during inspection by a police officer. Fearing arrest, he quickly moved lodgings, but was unable to solve the problem of access to food. Repeated attempts to get the Abwehr to exfiltrate him failed, and his calls for money and usable ration cards were not facilitated, as the Nazi leadership in Berlin had begun to shelve Operation SEA LION. Read more of this post

Holland suspends its ambassador to China due to suspected honey trap

Holland Embassy in ChinaThe Dutch government has suspended its ambassador to China and has launched an official investigation into an alleged secret relationship between the ambassador and a female Chinese employee at the Dutch embassy. The ambassador, Ron Keller, is a career diplomat and senior member of the Dutch foreign service corps, who has served in Russia and Turkey among other international posts. He assumed duties as Holland’s ambassador to China in late 2015. In December of that year, he arrived in Beijing and took command of one of the largest Dutch embassies in the world.

Last weekend, however, Dutch newspaper De Telegraaf reported that Keller had been suspended from his post after it was alleged that he had a secret affair with an employee at the embassy. The employee, whose name has not been released, is reportedly a female Chinese national. Her position at the embassy is not known, but is thought to be of a clerical nature. Foreign diplomats stationed in China —whether married or single— are routinely warned to avoid having intimate relationships with Chinese nationals due to concerns that the latter may be in the service of Chinese intelligence. Some refer to this practice as a ‘honey trap’.  In 2011, Taiwan suffered its most serious espionage case in over half a century when it was revealed that the director of the Taiwanese military’s Office of Communications and Information fell for a “tall, beautiful and chic” Chinese female operative, who held an Australian passport, but later turned out to be a Chinese intelligence officer. In 2014, a leaked British military report warned United Kingdom government officials of attempts by Chinese intelligence services to compromise them using sexual entrapment.

De Telegraaf said it contacted the Dutch Ministry of Foreign Affairs about Keller’s suspension. In a statement, the ministry confirmed the diplomat’s suspension but said that it could not comment on the case. The newspaper reported that Keller is currently back in Holland and that his return to Beijing in an official capacity is not likely.

Author: Joseph Fitsanakis | Date: 19 October 2016 | Permalink

Dutch technical experts helped US bug foreign embassies in Cold War

Great Seal bugA tightly knit group of Dutch technical experts helped American spies bug foreign embassies at the height of the Cold War, new research has shown. The research, carried out by Dutch intelligence expert Cees Wiebes and journalist Maurits Martijn, has brought to light a previously unknown operation, codenamed EASY CHAIR. Initiated in secret in 1952, the operation was a collaboration between the United States Central Intelligence Agency and a small Dutch technology company called the Nederlands Radar Proefstation (Dutch Radar Research Station).

According to Dutch website De Correspondent, which published a summary of the research, the secret collaboration was initiated by the CIA. The American intelligence agency reached out to the Dutch technical experts after interception countermeasures specialists discovered a Soviet-made bug inside the US embassy in Moscow. The bug, known as ‘the Thing’, had been hidden inside a carved wooden ornament in the shape of the Great Seal of the United States. It had been presented as a gift to US Ambassador W. Averell Harriman by the Young Pioneer organization of the Soviet Union in 1945, in recognition of the US-Soviet alliance against Nazi Germany in World War II. But in 1952, the ornament, which had been hanging in the ambassador’s office in Moscow for seven years, was found to contain a cleverly designed listening device. The bug had gone undetected for years because it contained no battery and no electronic components. Instead it used what are known as ‘passive techniques’ to emit audio signals using electromagnetic energy fed from an outside source to activate its mechanism.

Wiebes and Martijn say the CIA reached out to the Dutch in 1952, soon after the discovery of ‘the Thing’, in fear that “the Soviets were streets ahead of the Americans when it came to eavesdropping technology”. According to the authors, the approach was facilitated by the BVD, the Cold War predecessor of the AIVD, Holland’s present-day intelligence agency. In the following years, technical specialists in the Netherlands produced the West’s answer to ‘the Thing’ —a device which, like its Soviet equivalent, used ‘passive techniques’ to emit audio signals. Moreover, the Americans are believed to have used the Dutch-made device to but at least two foreign embassies in The Hague, the Soviet Union’s and China’s, in the late 1950s and early 1960s.

The work by Wiebes and Martijn was initially published in Dutch by De Correspondent in September of last year. An English-language version of the article, which was published in December, can be read here.

Author: Joseph Fitsanakis | Date: 06 January 2016 | Permalink

Dutch crime investigator charged with spying for organized criminals

AIVD HollandA 28-year-old criminal investigator of the Dutch National Crime Squad was arrested by Dutch police on September 29 over allegations of corruption, neglect of duty, and money laundering. The man, named as Mark M., applied for a job at the Dutch police in 2009. According to an online résumé, M. dropped out of professional college in journalism after several years of being self-employed as a freelance reporter covering crime issues.

According to Dutch media, M. did not pass the security screening carried out by the General Intelligence and Security Service (AIVD) as part of the job application. But he was hired nonetheless as trainee in a less sensitive position that is not subject to security screening by the AIVD. The reported reason for M.’s failure to pass the screening process is that he is married to a Ukrainian woman. The AIVD has no intelligence-sharing relationship with its Ukrainian counterpart agency concerning security screenings.

M. is reported to have access to the files “of all large national criminal investigations”, and allegedly sold information on a large scale to drug organizations and criminal biker gangs. He is reported to have close ties with leaders of the biker gangs Satudarah and No Surrender.

Newspaper NRC Handelsblad, which first reported about M., states that the screening involved an investigation into M.’s social environment and personal finances. Television news service RTL Nieuws, which was the first to publicly name the man, reports that M. stood out for his luxurious lifestyle: driving a Porsche Cayenne, frequenting Curaçao and the Dominican Republic for holidays, and wearing expensive watches. During a search of his residence, the police found €235.000 ($266,266), as well as confidential police information that M. allegedly intended to sell.

The police is investigating the extent of the damage caused by M., as well as the precise investigations that he may have compromised. The question of why M. was hired despite not having passed the security screening is part of the investigation. It is, so far, believed that M. acted alone.

Addendum, Nov. 4, 2015: Pending a security clearance from the AIVD, M. was granted access to BlueView, a confidential police data search engine. When the AIVD refused to issue a security clearance, M. was transferred to the traffic department, but superiors failed to revoke his access to BlueView. In 2007, BlueView contained 55 million documents containing data about suspects, transcripts of interrogations and police reports. M.’s authorization level included access to information from the Criminal Intelligence Unit (CIE), that works with informants. M. was able to access BlueView for close to four years.

Author: Matthijs Koot | Date: 20 October 2015 | Permalink

Germany and Holland investigated Russian physicist for espionage

Eindhoven University of TechnologyThe German and Dutch governments allegedly joined forces to investigate a Russian supercomputer specialist, who studied in Germany and Holland, suspecting him of passing technical information to Russian intelligence. German weekly newsmagazine Der Spiegel, which published the report in its current issue, identified the physicist only as “Ivan A.” and said that the 28-year-old man was a member of a physics laboratory affiliated with the Max Planck Institute in the western German city of Bonn. According to Spiegel, Ivan A. studied in Bonn between 2009 and 2011, conducting research on quantum physics and nanophotonics, an area of study that examines the behavior of light on the nanometer scale. Much of the research in this specialized field relates to supercomputers and cutting-edge quantum computing applications.

Citing unnamed government sources, Spiegel said that Germany’s Office for the Protection of the Constitution, which is the country’s top counterintelligence agency, started to monitor the scientist once he began meeting regularly with a Russian diplomat. The diplomat, who was stationed at the consulate of the Russian Federation in Bonn, had been identified by German intelligence as a member of the Russian secret services. German counterintelligence officials thus began suspecting Ivan A. of channeling restricted technical information to Moscow via the Russian diplomat.

However, in 2013 Ivan A. relocated to the Dutch city of Eindhoven to study at the Eindhoven University of Technology, at which point German counterintelligence officers reached out to their Dutch colleagues. During one of his trips from Germany to Holland, Ivan A. was detained for several hours along with this wife at the Düsseldorf International Airport. He was questioned and his personal electronic devices were confiscated. Upon his release Germany and Holland jointly launched against him a formal investigation for espionage. Eventually his European Union residence visa was cancelled and he was expelled by the Dutch government as a danger to national security. Der Spiegel said Ivan A. returned to Russia and today denies that he was a spy.

Espionage scandals frequently rock German-Russian relations. In 2013, a German court convicted a married couple, Andreas and Heidrun Anschlag, of having spied for the Soviet Union and Russia since at least 1990. The two had used forged Austrian passports to enter West Germany from Mexico in 1988 and 1990.

Author: Joseph Fitsanakis | Date: 28 July 2015 | Permalink: https://intelnews.org/2015/07/28/01-1744/

Analysis: New Dutch spy bill proposes changes in approval, oversight

AIVD HollandOn July 2, 2015, the Dutch government released for public consultation a long-awaited bill that overhauls the Dutch Intelligence and Security Act of 2002. Known also as Wiv2002, the Act is the legal framework for the operations of the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD). The bill is a complete rewrite of the present law, and includes expansions of power, as well as changes to the approval regime and oversight. The below provides a brief overview focused on the interception and hacking powers.

The services’ special powers, such as interception and hacking, can only be used for a subset of their legal tasks. That subset includes national security,
foreign intelligence and military intelligence. The government annually determines the intelligence needs of itself and other intelligence consumers; the outcome is used to focus and prioritize strategic and operational plans and activities.

The services have and hold a specific interception power, i.e., interception of communication of a specified person, organization and/or technical characteristic (e.g. IMEI, phone number, IP address, email address). This requires approval from the minister in charge. The services also have and hold a non-specific interception power —i.e., ‘bulk’ interception— but the bill expands that power from ether-only to “any form of telecommunications or data transfer”, thus including cable networks. Furthermore, the bill no longer limits the non-specific power to communication that has a foreign source and/or foreign destination, meaning that domestic communication is in scope. Like the specific power, the non-specific power requires approval from the minister in charge. The services can retain raw bulk intercepts not just for one year, as is presently the case, but for three years. Encrypted raw intercepts can be stored indefinitely, as is presently the case; the three year retention period is triggered when bulk-intercepted encrypted data is decrypted.

Certain categories of “providers of communication services” will be required, in consultation with the services, to provide access to their networks, if so requested by the services on the basis of approval from the minister. Those categories will be determined by governmental decree. The term “provider of a communication service” is derived from the term “service provider” in the Budapest Convention on Cybercrime of 2001, and is defined so as to include public telecommunication networks, non-public telecommunications networks, hosting providers and website operators. The services have and hold the right to, under certain conditions and after approval from the Minister, compel “anyone” to decrypt data or hand over keys. The approval request for that must include an indication of the conversations, telecommunications or data transfers that are targeted.

Read more of this post

%d bloggers like this: