Western spy agencies thwarted alleged Russian plot to hack Swiss chemical lab

OPCW HagueWestern intelligence agencies thwarted a plot involving two Russians intending to travel to a Swiss government laboratory that investigates nuclear, biological and chemical weapons, and hack its computer systems. According to two separate reports by Dutch newspaper NRC Handelsblad and Swiss newspaper Tages-Anzeiger, the two were apprehended in The Hague in early 2018. The reports also said that the Russians were found in possession of equipment that could be used to compromise computer networks. They are believed to work for the Main Intelligence Directorate, known as GRU, Russia’s foremost military intelligence agency. The apprehension was the result of cooperation between various European intelligence services, reportedly including the Dutch Military Intelligence and Security Organization (MIVD).

The laboratory, located in the western Swiss city of Spiez, has been commissioned by the Netherlands-based Organization for the Prohibition of Chemical Weapons (OPCW) to carry out investigations related to the poisoning of Russian double agent Sergei Skripal and his daughter Yulia in March of this year. It has also carried out probes on the alleged use of chemical weapons by the Russian-backed government of President Bashar al-Assad in Syria. In the case of the Skripals, the laboratory said it was able to duplicate findings made earlier by a British laboratory.

Switzerland’s Federal Intelligence Service (NDB) reportedly confirmed the arrest and subsequent expulsion of the two Russians. The Swiss agency said it “cooperated actively with Dutch and British partners” and thus “contributed to preventing illegal actions against a sensitive Swiss infrastructure”. The office of the Public Prosecutor in the Swiss capital Bern said that the two Russians had been the subject of a criminal investigation that began as early as March 2017. They were allegedly suspected of hacking the computer network of the regional office of the World Anti-Doping Agency in Lausanne. The Spiez laboratory was a target of hacking attempts earlier this year, according to a laboratory spokesperson. “We defended ourselves against that. No data was lost”, the spokesperson stated.

On April 14, Russian Minister of Foreign Affairs Sergei Lavrov stated that he had obtained the confidential Spiez lab report about the Skripal case “from a confidential source”. That report confirmed earlier findings made by a British laboratory. But the OPCW, of which Russia is a member, states that its protocols do not involve dissemination of scientific reports to OPCW member states. Hence, the question is how Foreign Minister Lavrov got hold of the document.

As intelNews reported in March, in the aftermath of the Skripals’ poisoning the Dutch government expelled two employees of the Russian embassy in The Hague. In a letter [.pdf] sent to the Dutch parliament on March 26 —the day when a large number of countries announced punitive measures against Russia— Holland’s foreign and internal affairs ministers stated that they had decided to expel the two Russian diplomats “in close consultation with allies and partners”. The Russians were ordered to leave the Netherlands within two weeks. It is unknown whether the two expelled Russian diplomats are the same two who were apprehended in The Hague, since none have been publicly named.

A November 2017 parliamentary letter from Dutch minister of internal affairs Kajsa Ollongren, states[4] that Russian intelligence officers are “structurally present” in the Netherlands in various sectors of society to covertly collect intelligence. The letter added that, in addition to traditional human intelligence (HUMINT) methods, Russia deploys digital means to influence decision-making processes and public opinion in Holland.

Author: Matthijs Koot | Date: 17 September 2018 | Permalink

Advertisements

Analysis: New Dutch spy bill proposes changes in approval, oversight

AIVD HollandOn July 2, 2015, the Dutch government released for public consultation a long-awaited bill that overhauls the Dutch Intelligence and Security Act of 2002. Known also as Wiv2002, the Act is the legal framework for the operations of the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD). The bill is a complete rewrite of the present law, and includes expansions of power, as well as changes to the approval regime and oversight. The below provides a brief overview focused on the interception and hacking powers.

The services’ special powers, such as interception and hacking, can only be used for a subset of their legal tasks. That subset includes national security,
foreign intelligence and military intelligence. The government annually determines the intelligence needs of itself and other intelligence consumers; the outcome is used to focus and prioritize strategic and operational plans and activities.

The services have and hold a specific interception power, i.e., interception of communication of a specified person, organization and/or technical characteristic (e.g. IMEI, phone number, IP address, email address). This requires approval from the minister in charge. The services also have and hold a non-specific interception power —i.e., ‘bulk’ interception— but the bill expands that power from ether-only to “any form of telecommunications or data transfer”, thus including cable networks. Furthermore, the bill no longer limits the non-specific power to communication that has a foreign source and/or foreign destination, meaning that domestic communication is in scope. Like the specific power, the non-specific power requires approval from the minister in charge. The services can retain raw bulk intercepts not just for one year, as is presently the case, but for three years. Encrypted raw intercepts can be stored indefinitely, as is presently the case; the three year retention period is triggered when bulk-intercepted encrypted data is decrypted.

Certain categories of “providers of communication services” will be required, in consultation with the services, to provide access to their networks, if so requested by the services on the basis of approval from the minister. Those categories will be determined by governmental decree. The term “provider of a communication service” is derived from the term “service provider” in the Budapest Convention on Cybercrime of 2001, and is defined so as to include public telecommunication networks, non-public telecommunications networks, hosting providers and website operators. The services have and hold the right to, under certain conditions and after approval from the Minister, compel “anyone” to decrypt data or hand over keys. The approval request for that must include an indication of the conversations, telecommunications or data transfers that are targeted.

Read more of this post

Former spy sues Dutch state for ‘abandoning’ him in Afghanistan

MIVDBy JOSEPH FITSANAKIS | intelNews.org
A former agent for Holland’s military intelligence agency has sued the Dutch state, alleging that it abandoned him in Afghanistan, after he had spent years providing support services to Dutch operatives there. Dutch newspaper De Telegraaf reported last week that the former agent, identified only as I.A., is a former police officer who relocated to Afghanistan while working for a Western contractor. He then stayed on in the Afghan capital Kabul, where he imported and sold cars. According to I.A., he was eventually approached by Holland’s Military Intelligence and Security Service (MIVD) and secretly hired as an agent.

Dutch researcher Dr. Matthijs Koot, who translated De Telegraaf’s article into English, reports that I.A. claims he was tasked by the MIVD to acquire local cars with forged license plates, as well as provide forged travel documentation, for Dutch Special Forces in Afghanistan. He also says he supplied Dutch intelligence officers with weapons that “fit what was usually seen on the streets” of Kabul, thus helping them blend in with the local population.

According to De Teelgraaf, I.A. is now suing the Dutch government, alleging that the MIVD “left him to his fate” in Afghanistan, a move that allegedly cost him extensive financial damage. He wants the MIVD to acknowledge that he worked for them and furthermore that he should not have been abruptly fired when his services were no longer needed. According to the paper, I.A. threatened to release to the media details of his work for MIVD, including recorded conversations with MIVD officers. This prompted the agency to give him €500,000 ($700,000) in an attempt to unofficially settle his case. This was allegedly confirmed in a court in The Hague by Marc Gazenbeek, legal affairs director for the Dutch Ministry of Defense. However, I.A. claims the money he was given is insufficient and is suing for millions in damages. The Telegraaf says that Pieter Cobelens, who was director of MIVD at the time of I.A.’s employment, denies he was aware of his employment as a spy. The case continues.

News you may have missed #486

  • Hundreds of US officials to leave Pakistan in Davis deal [unconfirmed]. Pakistani newspaper The Express Tribune claims that 331 US officials in Pakistan have been identified by Islamabad as spies and are “to leave the country”, under a secret deal between Pakistan and the United States. The alleged deal was reportedly struck between the two sides as part of the release of Raymond Davis, a CIA operative who shot dead two people in Lahore.
  • Australian government unveils new spy legislation. The Intelligence Services Legislation Amendment Bill, which has been unveiled by the Australian government, contains changes to the intelligence services and criminal code legislation designed to “improve the operational capabilities of key spy agencies“, according to the country’s Attorney-General.
  • Dutch military intelligence: closed on Sundays. A Dutch government-commissioned report has revealed that the country’s military intelligence service, the MIVD, played no role in the decision, earlier this month, to attempt an evacuation operation by helicopter near the Libyan city of Sirte. The reason is because the evacuation took place on a Sunday, and requests for intelligence went unnoticed at MIVD headquarters.