Analysis: Who was behind the raid on the North Korean embassy in Madrid?

North Korea SpainAn obscure North Korean dissident group was most likely behind a violent raid on North Korea’s embassy in Madrid on February 22, which some reports have pinned on Western spy agencies, including the Central Intelligence Agency. The group, known as the Cheollima Civil Defense, is believed to be the first North Korean resistance organization to declare war on the government of Supreme Leader Kim Jong-un.

THE ATTACK

The attack took place at 3:00 in the afternoon local time in Aravaca, a leafy residential district of northern Madrid, where the embassy of North Korea is located. Ten assailants, all Southeast Asian-looking men, entered the three-story building from the main gate, brandishing guns, which were later found to be fake. They tied up and gagged the embassy’s staff, as well as three North Korean architects who were visiting the facility at the time. But one staff member hid at the embassy. She eventually managed to escape from a second-floor window and reach an adjacent building that houses a nursing home. Nursing home staff called the police, who arrived at the scene but had no jurisdiction to enter the embassy grounds, since the premises are technically North Korean soil. When police officers rang the embassy’s doorbell, an Asian-looking man appeared at the door and Q Quote 1said in English that all was fine inside the embassy. But a few minutes later, two luxury cars belonging to the North Korean embassy sped away from the building with the ten assailants inside, including the man who had earlier appeared at the front door.

Once they entered the embassy, Spanish police found eight men and women tied up, with bags over their heads. Several had been severely beaten and at least two had to be hospitalized. The victims told police that the assailants were all Korean, spoke Korean fluently, and had kept them hostage for nearly four hours. But they refused to file formal police complaints. The two diplomatic cars were later found abandoned at a nearby street. No money was taken by the assailants, nor did they seem interested in valuables of any kind. But they reportedly took with them an unknown number of computer hard drives and cell phones belonging to the embassy staff. They also stole an unknown quantity of diplomatic documents, according to reports.

POSSIBLE FOREIGN CULPRITS

Within a few hours, Spanish police had reportedly ruled out the possibility that the assailants were common thieves, arguing that the attack had been meticulously planned and executed. Also, common thieves would have looked for valuables and would not have stayed inside the embassy for four hours. Within a week, several Spanish newspapers, including the highly respected Madrid daily El País and the Barcelona-based El Periodico, pinned the raid on Western intelligence services. They cited unnamed police sources who claimed that at least two of the assailants had been identified and found to have links with the CIA. The reports also cited claims by embassy employees that the attackers interrogated them extensively about Soh Yun-sok, North Korea’s former ambassador to Madrid. Soh became Pyongyang’s chief nuclear negotiator after he was expelled by the Spanish government in 2017 in protest against North Korea’s nuclear missile tests. Read more of this post

Advertisements

Islamic State issues drone bomb warning following London airport chaos

Islamic State dronesOn the heels of chaotic scenes at Britain’s Gatwick Airport, which remained closed for three days due to reported sightings of drones, the Islamic State has released images on social media showing drones carrying packages to large Western cities. The images, which appear to be PhotoShopped, have reignited concerns that the group may be close to launching attacks on civilian targets around the world using drones. Known formally as unmanned aerial vehicles (UAVs), drones have become increasingly accessible to private consumers in recent years. They range from miniature toy models that can be controlled via smartphone applications to highly sophisticated models that can carry significant loads to high altitudes.

In recent years, it has been reported that several militant groups, such as Hezbollah in Lebanon and al-Qaeda-affiliated groups in Pakistan, have made use of drone technology for surveillance and combat purposes. But observers believe that the Islamic State may have the most advanced drone arsenal of any non-state group in the world. The militant Sunni-Muslim organization launched an experimental armed drone campaign in Iraq in 2016. A year earlier, Islamic State fighters had been seen making use of commercially purchased drones for surveillance purposes in the battlefields of Iraq and Syria. In 2016, the Islamic State built several workshops to modify commercially purchased drones, and eventually to build its own models. In January 2017, the group announced the establishment of a new unit called “Unmanned Aircraft of the Mujahideen”, which operated a sizeable fleet of modified combat drones. The following month, the Islamic State claimed to have killed with the use of drones nearly 40 Iraqi soldiers in a single week. The militant group said it did so by using drones to drop three-pound mortar shells on Iraqi troop positions.

Counterterrorism specialists are concerned about what they see as the Islamic State’s “growing ambition” to use drones in the battlefield. But they doubt that the use of drones can by itself affect the outcome of battles. A much larger concern is the possibility that the Islamic State could transfer its drone knowledge outside the battlefield. It has long been confirmed that Islamic State militants have systematically discussed the possibility of deploying drones in civilian areas to drop explosives or even weaponized chemical substances. In October of this year, Federal Bureau of Investigation director Christopher Wray told the United States Congress that the threat of the use of drones by a group like the Islamic State against American tarets was “steadily escalating”. Wray said that the FBI assessed drones “will be used to facilitate an attack in the United States against a vulnerable target, such as a mass gathering”. He added that his assessment was based on several factors, such as the retail availability of the devices, the “lack of verified identification requirement to procure” drones, their ease of use, as well as the experience in the use of drones that militant groups have been amassing abroad.

Author: Joseph Fitsanakis | Date: 24 December 2018 | Permalink

French security services investigate Russian role in yellow vests movement

yellow vests movementIntelligence and security services in France are investigating whether Russian involvement on social media and other platforms is playing a role in amplifying the so-called ‘yellow vests’ movement. Known in French as le mouvement des gilets jaunes, the campaign began online in May of this year as a popular protest against rising fuel prices and the high cost of living in France. In mid-November, the movement made its first public appearance with large demonstrations that have continued every weekend since then. Yellow vest protestors claim that tax increases are disproportionally affecting working- and middle-class people and that everyday life is becoming economically unsustainable in France. Some of the demonstrations have turned violent, and so far at least eight people have died as a result. The ensuing crisis has become the most significant threat to the government of Emmanuel Macron, as the protests are increasingly evolving into an anti-Macron rallies.

So far, the yellow vests campaign has been largely bipartisan, bringing together protestors from the entirety of the French political spectrum. Additionally, there are no identified leaders or coordinators of the movement. However, some suspect that Russian government operatives may be further-inflaming an already incensed protest movement. On Friday, The Wall Street Journal said that French security agencies were investigating potential involvement by the Kremlin in the yellow vests campaign. The paper quoted an unnamed French government cybersecurity official as saying that “there has been some suspect activity [and] we are in the process of looking at its impact”. The official was referring to the online activity of some leading social-media accounts involved with the yellow vests, which appear to also be “promoting Russian-backed coverage” of French politics. The Journal also cites Ryan Fox, a cybersecurity expert for the Texas-based firm New Knowledge, who claims that “several hundred accounts on Twitter and Facebook” that are involved in the yellow vests movement “are very likely controlled by Moscow”.

However, there is disagreement among cybersecurity experts about the extent of the Kremlin’s involvement in the yellow vests. Paris has previously accused Moscow of trying to influence the direction of French politics. In February of 2017, France’s Directorate-General for External Security warned that Russia had launched a secret operation to try to influence the outcome of that year’s French presidential election in favor of the far right. However, if such an effort existed, it failed to stop the rise to power of Emmanuel Macron. Since assuming the country’s presidency, Macron has been a leading international critic of Russia’s domestic and foreign policies. The Kremlin, therefore, has strong reasons to want to see a premature end to Macron’s presidency.

This does not necessarily mean that Moscow has been able to anticipate —let alone influence— the yellow vests movement, whose energy has surprised even the most experienced French political observers. The Journal notes that many leading Western cybersecurity bodies, including the Atlantic Council’s Digital Forensic Research Lab, have “not seen significant evidence of state-sponsored interference” in the yellow vests movement, whether by Russia or any other government. Facebook also said that its monitors have not uncovered any evidence of an organized campaign by Moscow to coax the yellow vests protests. The paper also cited Dimitri Peskov, a spokesman for the Kremlin, who categorically denied allegations that Russia was in any way involved in directing yellow vests activists.

Author: Joseph Fitsanakis | Date: 17 December 2018 | Permalink

Analysis: Strasbourg attack raises serious security concerns in Europe

StrasbourgThe terrorist attack in the French city of Strasbourg on December 11 raises important security concerns for Europe’s ability to defend itself against a rapidly evolving Islamist insurgency. The attack lasted 10 minutes, from 7:50 to 8:00 p.m. on Tuesday evening, and targeted shoppers in Christkindelsmärik, a large Christmas market held annually in Strasbourg. The lone shooter, who has since been identified as Chérif Chekatt, a French citizen, was reportedly heard shouting “Allahu Akbar” (God is great) repeatedly as he opened fire on the unsuspecting shoppers. He also tried to stab some of them using a knife. Chekatt eventually exchanged fire with French soldiers and officers of the National Police before fleeing the scene of the attack in a taxi cab. Three people were declared dead at the scene, while 12 others were urgently transported to nearby hospitals. Six of them remain in critical condition. Chekatt remained at large until Thursday evening, when he was shot dead by police in Strasbourg.

It is important to stress that the choice of Strasbourg as the site of the terrorist strike was not accidental, nor was the attack spontaneous. A city and of nearly 500,000 inhabitants in its greater district, Strasbourg is one of the European Union’s de facto capitals. It hosts several European institutions, including the building of the European Parliament. Its geographical location on the French-German border epitomizes the crossroads of Franco-German cultural traditions. Its distinct character symbolizes the coexistence of Europe’s two leading powers, which forms the cornerstone of the European Union project. The majority of Strasbourg’s residents are bilingual and communicate in Alsacien, a peculiar mixture of French and German. The city also exemplifies a distinctive brand of 21st-century Christian unity through the balanced coexistence of Catholic and Protestant religious cultures. The Christkindelsmärik —the venue that was attacked on Tuesday— is Europe’s largest Christmas market and symbolizes precisely that coexistence. Providing that Tuesday’s attack was sanctioned and/or planned by the Islamic State or one of its affiliate organizations, its strong symbolism is apparent.

As Washington Examiner commentator Tom Rogan noted on Wednesday, it appears that the perpetrator of the attack was able to acquire a semi-automatic weapon, as well as grenades. Unlike the United States, accessing these types of weapons in Western Europe is exceedingly difficult. This is so especially in France, a country that has remained in a perpetual state of heightened security since the Paris attacks of November 2015. It is even more perplexing that Chekatt was able to acquire this type of weaponry, given that his name featured on the terrorism watch lists of France’s security and intelligence services. Additionally, says Rogan, one of the operational trademarks of the Islamic State centers on adhering to a sharp division between its arms procurement networks and the individuals who carry out terrorist attacks. This means that a wider Islamist network in France, Switzerland or Germany, was able to armed and possibly trained Chekatt in Europe, since the attacker is not believed to have visited the Middle East or North Africa.

Rogan also points out that Chekatt —a French-born 29-year-old petty criminal— was radicalized while serving time in prison. This raises important questions about Salafist-Jihadi radicalization networks inside Western European prison systems. The security implications of this realization inevitably widens the security considerations of Europe’s counterterrorism agencies. The latter have so far focused primarily on the danger posed by the return of European Islamic State volunteers from the Middle East. The problem, however, appears to be more complicated.

Ultimately, the Strasbourg attack demonstrates that, despite several years of concerted efforts, the ability of European counterterrorism agencies to prevent strikes by Islamist groups on European soil is limited. Meanwhile, European streets are busy during the Christmas season, with indoor and outdoor markets and festivals, concerts, as well as a host of religious observances taking place in thousands of different locations across the continent. Should Tuesday’s attack in Strasbourg mark the beginning of a sustained terrorism campaign by the Islamic State, December could prove to be a deadly month in Europe.

Author: Joseph Fitsanakis | Date: 13 December 2018 | Permalink

MI6 spy chief outlines ‘fourth generation espionage’ in rare public speech

Alex YoungerThe director of Britain’s Secret Intelligence Service —known as MI6— has outlined the parameters of a new, “fourth generation of espionage”, which he said is needed to combat the “threats of the hybrid age”. Alex Younger, 55, is a career intelligence officer who joined MI6 in 1991, after serving in the British Army. He served as chief of global operations —considered the number two position at MI6— before being appointed director of the spy agency in October 2014. He previously served in the Middle East, Europe, and Afghanistan, where he represented MI6 as its most senior officer in the country following the US-led military invasion of 2001. Until this week, Younger had given a single public address since becoming director of MI6. But on Monday he spoke again, this time at the University of St. Andrews in Scotland, from where he graduated with a degree in economics.

After cautioning his audience that MI6’s methods, operations and people —some of whom “have paid the ultimate price”— must remain secret, Younger said that technological progress has “profoundly changed [MI6’s] operating environment”. Technological change, as well as the degree of interconnectedness, he said, has made the world “dramatically more complicated”. He went on to add that the resulting ambiguity is referred to by MI6 as a constant stream of “hybrid threats”, namely challenges posed by nation-states operating “in the gray spaces of the hybrid era”. They do so in order to probe the West’s “institutions and defenses in ways that fall short of traditional warfare”, said Younger. The British spy chief added that MI6, as “one of the few truly global intelligence agencies” is well positioned to respond to hybrid threats, mostly by augmenting its human intelligence role —using human spies to collect information.

Human intelligence, which is MI6’s core task, “will never change fundamentally”, said Younger, adding that “in fact it will become even more important in a more complex world”. However, it will need to evolve to meet the challenges of the hybrid age. Younger said that MI6 was pioneering a “fourth generation of espionage”, which is the product of the fusion of traditional human skills with “accelerated [technological] innovation”. This new generation of espionage said Younger, relies not on individual work but on operations that are carried out by dynamic teams within and across state agencies. Additionally, the ultimate task of these operations is not simply to know the actions of one’s adversaries, but “to change their behavior”, said the British spy chief. Furthermore, in order to successfully develop fourth generation espionage capabilities, MI6 will have to “ensure that technology is on our side, not that of our opponents”, noted Younger. The spy chief gave an example by referring to the case of the near-fatal poisoning of Sergei Skripal, the Russian former double spy who was allegedly attacked by two Russian military intelligence officers in Salisbury, England, last March. It was “bulk data combined with modern analytics” that exposed the culprits of the operation, he said. But the same methods, which make the modern world more transparent, can posed “a serious challenge if used against us”, warned the MI6 chief.

Author: Joseph Fitsanakis | Date: 04 December 2018 | Permalink

Head of CIA’s Korean mission center to resign, say sources

Andrew KimA senior North Korea expert in the United States Central Intelligence Agency, who has been instrumental in the ongoing negotiations between Washington and Pyongyang, has tendered his resignation, according to sources. The official was identified last may by US media as Andrew Kim, a former South Korean citizen who moved to the US with his parents when he was 13 years old. According to sources, Kim joined the CIA after graduating from college and rose through the Agency’s ranks to serve its stations in Moscow, Beijing and Bangkok. His most recent overseas post was reportedly in Seoul, where he served as the CIA’s station chief —the most senior American intelligence official in the country.

Following his return to the US from Seoul, Kim reportedly retired, but returned last year to head the CIA’s new Korea Mission Center (KMC). The purpose of the specialized unit is to analyze Pyongyang’s ballistic missile and nuclear weapons programs, which the administration of US President Donald Trump considers as matters of priority for the White House. It was as head of the KMC that Kim reportedly met Mike Pompeo once he became Director of the CIA in January 2017. The two men worked closely together and it is believed that Kim’s role was instrumental in organizing the negotiations between Washington and Pyongyang that led to last summer’s historic high-level meeting between President Trump and Supreme Leader Kim Jong-un. According to American and South Korean media, Kim accompanied the then-CIA director on his secret trip to North Korea. He also accompanied Pompeo on his trips to North Korea once the Kansas Republican became Secretary of State.

The Yonhap News Agency said on Tuesday that Kim initially intended to leave his CIA post in the summer, but was persuaded by Secretary Pompeo to continue. However, he has now tendered his resignation, which will take effect on December 20. Citing “multiple sources”, including “a senior official at South Korea’s National Intelligence Service”, the Seoul-based news agency said that Kim plans to take up an academic post at Stanford University, adding that he intends to continue serving as an adviser to the secretary of state. Prior media reports have stated that “Kim is widely viewed as a hawk on North Korea”, so there are suspicions that his departure from the CIA stems from his disagreement with the policy of negotiation signaled by President Trump. However, the CIA has not commented on the Yonhap report. The South Korean agency said that the CIA is already reviewing candidates to succeed Kim.

Author: Joseph Fitsanakis | Date: 28 November 2018 | Permalink

New book names ex-KGB defector who outed FBI agent Robert Hanssen as Russian spy

Robert HanssenA new book reveals for the first time the name of a former intelligence officer of the Soviet KGB who helped American authorities arrest Robert Hanssen, an American spy for the Soviet Union and Russia. The son of a Chicago police officer, Hanssen joined the Federal Bureau of Investigation in 1976 and was eventually transferred to the Bureau’s Soviet analytical unit, where he held senior counterintelligence posts. It wasn’t until 2000, however, that the FBI realized Hanssen had spied for Moscow since 1979. Following Hanssen’s arrest in 2001, it emerged that he had betrayed the names of 50 FBI and CIA assets or informants, many of whom perished in the hands of the Russian intelligence services.

In 2002, the US Department of Justice opined that Hanssen had caused “possibly the worst intelligence disaster in US history”. He is currently serving 15 consecutive life terms without the possibility of parole. But despite numerous articles, reports and books on the Hanssen spy case, the story of the FBI investigation that led to his arrest remains at best fragmentary. A major question concerns the identity of the mysterious person that helped FBI counterintelligence investigators zero in on Hanssen after years of fruitless efforts to confirm suspicions of the existence of a Russian mole. It is known that the FBI paid the sum of $7 million to a former KGB officer, who delivered the contents of Hanssen’s Russian intelligence file. But the identity of that informant has not been revealed.

That may have changed as of last month, however, thanks to The Seven Million Dollar Spy, a book written by the late David Wise, a journalist and best-selling intelligence author who died on October 8, aged 88. Wise’s book, published posthumously on October 23 in audio book format, received little media attention. But Newsweek intelligence correspondent Jeff Stein said last week that the book might bring us a step closer to uncovering the identity of the individual who led to Hanssen’s capture. Stein explains that the mysterious informant had previously developed a business relationship with Jack Platt, a retired CIA case officer who after the end of the Cold War co-founded an international security consultancy with ex-KGB operative Gennady Vasilenko. The two men staffed their company with several American and Russian former spies. Among them was Anatoly Stepanov, a former case officer in the KGB. Stein reports that, according to Wise’s posthumous book, Stepanov is in fact the pseudonym of former KGB officer Aleksandr Shcherbakov. It was he who delivered Hanssen’s file to the FBI, thus facilitating his eventual capture. It is believed that Shcherbakov defected to the United States in 2010 where he continues to live today under an assumed identity.

Author: Joseph Fitsanakis | Date: 06 November 2018 | Permalink