French security services investigate Russian role in yellow vests movement

yellow vests movementIntelligence and security services in France are investigating whether Russian involvement on social media and other platforms is playing a role in amplifying the so-called ‘yellow vests’ movement. Known in French as le mouvement des gilets jaunes, the campaign began online in May of this year as a popular protest against rising fuel prices and the high cost of living in France. In mid-November, the movement made its first public appearance with large demonstrations that have continued every weekend since then. Yellow vest protestors claim that tax increases are disproportionally affecting working- and middle-class people and that everyday life is becoming economically unsustainable in France. Some of the demonstrations have turned violent, and so far at least eight people have died as a result. The ensuing crisis has become the most significant threat to the government of Emmanuel Macron, as the protests are increasingly evolving into an anti-Macron rallies.

So far, the yellow vests campaign has been largely bipartisan, bringing together protestors from the entirety of the French political spectrum. Additionally, there are no identified leaders or coordinators of the movement. However, some suspect that Russian government operatives may be further-inflaming an already incensed protest movement. On Friday, The Wall Street Journal said that French security agencies were investigating potential involvement by the Kremlin in the yellow vests campaign. The paper quoted an unnamed French government cybersecurity official as saying that “there has been some suspect activity [and] we are in the process of looking at its impact”. The official was referring to the online activity of some leading social-media accounts involved with the yellow vests, which appear to also be “promoting Russian-backed coverage” of French politics. The Journal also cites Ryan Fox, a cybersecurity expert for the Texas-based firm New Knowledge, who claims that “several hundred accounts on Twitter and Facebook” that are involved in the yellow vests movement “are very likely controlled by Moscow”.

However, there is disagreement among cybersecurity experts about the extent of the Kremlin’s involvement in the yellow vests. Paris has previously accused Moscow of trying to influence the direction of French politics. In February of 2017, France’s Directorate-General for External Security warned that Russia had launched a secret operation to try to influence the outcome of that year’s French presidential election in favor of the far right. However, if such an effort existed, it failed to stop the rise to power of Emmanuel Macron. Since assuming the country’s presidency, Macron has been a leading international critic of Russia’s domestic and foreign policies. The Kremlin, therefore, has strong reasons to want to see a premature end to Macron’s presidency.

This does not necessarily mean that Moscow has been able to anticipate —let alone influence— the yellow vests movement, whose energy has surprised even the most experienced French political observers. The Journal notes that many leading Western cybersecurity bodies, including the Atlantic Council’s Digital Forensic Research Lab, have “not seen significant evidence of state-sponsored interference” in the yellow vests movement, whether by Russia or any other government. Facebook also said that its monitors have not uncovered any evidence of an organized campaign by Moscow to coax the yellow vests protests. The paper also cited Dimitri Peskov, a spokesman for the Kremlin, who categorically denied allegations that Russia was in any way involved in directing yellow vests activists.

Author: Joseph Fitsanakis | Date: 17 December 2018 | Permalink

Advertisements

Analysis: Strasbourg attack raises serious security concerns in Europe

StrasbourgThe terrorist attack in the French city of Strasbourg on December 11 raises important security concerns for Europe’s ability to defend itself against a rapidly evolving Islamist insurgency. The attack lasted 10 minutes, from 7:50 to 8:00 p.m. on Tuesday evening, and targeted shoppers in Christkindelsmärik, a large Christmas market held annually in Strasbourg. The lone shooter, who has since been identified as Chérif Chekatt, a French citizen, was reportedly heard shouting “Allahu Akbar” (God is great) repeatedly as he opened fire on the unsuspecting shoppers. He also tried to stab some of them using a knife. Chekatt eventually exchanged fire with French soldiers and officers of the National Police before fleeing the scene of the attack in a taxi cab. Three people were declared dead at the scene, while 12 others were urgently transported to nearby hospitals. Six of them remain in critical condition. Chekatt remained at large until Thursday evening, when he was shot dead by police in Strasbourg.

It is important to stress that the choice of Strasbourg as the site of the terrorist strike was not accidental, nor was the attack spontaneous. A city and of nearly 500,000 inhabitants in its greater district, Strasbourg is one of the European Union’s de facto capitals. It hosts several European institutions, including the building of the European Parliament. Its geographical location on the French-German border epitomizes the crossroads of Franco-German cultural traditions. Its distinct character symbolizes the coexistence of Europe’s two leading powers, which forms the cornerstone of the European Union project. The majority of Strasbourg’s residents are bilingual and communicate in Alsacien, a peculiar mixture of French and German. The city also exemplifies a distinctive brand of 21st-century Christian unity through the balanced coexistence of Catholic and Protestant religious cultures. The Christkindelsmärik —the venue that was attacked on Tuesday— is Europe’s largest Christmas market and symbolizes precisely that coexistence. Providing that Tuesday’s attack was sanctioned and/or planned by the Islamic State or one of its affiliate organizations, its strong symbolism is apparent.

As Washington Examiner commentator Tom Rogan noted on Wednesday, it appears that the perpetrator of the attack was able to acquire a semi-automatic weapon, as well as grenades. Unlike the United States, accessing these types of weapons in Western Europe is exceedingly difficult. This is so especially in France, a country that has remained in a perpetual state of heightened security since the Paris attacks of November 2015. It is even more perplexing that Chekatt was able to acquire this type of weaponry, given that his name featured on the terrorism watch lists of France’s security and intelligence services. Additionally, says Rogan, one of the operational trademarks of the Islamic State centers on adhering to a sharp division between its arms procurement networks and the individuals who carry out terrorist attacks. This means that a wider Islamist network in France, Switzerland or Germany, was able to armed and possibly trained Chekatt in Europe, since the attacker is not believed to have visited the Middle East or North Africa.

Rogan also points out that Chekatt —a French-born 29-year-old petty criminal— was radicalized while serving time in prison. This raises important questions about Salafist-Jihadi radicalization networks inside Western European prison systems. The security implications of this realization inevitably widens the security considerations of Europe’s counterterrorism agencies. The latter have so far focused primarily on the danger posed by the return of European Islamic State volunteers from the Middle East. The problem, however, appears to be more complicated.

Ultimately, the Strasbourg attack demonstrates that, despite several years of concerted efforts, the ability of European counterterrorism agencies to prevent strikes by Islamist groups on European soil is limited. Meanwhile, European streets are busy during the Christmas season, with indoor and outdoor markets and festivals, concerts, as well as a host of religious observances taking place in thousands of different locations across the continent. Should Tuesday’s attack in Strasbourg mark the beginning of a sustained terrorism campaign by the Islamic State, December could prove to be a deadly month in Europe.

Author: Joseph Fitsanakis | Date: 13 December 2018 | Permalink

MI6 spy chief outlines ‘fourth generation espionage’ in rare public speech

Alex YoungerThe director of Britain’s Secret Intelligence Service —known as MI6— has outlined the parameters of a new, “fourth generation of espionage”, which he said is needed to combat the “threats of the hybrid age”. Alex Younger, 55, is a career intelligence officer who joined MI6 in 1991, after serving in the British Army. He served as chief of global operations —considered the number two position at MI6— before being appointed director of the spy agency in October 2014. He previously served in the Middle East, Europe, and Afghanistan, where he represented MI6 as its most senior officer in the country following the US-led military invasion of 2001. Until this week, Younger had given a single public address since becoming director of MI6. But on Monday he spoke again, this time at the University of St. Andrews in Scotland, from where he graduated with a degree in economics.

After cautioning his audience that MI6’s methods, operations and people —some of whom “have paid the ultimate price”— must remain secret, Younger said that technological progress has “profoundly changed [MI6’s] operating environment”. Technological change, as well as the degree of interconnectedness, he said, has made the world “dramatically more complicated”. He went on to add that the resulting ambiguity is referred to by MI6 as a constant stream of “hybrid threats”, namely challenges posed by nation-states operating “in the gray spaces of the hybrid era”. They do so in order to probe the West’s “institutions and defenses in ways that fall short of traditional warfare”, said Younger. The British spy chief added that MI6, as “one of the few truly global intelligence agencies” is well positioned to respond to hybrid threats, mostly by augmenting its human intelligence role —using human spies to collect information.

Human intelligence, which is MI6’s core task, “will never change fundamentally”, said Younger, adding that “in fact it will become even more important in a more complex world”. However, it will need to evolve to meet the challenges of the hybrid age. Younger said that MI6 was pioneering a “fourth generation of espionage”, which is the product of the fusion of traditional human skills with “accelerated [technological] innovation”. This new generation of espionage said Younger, relies not on individual work but on operations that are carried out by dynamic teams within and across state agencies. Additionally, the ultimate task of these operations is not simply to know the actions of one’s adversaries, but “to change their behavior”, said the British spy chief. Furthermore, in order to successfully develop fourth generation espionage capabilities, MI6 will have to “ensure that technology is on our side, not that of our opponents”, noted Younger. The spy chief gave an example by referring to the case of the near-fatal poisoning of Sergei Skripal, the Russian former double spy who was allegedly attacked by two Russian military intelligence officers in Salisbury, England, last March. It was “bulk data combined with modern analytics” that exposed the culprits of the operation, he said. But the same methods, which make the modern world more transparent, can posed “a serious challenge if used against us”, warned the MI6 chief.

Author: Joseph Fitsanakis | Date: 04 December 2018 | Permalink

Head of CIA’s Korean mission center to resign, say sources

Andrew KimA senior North Korea expert in the United States Central Intelligence Agency, who has been instrumental in the ongoing negotiations between Washington and Pyongyang, has tendered his resignation, according to sources. The official was identified last may by US media as Andrew Kim, a former South Korean citizen who moved to the US with his parents when he was 13 years old. According to sources, Kim joined the CIA after graduating from college and rose through the Agency’s ranks to serve its stations in Moscow, Beijing and Bangkok. His most recent overseas post was reportedly in Seoul, where he served as the CIA’s station chief —the most senior American intelligence official in the country.

Following his return to the US from Seoul, Kim reportedly retired, but returned last year to head the CIA’s new Korea Mission Center (KMC). The purpose of the specialized unit is to analyze Pyongyang’s ballistic missile and nuclear weapons programs, which the administration of US President Donald Trump considers as matters of priority for the White House. It was as head of the KMC that Kim reportedly met Mike Pompeo once he became Director of the CIA in January 2017. The two men worked closely together and it is believed that Kim’s role was instrumental in organizing the negotiations between Washington and Pyongyang that led to last summer’s historic high-level meeting between President Trump and Supreme Leader Kim Jong-un. According to American and South Korean media, Kim accompanied the then-CIA director on his secret trip to North Korea. He also accompanied Pompeo on his trips to North Korea once the Kansas Republican became Secretary of State.

The Yonhap News Agency said on Tuesday that Kim initially intended to leave his CIA post in the summer, but was persuaded by Secretary Pompeo to continue. However, he has now tendered his resignation, which will take effect on December 20. Citing “multiple sources”, including “a senior official at South Korea’s National Intelligence Service”, the Seoul-based news agency said that Kim plans to take up an academic post at Stanford University, adding that he intends to continue serving as an adviser to the secretary of state. Prior media reports have stated that “Kim is widely viewed as a hawk on North Korea”, so there are suspicions that his departure from the CIA stems from his disagreement with the policy of negotiation signaled by President Trump. However, the CIA has not commented on the Yonhap report. The South Korean agency said that the CIA is already reviewing candidates to succeed Kim.

Author: Joseph Fitsanakis | Date: 28 November 2018 | Permalink

New book names ex-KGB defector who outed FBI agent Robert Hanssen as Russian spy

Robert HanssenA new book reveals for the first time the name of a former intelligence officer of the Soviet KGB who helped American authorities arrest Robert Hanssen, an American spy for the Soviet Union and Russia. The son of a Chicago police officer, Hanssen joined the Federal Bureau of Investigation in 1976 and was eventually transferred to the Bureau’s Soviet analytical unit, where he held senior counterintelligence posts. It wasn’t until 2000, however, that the FBI realized Hanssen had spied for Moscow since 1979. Following Hanssen’s arrest in 2001, it emerged that he had betrayed the names of 50 FBI and CIA assets or informants, many of whom perished in the hands of the Russian intelligence services.

In 2002, the US Department of Justice opined that Hanssen had caused “possibly the worst intelligence disaster in US history”. He is currently serving 15 consecutive life terms without the possibility of parole. But despite numerous articles, reports and books on the Hanssen spy case, the story of the FBI investigation that led to his arrest remains at best fragmentary. A major question concerns the identity of the mysterious person that helped FBI counterintelligence investigators zero in on Hanssen after years of fruitless efforts to confirm suspicions of the existence of a Russian mole. It is known that the FBI paid the sum of $7 million to a former KGB officer, who delivered the contents of Hanssen’s Russian intelligence file. But the identity of that informant has not been revealed.

That may have changed as of last month, however, thanks to The Seven Million Dollar Spy, a book written by the late David Wise, a journalist and best-selling intelligence author who died on October 8, aged 88. Wise’s book, published posthumously on October 23 in audio book format, received little media attention. But Newsweek intelligence correspondent Jeff Stein said last week that the book might bring us a step closer to uncovering the identity of the individual who led to Hanssen’s capture. Stein explains that the mysterious informant had previously developed a business relationship with Jack Platt, a retired CIA case officer who after the end of the Cold War co-founded an international security consultancy with ex-KGB operative Gennady Vasilenko. The two men staffed their company with several American and Russian former spies. Among them was Anatoly Stepanov, a former case officer in the KGB. Stein reports that, according to Wise’s posthumous book, Stepanov is in fact the pseudonym of former KGB officer Aleksandr Shcherbakov. It was he who delivered Hanssen’s file to the FBI, thus facilitating his eventual capture. It is believed that Shcherbakov defected to the United States in 2010 where he continues to live today under an assumed identity.

Author: Joseph Fitsanakis | Date: 06 November 2018 | Permalink

CIA suffered ‘catastrophic’ compromise of its spy communication system

CIAThe United States Central Intelligence Agency suffered a “catastrophic” compromise of the system it uses to communicate with spies, which caused the death of “dozens of people around the world” according to sources. This is alleged in a major report published on Friday by Yahoo News, which cites “conversations with eleven former US intelligence and government officials directly familiar with the matter”. The report by the online news service describes the compromise of an Internet-based covert platform used by the CIA to facilitate the clandestine communication between CIA officers and their sources —known as agents or spies— around the world.

According to Yahoo News, the online communication system had been developed in the years after 9/11 by the US Intelligence Community for use in warzones in the Middle East and Central Asia. It was eventually adopted for extensive use by the CIA, which saw it as a practical method for exchanging sensitive information between CIA case officers and their assets in so-called ‘denied areas’. The term refers to regions of the world where face-to-face communication between CIA case officers and their assets is difficult and dangerous due to the presence of ultra-hostile intelligence services or non-state adversaries like the Taliban or al-Qaeda. However, it appears that the system was flawed: it was too elementary to withstand sustained scrutiny by Internet-savvy counterintelligence experts working for state actors like Iran, China or Russia.

In September of 2009, Washington made a series of impressively detailed revelations about the advanced status of Iran’s nuclear program. These angered Tehran, which redoubled its efforts to stop the US and others from acquiring intelligence information about the status of its nuclear program. Some sources told Yahoo News that one of the CIA assets inside Iran’s nuclear program was convinced by the Iranians to become a double spy. He proceeded to give Tehran crucial information about the CIA’s online communication system. Based on these initial clues, the Iranians allegedly used Google-based techniques “that one official described as rudimentary” to identify an entire network of CIA-maintained websites that were used to communicate with assets in Iran and elsewhere. The Iranians then kept tabs on these websites and located their users in order to gradually unravel an entire network of CIA agents inside their country. Around that time, Iranian media announced that the Islamic Republic’s counterintelligence agencies had broken up an extensive CIA spy ring consisting of more than 30 informants.

The Yahoo News report says that the CIA was able to successfully exfiltrate some of its assets from Iran before the authorities were able to apprehend them. The agency also had to recall a number of undercover officers, after they were identified by the Iranians. The effects of the compromise, however, persisted on a global scale, according to former US intelligence officials. In 2011 and 2012, another network of CIA spies was busted in China, leading to the arrest and execution of as many as three dozen assets working for the US. Many, says Yahoo News, believe that the Iranians coached the Chinese on how to use the CIA’s online communication system to identify clandestine methods and sources used by the agency.

Along with other specialist websites, IntelNews monitored these developments as they took place separately in Iran and China. However, the Yahoo News report is the first to piece together these seemingly disparate developments and suggest that they were likely triggered by the same root cause. What is more, the report suggests that the CIA had been warned about the potential shortcomings of its online communication system before 2009, when the first penetrations began to occur. In response to the compromise, the CIA has reportedly modified, and at times completely abandoned, its online communication system. However, the implications of the system’s compromise continue to “unwind worldwide” and the CIA is “still dealing with the fallout”, according to sources. The effects on the agency’s operational work are likely to persist for years, said Yahoo News.

Author: Joseph Fitsanakis | Date: 05 November 2018 | Permalink

Suicide bomber who attacked Russian spy agency identified as ‘anarchist-communist’

Mikhail ZhlobitskyA teenager who killed himself with an improvised explosive device in the lobby of a regional office of Russia’s domestic intelligence agency appears to have identified himself as an “anarchist-communist” on social media. At 8:52 am local time on Wednesday, the 17-year-old entered the regional office of Russia’s Federal Security Service (FSB) in the city of Archangelsk, located 800 miles north of Moscow. On CCTV footage released by the Russian security services, he is seen reaching into his backpack and taking out an object, which soon exploded, killing him and wounding three others.

The bomber was later identified in the Russian media as Mikhail Zhlobitsky, a student at a local technical college. Within hours, reports pointed to posts made on social media platforms by Zhlobitsky, who used several online aliases, including that of “Sergey Nechayev”, one of Russia’s leading 19th-century anarchists, who died in prison for advocating terrorism as a means of revolution. Shortly before the attack, someone using the alias “Valeryan Panov” commented on the social messaging application Telegram that he was about to bomb the FSB in Archangelsk. In the comment, which was posted on an anarchist forum, the user said that he had decided to act “because the FSB falsifies cases and tortures people”. The user added that he would probably die in the attack because he had to manually detonate the improvised explosive device he was carrying with him. He concluded his message with the words: “I wish you a glorious future of anarchist communism!”.

The activities of militant Russian anarchists and anarcho-communists date back to the mid-19th century; anarchist militants are responsible for numerous assassinations of senior Russian officials, including Emperor Alexander II, who was killed by a Russian anarchist in 1881. But the movement was ruthlessly suppressed by the Soviet state and today the FSB and other Russian security services are actively monitoring the remnants of the Russian anarchist movement. These include the Confederation of Revolutionary Anarcho-Syndicalists, the group Autonomous Action, and the Siberian Confederation of Labor. Large sections of these groups have now moved underground, as the government of Russian President Vladimir Putin has named anarchists as primary enemies of order and security in the Russian Federation. Earlier this month, another Russian teenager, Vladislav Roslyakov, killed himself after shooting 19 students and teachers at a technical college in Kerch, a Black Sea port city in Russian-annexed Crimea. No political motive for the attack has been reported.

Author: Joseph Fitsanakis | Date: 01 November 2018 | Research credit: S.F. | Permalink