Indonesia to investigate North Korean restaurant reportedly used as spy base

Pyongyang Restaurant in Jakarta, IndonesiaIndonesian authorities said on Sunday that they will investigate a North Korean restaurant in the country, after a Singaporean news agency claimed it was being used as a center for espionage. The announcement comes amidst heightened tensions between North Korean and its neighbors, following the murder last week in Malaysia of Kim Jong-nam, half-brother of North Korea’s Supreme Leader Kim Jong-il. Kim, the grandson of North Korea’s founder Kim Il-Sung, died after two women approached him at the Kuala Lumpur International Airport and splashed his face with liquid poison. Sources in South Korea and the United States have pointed at Pyongyang as the culprit of the assassination.

On Friday of last week, the Singapore-based news agency Asia One published a lengthy report into alleged North Korean espionage operations in Southeast Asia. The report claimed that North Korean intelligence agencies have operated extensive networks of operatives in Indonesia, Malaysia and Singapore, and that these networks have operated unimpeded for over two decades. The news agency cited an unnamed “intelligence source” as saying that the spy networks are operated by North Korea’s Reconnaissance General Bureau (RGB). The RGB is in charge of special activities abroad, which include covert operations and intelligence collection involving espionage. It operates under the Ministry of State Security and answers directly to North Korea’s supreme leader.

According to Asia One, the RGB maintains some of its largest spy networks abroad in Indonesia, Singapore and Malaysia, where Kim Jong-nam met a gruesome death last week. RGB personnel operating in these countries are North Korean citizens who are employed in the construction sector, as well as the tourism industry. Some operate North Korean restaurants, which are popular tourist attractions across Southeast Asia. The unnamed intelligence source told Asia One that North Korean restaurants serve “as a main front to conduct intelligence gathering and surveillance [against] Japanese and South Korean politicians, diplomats, top corporate figures and businessmen”. The RGB’s network in Indonesia is based in textile factories located in several Indonesian cities, said Asia One. There is also “an apartment located above a North Korean restaurant in [the Indonesian capital] Jakarta that is part of the RGB Indonesia office”, according to the report.

Following the news agency’s allegations, Argo Yuwono, senior commander for the Indonesian National Police, said that an investigation would take place into Asia One’s allegations. He said that his detectives would coordinate their activities with the Indonesian Foreign Ministry before moving ahead with the probe.

Author: Joseph Fitsanakis | Date: 21 February 2017 | Permalink

Advertisements

NSA contractor accused of spying stole real names of US undercover officers

NSAClassified information stolen by a United States federal contractor, who was charged with espionage last month, includes the true identities of American intelligence officers posted in undercover assignments abroad, according to court documents. In August of this year, Harold Thomas Martin III, was arrested by the Federal Bureau of Investigation on charges of stealing government property and illegally removing classified material. Martin, 51, served as a US Navy officer for over a decade, where he acquired a top secret clearance and specialized in cyber security. At the time of his arrest earlier this year, he was working for Booz Allen Hamilton, one of the largest federal contractors in the US. Some media reports said Martin was a member of the National Security Agency’s Office of Tailored Access Operations, described by observers as an elite “hacker army” tasked with conducting offensive cyber espionage against foreign targets.

Last week, after prosecutors alleged that the information Martin removed from the NSA was the equivalent of 500 million pages, a judge in the US state of Maryland ruled that the accused might flee if he is released on bail. Soon afterwards, Martin’s legal team filed a motion asking the judge to reconsider his decision to deny him bail. That prompted a new filing by the prosecution, which was delivered to the court on Thursday. The document alleges that the information found in Martin’s home and car includes “numerous names” of American intelligence officers who currently “operate under cover outside the US”. The court filing adds that Martin’s removal of the documents from secure government facilities constitutes “a security breach that risks exposure of American intelligence operations” and “could endanger the lives” of undercover intelligence officers and their agents abroad.

It is alleged that Martin told the FBI he never shared classified information with anyone, and that he removed it from his office at the NSA in order to deepen his expertise on his subject. His legal team argues that Martin suffers from a mental condition that compels him to be a hoarder. But prosecutors for the government argue in court documents that Martin appears to have communicated via the Internet with Russian speakers, and that he was learning Russian at the time of his arrest. The case is expected to be tried later this year.

Author: Joseph Fitsanakis | Date: 28 October 2016 | Permalink

Portuguese, Russian spies arrested in Rome may have accomplices

Frederico Carvalhão,A Portuguese intelligence officer arrested a week ago in Rome, allegedly while passing classified documents to his Russian handler, may have accomplices with access to North Atlantic Treaty Organization (NATO) secrets. IntelNews reported last week on the capture of Frederico Carvalhão, a section chief for Portugal’s Security Information Service (SIS), which is tasked with domestic security and counterintelligence. Carvalhão was arrested on May 23 at a café in the Trastevere district of Rome while passing a folder with six classified documents to a Russian man. The man is believed to be an employee of Russia’s Foreign Intelligence Service, known as SVR, though notably he does not have diplomatic status or immunity, and was therefore arrested. As we noted last week, this is atypical for an intelligence officer, as most of them operate as registered diplomats.

According to Portuguese media reports, the classified information that Carvalhão appears to have been sharing with the SVR since at least 2014 relate to NATO and the European Union (EU), of which Portugal is a member. However, the London-based newspaper Daily Telegraph reports that there are suspicions in Lisbon that Carvalhão was not working alone for the Russians. In other words, Portuguese investigators are looking into the possibility that the arrested spy was what is known as a ‘principal agent’. The latter signifies a mole that acts as a middle person between his foreign handlers and a cell of other agents working for him or her. The possibility that Carvalhão may not have been working alone was commented on by Portugal’s Minister of Foreign Affairs, Augusto Santos Silva, who said last week that the judicial investigation into the spy case was “ongoing”.

It appears that Carvalhão somehow managed to access NATO- and EU-related documents from the SIS’ Ameixoeira Fort headquarters in the Portuguese capital, to which he had no need-to-know access. Moreover, SIS computers do not accept flash drives, while all printed documents contain a secret watermark that identifies them as having been printed on an SIS printer. But Carvalhão appears to have somehow managed to acquire non-watermarked documents without having extracted them from an SIS computer with the use of a flash drive. Does that mean that someone else from inside SIS provided him with the documents? The EU and NATO are eagerly waiting for an answer.

Author: Joseph Fitsanakis | Date: 30 May 2016 | Permalink

Russian deep-cover spy sentenced in New York court

VnesheconombankA Russian intelligence officer, who posed as a banker in the United States, has been handed a prison sentence by a court in New York. Evgeny Buryakov, 41, posed as an employee of the New York branch of Vnesheconombank, a Russian state-owned bank headquartered in Moscow. However, in January 2015, the Federal Bureau of Investigation arrested Buryakov along with Igor Sporyshev, 40, and Victor Podobnyy, 27, who were employees of the trade office of the Russian permanent mission to the United Nations in New York. According to their indictment, Sporyshev and Podobnyy were in fact employees of the SVR, Russia’s Foreign Intelligence Service, one of the direct institutional descendants of the Soviet-era KGB. The FBI said the two were employed by the SVR’s ‘ER’ Directorate, which focuses on economics and finance. Operating under diplomatic guise, they regularly met with Buryakov, who the FBI said was the third member of the alleged spy ring.

However, unlike Sporyshev and Podobnyy, Buryakov was operating under non-official cover, posing as a bank employee. Non-official-cover operatives, or NOCs, as they are typically referred to in the US Intelligence Community, are usually high-level principal agents or officers of an intelligence agency, who operate without official connection to the diplomatic authorities of the country that employs them. They typically pose as business executives, students, academics, journalists, or non-profit agency workers, among other covers. Unlike official-cover officers, who are protected by diplomatic immunity, NOCs have no such protection. If arrested by authorities of their host country, they can be tried and convicted for conducting espionage.

The court documents also reveal that Sporyshev and Podobnyy broke basic rules of intelligence tradecraft by contacting Buryakov using an unencrypted telephone line and addressing him by his real name, rather than his cover name. These conversations, which occurred in April 2013, turned out to be monitored by the FBI’s counterintelligence division, which promptly recorded them. The three SVR officers were arrested following a successful FBI sting operation, which involved an undercover FBI agent posing as an American investor offering to provide Buryakov with classified documents from the US Treasury. In March of this year, Buryakov pleaded guilty to working in the US as unregistered agent of Russia’s SVR. He has been sentenced to 2 ½ years in prison and ordered to pay a $10,000. Sporyshev and Podobnyy, who held diplomatic immunity, were expelled from the US following their arrest.

Author: Joseph Fitsanakis | Date: 27 May 2016 | Permalink

Russian, Portuguese intelligence officers arrested in Rome on espionage charges

Frederico CarvalhãoTwo intelligence officers, one Russian and one Portuguese, have been arrested by Italian authorities on charges of espionage. The arrests took place in Rome on Monday by Italian police, who were reportedly accompanied by Portuguese counterintelligence officers. It is suggested in Portuguese media that the two men were arrested in the act of exchanging classified documents and money. The Portuguese intelligence officer has been identified in news reports as Frederico Carvalhão, a section chief for Portugal’s Security Information Service, which is tasked with domestic security and counterintelligence. The Russian intelligence officer has not been identified, but is believed to be an employee of Russia’s Foreign Intelligence Service, known as SVR. Interestingly, the Russian officer does not have diplomatic status and was therefore arrested, since he holds no diplomatic immunity.

A press release by the Portuguese government prosecutor said that Carvalhão had been arrested “along with a foreign subject linked to an intelligence organization” after a lengthy investigation into “concerns that [classified] information was being exchanged for money”. It is believed that Portuguese authorities began investigating Carvalhão in 2015, and now believe that he frequently traveled abroad to meet his Russian handler. He is thought to have been recruited by the Russians in 2014. According to Portuguese media reports, the documents that Carvalhão appears to have been giving the SVR contain information about the European Union and the North Atlantic Treaty Organization, of which Portugal is a member.

Carvalhão is said to have flown from Lisbon to Rome on Friday of last week in order to meet his SVR handler. The two men were meeting in a café on Saturday when they were arrested. The Portuguese government prosecutor said that Saturday’s arrests resulted from “rigorous collaboration between Portuguese and Italian authorities”. He also thanked Eurojust, a European Union agency based in the Netherlands, which focuses on cross-national judicial cooperation between European Union member-states. Security officers also raided Carvalhão’s home in Portugal, where they allegedly seized “documents and cash”. Both he and his alleged Russian hander remain in detention in Rome, while Italy is preparing to extradite them to Portugal.

Author: Joseph Fitsanakis | Date: 26 May 2016 | Permalink | News tip: C.W.

Interview with children of Russian deep-cover spies caught in the US

First Post HThe two sons of a Russian couple, who were among 10 deep-cover spies arrested in the United States, have given an interview about their experience for the first time. Tim and Alex Foley (now Vavilov) are the sons of Donald Heathfield and Tracey Foley, a married couple arrested in 2010 under Operation GHOST STORIES, a counterintelligence program run by the US Federal Bureau of Investigation. Following their arrest, their sons, who had grown up thinking their parents were Canadian, were told that they were in fact Russian citizens and that their real names were Andrei Bezrukov and Elena Vavilova. Their English-sounding names and Canadian passports had been forged in the late 1980s by the KGB, the Soviet Union’s primary external intelligence agency.

The two boys were at the family’s home in suburban Cambridge, MA, on Sunday, June 27, 2010, when FBI agents conducted coordinated raids across New England, arresting their parents and eight more Russian ‘illegals’. That term is used to signify Russian non-official-cover operatives, namely intelligence officers who operate abroad without diplomatic cover and typically without connection to the country they spy for. It is now believed that Bezrukov and Vavilova were recruited as a couple in the 1980s by the KGB’s Department S, which operated the agency’s ‘illegals’ program. They were trained for several years before being sent to Canada, where their mission was to blend into the society and establish a ‘legend’, a background story of their lives that could be supported by forged documentation supplied by the KGB. In 1995, the family moved to Paris, France, where Bezrukov, using the name Donald Heathfield, earned Master in Business Administration from the École des Ponts. Both their children had been born by 1999, when the family moved to Massachusetts so that Bezrukov could study at Harvard University. He then joined a consultancy firm, which he apparently planned to use as a vehicle in order to get close to influential American lawmakers.

Their two sons, who are now living in unspecified countries in Europe and Singapore, told British newspaper The Guardian that their childhood was “absolutely normal” and that they never suspected their parents of being spies. They told The Guardian’s Shaun Walker that their parents never discussed Russia or the Soviet Union, never ate Russian food, and never met Russian people while in Massachusetts. The sons, whose Russian names are Alexander and Timofei Vavilov, said they remember meeting their grandparents “somewhere in Europe” when they were very young, but that they later disappeared from their lives. Their parents told them that they lived in rural Alberta, Canada, and that they found it difficult to travel.

The two brothers said that, shortly after their parents were arrested by the FBI, they were put on a plane to Moscow. When they arrived there, a group of people appeared on the plane door and introduced themselves to them as “colleagues of their parents”. They were then placed in a van and taken to a Moscow apartment, where they were given information about their parents’ true backgrounds, including photographs of them from their teenage lives and military service in the USSR. It was then, they told The Guardian, that they finally believed that their parents were indeed Russian spies.

The family reunited a few days later in Moscow, after Bezrukov, Vavilova, and the other Russian ‘illegals’ were exchanged with four men held in Russian jails for spying for the West. The two brothers now want to regain their Canadian citizenship, which was taken from them by the government of Canada after their parents were found to have been using forged Canadian citizenship papers. They argue that they feel Canadian, not Russian, and that they are not responsible for their parents’ actions, which were hidden from them until their arrest in 2010.

Author: Joseph Fitsanakis | Date: 09 May 2016 | Permalink

US warns China against use of non-official-cover operatives

Chinese Ministry of State SecurityThe White House has warned the Chinese government to stop deploying on American soil intelligence operatives masquerading as tourists, business executives or other false covers. Nowadays the standard practice for intelligence personnel deployed abroad is to be posted as diplomatic staff in a foreign embassy or consulate. But there are some intelligence officers who do not follow that practice. These are known as non-official-cover operatives, or NOCs in American intelligence parlance. NOCs are typically high-level principal agents or officers of an intelligence agency, who operate without official connection to the diplomatic authorities of the country that is employing them. They typically pose as business executives, students, academics, journalists, or non-profit agency workers. Unlike official-cover officers, who are protected by diplomatic immunity, NOCs have no such protection. If arrested by authorities of their host country, they can be tried and convicted for operating as unregistered agents of a foreign government.

According to The New York Times, a significant number of Chinese NOCs have recently entered the United States as part of the Chinese government’s Operation FOX HUNT. Supervised by China’s Ministry of State Security (MSS), FOX HUNT is aimed at the thousands of former officials and other fugitives from China, who are alleged to have embezzled funds and are now living abroad, usually in considerable wealth. As part of the MSS operation, teams of intelligence agents are said to have been dispatched around the world in order to hunt down these fugitives, many of whom are believed to have embezzled hundreds of millions of dollars in government funds. Chinese media reports claim that nearly 1000 such fugitives have been “repatriated”, either voluntarily or involuntarily, since the launch of FOX HUNT. The tactics used by the Chinese NOCs are not clear, and some suspect that they include direct or indirect threats against the fugitives’ family members in China. Chinese reports have described FOX HUNT operatives as “mostly young, highly skilled”, and accustomed to “rapid-fire deployment” around the world.

The Times said that Washington views the parts of Operation FOX HUNT that take place on US soil as “a departure from the routine practice of secret government intelligence gathering” that both America and China practice against each other. The US, therefore, does not want Chinese officers without official diplomatic credentials, but posing instead as students, tourists or business representatives, engaging in intelligence operations on US soil, said the paper. It added that Washington’s warning had been delivered to Beijing “in recent weeks”. The Times article did not include specific descriptions of FOX RUN activities on American soil.

Author: Joseph Fitsanakis | Date: 17 August 2015 | Permalink