Russia, Lithuania and Norway exchange prisoners in rare three-way spy-swap

Frode BergA rare three-way spy-swap has reportedly taken place between Russia and two North Atlantic Treaty Organization (NATO) members, Lithuania and Norway. Rumors of a possible exchange of imprisoned spies between the three countries first emerged in mid-October. However, all three governments had either denied the rumors or refused to comment at the time. It now turns out that the spy-swap, which international news agencies described as “carefully coordinated” was the result of painstaking negotiations between the three countries, which lasted several months.

A major part of the process that led to last week’s spy swap was the decision of the Lithuanian parliament to approve altering the country’s criminal code. The new code allows the president of Lithuania to pardon foreign nationals who have been convicted of espionage, if doing so promotes Lithuania’s national interest. The new amendment also outlines the process by which the government can swap pardoned foreign spies with its own spies —or alleged spies— who may have been convicted of espionage abroad. On Friday, Lithuanian President Gitanas Nausėda announced he had pardoned two Russian nationals who had been convicted of espionage against Lithuania, in accordance with the new criminal code. The president’s move was approved by the country’s multi-agency State Defense Council during a secret meeting.

Shortly after President Nausėda’s announcement, Sergei Naryshkin, Director of Russia’s Foreign Intelligence Service (SVR) said that Moscow would immediately proceed with “reciprocal steps”. The Kremlin soon released from prison two Lithuanian nationals, Yevgeny Mataitis and Aristidas Tamosaitis. Tamosaitis was serving a 12-year prison sentence, allegedly for carrying out espionage for the Lithuanian Defense Ministry in 2015. Mataitis, a dual Lithuanian-Russian citizen, was serving 13 years in prison, allegedly for supplying Lithuanian intelligence with classified documents belonging to the Russian government.

The two Lithuanians were exchanged for two Russians, Nikolai Filipchenko and Sergei Moisejenko. Filipchenko is believed to be an officer in the Russian Federal Security Service (FSB), who was arrested by Lithuanian counterintelligence agents in 2015. He had been given a 10-year prison sentence for trying to recruit double agents inside Lithuania, allegedly in order to install listening bugs inside the office of the then-Lithuanian President Dalia Grybauskaite. Moisejenko was serving a 10½ year sentence for conducting espionage and for illegally possessing firearms. Lithuania alleges that Moisejenko had been tasked by Moscow with spying on the armed forces of Lithuania and NATO. Along with the two Lithuanians, Russia freed Frode Berg (pictured), a Norwegian citizen who was serving a prison sentence in Russia, allegedly for acting as a courier for the Norwegian Intelligence Service.

On Saturday, Darius Jauniškis, Director of Lithuania’s State Security Department, told reporters in Vilnius that the spy swap had taken place in a remote part of the Russian-Lithuanian border. He gave no further information about the details exchange, or about who was present at the site during the spy-swap.

Author: Joseph Fitsanakis | Date: 18 November 2019 | Research credit: E.G. | Permalink

Turks feared Russia might bomb Erdoğan’s palace in 2015, intelligence memo shows

Hmeimim AirbaseAuthorities in Turkey were concerned that Russia might bomb the presidential palace in Ankara in 2015, to retaliate against the downing of a Russian fighter jet by the Turkish military, according to an intelligence report. On November 25 of that year, a Russian Sukhoi Su-24M attack bomber was shot down by a Turkish F-16 fighter jet over the Syrian-Turkish border. Ankara claimed that the Russian aircraft had violated Turkish airspace for longer than five minutes and had failed to respond to 10 warning messages communicated by radio. By the time the Russian plane was fired upon it was nearly 1.5 miles inside Turkish airspace, according to Turkey’s Ministry of Defense. But the Kremlin claimed that the downed aircraft had been flying a mile south of the Turkish border when it was shot down.

A few hours after the incident, Russian President Vladimir Putin described it as “a stab in the back by terrorist accomplices” and warned Ankara that Moscow would not tolerate such attacks on its armed forces. International observers expressed concern about a possible armed retaliation by Russia against the Turkish military. Now a formerly classified intelligence report suggests that Turkish authorities were concerned that Russia might bomb the country’s presidential palace in Ankara. The report was unearthed by the Nordic Research Monitoring Network (NRMN), a security-oriented research initiative staffed by Turkish experts who live in Europe and the United States.

The NRMN said the previously classified report was authored by Signals Intelligence Directorate of Turkey’s National Intelligence Organization, known as MİT. It describes an intercepted conversation that took place on December 3, 2015. The conversation involved a Syrian military officer, who was believed to be a brigadier general in the army of Syrian President Bashar al-Assad. The officer, identified in the document only as Adnan, was reportedly speaking with an unnamed Russian general, identified only as Sergei, and another unidentified senior officer in the Syrian armed forces. The discussion concerned an upcoming meeting between Syrian and Russian military officials at the Hmeimim Airbase, a Russian-operated military installation on the outskirts of Latakia.

The purpose of the meeting was for the Russian forces to officially notify the Syrians that their warplanes would be carrying a heavier payload in the future, and to explain why. At one point in the conversation the Russian general told the Syrians that part of the heavier payload would consist of “barrel bombs [that] will go to Erdoğan’s palace”. The MİT interpreted that to mean the Turkish Presidential Complex, which is located inside the Atatürk Forest Farm in the Beştepe neighborhood of Ankara. The ensuing intelligence report contains handwritten notes indicating that the information contained in it was communicated to the leadership of the Turkish Armed Forces and the Turkish General Staff.

At the end no attack took place. In June of the following year President Erdoğan sent a letter to his Russian counterpart, in which he expressed his condolences for the family of the Russian pilots who were killed when their aircraft was shot down. Following the July 2016 coup, the two Turkish pilots who had shot down the Russian aircraft were arrested on suspicion of being involved in the attempt to topple Erdoğan. This, in association with the Turkish president’s letter of sympathy, were seen by Moscow as goodwill gestures from Ankara. Relations between the two countries were eventually restored.

Author: Joseph Fitsanakis | Date: 11 November 2019 | Permalink

High-ranking Russian security official gunned down in Moscow

Ibragim EldzharkievA senior counter-terrorism officer in the Russian police has been gunned down along with his brother in a downtown Moscow street, in what authorities describe as a contract killing. One of the two victims has been named as Ibragim Eldzharkiev (pictured), who headed the Russian Interior Ministry’s Anti-Extremism Center in the Republic of Ingushetia in the Russian Caucasus. His younger brother was reportedly also killed in the attack.

Eldzharkiev assumed the position of director of Ingushetia’s Anti-Extremism Center in 2018, after his predecessor, Timur Hamhoev, was among several senior police officials who were convicted of torturing and extorting detainees. The high-profile caset shed light on the ongoing low-intensity conflict in the Russian Caucasus, which in the 1990s and 2000s was the site of two wars between the Russian military and local separatists.

Russian media reported that Eldzharkiev had been visiting Moscow on private business. Security camera footage allegedly shows the shooter approaching the victim outside the entrance of a building, as he is waiting for his brother to park a vehicle. He then shoots Eldzharkiev repeatedly before directing his gun on the victim’s younger brother, who was trying to flee the scene on foot. Once the two brothers are laying on the ground, the shooter approaches them again and shoots them in the head. The shooter then leaves the murder scene in a car. Both men died at the scene of the attack. The shooter remains at large.

The state-owned Russian news agency TASS said on Saturday that Eldzharkiev’s killing was connected with his professional activities at the Anti-Extremism Center and that he had been targeted by Ingushetian “religious extremist groups”. An anonymous security source told the news agency that the shooter is believed to have used a foreign-made gun to kill the two brothers. This was the second time that Eldzharkiev was targeted by unknown assailants. The first time was in January of this year, when two unidentified gunmen opened fire at his service car, injuring a member of his protection team.

Author: Joseph Fitsanakis | Date: 05 November 2019 | Permalink

London accused of hiding report about Russian meddling in Brexit referendum

BrexitThe British government has been accused by opposition parties, and by pro-remain conservative figures, of trying to conceal a report documenting Russian meddling in British politics. The report documents the results of an investigation into Russia’s alleged attempts to influence the outcome of the 2017 general election in the United Kingdom, as well as the result of the 2016 European Union referendum, which ended in victory for the pro-Brexit campaign.

The investigation was carried out by the British Parliament’s Intelligence and Security Committee and is largely based on closed-door testimony by senior officials from Britain’s intelligence community. It reportedly contains evidence from Russia experts in agencies such as the Security Service (MI5), the Secret Intelligence Service (MI6) and the Government Communications Headquarters (GCHQ).

According to media reports the probe was completed in March of this year and underwent a redaction process to safeguard intelligence methods and sources. On October 15 it was submitted to Downing Street and on October 17 it reportedly landed on the desk of British Prime Minister Boris Johnson. British opposition politicians allege that even sensitive reports are usually made public no later than 10 days after they are submitted to Downing Street, which means that the document should have been released prior to October 28.

Some fear that, with Parliament about to suspend operations on Tuesday, in anticipation for December’s general election, the report will effectively remain hidden from public view until the spring of 2020. On Friday, Labour Party leader Jeremy Corbyn publicly urged the government to release the report and claimed that the prime minster may have “something to hide”. But cabinet minister Andrea Leadsom argued that it is not unusual for parliamentary committee reports to remain in the government’s hands until they are properly evaluated. “The government has to respond properly, it cannot respond in haste”, said Leadsom.

Author: Ian Allen | Date: 04 November 2019 | Permalink

Veil of secrecy may soon be lifted on Novichok nerve agent used to attack Skripal

Sergei SkripalThe chemical structure and action mechanism of a top-secret family of nerve agents known as novichoks may soon be available to a wider pool of researchers through its inclusion into the Chemical Weapons Convention (CWC) list of the Organization for the Prohibition of Chemical Weapons (OPCW). The term novichok (meaning ‘newbie’ in Russian) was given by Western scientists to a class of rarely used nerve agents that were developed in the Soviet Union and Russia between 1971 and the early 1990s.

The first public discussion about the existence of these agents took place in the early 1990s, when Vil Mirzayanov, a chemical warfare expert working for the Soviet military, revealed their existence. However, Western intelligence agencies have discouraged public scientific research on these nerve agents, fearing that such activities could reveal their chemical structure and mechanism of action. That could in turn facilitate the proliferation of novichok nerve agents worldwide.

But this attitude shifted drastically after March 2018, when —according to British intelligence— Russian spies used novichok in an attempt to kill Sergei Skripal, a Russian defector to Britain. The British government claims that Russians spies smuggled novichok into Britain by hiding it inside an imitation perfume bottle.

The attempt on Skripal’s life failed, but it prompted the United States, Canada and the Netherlands to propose that two categories of novichoks be chemically identified and added to the CWC list of Schedule 1 chemical weapons. If that were to happen, members of the OPCW —including Russia— would be required to declare and promptly destroy any stockpiles of novichoks in their possession.

Russia’s initial reaction was to oppose the proposal by the United States, Canada and the Netherlands. The Russian OPCW delegation questioned the proposal’s scientific validity and dismissed it as politically motivated. However, according to a report published yesterday in the leading scientific journal Science, Moscow has now agreed with the proposal to list two classes of novichoks in the CWC list, and even proposed adding a third class of the obscure nerve agent to the list. Russia also proposed the inclusion into the CWC list of two families of carbamates —organic compounds with insecticide properties, which the United States is reputed to have included in its chemical weapons arsenal during the Cold War.

According to the Science report, the OPCW Executive Council has already approved Russia’s proposal, which means that the organization is now close to classifying novichoks as Schedule 1 nerve agents. If this happens, academic researchers in the West and elsewhere will be able for the first time to collaborate with defense laboratories in order to research the chemical structure, as well as the mechanism of action, of novichoks. This is likely to produce computer models that will shed unprecedented light on the symptoms of novichoks and the various methods of treating them. But they will also provide information about the chemical structure of the nerve agent, which may eventually lead to proliferation concerns.

Author: Joseph Fitsanakis | Date: 24 October 2019 | Permalink

Russian government cyber spies ‘hid behind Iranian hacker group’

Computer hackingRussian hackers hijacked an Iranian cyber espionage group and used its infrastructure to launch attacks, hoping that their victims would blame Iran, according to British and American intelligence officials. The information, released on Monday, concerns a Russian cyber espionage group termed “Turla” by European cyber security experts.

Turla is believed to operate under the command of Russia’s Federal Security Service (FSB), and has been linked to at least 30 attacks on industry and government facilities since 2017. Since February of 2018, Turla is believed to have successfully carried out cyber espionage operations in 20 different countries. Most of the group’s targets are located in the Middle East, but it has also been connected to cyber espionage operations in the United States and the United Kingdom.

On Monday, officials from Britain’s Government Communications Headquarters (GCHQ) and America’s National Security Agency (NSA) said Turla had hijacked the attack infrastructure of an Iranian cyber espionage group. The group has been named by cyber security researchers as Advanced Persistent Threat (APT) 34, and is thought to carry out operations under the direction of the Iranian government.

The officials said there was no evidence that APT34 was aware that some of its operations had been taken over by Turla. Instead, Russian hackers stealthily hijacked APT34’s command-and-control systems and used its resources —including computers, servers and malicious codes— to attack targets without APT34’s knowledge. They also accessed the computer systems of APT34’s prior targets. In doing so, Turla hackers masqueraded as APT34 operatives, thus resorting to a practice that is commonly referred to as ‘fourth party collection’, according to British and American officials.

The purpose of Monday’s announcement was to raise awareness about state-sponsored computer hacking among industry and government leaders, said the officials. They also wanted to demonstrate the complexity of cyber attack attribution in today’s computer security landscape. However, “we want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them”, said Paul Chichester, a senior GCHQ official.

Author: Joseph Fitsanakis | Date: 22 October 2019 | Permalink

Russia preparing to swap imprisoned spies with NATO members, sources claim

LithuaniaThe Russian government is preparing to swap a number of imprisoned spies with at least two member states of the North Atlantic Treaty Organization (NATO), according to reports. The Estonia-based news agency BNS, which is the largest news agency in the Baltics, said on Wednesday that negotiations between Russian and Lithuanian, as well as probably Norwegian, officials were nearing completion.

The alleged spies at the center of the reputed spy swap are said to include Nikolai Filipchenko, who is reportedly an intelligence officer with the Russian Federal Security Service (FSB). Filipchenko was arrested by Lithuanian counterintelligence agents in 2015, allegedly while trying to recruit double agents inside Lithuania. He was charged with using forged identity documents to travel to Lithuania on several occasions between 2011 and 2014. His mission was allegedly to recruit officers in Lithuania’s Department of State Security in order to install listening bugs inside the office of the then-Lithuanian President Dalia Grybauskaite. In 2017, a district court in the Lithuanian capital Vilnius sentenced Filipchenko to 10 years in prison. The alleged Russian spy refused to testify during his trial and reportedly did not reveal any information about himself or his employer. He is believed to be the first FSB intelligence officer to have been convicted of espionage in Lithuania.

BNS reported that the Russians have agreed to exchange Filipchenko for two Lithuanian nationals, Yevgeny Mataitis and Aristidas Tamosaitis. Tamosaitis is serving a 12-year prison sentence in Russia, allegedly for carrying out espionage for the Lithuanian Defense Ministry in 2015. In the following year, a Russian court sentenced Mataitis, a dual Lithuanian-Russian citizen, to 13 years in prison, allegedly for supplying Lithuanian intelligence with classified documents belonging to the Russian government. Lithuanian authorities have refused to comment publicly about Filipchenko and Mataitis, saying that details on the two men are classified. According to BNS, the spy swap may involve two more people, an unnamed Russian national and a Norwegian citizen, who is believed to be Frode Berg, a Norwegian retiree who is serving a 16-year jail sentence in Russia, allegedly for acting as a courier for the Norwegian Intelligence Service.

BNS said on Wednesday that the Lithuanian State Defense Council, which is chaired by the country’s president, had approved the spy exchange, and that Moscow had also agreed to it. On Thursday, however, a spokeswoman for Russia’s Foreign Affairs Ministry said she had “no information on this issue” that she could share with reporters.

Author: Joseph Fitsanakis | Date: 18 October 2019 | Research credit: E.G. | Permalink