Sons of exposed Russian deep-cover spies want their Canadian citizenship back

FoleyThe sons of a Russian couple, who fraudulently acquired Canadian citizenship before being arrested for espionage in the United States, are seeking to reinstate their Canadian citizenship, which was annulled when their parents were found to be Russian spies. Tim and Alex Vavilov are the sons of Donald Heathfield and Tracey Foley, a married couple arrested in 2010 under Operation GHOST STORIES —a counterintelligence program run by the US Federal Bureau of Investigation (FBI). Following their arrest, their sons, who allegedly grew up thinking their parents were Canadian, were told that their parents were in fact Russian citizens and that their real names were Andrei Bezrukov and Elena Vavilova. Their English-sounding names and Canadian passports had been forged in the late 1980s by the KGB, the Soviet Union’s primary external intelligence agency.

The two boys were at the family’s home in suburban Cambridge, MA, on Sunday, June 27, 2010, when FBI agents conducted coordinated raids across New England, arresting their parents and eight more Russian ‘illegals’. The term is used to signify Russian non-official-cover operatives, namely intelligence officers who operate abroad without diplomatic cover and typically without connection to the country they spy for. It is now believed that Bezrukov and Vavilova were recruited as a couple in the 1980s by the KGB’s Department S, which operated the agency’s ‘illegals’ program.

But the two brothers, who were born in Canada, are currently involved in a prolonged legal battle to have their Canadian citizenship reinstated. The latter was rescinded when it became clear that their parents’ Canadian passports were fraudulent. According to the Canadian Citizenship Act, children born in Canada to “employees of a foreign government” are not entitled to Canadian nationality. But the brothers argue that they were 20 and 16 when their parents were arrested and were unaware of their double identities. It follows, they told Canada’s newsmagazine Maclean’s in August, that they cannot be punished for their parents’ crimes.

This past June, Canada’s Federal Court of Appeal overturned the decision of a lower court and ordered the government to reinstate Alex Vavilov’s Canadian citizenship. Now the government has until September 20 to decide whether to appeal the Federal Court of Appeal’s decision to the Supreme Court. If it does not, or if it upholds the decision of the Federal Court of Appeal, it is thought that Alex’s brother, Tim, will also have his Canadian citizenship reinstated.

But the case may be further-complicated by allegations made by the Canadian Security Intelligence Service (CSIS) that Tim was aware of his parents’ espionage activities when they were arrested by the FBI. The CSIS claims that the two Russian spies had groomed Tim to enter the intelligence profession, and that the then-20-year-old had given an oath of allegiance to the SVR —the KGB’s post-Cold-War successor agency. But Tim Vavilov denies he was groomed or “sworn-in” by the Russians, and argues that he has never been presented with evidence of this allegation, even though his parents’ home in Massachusetts was bugged by the FBI for nearly a decade.

Author: Joseph Fitsanakis | Date: 15 September 2017 | Permalink

Advertisements

Russia jailed senior intelligence officers for helping CIA nab notorious hackers

FSB - JFTwo senior officers in the Russian intelligence services were charged with treason after they were found to have helped the United States catch two notorious Russian hackers, according to reports in the Russian media. Sergey Mikhailov was a career officer in the Federal Security Service —a descendant of the domestic section of the Soviet-era KGB— which is often referred to as Russia’s equivalent of the United States Federal Bureau of Investigation. Mikhailov had risen through the ranks of the FSB to eventually head the agency’s Center for Information Security. Known in Russia as CIB, the Center is tasked with investigating electronic crime in the Russian Federation.

But in December 2016, Mikhailov and one of his trusted deputies in the CIB, Dmitry Dokuchaev, were suddenly removed from their posts and arrested. The arrests marked some of the highest-profile detentions of intelligence officers in Russia since the demise of the Soviet Union. Russian authorities refused to reveal the reasons for the arrests, but confirmed that the two men had been charged with treason. Reports soon surfaced in the Russian media, claiming that Mikhailov and Dokuchaev were arrested for their involvement in a Russian criminal hacker gang. Some Western media, including The New York Times, speculated that the two men may have been arrested for helping US intelligence investigate Russian interference in the 2016 US presidential election.

But now a new report alleges that Mikhailov and Dokuchaev were charged with treason after helping the US Central Intelligence Agency catch two prolific Russian hackers. The report was aired on Russian television station TV Dozhd, also known as TV Rain, a privately owned channel based in Moscow, which broadcasts in Russia and several other former Soviet Republics. One of the hackers, Roman Seleznev, known in hacker circles as Track2, reached worldwide notoriety for defrauding major credit card companies of tens of millions of dollars. He was arrested in 2014 in the South Asian island country of Maldives and eventually extradited to the US to stand trial. He was sentenced to 27 years in prison, which he is currently serving. The other hacker, Yevgeniy Nikulin, was arrested in the Czech Republic in 2016, pursuant to a US-issued international arrest warrant. He is now awaiting extradition to the US, where he is expected to be tried for hacking several high-profile companies, including DropBox and LinkedIn.

TV Dozhd said that Russian authorities are also suspecting the men of being members of hacker gangs, but that their main charges relate to their close cooperation with American intelligence agencies, reportedly in exchange for cash.

Author: Joseph Fitsanakis | Date: 25 August 2017 | Permalink

Russian spy services raid bomb lab in Moscow, foil large-scale suicide plot

ISIS RussiaRussian intelligence services say they have foiled a large-scale bomb plot, after raiding an explosives laboratory belonging to the Islamic State and arresting four suspects. The four men were allegedly planning to target the Moscow Metro transit system and a busy shopping center in the Russian capital. In a statement released to the media this morning, the Russian Federal Security Service (FSB) did not specify the intended targets of the plotters. But it said it had arrested four people during an early morning raid at an explosives laboratory located in the Moscow suburbs. The FSB said that its officers confiscated large quantities of peroxide-based explosives that resemble the material used by the Islamic State in the November 2015 attacks in Paris, the March 2016 attacks in Brussels, and last May’s suicide bombing in Manchester.

One of the men arrested has been named by the FSB as Akbarzhon A. Dzhalilov, 22, a Kyrghyz-born Russian citizen. The other three men, who have not yet been named, are all from former Soviet Republics of Central Asia. Russian media reported that the Moscow cell was being commanded and directed by the Islamic State in Syria. Two Russian-speaking men from the Russian Caucasus, who are located in Syria, are thought to have been handling the cell’s activities. Russian intelligence services estimate that at least 2,500 Russian citizens have move to the Middle East to join jihadist groups in the past three years.

Had it been carried out, the attack would have been added to a growing list of terrorist incidents against Russia since 2015, which are related to the Kremlin’s decision to enter the Syrian Civil War. In October of that year, the Islamic State claimed responsibility for the bombing of Metrojet Flight 9268, a chartered commercial flight operated by Russian company Kogalymavia. The chartered airliner went down over Egypt’s Sinai Peninsula, killing all 217 passengers and crew on board —the worst disaster in Russian aviation history. In November of 2016, the FSB reportedly foiled another attack by five members of the Islamic State in Moscow. In February of this year, a seven-member Islamic State cell was busted in Yekaterinburg, Russia’s fourth-largest city, while it was planning attacks in several metropolitan areas, including Moscow and St. Petersburg. In April, the North Caucasus-based Imam Shamil Battalion claimed responsibility for a suicide attack in the St. Petersburg Metro transit system, which killed 15 train passengers. The group, whose existence was unknown before the St. Petersburgh attack, said it supported al-Qaeda and perpetrated the attack in retaliation for Moscow’s involvement in the Syrian Civil War.

Author: Ian Allen | Date: 14 August 2017 | Permalink

Russian aid center in Serbia rejects claims that it is an intelligence base

Russian-Serbian Humanitarian CenterStaff at a Russian disaster relief center in southern Serbia have rejected claims by American officials that the facility operates as an espionage arm of Moscow’s foreign policy in the Balkans. The Russian-Serbian Humanitarian Center was built in 2012, at a cost of nearly $40 million, following an agreement between Belgrade and Moscow. Its stated mission is to “provide humanitarian emergency response in Serbia and other Balkan states” through the provision of humanitarian assistance to those in need and training local emergency response crews. The center is located in the outskirts of Serbia’s fourth largest city of Niš, not far from the country’s border with Kosovo, a former Serbian province that unilaterally declared independence in 2008. Serbia refuses to recognize Kosovo’s independence, a decision that is strongly backed by Russia. It is also close to the headquarters of the North Atlantic Treaty Organization’s peacekeeping force stationed in Kosovo, which houses 4,000 international troops, including 600 Americans.

Western officials have raised concerns that the disaster relief center is in reality an intelligence base, from which Russia conducts some of its espionage operations in the Western Balkans. It has also been suggested that the center could operate as a military base in a potential Russian military operation in the former communist state. In June, the United States Deputy Assistant Secretary of State for European and Eurasian Affairs, Hoyt Brian Yee, publicly described the compound as “the so-called humanitarian center” in Serbia. Speaking during a US Senate hearing on southeastern European politics, Yee said the Department of State was concerned about the center’s unofficial use. He also expressed reservations about Moscow’s request that the Serbian government grants the center diplomatic immunity, similar to that which covers the activities of the Russian embassy in Belgrade.

Moscow responded to American allegations of espionage by inviting local and international media representatives to the center on Wednesday. The center’s co-director, Viacheslav Vlasenko, told reporters that the center was “very open”, adding that its staff consisted of 15 Serbs and five Russians who were dispatched to Serbia from Russia’s Ministry of Emergency Situations, known as EMERCOM. Vlasenko said that Moscow’s request for diplomatic immunity for the center was solely aimed at reducing the annual taxes that the facility had to pay.

Regular readers of intelNews will recall allegations made last October by authorities in Serbia’s neighboring state of Montenegro —later repeated by Britain— that nationalists from Russia and Serbia were behind a failed plot to kill the country’s then-Prime Minister Milo Dukanović and spark a pro-Russian coup in the country. The allegations surfaced after 20 Serbians and Montenegrins were arrested by police in Montenegro on election day, October 16, as Montenegrins were voting across the Balkan country of 650,000 people. In response to allegations that the coup had been hatched in neighboring Serbia, Serbian Prime Minister Aleksandar Vučić said that he would not allow Serbia to “act as the puppet of world powers”, a comment that was clearly directed at Moscow. Russia has vehemently denied the allegations.

Author: Joseph Fitsanakis | Date: 13 July 2017 | Permalink

Russia allegedly planning to expel 30 American diplomats in a few weeks

US embassy in MoscowRussia is planning to expel approximately 30 American diplomats from its territory, and seize buildings and property belonging to the United States Department of State, according to Russian media reports. The expulsions will be in response to the expulsion last December of 35 Russian diplomats stationed in the US by the administration of President Barack Obama. In addition to expelling the diplomats, Washington also reclaimed two “recreational facilities” (in reality intelligence outposts) that were used by the Russians in New York and Maryland. The White House said that the expulsions were ordered in response to alleged efforts by Russia to interfere in the 2016 US presidential election.

Observers, including the present author, were confident at the time that the Kremlin would respond in kind. In a surprising move, however, the Russian President Vladimir Putin said he would not respond to Mr. Obama’s move, in the hope that US-Russian relations would improve with the arrival of the new president in the White House. He added that Russia reserved the right to retaliate at a later time. Moscow’s response was met with praise by the then-president-elect Donald Trump and his transition team.

But Russia’s hopes for warmer relations with the US under Mr. Trump’s leadership do not seem to be materializing. A recent article in the daily Russian newspaper Izvestia reported that the Kremlin thought it was “outrageous” that the Trump White House had not yet returned the two seized compounds to the Russian Ministry of Foreign Affairs and not rescinded the expulsions of the 35 diplomats and their families. It also claimed that President Putin raised the issue with his US counterpart during their July 7 meeting in the German city of Hamburg. The Moscow-based newspaper quoted unnamed senior Russian officials, who said that Russia was preparing to expel dozens of American diplomats and seize US diplomatic facilities soon.

It appears that Russia will wait until the upcoming meeting between the US Undersecretary of State Thomas Shannon and the Russian Deputy Foreign Minister Sergei Ryabkov, which has been scheduled for later this month in St. Petersburg. If no US assurances for the return of the compounds and diplomats are made at that time, Moscow will proceed with its tit-for-tat plan. When asked about Izvestia’s article, the Russian Minster of Foreign Affairs, Sergei Lavrov, replied that the Kremlin was “weighing specific measures” in response to last December’s expulsions of Russian diplomats from the US. However, Mr. Lavrov said he did not want to elaborate at the present time, while also refusing to deny the newspaper’s allegations.

Author: Joseph Fitsanakis | Date: 12 July 2017 | Permalink

North Korea secretly imports Russian oil through Singapore, says defector

Ri Jong-hoThe government of North Korea uses intermediary firms in Singapore to import thousands of tons of Russian oil each year, according to a senior North Korean defector who has spoken publicly for the first time since his defection. Ri Jong-ho was a senior official in the Democratic People’s Republic of Korea under its previous leader, the late Kim Jong-il. He rose through the ranks of the Workers’ Party of Korea and was directly mentored by Kim, who personally appointed him to a post in Bureau 39. The powerful body is in charge of securing much-needed foreign currency for Pyongyang —often through illegal activities— and partly funds the personal accounts of the ruling Kim dynasty.

From the mid-1990s until his 2014 defection, Ri spent nearly three decades in senior positions inside the DPRK. These included the chairmanship of the board of the Korea Kumgang Group, a state-managed firm that oversees large-scale economic activity in North Korea, such as constructing energy networks and commissioning oil and natural-gas exploration. Between 1998 and 2004, Ri lived in the Chinese city of Dalian, where he headed the local branch of the Korea Daesong Trading Corporation. The Pyongyang-based company facilitates North Korea’s exports to China in exchange for Chinese goods and products.

But Ri’s mentor, Kim Jong-il, died in 2011. His son and successor, Kim Jong-un, engaged in a brutal campaign to remove his father’s advisers and replace them with his own people. During that time, said Ri, thousands of senior and mid-level officials were purged, some physically. Frightened and disillusioned, Ri defected with his family to South Korea in October 2014; fifteen months later, in March 2016, he arrived in the United States. On Tuesday, the Voice of America published Ri’s first public interview since his defection.

Among other things, the former Bureau 39 official said that the North Korean regime sustains itself with the help of oil it imports from nearby countries. One of the regime’s main sources of energy is Russia, which supplies Pyongyang with between 200,000 and 300,000 tons of oil every year. But the trade does not occur directly, said Ri. Moscow sells the oil to energy-trading companies in Singapore. These mediators then sell the oil to the DPRK through separately agreed contracts, so that Russia does not appear to be providing Pyongyang with desperately needed oil. The so-called “Singapore line” was established by North Korea in the 1990s, said Ri, and appears to still be active. In addition to Russian oil, the DPRK imports approximately 500,000 tons of oil per year from China, through pipelines, according to Ri.

Author: Joseph Fitsanakis | Date: 29 June 2017 | Permalink

New clues emerge about targeted efforts by Russia to hack US elections

GRUNew information about carefully targeted attempts by Russian operatives to compromise the November 2016 presidential elections in the United States have emerged in a newly published intelligence document. The document, which dates from May of this year, was produced by the US National Security Agency and published on June 5 by The Intercept. The web-based outlet published the leaked document on the same day that Reality Leigh Winner, a US federal contractor with a top-security clearance, was charged with espionage for leaking classified documents to the media. This has led to speculation that Winner may be the source of the leak.

The NSA document details attempts by hackers to compromise the online accounts of over 100 election officials, as well as employees of private contractors involved in administering the election process. The attempts reportedly took place during the period leading up to November 8, 2016. To do that, hackers resorted to a technique commonly known as ‘spear-fishing’. They sent carefully crafted emails, claiming to be from Google, to specifically targeted individuals. The goal was to trick the email recipients into downloading and opening Microsoft Word attachments, which were infected with malware. The infected software would then allow the hackers to remotely access the compromised computers. The NSA document states that at least one targeted person had his or her computer compromised though the ‘spear-fishing’ technique. Importantly, the leaked document appears unequivocal in its assessment that the hackers behind the ‘spear-fishing’ attacks worked for the General Staff Main Intelligence Directorate (GRU) of the Russian armed forces. The document also states that the main goal of the attacks was to compromise the software used to manage voter registration lists, and that the attackers were operating under a “cyber espionage mandate specifically directed at US and foreign elections”.

American intelligence officials have previously said that Russian spies launched in a complex and prolonged campaign to undermine public faith in the US electoral process. It is also known that the Russian campaign targeted election officials in the months leading up to the November 2016 elections. But the NSA report is the first publicly available description of some of the specific techniques employed by the alleged Russian hackers as part of their campaign. The leaked document does not provide technical details about the ‘spear-phishing’ campaign. Nor does it discuss whether the attacks were successful, whether vote tallies were actually compromised, or whether the election process itself was sabotaged by the hackers. The Intercept said it contacted the NSA and the Office of the Director of National Intelligence, who refused to publicly comment on the content of the NSA report.

Author: Joseph Fitsanakis | Date: 09 June 2017 | Permalink