Chechen shot dead in broad daylight in Berlin, Russian spy services suspected

Zelimkhan KhangoshviliAuthorities in Germany suspect that Moscow may have been behind the assassination of a Chechen separatist who was shot in broad daylight in Berlin by a man wearing a wig and carrying a pistol fitted with a silencer. The victim of the attack was Zelimkhan Khangoshvili, 40, who was a leading figure in the so-called Second Chechen War. The conflict pitted the Russian military against groups of Muslim fighters in the North Caucasus between 1999 and 2009.

Khangoshvili, a Muslim who was born in Georgia, was a bodyguard of Aslan Maskhadov, the self-described leader of the Muslim separatists in the Northern Caucasus. Maskhadov was killed in 2005 in a raid by Russian Special Forces, and Khangoshvili fled to his native Georgia. In 2015, Khangoshvili sought political asylum in Germany after two men tried to kill him in Tbilisi. The German authorities initially placed him on a terrorism watch list, but removed him after he began to collaborate with German counterterrorism agencies and participate in programs designed to de-radicalize Muslim youth.

Khangoshvili was reportedly killed last Friday as he was walking to his local mosque. Witnesses said a man on a bicycle approached Khangoshvili from behind as he was walking in the middle of Kleiner Tiergarten, a small park in downtown Berlin. The cyclist shot Khangoshvili and then immediately fled the scene on his bicycle. Police later found a Glock 26 semi-automatic pistol fitted with a silencer, a wig and the assailants bicycle. All had been dumped in a nearby lake. Later that evening the police announced the arrest of a Russian citizen identified only as “Vadim S.”, who is alleged to have shot Khangoshvili.

German newsmagazine Der Spiegel quoted Martin Steltner, from the Berlin prosecutor’s office, who said that Vadim S. had arrived in Berlin from Moscow via Paris less than a week before Khangoshvili’s murder. Steltner added that there were “indications the deed was pre-planned and may have political motives behind it”. An anonymous source from German intelligence told Der Spiegel that “if it turns out that a state actor like Russia is behind this, we will have a second [Sergei] Skripal case on our hands, with all that this entails”.

Author: Joseph Fitsanakis | Date: 28 August 2019 | Permalink

Advertisements

Russian deep-cover spy speaks to Western media for first time

Elena Vavilova Andrei BezrukovOne of the ten Russian deep-cover spies who were arrested in the United States in 2010, and swapped with American- and British-handled spies held by Moscow, has spoken to Western media for the first time. Elena Vavilova was arrested by the Federal Bureau of Investigation in June of 2010 along with her husband, Andrei Bezrukov. In its two decades of operating under deep cover in the US, the married couple used the stolen identities of two dead Canadian citizens, Tracy Foley and Donald Heathfield. Vavilova claimed to be of French-Canadian origin and worked as a real estate agent. The couple never spoke Russian at home and their two sons, Alex and Tim Foley, were unaware of their parents’ secret identities.

Last week, Vavilova, who now works as a private consultant in Moscow, spoke to Shaun Walker, Russia correspondent for British newspaper The Guardian. It was the first face-to-face encounter between a Western news outlet and one of the 10 outed Russian ‘illegals’. The reason for the interview was Vavilova’s upcoming book, A Woman Who Can Keep Secrets (in Russian), which presents a fictionalized account of her career and marriage to Bezrukov. It offers rare insights into the longstanding Russian ‘illegals’ program, which dates back to Soviet times. The book’s two protagonists meet as students in Siberia, where they are eventually recruited by the KGB, and spend several years training in languages and tradecraft. Part of their training includes living in a KGB house modeled after suburban American homes, so that they can get used to domestic life in the West. This account is believed to include true elements of the lives and careers of Vavilova and Bezrukov. The two married in Russia but moved to Canada separately, using fake Canadian identities. They pretended to meet for the first time in Canada, where they ‘dated’ and eventually ‘married’ before moving to the US to begin their espionage work.

Vavilova told Walker that the popular view of the 10 Russian illegals as having achieved little of intelligence value during their time in the US is misguided. “Of course I can’t talk about it”, she said, “but I know what we were doing and it doesn’t matter what others say”. She also said that training for illegals involved learning how to handle guns and using martial arts. But she added that these skills were never used in the field and were mostly good for building self-confidence —especially for missions that took place under cover of night in America, where street crime was far more prevalent than in Russia during the Cold War. Walker said that Vavilova’s English remains perfect, as does her husband’s. Like Vavilova, Bezrukov now works as a consultant and also teaches at a university in Moscow. Vavilova refused to discuss current Russian politics in her interview.

Author: Joseph Fitsanakis | Date: 26 August 2019 | Permalink

New report details growing presence of Russian private security firms in Africa

Central African Republic RussiaA new report by the American news network CNN has shed new light into the little-researched subject of Russian-owned private military and security operations in Africa. CNN said the report took a month to complete. It claims that a Russian tycoon by the name of Yevgeny Prigozhin has been instrumental in the growth of Russian private security operations in the continent. Prigozhin is one of the closest confidantes of Russian President Vladimir Putin. The United States accuses him of helping fund the Internet Research Agency, a Russian company based in Saint Petersburg, which allegedly participated in the Kremlin’s efforts to meddle in the 2016 US presidential election. CNN claims that Prigozhin is also connected with PMC Wagner, a Russian security contractor with presence on the ground in Syria and eastern Ukraine. Western officials allege that firms like Wagner could not operate without permission from the Kremlin.

According to the CNN report Prigozhin turned to African countries like Sudan, Libya and the Central African Republic in order to make up for his financial losses in Syria and Ukraine. He allegedly has a role in many of Russia’s 20 military agreements with African states where he provides security and weapons training on behalf of Moscow. In return, his group of companies, headed by a firm called Concord, receives exploration permits and the rights to exploit precious metals found throughout Africa, according to CNN. The network sent correspondents to the Central African Republic where they found that a radio station and a major military training base are run by a group of 250 Russian contractors. None of them will say who pays them, according to CNN, and at least one of them claims to be a “security adviser” for Central African Republic President Faustin-Archange Touadéra. Most of the Russians operate out of Palais de Berengo, a dilapidated presidential palace located 30 miles south of the capital Bangui, which used to belong to the country’s late dictator Jean-Bedel Bokassa. At a nearby mining site there are now hundreds of locals who work for the Russians, said CNN.

The CNN report also notes that last year three Russian journalists, Kirill Radchenko, Alexander Rastorguyev and Orkhan Dzhemal, were ambushed and executed near Sibut in the central region of the country, allegedly “by men wearing turbans and speaking Arabic after refusing to surrender their vehicle and equipment”. They were in the Central African Republic to research the presence of Russian private security firms. Their trip was funded by the Center for Investigation, a London-based foundation owned by the Russian exiled billionaire Mikhail Khodorkovsky. No one has been arrested or charged for the killings of the three Russian journalists. Central African Republic authorities told CNN that “investigations were continuing” into the matter.

Author: Ian Allen | Date: 14 August 2019 | Permalink

Austria issues international arrest warrant for alleged Russian spy

Igor Egorovich ZaytsevThe Austrian government has issued an international arrest warrant for a Russian man who allegedly recruited a retired colonel in the Austrian Federal Army to spy for Moscow. The arrest warrant was issued on Tuesday by the public prosecutor’s office in the city of Salzburg. It identifies the Russian man as Igor Egorovich Zaytsev. Austrian officials allege that the Moscow-born Zaytsev is in fact an intelligence officer for the Main Directorate of the General Staff of the Russian Armed Forces. Known as GRU, the organization is Russia’s primary military-intelligence agency.

In an accompanying press statement issued on Tuesday, the Austrian Ministry of the Interior said that Zaytsev had facilitated the “betrayal of state secrets” and that his actions had been “to the detriment of the Republic of Austria”. The arrest warrant accuses Zaytsev of having participated in the “intentional disclosure of a military secret”, but does not provide details. However, in a subsequent statement, Austrian police directly linked the search for Zaytsev with an espionage case that was reported in the Austrian media last year. The statement said that Zaytsev is believed to have recruited a man known as “Martin M.” to spy on Austria. This appears to refer to the arrest last November of a 70-year-old colonel in the Austrian Army, who was stationed in Salzburg. He is believed to have spied for Russia from at least 1992 until his arrest. Austrian media reported that the accused spy was believed to have given Russia information on a range of weapons systems used by the Austrian Army and Air Force, as well as the personal details of high-ranking officers in the Austrian Armed Forces.

Soon after the arrest of “Martin M.”, Austrian authorities arrested a second man, identified only as “O.”, who is also suspected on having spied for Russia. According to the Vienna Public Prosecutor’s Office, “O.” was an employee of the Austrian Office for Protection of the Constitution and Counterterrorism, known as BVT. He had been investigated on suspicion of espionage for more than a year prior to his arrest. The man’s arrest took place alongside simultaneous raids at two residential addresses associated with him, according to reports. No further details have been made available since the arrest. It is not known whether Zaytsev’s is also connected with the case of “O.”.

Author: Joseph Fitsanakis | Date: 26 July 2019 | Permalink

Western spies used ‘crown jewel’ of espionage tools to hack into Russia’s Google

Yandex RussiaHackers used a malware described by experts as the “crown jewel” of cyber-espionage tools to hack into Russia’s version of Google, in an effort to breach user accounts, according to the Reuters news agency. The hackers targeted Yandex (Яндекс), a Moscow-headquartered company that operates as the Russian version of Google. Yandex is the largest technology venture company in the Russian Federation and the fifth most popular search engine in the world. It also provides services such as mapping and email in Russia and several other countries in Central Asia and the Middle East. It claims that it serves more than 150 million monthly users worldwide.

On Thursday, Reuters cited “four people with knowledge on the matter […] in Russia and elsewhere”, who said that Yandex was targeted by a sophisticated hacking operation between October and November of 2018. The news agency said that three of its sources had direct knowledge of the details of the cyber-espionage operation against Yandex. According to the unnamed sources, the hackers appeared to be primarily interested in breaching the accounts of specific employees in Yandex’s research and development unit. Their purpose was to acquire technical information about how Yandex authenticates user accounts. That information could potentially enable them to impersonate Yandex users and access private information, including email messages, geolocation information, and other sensitive private data. Reuters said that the hackers attempted to breach Yandex for purposes of espionage, not sabotage or disruption, or stealing intellectual property for commercial purposes.

Moreover, the hackers used Regin, a highly sophisticated malware that a technical expert from the Symantec Corporation described as “the crown jewel of attack frameworks used for espionage”. Regin was identified as a malware employed by intelligence services of the so-called Five Eyes intelligence alliance between spy agencies of the United Kingdom, Canada, New Zealand, Australia and the United States. It was identified as a Western cyber-espionage tool in 2014, based on revelations made by Edward Snowden, the American former employee of the National Security Agency and the Central Intelligence Agency who defected to Russia. The same malware was used in 2013 to access about a dozen mainframe computers of Belgacom, Belgium’s largest telecommunications service provider, which is partly state-owned. The attack was widely attributed to a consortium of Western intelligence services led by the NSA.

According to Reuters, the hackers were able to penetrate Yandex’s networks for several weeks or longer, without being noticed by the company’s cyber-security monitors. When the penetration was detected, Yandex hired a cyber-security team from the Russian anti-virus firm Kaspersky. The Kaspersky team identified Regin and, according to Reuters, concluded that the hackers behind the cyber-espionage operation were tied to Western intelligence agencies. Kaspersky, the Russian government, and intelligence agencies from the Five Eyes alliance declined requests by Reuters to comment on the story. Yandex confirmed the cyber-espionage attack in a statement to Reuters, but said that its cyber-security experts had been able to detect and “fully neutralize [it] before any damage was done”. Consequently, said Yandex, “no user data was compromised in the attack”.

Author: Joseph Fitsanakis | Date: 28 June 2019 | Permalink

Israel leaked video that brought down Austrian government, says German ex-spy chief

Strache GudenusIsraeli intelligence was likely behind the leaked video that brought down the far-right governing coalition in Austria on Monday, according to the former deputy director of Germany’s spy agency. The surreptitiously recorded video was leaked to two German media outlets on May 17, days before Austrian voters participated in the continent-wide elections for the European Union. In the video, two senior members of Austria’s governing far-right Freedom Party are seen conversing with an unnamed woman posing as a Russian investor. The two men in the video were Heinz-Christian Strache, the the Freedom Party’s leader and until recently Austria’s Vice Chancellor, and Johannes Gudenus, the party’s deputy leader and a member of parliament. In the video, Gudenus and Strache promise to award the woman’s firm state contracts if her uncle —a Russian oligarch— purchases an Austrian newspaper and uses it to support the Freedom Party. The video threw Austria’s political system into disarray and prompted the resignations of both Strache and Gudenus. On Monday, Austria’s Chancellor, Sebastian Kurz, was removed from power during a special parliamentary session in Vienna.

But the question is who leaked the video, and why? In an article in the Cicero, a monthly political magazine based in Berlin, a former senior official in Germany’s Federal Intelligence Service (BND) argues that Israeli intelligence was probably behind the leak. The article’s author is Rudolf Adam, who served as deputy director of the BND from 2001 to 2004, before serving as president of the Federal Academy for Security Policy of the German Ministry of Defense. Adam argues that the actions of Strache and Gudenus, as shown in the leaked video, seem “half mafia-like and half-treasonable”, and that the two should face legal consequences. But he goes on to ask “a far more interesting question”, namely “who is behind this intrigue [and] what were the intentions of its initiators?”. Adam points out that nothing is known about the woman in the video; she reportedly met Gudenus several months before the video was filmed. She posed as the Latvian niece of a Russian oligarch with ties to Russia’s President Vladimir Putin. In exchanges that lasted for several months, the woman told Gudenus that she planned to move with her daughter to Vienna and was interested in investment opportunities. She eventually invited him and Strache to a meeting in a villa in the Spanish resort island of Ibiza. It was there where the video was recorded. Read more of this post

ISIS threatens stability of former Soviet Republics, says Russian spy chief

ISIS Afghanistan

Thousands of Islamic State fighters are operating in Afghanistan’s northern border regions and are attempting to destabilize former Soviet Republics with substantial Muslim populations, according to Russia’s domestic spy chief. This warning was issued by Alexander Bortnikov, director of Russia’s Federal Security Service (FSB), which functions as Russia’s primary counter-terrorism agency. Bortnikov made these remarks during a visit to the capital of Tajikistan, Dushanbe, for a meeting of the heads of intelligence agencies of the Commonwealth of Independent States (CIS), an intergovernmental organization comprised of former Soviet Republics in the Eurasian region. The meeting was reportedly held behind closed doors, but Russia’s government-owned news agency TASS carried a summary of Bortnikov’s remarks.

The Russian intelligence chief said that, with the aid of the intelligence services of CIS states like Uzbekistan, Azerbaijan, Tajikistan, Kyrgyzstan, and others, the FSB was able to uncover and suppress eight Islamic State cells in the past year, which operated in the Central Asian region. However, the reach of the CIS countries does not extend to Afghanistan, said Bortnikov, where as many as 5,000 Islamic State fighters are congregating along the country’s border with three CIS states, namely Turkmenistan, Uzbekistan and Tajikistan. Many of these fighters are Turkmens, Uzbeks, Tajiks, Russians, and other citizens of CIS states, who previously fought with the Islamic State in Syria and elsewhere, and now form integral components of the Islamic State’s fighting force in Afghanistan and Pakistan. It appears that the Islamic State is now attempting to exploit the mountainous and porous borders of northern Afghanistan in order to destabilize neighboring countries, he said. These fighters intend to exploit “migrant and refugee flows [in Central Asia] in order to operate covertly from the Afghan battle zones to neighboring countries” and from there possibly to Russia, according to Bortnikov.

These covert activities of Islamic State fighters have already caused an escalation of tensions in the region and can be expected to continue to do so, as these groups radicalize and co-opt Muslim communities in CIS countries, noted Bortnikov. He added that popular responses to Islamist radicalization are prompting increasing incidents of “anti-Islamic terrorism”, which further-fuel religious and ethnic tensions in the region. As a reminder, last week the Islamic State announced that its so-called Khorasan Province fighters would be amalgamated into a new armed group calling itself Islamic State – Pakistan Province. Earlier this month, the group also proclaimed the establishment of a new overseas province in India’s Jammu and Kashmir state, called “wilayah al-Hind” (province of Hind). In addition to these two forces, there are currently an estimated 3,000 to 4,000 Islamic State fighters in Afghanistan’s Pashtun regions.

Author: Joseph Fitsanakis | Date: 22 May 2019 | Permalink