Britain warns its citizens following detention of alleged Russian spies in Switzerland

Davos SwitzerlandA Swiss newspaper has revealed a previously unreported detention of two Russian diplomats in the luxury Swiss Alpine resort of Davos, which is currently hosting the annual meeting of the World Economic Forum (WEF). The development prompted British authorities to warn some British citizens participating in the WEF meeting that they may be in physical danger.

The brief detention of the two Russians allegedly occurred in August of last year in Davos, a mountain resort in the canton of Graubünden, which is located in Switzerland’s eastern Alps region. According to the Swiss newspaper Tages-Anzeiger, local police detained two Russians during the period between August 8 and 28 of last year. Citing anonymous sources from the police and security services, the paper said that the authorities were alerted about the two Russians by employees at a local resort. The employees reportedly found it strange that the Russians had booked hotel rooms for over three weeks, which is unusually long for Davos’ ultra-luxury resort setting.

When police officers approached the two men and inquired about their background, one of them said he worked as a plumber. However, when asked to provide identification papers, both men reportedly produced Russian diplomatic passports. However, none had received accreditation by the Swiss government, which means they had not been formally registered as diplomats in the Alpine nation. When Swiss police officials contacted the Russian embassy in Bern to inquire about the two men, Russian officials “threatened diplomatic consequences if the men were arrested” said Tages-Anzeiger.

The two Russians were eventually released, as Swiss police “could not ascertain any reason to detain them”, said the paper. However, Swiss officials said that the two Russians “obviously […] had their sights on the WEF” and were probably planning to install surveillance equipment around the Swiss resort town. Soon after the Tages-Anzeiger report was published, British counterterrorism police reportedly warned a number of British citizens attending the WEF meeting that they might be in physical danger.

But the Russian embassy in Switzerland dismissed the Tages-Anzeiger report as “one more attempt to undermine Swiss-Russian relations”. Russian officials at the embassy accused Western countries of trying to “whip out a scandal out of nothing”, adding that Russian authorities had not been officially notified of the incident and that there was “no evidence of espionage” by the two men.

Author: Joseph Fitsanakis | Date: 22 January 2020 | Permalink

In surprise move, Turkish and Syrian intelligence chiefs meet in Moscow

Turkey SyriaIn a move that surprised observers, the intelligence chiefs of Turkey and Syria —two bitter rivals in the ongoing Syrian civil war— met in Russia on Monday. The meeting was held in Moscow and was acknowledged by officials from both sides, making it the first explicit contact between Turkish and Syrian intelligence in over a decade.

The Turkish government of President Recep Tayyip Erdoğan has openly called for the toppling of Syrian leader Bashar al-Assad. The Turkish strongman regularly refers to al-Assad as a “terrorist” and blames him for clandestinely supporting Kurdish paramilitaries, who have waged a war of secession against Ankara for several decades.

Regional dynamics shifted radically since early 2017, however, when the United States began withdrawing from the conflict. In the following months, Washington lifted its support for a collection of rebels fighting against the Syrian president. Last year, the US military left northern Syria and allowed Turkish troops to invade the region, with the aim of repelling armed Kurdish units from the Syrian-Turkish border.

Throughout this time, there have been rumors of intelligence coordination between Ankara and Damascus, but no official acknowledgement was ever issued. On Monday, however, Syria’s government-owned news agency, SANA, said that a meeting had taken place in Moscow between the heads of intelligence of Syria and Turkey. Shortly afterwards, a number of anonymous Turkish officials confirmed these reports to the Reuters news agency.

Reuters reported that the two sides discussed the state of the ceasefire in Syria’s northwestern Idlib province, and future steps aimed at coordinating against the presence of armed Kurdish separatists in northern Syrian regions. It quoted one Turkish official who said that the two intelligence agencies were exploring “the possibility of working together” against separatist Kurdish groups on both sides of the Turkish-Syrian border.

Author: Joseph Fitsanakis | Date: 14 January 2020 | Permalink

Son of Russian spies posing as Canadians gets to keep Canadian citizenship

Vavilov FoleyThe son of a Russian couple, who fraudulently acquired Canadian citizenship before being arrested for espionage in the United States, has won the right to keep his Canadian citizenship, which was effectively annulled when his parents were found to be Russian spies.

Tim and Alexander Vavilov are the sons of Donald Heathfield and Tracey Foley, a married couple arrested in 2010 under Operation GHOST STORIES —a counterintelligence program run by the US Federal Bureau of Investigation. Following their arrest, their sons, who allegedly grew up thinking their parents were Canadian, were told that their parents were in fact Russian citizens and that their real names were Andrei Bezrukov and Elena Vavilova. Their English-sounding names and Canadian passports had been forged in the late 1980s by the KGB, the Soviet Union’s primary external intelligence agency.

Since their parents’ arrest on espionage charges, the two brothers, who were born in Canada, have been involved in a prolonged legal battle to have their Canadian citizenship reinstated. The latter was rescinded when it became clear that their parents’ Canadian passports were fraudulent. According to the Canadian Citizenship Act, children born in Canada to “employees of a foreign government” are not entitled to Canadian nationality. But the brothers have argued that they were 20 and 16 when their parents were arrested and were unaware of their double identities. It follows, their lawyers have argued, that they cannot be punished for their parents’ crimes.

In June of 2017, Canada’s Federal Court of Appeal overturned the decision of a lower court and ordered the government to reinstate Alexander Vavilov’s Canadian citizenship. But the Canadian government appealed the decision of the Federal Court of Appeal, which sent the case to the Supreme Court of Canada. The government claimed that the Vavilov brothers should be denied Canadian citizenship because their parents were, effectively, secret employees of a foreign government. The two Russian spies may not have been accredited by the Canadian state as foreign employees, it says, but they were in reality “dedicated to serving their home country, except in their case, the employment was carried out clandestinely”.

On Thursday, however, Canada’s Supreme Court sided with Alexander Vavilov’s lawyers and ordered that he can keep his Canadian citizenship. This decision, which has effectively upheld the earlier decision of the Federal Court of Appeal, almost certainly means that Alexander’s brother, Tim, will also have his Canadian citizenship reinstated.

Author: Joseph Fitsanakis | Date: 20 December 2019 | Permalink

Estonian court to release defense official who spied for Russia for 13 years

Herman SimmA court in Estonia has ordered the release of a former senior defense official who spied on the North Atlantic Treaty Organization for Russia, causing what experts described at the time as “the most serious case of espionage against NATO since the end of the Cold War”. Herman Simm was a high-level official at the Estonian Ministry of Defense, who once led the country’s National Security Authority. This meant that he was in charge of Estonia’s national cyber defense systems and supervised the issuing of security clearances.

He was arrested in 2008 along with his wife and charged with spying for Russia for over a decade. At the time of his arrest Simm was responsible for handling all of Estonia’s classified and top secret material regarding NATO. This prompted European and American security officials to describe Simm as the most damaging spy against NATO since the collapse of the Soviet Union in 1991. In February of 2009 Simm was sentenced to 12½ years in prison.

On Thursday, a county court in Estonia’s southeastern city of Tartu ruled that Simm is eligible for parole, because he has served the majority of his prison sentence without committing any disciplinary infractions. Officials from the Tartu County Prison and the prosecutor’s office agreed that early release would provide Simm with an incentive to abide with Estonian law. The court also stated in its decision that Simm had no more access to classified information and that he was of no further interest to foreign countries and intelligence organizations.

Simm is expected to be released within days, and will remain under probation until March of 2021. The court’s decision can be appealed by December 20.

Author: Ian Allen | Date: 06 December 2019 | Permalink

Elite Russian spy unit used French Alps region as logistical base

Chamonix FranceAn elite group Russian military intelligence officers, who have participated in assassinations across Europe, have been using resorts in the French Alps as logistical and supply bases, according to a new report. The report concerns Unit 29155 of the Main Directorate of the General Staff of the Russian Armed Forces, commonly known as GRU. According to The New York Times, which revealed its existence of 29155 in October, the unit has been operating for at least 10 years. However, Western intelligence agencies only began to focus on it in 2016, after it was alleged that an elite group of Russian spies tried to stage a coup in the tiny Balkan country of Montenegro.

Unit 29155 is believed to consist of a tightly knit group of intelligence officers led by Major General Andrei V. Averyanov, a hardened veteran of Russia’s Chechen wars. The existence of the unit is reportedly so secret that even other GRU operatives are unlikely to have heard of it. Members of the unit frequently travel to Europe to carry out sabotage and disinformation campaigns, kill targets, or conduct other forms of what some experts describe as the Kremlin’s hybrid war. They are believed to be responsible for the attempt on the life of Sergei Skripal, a former GRU intelligence officer who defected to Britain. He almost died in March 2018, when two Russian members of Unit 29155 poisoned him in the English town of Salisbury.

On Wednesday, a new report in the French newspaper Le Monde claimed that Unit 29155 used the French Alps as a “rear base” to carry out operations throughout Europe. According to the paper, the information about the unit’s activities in France emerged following forensic investigations of the activities of its members by British, Swiss, French and American intelligence agencies. In the same article, Le Monde published the names of 15 members of Unit 29155, which allegedly stayed in various French alpine towns and cities between 2014 and 2018. The paper said that they traveled to France from various countries in Europe, such as Spain, the United Kingdom, Switzerland, or directly for Russia.

The alleged Russian spies stayed in France’s Haute-Savoie, which borders Switzerland, and is among Europe’s most popular wintertime tourist destinations. The area includes the world-famous Mont Blanc mountain range and the picturesque alpine towns of Annemasse, Evian and Chamonix. Several members of the unit visited the region repeatedly, said Le Monde, while others entered France once or twice, in connection with specific spy missions. It is believed that the reasoning behind their trips to the French Alps was to blend in with the large numbers of international tourists that travel to the region throughout the year. However, the unit also utilized several other areas in Eastern Europe as rear bases, including cities and towns in Moldova, Montenegro and Bulgaria, said Le Monde.

Author: Joseph Fitsanakis | Date: 05 December 2019 | Permalink

FBI examining FaceApp over potential counterintelligence concerns

FBIThe United States Federal Bureau of Investigation says it is examining possible counterintelligence threats in connection with the popular online application FaceApp, which is headquartered in Russia. The application first made its appearance in January of 2017 and quickly became popular among smartphone users around the world. It allows users to upload a photograph of their face and then edit it with the help of artificial-intelligence software. The software can change the user’s photograph to make it look younger or older, or make it look as if it is from the opposite gender. The result can be impressively realistic and life-like.

The St. Petersburgh-based company behind FaceApp, Wireless Lab, claims that the photos of users are uploaded to cloud servers situated in New Zealand, Australia and Singapore. They are then deleted within two days from the moment they are uploaded by users, without ever being transferred to servers located in the territory of Russia. But the FBI does not seem to believe these assurances. In a letter sent late last month to the Minority Leader of the US Senate, Charles Schumer (D-NY), the Bureau said it was examining FaceApp as part of its counterintelligence mission.

In the letter, which was published on Monday, Jill Tyson, Assistant Director of the FBI’s Office of Congressional Affairs, said the fact that Wireless Lab is based in Russia raised a number of counterintelligence concerns. These relate to the types of data Wireless Lab collects on its customers and the privacy policies that apply to Russian Internet companies. According to Tyson, the Russian Federal Security Service (FSB) has the right to “remotely access all communications and servers on Russian networks without making a request” to network providers. He added that, if the FBI found that FaceApp was involved in activities meant to interfere with upcoming elections in the United States, the Bureau would investigate the matter further, and possibly involve the Foreign Influence Task Force, an FBI-led body that was established after the 2016 US presidential elections.

The FBI’s letter was written in response to an earlier letter sent to the Bureau by Senator Schumer in July, which expressed concerns about potential threats posed by FaceApp to the privacy of American Internet users and to the nations’ security as a whole.

Author: Joseph Fitsanakis | Date: 03 December 2019 | Permalink

Extradition fight over Russian man held in Greece may point to spies’ use of bitcoin

Aleksandr VinnikAn intense fight between the United States and Russia over the extradition of a Russian cryptocurrency tycoon being held in Greece, is raising questions about the possible use of cryptocurrencies by spies. The tycoon in question is Aleksandr Vinnik, 39, who in 2011 co-founded BTC-e, an international cryptocurrency-trading platform. BTC-e allowed users to buy or sell several popular cryptocurrencies, including bitcoin and litecoin, using Russian rubles, United States dollars, or European Union euro currencies. Although headquartered in Russia, BTC-e’s servers were located in Bulgaria, while its operations were conducted through its offshore components in Cyprus and the Seychelles.

By 2015, BTC-e was reportedly facilitating just over 3 percent of the worldwide daily volume of cryptocurrency trading. But, according to some sources, the company was also facilitating up to 70 percent of worldwide criminal activity involving cryptocurrencies. Washington alleges that the company was built on a model that relied heavily on the activities of criminal entities, as the latter sought the ability to conduct online monetary transactions without being tracked by governments.

In 2017, American authorities seized BTC-e’s website —a move that terminated the company’s operations. Washington also prompted authorities in Greece to arrest Vinnik, while he was vacationing at a Greek resort with his family. The Russian co-founder of BTC-e is today in a Greek prison, awaiting a decision by the Greek authorities to extradite him to the United States. If this happens, he will be tried on 21 counts of international money laundering and a host of other criminal charges.

Interestingly, however, shortly after Vinnik’s arrest, the Russian government filed a court order to have Greece extradite him to Russia, where he is reportedly wanted for relatively minor fraud-related charges. What is more, the Greek government was directly lobbied by no other than the Russian President Vladimir Putin —an unusually high-level approach, when one considers Vinnik’s trivial charges in Russia. France has also sought to have Vinnik extradited there, instead of the United States.

What lies behind these moves? There are many who believe that American authorities moved against BTC-e after realizing that Russian spies used the company to hide their traces while trying to meddle with the 2016 presidential elections in the United States. A recent report by the State Department’s RFE/RL news website claims that a number of London-based observers from groups such as Global Witness and Elliptic Enterprises believe there are strong links between Russian spy agencies and BTC-e. American authorities have managed to access information about the inner workings of BTC-e’s website. They are probably viewing Vinnik as an intelligence asset, who can potentially shed light on the company’s alleged role as a money laundering mechanism for Russian spies —and probably others as well.

Author: Joseph Fitsanakis | Date: 29 November 2019 | Permalink

Russia, Lithuania and Norway exchange prisoners in rare three-way spy-swap

Frode BergA rare three-way spy-swap has reportedly taken place between Russia and two North Atlantic Treaty Organization (NATO) members, Lithuania and Norway. Rumors of a possible exchange of imprisoned spies between the three countries first emerged in mid-October. However, all three governments had either denied the rumors or refused to comment at the time. It now turns out that the spy-swap, which international news agencies described as “carefully coordinated” was the result of painstaking negotiations between the three countries, which lasted several months.

A major part of the process that led to last week’s spy swap was the decision of the Lithuanian parliament to approve altering the country’s criminal code. The new code allows the president of Lithuania to pardon foreign nationals who have been convicted of espionage, if doing so promotes Lithuania’s national interest. The new amendment also outlines the process by which the government can swap pardoned foreign spies with its own spies —or alleged spies— who may have been convicted of espionage abroad. On Friday, Lithuanian President Gitanas Nausėda announced he had pardoned two Russian nationals who had been convicted of espionage against Lithuania, in accordance with the new criminal code. The president’s move was approved by the country’s multi-agency State Defense Council during a secret meeting.

Shortly after President Nausėda’s announcement, Sergei Naryshkin, Director of Russia’s Foreign Intelligence Service (SVR) said that Moscow would immediately proceed with “reciprocal steps”. The Kremlin soon released from prison two Lithuanian nationals, Yevgeny Mataitis and Aristidas Tamosaitis. Tamosaitis was serving a 12-year prison sentence, allegedly for carrying out espionage for the Lithuanian Defense Ministry in 2015. Mataitis, a dual Lithuanian-Russian citizen, was serving 13 years in prison, allegedly for supplying Lithuanian intelligence with classified documents belonging to the Russian government.

The two Lithuanians were exchanged for two Russians, Nikolai Filipchenko and Sergei Moisejenko. Filipchenko is believed to be an officer in the Russian Federal Security Service (FSB), who was arrested by Lithuanian counterintelligence agents in 2015. He had been given a 10-year prison sentence for trying to recruit double agents inside Lithuania, allegedly in order to install listening bugs inside the office of the then-Lithuanian President Dalia Grybauskaite. Moisejenko was serving a 10½ year sentence for conducting espionage and for illegally possessing firearms. Lithuania alleges that Moisejenko had been tasked by Moscow with spying on the armed forces of Lithuania and NATO. Along with the two Lithuanians, Russia freed Frode Berg (pictured), a Norwegian citizen who was serving a prison sentence in Russia, allegedly for acting as a courier for the Norwegian Intelligence Service.

On Saturday, Darius Jauniškis, Director of Lithuania’s State Security Department, told reporters in Vilnius that the spy swap had taken place in a remote part of the Russian-Lithuanian border. He gave no further information about the details exchange, or about who was present at the site during the spy-swap.

Author: Joseph Fitsanakis | Date: 18 November 2019 | Research credit: E.G. | Permalink

Turks feared Russia might bomb Erdoğan’s palace in 2015, intelligence memo shows

Hmeimim AirbaseAuthorities in Turkey were concerned that Russia might bomb the presidential palace in Ankara in 2015, to retaliate against the downing of a Russian fighter jet by the Turkish military, according to an intelligence report. On November 25 of that year, a Russian Sukhoi Su-24M attack bomber was shot down by a Turkish F-16 fighter jet over the Syrian-Turkish border. Ankara claimed that the Russian aircraft had violated Turkish airspace for longer than five minutes and had failed to respond to 10 warning messages communicated by radio. By the time the Russian plane was fired upon it was nearly 1.5 miles inside Turkish airspace, according to Turkey’s Ministry of Defense. But the Kremlin claimed that the downed aircraft had been flying a mile south of the Turkish border when it was shot down.

A few hours after the incident, Russian President Vladimir Putin described it as “a stab in the back by terrorist accomplices” and warned Ankara that Moscow would not tolerate such attacks on its armed forces. International observers expressed concern about a possible armed retaliation by Russia against the Turkish military. Now a formerly classified intelligence report suggests that Turkish authorities were concerned that Russia might bomb the country’s presidential palace in Ankara. The report was unearthed by the Nordic Research Monitoring Network (NRMN), a security-oriented research initiative staffed by Turkish experts who live in Europe and the United States.

The NRMN said the previously classified report was authored by Signals Intelligence Directorate of Turkey’s National Intelligence Organization, known as MİT. It describes an intercepted conversation that took place on December 3, 2015. The conversation involved a Syrian military officer, who was believed to be a brigadier general in the army of Syrian President Bashar al-Assad. The officer, identified in the document only as Adnan, was reportedly speaking with an unnamed Russian general, identified only as Sergei, and another unidentified senior officer in the Syrian armed forces. The discussion concerned an upcoming meeting between Syrian and Russian military officials at the Hmeimim Airbase, a Russian-operated military installation on the outskirts of Latakia.

The purpose of the meeting was for the Russian forces to officially notify the Syrians that their warplanes would be carrying a heavier payload in the future, and to explain why. At one point in the conversation the Russian general told the Syrians that part of the heavier payload would consist of “barrel bombs [that] will go to Erdoğan’s palace”. The MİT interpreted that to mean the Turkish Presidential Complex, which is located inside the Atatürk Forest Farm in the Beştepe neighborhood of Ankara. The ensuing intelligence report contains handwritten notes indicating that the information contained in it was communicated to the leadership of the Turkish Armed Forces and the Turkish General Staff.

At the end no attack took place. In June of the following year President Erdoğan sent a letter to his Russian counterpart, in which he expressed his condolences for the family of the Russian pilots who were killed when their aircraft was shot down. Following the July 2016 coup, the two Turkish pilots who had shot down the Russian aircraft were arrested on suspicion of being involved in the attempt to topple Erdoğan. This, in association with the Turkish president’s letter of sympathy, were seen by Moscow as goodwill gestures from Ankara. Relations between the two countries were eventually restored.

Author: Joseph Fitsanakis | Date: 11 November 2019 | Permalink

High-ranking Russian security official gunned down in Moscow

Ibragim EldzharkievA senior counter-terrorism officer in the Russian police has been gunned down along with his brother in a downtown Moscow street, in what authorities describe as a contract killing. One of the two victims has been named as Ibragim Eldzharkiev (pictured), who headed the Russian Interior Ministry’s Anti-Extremism Center in the Republic of Ingushetia in the Russian Caucasus. His younger brother was reportedly also killed in the attack.

Eldzharkiev assumed the position of director of Ingushetia’s Anti-Extremism Center in 2018, after his predecessor, Timur Hamhoev, was among several senior police officials who were convicted of torturing and extorting detainees. The high-profile caset shed light on the ongoing low-intensity conflict in the Russian Caucasus, which in the 1990s and 2000s was the site of two wars between the Russian military and local separatists.

Russian media reported that Eldzharkiev had been visiting Moscow on private business. Security camera footage allegedly shows the shooter approaching the victim outside the entrance of a building, as he is waiting for his brother to park a vehicle. He then shoots Eldzharkiev repeatedly before directing his gun on the victim’s younger brother, who was trying to flee the scene on foot. Once the two brothers are laying on the ground, the shooter approaches them again and shoots them in the head. The shooter then leaves the murder scene in a car. Both men died at the scene of the attack. The shooter remains at large.

The state-owned Russian news agency TASS said on Saturday that Eldzharkiev’s killing was connected with his professional activities at the Anti-Extremism Center and that he had been targeted by Ingushetian “religious extremist groups”. An anonymous security source told the news agency that the shooter is believed to have used a foreign-made gun to kill the two brothers. This was the second time that Eldzharkiev was targeted by unknown assailants. The first time was in January of this year, when two unidentified gunmen opened fire at his service car, injuring a member of his protection team.

Author: Joseph Fitsanakis | Date: 05 November 2019 | Permalink

London accused of hiding report about Russian meddling in Brexit referendum

BrexitThe British government has been accused by opposition parties, and by pro-remain conservative figures, of trying to conceal a report documenting Russian meddling in British politics. The report documents the results of an investigation into Russia’s alleged attempts to influence the outcome of the 2017 general election in the United Kingdom, as well as the result of the 2016 European Union referendum, which ended in victory for the pro-Brexit campaign.

The investigation was carried out by the British Parliament’s Intelligence and Security Committee and is largely based on closed-door testimony by senior officials from Britain’s intelligence community. It reportedly contains evidence from Russia experts in agencies such as the Security Service (MI5), the Secret Intelligence Service (MI6) and the Government Communications Headquarters (GCHQ).

According to media reports the probe was completed in March of this year and underwent a redaction process to safeguard intelligence methods and sources. On October 15 it was submitted to Downing Street and on October 17 it reportedly landed on the desk of British Prime Minister Boris Johnson. British opposition politicians allege that even sensitive reports are usually made public no later than 10 days after they are submitted to Downing Street, which means that the document should have been released prior to October 28.

Some fear that, with Parliament about to suspend operations on Tuesday, in anticipation for December’s general election, the report will effectively remain hidden from public view until the spring of 2020. On Friday, Labour Party leader Jeremy Corbyn publicly urged the government to release the report and claimed that the prime minster may have “something to hide”. But cabinet minister Andrea Leadsom argued that it is not unusual for parliamentary committee reports to remain in the government’s hands until they are properly evaluated. “The government has to respond properly, it cannot respond in haste”, said Leadsom.

Author: Ian Allen | Date: 04 November 2019 | Permalink

Veil of secrecy may soon be lifted on Novichok nerve agent used to attack Skripal

Sergei SkripalThe chemical structure and action mechanism of a top-secret family of nerve agents known as novichoks may soon be available to a wider pool of researchers through its inclusion into the Chemical Weapons Convention (CWC) list of the Organization for the Prohibition of Chemical Weapons (OPCW). The term novichok (meaning ‘newbie’ in Russian) was given by Western scientists to a class of rarely used nerve agents that were developed in the Soviet Union and Russia between 1971 and the early 1990s.

The first public discussion about the existence of these agents took place in the early 1990s, when Vil Mirzayanov, a chemical warfare expert working for the Soviet military, revealed their existence. However, Western intelligence agencies have discouraged public scientific research on these nerve agents, fearing that such activities could reveal their chemical structure and mechanism of action. That could in turn facilitate the proliferation of novichok nerve agents worldwide.

But this attitude shifted drastically after March 2018, when —according to British intelligence— Russian spies used novichok in an attempt to kill Sergei Skripal, a Russian defector to Britain. The British government claims that Russians spies smuggled novichok into Britain by hiding it inside an imitation perfume bottle.

The attempt on Skripal’s life failed, but it prompted the United States, Canada and the Netherlands to propose that two categories of novichoks be chemically identified and added to the CWC list of Schedule 1 chemical weapons. If that were to happen, members of the OPCW —including Russia— would be required to declare and promptly destroy any stockpiles of novichoks in their possession.

Russia’s initial reaction was to oppose the proposal by the United States, Canada and the Netherlands. The Russian OPCW delegation questioned the proposal’s scientific validity and dismissed it as politically motivated. However, according to a report published yesterday in the leading scientific journal Science, Moscow has now agreed with the proposal to list two classes of novichoks in the CWC list, and even proposed adding a third class of the obscure nerve agent to the list. Russia also proposed the inclusion into the CWC list of two families of carbamates —organic compounds with insecticide properties, which the United States is reputed to have included in its chemical weapons arsenal during the Cold War.

According to the Science report, the OPCW Executive Council has already approved Russia’s proposal, which means that the organization is now close to classifying novichoks as Schedule 1 nerve agents. If this happens, academic researchers in the West and elsewhere will be able for the first time to collaborate with defense laboratories in order to research the chemical structure, as well as the mechanism of action, of novichoks. This is likely to produce computer models that will shed unprecedented light on the symptoms of novichoks and the various methods of treating them. But they will also provide information about the chemical structure of the nerve agent, which may eventually lead to proliferation concerns.

Author: Joseph Fitsanakis | Date: 24 October 2019 | Permalink

Russian government cyber spies ‘hid behind Iranian hacker group’

Computer hackingRussian hackers hijacked an Iranian cyber espionage group and used its infrastructure to launch attacks, hoping that their victims would blame Iran, according to British and American intelligence officials. The information, released on Monday, concerns a Russian cyber espionage group termed “Turla” by European cyber security experts.

Turla is believed to operate under the command of Russia’s Federal Security Service (FSB), and has been linked to at least 30 attacks on industry and government facilities since 2017. Since February of 2018, Turla is believed to have successfully carried out cyber espionage operations in 20 different countries. Most of the group’s targets are located in the Middle East, but it has also been connected to cyber espionage operations in the United States and the United Kingdom.

On Monday, officials from Britain’s Government Communications Headquarters (GCHQ) and America’s National Security Agency (NSA) said Turla had hijacked the attack infrastructure of an Iranian cyber espionage group. The group has been named by cyber security researchers as Advanced Persistent Threat (APT) 34, and is thought to carry out operations under the direction of the Iranian government.

The officials said there was no evidence that APT34 was aware that some of its operations had been taken over by Turla. Instead, Russian hackers stealthily hijacked APT34’s command-and-control systems and used its resources —including computers, servers and malicious codes— to attack targets without APT34’s knowledge. They also accessed the computer systems of APT34’s prior targets. In doing so, Turla hackers masqueraded as APT34 operatives, thus resorting to a practice that is commonly referred to as ‘fourth party collection’, according to British and American officials.

The purpose of Monday’s announcement was to raise awareness about state-sponsored computer hacking among industry and government leaders, said the officials. They also wanted to demonstrate the complexity of cyber attack attribution in today’s computer security landscape. However, “we want to send a clear message that even when cyber actors seek to mask their identity, our capabilities will ultimately identify them”, said Paul Chichester, a senior GCHQ official.

Author: Joseph Fitsanakis | Date: 22 October 2019 | Permalink

Russia preparing to swap imprisoned spies with NATO members, sources claim

LithuaniaThe Russian government is preparing to swap a number of imprisoned spies with at least two member states of the North Atlantic Treaty Organization (NATO), according to reports. The Estonia-based news agency BNS, which is the largest news agency in the Baltics, said on Wednesday that negotiations between Russian and Lithuanian, as well as probably Norwegian, officials were nearing completion.

The alleged spies at the center of the reputed spy swap are said to include Nikolai Filipchenko, who is reportedly an intelligence officer with the Russian Federal Security Service (FSB). Filipchenko was arrested by Lithuanian counterintelligence agents in 2015, allegedly while trying to recruit double agents inside Lithuania. He was charged with using forged identity documents to travel to Lithuania on several occasions between 2011 and 2014. His mission was allegedly to recruit officers in Lithuania’s Department of State Security in order to install listening bugs inside the office of the then-Lithuanian President Dalia Grybauskaite. In 2017, a district court in the Lithuanian capital Vilnius sentenced Filipchenko to 10 years in prison. The alleged Russian spy refused to testify during his trial and reportedly did not reveal any information about himself or his employer. He is believed to be the first FSB intelligence officer to have been convicted of espionage in Lithuania.

BNS reported that the Russians have agreed to exchange Filipchenko for two Lithuanian nationals, Yevgeny Mataitis and Aristidas Tamosaitis. Tamosaitis is serving a 12-year prison sentence in Russia, allegedly for carrying out espionage for the Lithuanian Defense Ministry in 2015. In the following year, a Russian court sentenced Mataitis, a dual Lithuanian-Russian citizen, to 13 years in prison, allegedly for supplying Lithuanian intelligence with classified documents belonging to the Russian government. Lithuanian authorities have refused to comment publicly about Filipchenko and Mataitis, saying that details on the two men are classified. According to BNS, the spy swap may involve two more people, an unnamed Russian national and a Norwegian citizen, who is believed to be Frode Berg, a Norwegian retiree who is serving a 16-year jail sentence in Russia, allegedly for acting as a courier for the Norwegian Intelligence Service.

BNS said on Wednesday that the Lithuanian State Defense Council, which is chaired by the country’s president, had approved the spy exchange, and that Moscow had also agreed to it. On Thursday, however, a spokeswoman for Russia’s Foreign Affairs Ministry said she had “no information on this issue” that she could share with reporters.

Author: Joseph Fitsanakis | Date: 18 October 2019 | Research credit: E.G. | Permalink

Russia detains American diplomats for traveling to top-secret military site

SeverodvinskRussian authorities detained three American diplomats because they allegedly tried to enter a highly secret weapons testing site in northern Russia, according to reports. The site in question is located near the northern Russian city of Severodvinsk. The city is home to a number of military shipyards and is thus restricted for non-Russians. The latter require a special permit to enter it.

In August of this year, Western media reported on a mysterious explosion that took place in a weapons research site located near Severodvinsk. The explosion allegedly happened during testing of a top-secret prototype rocket engine. Russian authorities revealed that five workers died as a result of the explosion, but denied media reports that the explosion had caused a radiation leak that had affected Severodvinsk. The Russian Ministry of Defense also denied allegations that a large-scale nuclear clean-up operation had been conducted in and around Severodvinsk. At the same time, Russian authorities restricted maritime traffic in the White Sea, on the shores of which Severodvinsk is situated.

On Wednesday, the Russian news agency Interfax reported that three American diplomats had been detained by authorities near Severodvinsk, allegedly because they tried to enter the city without the necessary permits. The diplomats were not named but are believed to be military attachés that serve in the United States embassy in Moscow. Interfax said the three were detained on Monday while onboard a passenger train. They were removed from the train, questioned and eventually released. However, they might still face charges of trying to enter a restricted area without permission.

The United States Department of State issued a statement claiming that the three diplomats “were on official travel and had properly notified Russian authorities of their travel”. A State Department spokesman said on Wednesday that the three diplomats’ travel plans had been authorized by the Russian Ministry of Defense. But authorities in Russia said that the three military attachés had been authorized to travel to the city of Arkhangelsk, which is located approximately 30 miles east of Severodvinsk. “We are quite willing to provide the United States embassy with a map of the Russian Federation”, the Russian statement concluded.

Author: Joseph Fitsanakis | Date: 17 October 2019 | Permalink