Pyotr Levashov Arrested in Barcelona, Hacker

All domestic news media has been blaming the Russians for cyber election intrusion. Conservative outlets have pushed back asking for evidence. There are investigations on The Hill regarding Russian interference and the House Intelligence Committee, chaired by Devin Nunes has seen the documents and share them with the White House. The committee co-chair Adam Schiff was angry he was not read on early enough. A big political conflict has occurred and Nunes recused himself from the specific committee investigation regarding Russia as Nunes remains chairman of the committee.

Okay so what you ask?

Well we want to blame the FBI, Comey and ODNI, Clapper for not being more forthcoming on the matter. Slow down everyone, as cyber investigations are international in scope and it takes a mobilized set of experts and agencies and international collaboration to make attribution by using exceptional tools, cyber talent and agreements. So….what does all this mean? It means the lid could soon blow off this whole operation.

You see, there was malware, phishing and countless botnet systems that were part of the U.S. election interference as we saw with the DNC hack and the John Podesta emails via WikiLeaks. There are countless moving parts and they are international. It is gratifying to know however, not only is government part of the investigation, but outside cyber corporations are doing their own due diligence and offering additional clues, evidence and assistance to the FBI. How so you ask?

From Krebs on Security: Then, on Jan. 26. 2012, I ran a story featuring a trail of evidence suggesting a possible identity of “Severa (a.k.a. “Peter Severa”), another SpamIt affiliate who is widely considered the author of the Waledac botnet (and likely the Storm Worm). In that story, I included several screen shots of Severa chatting on Spamdot.biz, an extremely secretive Russian forum dedicated to those involved in the spam business. In one of the screen shots, Severa laments the arrest of Alan Ralsky, a convicted American spam kingpin who specialized in stock spam and who — according to the U.S. Justice Department – was partnered with Severa. Anti-spam activists at Spamhaus.org maintain that Peter Severa’s real name is Peter Levashov (although the evidence I gathered also turned up another name, Viktor Sergeevich Ivashov). Read more here, it is fascinating and well done.

*** No wonder attribution takes a very long time right? Yes so read on please…..

Programmer Pyotr Levashov reportedly suspected in US election hacking arrested

Madrid: A Russian computer programmer, Pyotr Levashov, has been arrested in the Spanish city of Barcelona, a spokesman for the Russian embassy in Madrid said on Sunday.

It was unclear why Levashov was arrested. The embassy spokesman declined to give details for his arrest, and Spanish police and the interior ministry were not available for comment on Sunday.

Russian television station RT reported that Levashov was arrested under a US international arrest warrant and was suspected of being involved in hacking attacks linked to alleged interference in last year’s US election.

Peter Carr, a spokesman for the US Justice Department’s criminal division, said: “The US case remains under seal, so we have no information to provide at this time.”

The criminal division is separate from the national security division, which is responsible for investigating state-sponsored cyber crimes.

A US Department of Justice official said it was a criminal matter without an apparent national security connection.

Spanish authorities notified the Russian embassy of Levashov’s arrest on Friday, the embassy spokesman said.

In January, Spanish police arrested another Russian computer programmer, whose name was given as “Lisov” and who was wanted by the United States for leading a financial fraud network.

Russia's embassy in Madrid.Russia’s embassy in Madrid. Photo: Wikimedia/Luis García (Zaqarbal)

The US government has formally accused Russia of hacking Democratic Party emails to help the campaign of Republican President Donald Trump. The US Congress is also examining links between Russia and Trump during the election campaign.

Russian officials, including President Vladimir Putin, have repeatedly denied that Russia tried to influence the election.

Reuters

Related reading: Spain arrests Russian bank-account hacker wanted by FBI

January 2017: Spain has arrested a 32-year-old Russian computer programmer at Barcelona airport who is alleged to have designed and used software to steal bank account details from banks and individuals, Spanish police said on Friday.

Working with the U.S. Federal Bureau of Investigation (FBI), the man, named Lisov, was arrested by Spanish police on Jan. 13 as he waited to take a flight to another European country. He is suspected of leading a financial fraud network, the police said in a statement.

Lisov, wanted by the United States under an international arrest warrant, had been under observation by authorities for several days in the north-eastern region of Catalonia, police said. Police did not give the man’s first name. More here.

Related reading: Russian FSB Officers Charged in Yahoo Hack and More

Tip sheet on above:

ALEXSEY BELAN

Conspiring to Commit Computer Fraud and Abuse; Accessing a Computer Without Authorization for the Purpose of Commercial Advantage and Private Financial Gain; Damaging a Computer Through the Transmission of Code and Commands; Economic Espionage; Theft of Trade Secrets; Access Device Fraud; Aggravated Identity Theft; Wire Fraud

   Seems we need to be more patient when it comes to the FBI and associated international agencies…eh?

Obama/Rice Abuse of Surveillance Started During Iran Deal

Image result for obama surveillance israel VOA

The Guardian more than a year ago, validates the summary posted below.

US ‘spied on Binyamin Netanyahu during Iran nuclear deal talks’

Despite Barack Obama’s promise to curtail eavesdropping on allies in the wake of the Edward Snowden revelations about the scale and scope of US activities, the National Security Agency’s (NSA) surveillance included phone conversations between top Israeli officials, US congressmen and American-Jewish groups, according to the Wall Street Journal.

Further, we cannot eliminate any complicity that would include NSC advisor, Ben Rhodes.

Did the Obama Administration’s Abuse of Foreign-Intelligence Collection Start Before Trump?

One clue: The Russia story is a replay of how the former White House smeared pro-Israel activists in the lead-up to the Iran Deal

Tablet: The accusation that the Obama administration used information gleaned from classified foreign surveillance to smear and blackmail its political opponents at home has gained new traction in recent days, after reports that former National Security Adviser Susan Rice may have been rifling through classified transcripts for over a year that could have included information about Donald Trump and his associates. While using resources that are supposed to keep Americans safe from terrorism for other purposes may be a dereliction of duty, it is no more of a crime than spending all day on Twitter instead of doing your job. The crime here would be if she leaked the names of U.S. citizens to reporters. In the end, the seriousness of the accusation against Rice and other former administration officials who will be caught up in the “unmasking” scandal will rise or fall based on whether or not Donald Trump was actively engaged in a conspiracy to turn over the keys of the White House to the Kremlin. For true believers in the Trump-Kremlin conspiracy theories, the Obama “spying and lying” scandal isn’t a scandal at all; just public officials taking prudent steps to guard against an imminent threat to the republic.

But what if Donald Trump wasn’t the first or only target of an Obama White House campaign of spying and illegal leaks directed at domestic political opponents?

In a December 29, 2015 article, The Wall Street Journal described how the Obama administration had conducted surveillance by US Gov on Israeli officials to understand how Prime Minister Benjamin Netanyahu and other Israeli officials, like Ambassador Ron Dermer, intended to fight the Iran Deal. The Journal reported that the targeting “also swept up the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups.”

Despite this reporting, it seemed inconceivable at the time that—given myriad legal, ethical, political, and historical concerns, as well as strict National Security Agency protocols that protect the identity of American names caught in intercepts—the Obama White House would have actually spied on American citizens. In a December 31, 2016, Tablet article on the controversy, “Why the White House Wanted Congress to Think It Was Being Spied on By the NSA,” I argued that the Obama administration had merely used the appearance of spying on American lawmakers to corner opponents of the Iran Deal. Spying on U.S. citizens would be a clear abuse of the foreign-intelligence surveillance system. It would be a felony offense to leak the names of U.S. citizens to the press.

Increasingly, I believe that my conclusion in that piece was wrong. I believe the spying was real and that it was done not in an effort to keep the country safe from threats—but in order to help the White House fight their domestic political opponents.

“At some point, the administration weaponized the NSA’s legitimate monitoring of communications of foreign officials to stay one step ahead of domestic political opponents,” says a pro-Israel political operative who was deeply involved in the day-to-day fight over the Iran Deal. “The NSA’s collections of foreigners became a means of gathering real-time intelligence on Americans engaged in perfectly legitimate political activism—activism, due to the nature of the issue, that naturally involved conversations with foreigners. We began to notice the White House was responding immediately, sometimes within 24 hours, to specific conversations we were having. At first, we thought it was a coincidence being amplified by our own paranoia. After a while, it simply became our working assumption that we were being spied on.”

This is what systematic abuse of foreign-intelligence collection for domestic political purposes looks like: Intelligence collected on Americans, lawmakers, and figures in the pro-Israel community was fed back to the Obama White House as part of its political operations. The administration got the drop on its opponents by using classified information, which it then used to draw up its own game plan to block and freeze those on the other side. And—with the help of certain journalists whose stories (and thus careers) depend on high-level access—terrorize them.

Once you understand how this may have worked, it becomes easier to comprehend why and how we keep being fed daily treats of Trump’s nefarious Russia ties. The issue this time isn’t Israel, but Russia, yet the basic contours may very well be the same.

***

Two inquiries now underway on Capitol Hill, conducted by the Senate intelligence committee and the House intelligence committee, may discover the extent to which Obama administration officials unmasked the identities of Trump team members caught in foreign-intelligence intercepts. What we know so far is that Obama administration officials unmasked the identity of one Trump team member, Michael Flynn, and leaked his name to the Washington Post’s David Ignatius.

“According to a senior U.S. government official,” Ignatius wrote in his Jan. 12 column, “Flynn phoned Russian Ambassador Sergey Kislyak several times on Dec. 29, the day the Obama administration announced the expulsion of 35 Russian officials as well as other measures in retaliation for the hacking. What did Flynn say, and did it undercut the U.S. sanctions?”

Nothing, the Times and the Post later reported. But exposing Flynn’s name in the intercept for political purposes was an abuse of the national-security apparatus, and leaking it to the press is a crime.

This is familiar territory. In spying on the representatives of the American people and members of the pro-Israel community, the Obama administration learned how far it could go in manipulating the foreign-intelligence surveillance apparatus for its own domestic political advantage. In both instances, the ostensible targets—Israel and Russia—were simply instruments used to go after the real targets at home.

In order to spy on U.S. congressmen before the Iran Deal vote, the Obama administration exploited a loophole, which is described in the original Journal article. The U.S. intelligence community is supposed to keep tabs on foreign officials, even those representing allies. Hence, everyone in Washington knows that Israeli Ambassador Ron Dermer is under surveillance. But it’s different for his American interlocutors, especially U.S. lawmakers, whose identities are, according to NSA protocol, supposed to be, at the very least, redacted. But the standard for collecting and disseminating “intercepted communications involving U.S. lawmakers” is much less strict if it is swept up through “foreign-foreign” intercepts, for instance between a foreign ambassador and his capital. Washington, i.e. the seat of the American government, is where foreign ambassadors are supposed to meet with American officials. The Obama administration turned an ancient diplomatic convention inside out—foreign ambassadors were so dangerous that meeting them signaled betrayal of your own country.

During the long and contentious lead-up to the Iran Deal the Israeli ambassador was regularly briefing senior officials in Jerusalem, including the prime minister, about the situation, including his meetings with American lawmakers and Jewish community leaders. The Obama administration would be less interested in what the Israelis were doing than in the actions of those who actually had the ability to block the deal—namely, Senate and House members. The administration then fed this information to members of the press, who were happy to relay thinly veiled anti-Semitic conceits by accusing deal opponents of dual loyalty and being in the pay of foreign interests.

It didn’t take much imagination for members of Congress to imagine their names being inserted in the Iran deal echo chamber’s boilerplate—that they were beholden to “donors” and “foreign lobbies.” What would happen if the White House leaked your phone call with the Israeli ambassador to a friendly reporter, and you were then profiled as betraying the interests of your constituents and the security of your nation to a foreign power? What if the fact of your phone call appeared under the byline of a famous columnist friendly to the Obama administration, say, in a major national publication?

To make its case for the Iran Deal, the Obama administration redefined America’s pro-Israel community as agents of Israel. They did something similar with Trump and the Russians—whereby every Russian with money was defined as an agent of the state. Where the Israeli ambassador once was poison, now the Russian ambassador is the kiss of death—a phone call with him led to Flynn’s departure from the White House and a meeting with him landed Attorney General Jeff Sessions in hot water.

Did Trump really have dealings with FSB officers? Thanks to the administration’s whisper campaigns, the facts don’t matter; that kind of contact is no longer needed to justify surveillance, whose spoils could then be weaponized and leaked. There are oligarchs who live in Trump Tower, and they all know Putin—ergo, talking to them is tantamount to dealing with the Russian state.

Yet there is one key difference between the two information operations that abused the foreign-intelligence surveillance apparatus for political purposes. The campaign to sell the Iran deal was waged while the Obama administration was in office. The campaign to tie down Trump with the false Russia narrative was put together as the Obama team was on its way out.

The intelligence gathered from Iran Deal surveillance was shared with the fewest people possible inside the administration. It was leaked to only a few top-shelf reporters, like the authors of The Wall Street Journal article, who showed how the administration exploited a loophole to spy on Congress. Congressmen and their staffs certainly noticed, as did the Jewish organizations that were being spied on. But the campaign was mostly conducted sotto voce, through whispers and leaks that made it clear what the price of opposition might be.

The reason the prior abuse of the foreign-intelligence surveillance apparatus is clear only now is because the Russia campaign has illuminated it. As The New York Times reported last month, the administration distributed the intelligence gathered on the Trump transition team widely throughout government agencies, after it had changed the rules on distributing intercepted communications. The point of distributing the information so widely was to “preserve it,” the administration and its friends in the press explained—“preserve” being a euphemism for “leak.” The Obama team seems not to have understood that in proliferating that material they have exposed themselves to risk, by creating a potential criminal trail that may expose systematic abuse of foreign-intelligence collection.

China/Russia Using the Same Cyber Operations Playbook?

As President Trump meets with Xi Jinping of China at Mar A Lago, perhaps he should point to these two conditions in earnest.

North Korean hackers seem to have managed to access a secret war masterplan by South Korea and the U.S. in a cyberattack last September, sources here said Monday.

By Lee Yong-soo: (the item posted below is copyright protected)

Chosun: One government source said Defense Ministry investigators questioned around 40 people over the hacking attack and it appears that part of the masterplan, dubbed OPLAN 5027, “leaked.” A Defense Ministry source said the hackers accessed reports containing portions of the plan, not the entire document.

Defense Minister Han Min-koo and other military officials last year downplayed the seriousness of the hacking attack, saying that only a small number of sensitive military secrets leaked out.

OPLAN 5027 was first drawn up in 1978, when the South Korea-U.S. Combined Forces Command was established, and updated every two years since 1994. It includes troop deployment plans, key North Korean targets, strategies and military control of facilities in the North.

A military official said “discussions are still taking place” whether the plan has to be overhauled now the North has seen chunks of it.

The ministry found out about the leak while investigating a new computer virus in September that attacked the vaccine server at the military cyber command.

Investigators discovered that the Defense Ministry’s Internet and Intranet servers were infected with the same malware, affecting the minister’s own computer and around 2,500 computers with Internet access and 700 connected to the Intranet.

At the time, the ministry said only that hackers accessed “some military information, including sensitive information” and that North Korea appears to be responsible.

The hackers tried to attack the main server of the Defense Integrated Data Center, which serves as the cyber nerve center of South Korea’s defense system.

 

***

China’s Information Warriors Are Growing More Disciplined, Say US Cyber Leaders

And some U.S. cyber leaders worry that the American military’s approach is too reactive and defensive.

When President Trump meets this week with his Chinese counterpart, President Xi Jinping, he’ll be engaging with a leader who commands an increasingly disciplined and persistent information-warfare force.

In December 2015, the Chinese military stood up a Strategic Support Force as part of a larger series of reforms. Essentially a Chinese version of U.S. Cyber Command, the new force focuses on war in the electromagnetic spectrum, space, and cyberspace.  “All these are the new fields that determine whether the PLA can win in the future battlefield,” Chinese officials told state media.

The new force’s key focus is building capabilities to disrupt U.S. military operations, according to Martin Libicki, who leads cybersecurity studies at the U.S. Naval Academy. In January China announced that the country will develop the world’s first exascale super computer by the end of the year.

The move follows years of steady and incremental improvements in information operations, Vice Adm. Tim White, commander of the U.S. Cyber National Mission Force, said Tuesday at the Navy League’s Sea-Air-Space conference. “They are building what I would call campaigns. They are being very thoughtful about it and being purposeful in their approach and there is some design that they are organizing themselves,” he said of adversarial nations such as China but also Russia.  “It’s not just a single mission, point of time, or place. It’s interwoven together to achieve a national purpose.”

By contrast, White worries the U.S. military is thinking too defensively. He believes the Pentagon should work toward a more disciplined, consistent response, and shift from a “broadly reactive” posture “to something we are doing something as a result of our own campaign and planning efforts.”

“They’re on the field and we are figuring out how to get on that field,” White  said. “What nations are doing in this space, it’s more coordinated. It’s more interoperable from their perspective. It’s more structured and it’s more integrated.”

Industrial espionage from China appears to have  waned since Barack Obama and Xi signed an agreement in September 2015. But attacks have not vanished entirely. Between March and May of last year, Chinese hackers deployed a backdoor into a government services company, stole important credentials, and attempted to gain access to U.S. military secrets, according to the FireEye cyber security group.

Without speaking specifically about that incident, Vice Adm. Jan Tighe, deputy chief of naval operations for information warfare and the director of naval intelligence, said that many of the attacks, pings, intrusion attempts and probe “appear to be part of deliberate campaigns” of adversarial nation-state activities against Western targets.

How to fight them off? The head of U.S. Cyber Command, Adm. Michael Rogers, has suggested giving more authority to lower-ranking service personnel. The Navy anticipates that all 40 of the Navy’s cyber mission force teams will reach full operational capability by 2018.

Navy leaders at Sea-Air-Space also said  artificial intelligence would play a bigger role in attacking and defending networks.

“I would not say we see new and exquisite DARPA-like capabilities yet,” emerging out of China in terms of artificial intelligence specifically for information warfare, according to White. “But I do think it will be inevitable because you’re not constrained by physics.”

Meanwhile, the U.S. military is exploring the use of cognitive computing and deep learning to better understand network vulnerabilities and predict attacker behavior, according to Vice Adm. Michael Gilday, who leads the Navy’s 10th Fleet  and Cyber Command, in accordance with phase II of the Command’s strategic plan to 2020, first laid out in 2015.

Marine Maj. Gen. Lori Reynolds, the commander of Marine Forces Cyber Command also maid a plea to industry. “Anything we can do to automate the intelligence cycle … that’s the right investment,”

But Military cyber leaders say that the United States and China will likely put artificial intelligence to different uses in information warfare. Automation can and probably should take over much defensive work to better keep up with the speed of attacks. But the use of offensive cyber weapons will still involve human decision making for the United States military. They could not guarantee the same of China.

AI can absolutely tighten your ability to make a decision inside your enemy’s ability to make a decision,” said Gilday.

Defense One asked Gilday and Tighe if they were seeing adversarial nations attempt to automate the use of offensive cyber weapons. They declined to respond.

Russian Spy Buryakov Deported, and that is it?

You mean there was no swap or something for this spy? How about an apology for this constant problem of our U.S. diplomats around the globe? And most of the country thinks that Russia does nothing wrong or  intercepting phone calls of foreign agents that are occurring with Americans is wrong and names should not be requested to be unmasked. How about insider threats? Okay, well read on….

Russian intelligence and security services have been waging a campaign of harassment and intimidation against U.S. diplomats, embassy staff and their families in Moscow and several other European capitals that has rattled ambassadors and prompted Secretary of State John F. Kerry to ask Vladimir Putin to put a stop to it.

At a recent meeting of U.S. ambassadors from Russia and Europe in Washington, U.S. ambassadors to several European countries complained that Russian intelligence officials were constantly perpetrating acts of harassment against their diplomatic staff that ranged from the weird to the downright scary. Some of the intimidation has been routine: following diplomats or their family members, showing up at their social events uninvited or paying reporters to write negative stories about them.

But many of the recent acts of intimidation by Russian security services have crossed the line into apparent criminality. In a series of secret memos sent back to Washington, described to me by several current and former U.S. officials who have written or read them, diplomats reported that Russian intruders had broken into their homes late at night, only to rearrange the furniture or turn on all the lights and televisions, and then leave. One diplomat reported that an intruder had defecated on his living room carpet. More here.

Russian banker convicted in U.S. spy ring deported to Moscow

A Russian banker convicted last year in the United States for involvement in a spy ring operating in New York City has been deported to Moscow, a U.S. law enforcement agency said on Wednesday.

Evgeny Buryakov, a former New York banker who was convicted in federal court of conspiring to act in the United States as an agent of the Russian Federation, is shown in this handout photo sitting on a commercial flight, escorted by deportation officers and turned over to Russian authorities, April 5, 2017.    United States Immigration and Customs Enforcement (ICE)/Handout via REUTERS

Evgeny Buryakov, a former New York banker who was convicted in federal court of conspiring to act in the United States as an agent of the Russian Federation, is shown in this handout photo sitting on a commercial flight, escorted by deportation officers and turned over to… REUTERS

Evgeny Buryakov, 42, was escorted to Russia by deportation officers aboard commercial flights and turned over to Russian authorities, the U.S. Immigration and Customs Enforcement (ICE) said in a statement.

Buryakov was arrested in January 2015 and charged with two others. U.S. prosecutors said they had worked with the Russian intelligence service and conspired to gather economic intelligence on behalf of Russia, including information about U.S. sanctions against Russia, and to recruit New York City residents as intelligence sources.

Buryakov, who worked at Russian state-owned Vnesheconombank, was sentenced in May by a U.S. district judge in Manhattan to 2-1/2 years in prison after pleading guilty to having conspired to act improperly as an agent for the Russian government.

He received credit for 16 months already spent in custody and was in line to be deported after completing his sentence.

***

Department of Justice
U.S. Attorney’s Office
Southern District of New York

FOR IMMEDIATE RELEASE
Friday, March 11, 2016

Evgeny Buryakov Pleads Guilty In Manhattan Federal Court In Connection With Conspiracy To Work For Russian Intelligence

Evgeny BURYAKOV, a/k/a “Zhenya,” Worked for Russian Intelligence Under “Non-Official Cover” as a Banker in Manhattan

            Preet Bharara, the United States Attorney for the Southern District of New York, and John P. Carlin, Assistant Attorney General for National Security, announced that EVGENY BURYAKOV, a/k/a “Zhenya,” pled guilty today to conspiring to act in the United States as an agent of the Russian Federation, without providing prior notice to the Attorney General.

U.S. Attorney Preet Bharara said:  “An unregistered intelligence agent, under cover of being a legitimate banker, gathers intelligence on the streets of New York City, trading coded messages with Russian spies who send the clandestinely collected information back to Moscow.  This sounds like a plotline for a Cold War-era movie, but in reality, Evgeny Buryakov pled guilty today to a federal crime for his role in just such a scheme.  More than two decades after the end of the Cold War, Russian spies still seek to operate in our midst under the cover of secrecy.  But in New York, thanks to the work of the FBI and the prosecutors in my office, attempts to conduct unlawful espionage will not be overlooked.  They will be investigated and prosecuted.”

Assistant Attorney General John P. Carlin said: “Evgeny Buryakov pleaded guilty to covertly working as a Russian agent in the United States without notifying the Attorney General.  Foreign nations who attempt to illegally gather economic and other intelligence information through espionage pose a direct threat to U.S. national security.  The National Security Division will continue to work with our law enforcement partners to identify and hold accountable those who illegally operate as covert agents within the United States.”

According to the Complaint, the Indictment, other court filings, and statements made during court proceedings:

Beginning in 2012, bURYAKOV worked in the United States as an agent of Russia’s foreign intelligence agency, known as the “SVR.”  BURYAKOV operated under “non-official cover,” meaning he entered and remained in the United States as a private citizen, posing as an employee in the Manhattan office of a Russian bank, Vnesheconombank, also known as “VEB.”  SVR agents operating under such non-official cover – sometimes referred to as “NOCs” – typically are subject to less scrutiny by the host government, and, in many cases, are never identified as intelligence agents by the host government.  As a result, a NOC is an extremely valuable intelligence asset for the SVR.

Federal law prohibits individuals from acting as agents of foreign governments within the United States without prior notification to the United States Attorney General.  Department of Justice records indicate that BURYAKOV never notified the United States Attorney General that he was, in fact, an agent of the Russian Federation.

BURYAKOV worked in New York with at least two other SVR agents, Igor Sporyshev and Victor Podobnyy.  From November 22, 2010, to November 21, 2014, Sporyshev officially served as a trade representative of the Russian Federation in New York.  From December 13, 2012, to September 12, 2013, Podobnyy officially served as an attaché to the Permanent Mission of the Russian Federation to the United Nations.  The investigation, however, showed that Sporyshev and Podobnyy also worked as officers of the SVR.  For their roles in the charged conspiracy, Sporyshev and Podobnyy were charged along with BURYAKOV in January 2015.  However, Sporyshev and Podbonyy no longer lived in the United States and thus were not arrested.

BURYAKOV’s Co-Conspirators Are Recorded Inside the SVR’s New York “Residentura”

During the course of the investigation, the FBI recorded Sporyshev and Podobnyy speaking inside the SVR’s offices in New York, known as the “Residentura.”

The FBI obtained the recordings after Sporyshev attempted to recruit an FBI undercover employee (“UCE-1”), who was posing as an analyst from a New York-based energy company.  In response to requests from Sporyshev, UCE-1 provided Sporyshev with binders containing purported industry analysis written by UCE-1 and supporting documentation relating to UCE-1’s reports, as well as covertly placed recording devices.  Sporyshev then took the binders to, among other places, the Residentura.

During subsequent recorded conversations, Sporyshev and Podobnyy discussed, among other things, Sporyshev’s SVR employment contract and his official cover position, their work as SVR officers, and the FBI’s July 2010 arrests of 10 SVR agents in the United States, known as the “Illegals.”

Sporyshev and Podobnyy also discussed BURYAKOV’s prior service with the SVR in South Africa.  BURYAKOV worked in South Africa between approximately 2004 and 2009, officially as a representative of VEB.  During a conversation about Sporyshev’s cover position in New York, Podobnyy related that, when BURYAKOV was working in South Africa, he had dinner with an SVR official and BURYAKOV’s supervisor at VEB and that, during the dinner, the SVR official told the VEB official that BURYAKOV was an “employee of the Service,” i.e., the SVR.

Further, Sporyshev and Podobnyy were recorded discussing, among other things, their (i) attempting to recruit New York City residents as intelligence sources for Russia; (ii) tasking BURYAKOV to gather intelligence; and (iii) transmitting intelligence reports prepared by BURYAKOV back to SVR headquarters in Moscow.

The directives from the SVR to BURYAKOV, Sporyshev, and Podobnyy, as well as to other covert SVR agents acting within the United States, included requests to gather intelligence on, among other subjects, potential United States sanctions against Russian banks and the United States’ efforts to develop alternative energy resources.

BURYAKOV’s Intelligence Taskings

Sporyshev was responsible for relaying intelligence assignments from the SVR to BURYAKOV.

BURYAKOV Drafts a Proposal for the SVR’s “Active Measures Directorate”

In May 2013, Sporyshev and Podbonyy were recorded discussing a proposal that BURYAKOV had drafted about a planned deal in which Bombardier Aircraft Company (“Bombadier”) in Canada would manufacture certain airplanes in Russia.  Sporyshev noted that Canadian “unions were resisting” and that BURYAKOV’s “proposal [was] for MS” – the SVR’s Active Measures Directorate – to “pressur[e] the unions and secur[e] from the company a solution that is beneficial to us.”  Other evidence developed during the investigation showed that, around the time of this conversation, BURYAKOV had conducted Internet searches relating to Bombardier and labor unions and, earlier, had obtained news articles regarding the planned deal and also attended a conference in Canada that Bombardier personnel also attended.

BURYAKOV Assists Sporyshev in Attempting to Obtain Sensitive Information About the New York Stock Exchange

Also, on May 21, 2013, Sporyshev called BURYAKOV, greeted him, and then described a tasking from “top sources” relating to three questions that ITAR-TASS, a Russian news agency, could put to the New York Stock Exchange.  Sporyshev called the defendant back approximately 20 minutes later.  During the call, BURYAKOV proposed questions regarding (i) exchange traded funds (ETFs), including the “mechanisms of their use to destabilize the market;” (ii) “curbing of trading robot activities;” and (iii) “technical parameters” and “other regulations directly related to the exchange.”  On July 8, 2013, a purported “bureau chief” for ITAR-TASS sent an email to an employee of the New York Stock Exchange that parroted the questions that BURYAKOV proposed to Sporyshev.

BURYAKOV Assists Sporyshev in Analyzing the Effect of Sanctions

Another example of an intelligence tasking occurred in late March 2014.  Specifically, on March 28, 2014, Sporyshev was recorded telling BURYAKOV that Sporyshev needed help researching the “effects of economic sanctions on our country,” among other things.  A few days later, on April 2, 2014, Sporyshev called BURYAKOV and stated, in an intercepted conversation, that he had not seen BURYAKOV in a while, and asked to meet BURYAKOV outside VEB’s office in Manhattan in 20 minutes.  A court-authorized search of BURYAKOV’s computer at VEB revealed that, at around the time of this telephone call, BURYAKOV conducted the following internet searches: “sanctions Russia consiquences” [sic] and “sanctions Russia impact.”

Two days later, on April 4, 2014, BURYAKOV called Sporyshev and, in an intercepted conversation, stated that he (BURYAKOV) “wrote you an order list,” and suggested that they meet.  Approximately 20 minutes later, Sporyshev met BURYAKOV in the driveway of BURYAKOV’s home.  Their encounter, which was captured by a video surveillance camera located near BURYAKOV’s residence, lasted approximately two minutes.  On the video footage, the defendants appeared to exchange a small object.

Clandestine Meetings and Communications

During the course of their work as covert SVR agents in the United States, BURYAKOV, Sporyshev, and Podobnyy regularly met and communicated using clandestine methods and coded messages, in order to exchange intelligence-related information while shielding their associations with one another as SVR agents.  These efforts were designed, among other things, to preserve their respective covers as an employee of VEB (BURYAKOV), a trade representative of the Russian Federation in New York (Sporyshev), and an attaché to the Permanent Mission of the Russian Federation to the United Nations (Podobnyy).

During the investigation, the FBI intercepted numerous calls between BURYAKOV and Sporyshev in which one of the men told the other that he needed to meet for some purpose, such as to transfer an item (such as a “ticket,” “book,” or “list,”) or for a purported social purpose.  In fact, BURYAKOV and Sporyshev used this coded language to signal that they needed to exchange intelligence information.

FBI surveillance revealed that, at some of these meetings between BURYAKOV and Sporyshev, they exchanged documents or other small items.  Notably, despite discussing on approximately a dozen occasions the need to meet to transfer “tickets,” BURYAKOV and Sporyshev were – other than one occasion where they discussed going to a movie – never observed attending, or discussing in any detail, events that would typically require tickets, such as a sporting event or concert.

BURYAKOV’s Receipt of Purported Official United States Government Documents

In the summer of 2014, BURYAKOV met multiple times with a confidential source working for the FBI (“CS-1”) and an FBI undercover employee (“UCE-2”).  Both CS-1 and UCE-2 purported to be working on a casino development project in Russia.

During a conversation recorded on July 22, 2014, Sporyshev warned BURYAKOV that meeting with UCE-2 might be a “trap” but authorized BURYAKOV to go ahead so he could make a better assessment.

During the course of the subsequent meetings, and consistent with his interests as a Russian intelligence agent, BURYAKOV demonstrated his strong desire to obtain information about subjects far outside the scope of his work as a bank employee.  During these meetings, BURYAKOV also accepted documents that were purportedly obtained from a U.S. government agency and which purportedly contained information potentially useful to Russia, including information about United States sanctions against Russia.

*                *                *

            BURYAKOV, 41, pled guilty to one count of conspiring to act in the United States as an agent of the Russian Federation without providing notice to the Attorney General, which carries a maximum sentence of five years.  This statutory maximum sentence is prescribed by Congress and is provided here for informational purposes only, as any sentence imposed on the defendant will be determined by the judge.

BURYAKOV will be sentenced on May 25, 2016, at 11:00 a.m.

U.S. Attorney Bharara praised the investigative work of the FBI’s Counterintelligence Division.

The prosecution is being handled by Assistant U.S. Attorneys Emil J. Bove III, Brendan F. Quigley, and Stephen J. Ritchin of the Terrorism and International Narcotics Unit of the U.S. Attorney’s Office for the Southern District of New York, with assistance provided by Senior Trial Attorney Heather Schmidt of the National Security Division’s Counterintelligence and Export Control Section.

Is the U.S. Prepared for North Korea or Russia? Well…

Two weeks ago North Korea conducted a failed missile test that came on the heels of an earlier test in March where four medium range ballistic missiles were fired in a salvo. Those missiles traveled to their maximum range of 620 miles with some falling in the waters belonging to Japan’s exclusive economic zone.

North Korea has previously test-fired missiles near Sinpo, where it has a submarine base.

A KN-11 submarine launched missile was successfully launched from waters off Sinpo last August that traveled 310 miles into the Sea of Japan.

In February, North Korea successfully tested a land-based version of the KN-11 that also traveled the same distance.

General John Hyten, the commander of U.S. Strategic Command, told a Congressional panel Tuesday that the February launch marked a significant advancement for North Korea because it was its first successful solid-fueled missile fired from a mobile launcher.

Hyten labeled the February launch of the KN-11 missile as “a major advancement” by North Korea because it was “a new solid medium range ballistic missile off a new transporter erector launcher.”

And Hyten said North Korea showed off pictures “for the entire world to see out of a place we’d never seen before that showed a new technology. A new North Korean capability to employ a very challenging technology for us.”

He explained that liquid-fueled missiles can be unstable and take a long time to fuel and set-up. But “a solid (fueled) rocket can be rolled out and launched at a moment’s notice.”

Hyten added that America’s early missile program was based on liquid fueled rockets that could be unstable and dangerous but “a solid is a much better solution. So all of our inventory now is solids.” More here from ABC.

*** How badly did Obama’s sequestration affect the United State’s ability to deter or intercept an ICBM or MRBM or miniature nuclear weapon launched by North Korea? I am betting on some hope of electronic warfare or U.S. cyber intrusion that would go through China.

*** North Korea has detonated nuclear devices and is trying to develop long-range missiles capable of reaching the United States.

The Pentagon has spent more than $40 billion on the Ground-based Midcourse Defense system — GMD for short. It’s designed specifically to thwart a nuclear strike by North Korea or Iran. Yet there are grave doubts about whether it’s up to the task.

Here is a look at the system’s origins, how it’s supposed to work and the technical problems that have bedeviled it.

What exactly is GMD supposed to do?

It’s designed to defend the United States against a “limited” nuclear attack. That means a strike with a handful of missiles, as opposed to a massive assault of the kind that Russia or China could launch. The United States relies on deterrence — the threat of overwhelming retaliation — to prevent Russia or China from ever unleashing missiles against us. In the case of North Korea or Iran, we would rely on GMD to knock incoming warheads out of the sky. More here.

***

The THAAD system is in place now as a defensive measure. The Chinese are very concerned on this system as they do not know all the features or abilities of the THAAD.

General Hyten, Commander of STRATCOM presented chilling testimony on April 4th explaining the condition of offensive and defensive systems with particular emphasis on the nuclear TRIAD platform which is slowly aging out, meaning all too soon, the submarines are no longer able to dive.

So, are there other options? Yes, but they were not revealed in open session testimony and when General Hyten tells us that every action the United States takes to maintain the edge militarily, our adversaries especially Russia takes twice as many.

What about SDI as pursued decades ago by President Reagan? Well, this may help that discussion, but sadly we are not there yet.

The Multi-Object Kill Vehicle can simultaneously destroy ICBMs and decoys with a single interceptor

The Pentagon’s Missile Defense Agency is in the early phases of engineering a next-generation “Star Wars”-type technology able to knock multiple incoming enemy targets out of space with a single interceptor, officials said.

The new system, called Multi-Object Kill Vehicle, or MOKV, is designed to release from a Ground Based Interceptor and destroy approaching Inter Continental Ballistic Missiles, or ICBMs — and also take out decoys traveling alongside the incoming missile threat.

“We will develop and test, by 2017, MOKV command and control strategies in both digital and hardware-in-the-loop venues that will prove we can manage the engagements of many kill vehicles on many targets from a single interceptor. We will also invest in the communication architectures and guidance technology that support this game-changing approach,” a spokesman for the Missile Defense Agency, told Scout Warrior a few months ago.

Decoys or countermeasures are missile-like structures, objects or technologies designed to throw off or confuse the targeting and guidance systems of an approaching interceptor in order to increase the probability that the actual missile can travel through to its target.

If the seeker or guidance systems of a “kill vehicle” technology on a Ground Base Interceptor, or GBI, cannot discern an actual nuclear-armed ICBM from a decoy – the dangerous missile is more likely to pass through and avoid being destroyed.  MOKV is being developed to address this threat scenario.

The Missile Defense Agency has awarded MOKV development deals to Boeing, Lockheed and Raytheon as part of a risk-reduction phase able to move the technology forward, Lehner said.

Steve Nicholls, Director of Advanced Air & Missile Defense Systems for Raytheon, told Scout Warrior the MOKV is being developed to provide the MDA with “a key capability for its Ballistic Missile Defense System – to discriminate lethal objects from countermeasures and debris. The kill vehicle, launched from the ground-based interceptor extends the ground-based discrimination capability with onboard sensors and processing to ensure the real threat is eliminated.”

MOKV could well be described as a new technological step in the ongoing maturation of what was originally conceived of in the Reagan era as “Star Wars” – the idea of using an interceptor missile to knock out or destroy an incoming enemy nuclear missile in space. This concept was originally greeted with skepticism and hesitation as something that was not technologically feasible.

Not only has this technology come to fruition in many respects, but the capability continues to evolve with systems like MOKV. MOKV, to begin formal product development by 2022, is being engineered with a host of innovations to include new sensors, signal processors, communications technologies and robotic manufacturing automation for high-rate tactical weapons systems, Nicholls explained.

The trajectory of an enemy ICBM includes an initial “boost” phase where it launches from the surface up into space, a “midcourse” phase where it travels in space above the earth’s atmosphere and a “terminal” phase wherein it re-enters the earth’s atmosphere and descends to its target. MOKV is engineered to destroy threats in the “midcourse” phase while the missile is traveling through space.

An ability to destroy decoys as well as actual ICBMs is increasingly vital in today’s fast-changing technological landscape because potential adversaries continue to develop more sophisticated missiles, countermeasures and decoy systems designed to make it much harder for interceptor missile to distinguish a decoy from an actual missile.

As a result, a single intercept able to destroy multiple targets massively increases the likelihood that the incoming ICBM threat will actually be destroyed more quickly without needing to fire another Ground Based Interceptor.

Raytheon describes its developmental approach as one that hinges upon what’s called “open-architecture,” a strategy designed to engineer systems with the ability to easily embrace and integrate new technologies as they emerge.  This strategy will allow the MOKV platform to better adjust to fast-changing threats, Nicholls said.

The MDA development plan includes the current concept definition phase, followed by risk reduction and proof of concept phases leading to a full development program, notionally beginning in fiscal year 2022, Nicholls explained.

“This highly advanced and highly technical kill vehicle takes a true dedication of time and expertise to properly mature. It is essential to leverage advancements from other members of the Raytheon kill vehicle family, including the Redesigned Kill Vehicle,” Nicholls said.

While the initial development of MOKV is aimed at configuring the “kill vehicle” for a GBI, there is early thinking about integrating the technology onto a Standard Missile-3, or SM-3, an interceptor missile also able to knock incoming ICBMs out of space.The SM-3 is also an exo-atmopheric “kill vehicle,” meaning it can destroy short and intermediate range incoming targets; its “kill vehilce” has no explosives but rather uses kinetic energy to collide with and obliterate its target. The resulting impact is the equivalent to a 10-ton truck traveling at 600 mph, Raytheon statements said.

“Ultimately, these Multi-Object Kill Vehicles will revolutionize our missile defense architecture, substantially reducing the interceptor inventory required to defeat an evolving and more capable threat to the homeland,” an MDA official said.

***

So what about North Korea?

North Korea’s Most Important Submarine Base

North Korea’s submarine force is one of the more capable wings of its generally decrepit military. The current force’s strength lies mostly in its numbers — North Korea possesses roughly 70 submarines in all, roughly 40 of which are its newest Shark-class vessels. (Though still dangerous to its adversaries, even the Shark-class reflects pretty dated technology.) With that number, the DPRK can and does crowd its coasts with torpedo-armed or mine-laying submarines, establishing a respectable anti-surface capability near its waters. Though most of its submarine force is old, loud, or both, still North Korea tinkers on, boldly determined to achieve a reliable sea-based nuclear deterrent.

North Korea's Most Important Submarine Base
North Korean leader Kim Jong-un (front) stands on the conning tower of a submarine during his inspection of the Korean People’s Army (KPA) Naval Unit 167 in this undated photo released by North Korea’s Korean Central News Agency (KCNA) on June 16, 2014.
Image Credit: KCNA via Reuters

To this effect, the DPRK is building the new Gorae-class submarine (or Sinpo-class) and testing Submarine-Launched Ballistic Missiles (SLBMs) accordingly. Remarkably, most of this activity and materiel are headquartered within a few kilometers of each other in the city of Sinpo and the nearby Mayang-Do Naval Base. Shipyards for the new Gorae-class, SLBM research and development facilities, many or most of the DPRK’s east coast submarines, and the only known ground-based launch platforms for SLBM tests — all are located along the same 35 square kilometer stretch of the North Korean coast. A well-coordinated first strike on this facility would hamstring the North’s submarine fleet, its submarine building capacity, and its hopes of a credible naval nuclear deterrent all in one go.

unnamed (1)

Source: Strategic Sentinel

Significance

Sinpo, a small city bordering the Sea of Japan, has been building North Korean submarines for decades. Sinpo’s shipyards churned out dozens of the aforementioned Shark-class submarines in the 1990s, and are now constructing more of the newest Gorae-class as well. (Nuclear missile submarines are generally larger than their conventional counterparts — Gorae, not incidentally, is Korean for “whale.”) As Joe Bermudez, a renowned expert on North Korean military matters, reportedtwice — this particular vessel may very well undergo more testing and tweaking before more are built. In light of Sinpo’s history with the Shark-class, its current status as headquarters for the Gorae, and the overall prominence of submarines within the DPRK Navy, North Korea undoubtedly regards Sinpo as one of its most valuable shipbuilding sites.

Not content with the prospect of a mobile, surface-launched ICBM capability, North Korea is simultaneously — albeit much more slowly — working toward a sea-based nuclear deterrent. Crafting a reliable SLBM is a long, arduous process, full of tests, setbacks, and incremental improvement. Lamentably, however, North Korean ballistic missile development is progressing much faster than historical precedent would suggest, thanks in large part to newly unemployed Soviet scientists traveling to Pyongyang as the Cold War ended. Still, rigorous testing is necessary for new models to be considered remotely reliable, and the North has yet to come near this threshold in its SLBM program.

Source: Strategic Sentinel

A very poor test of an infant SLBM program could result in substantial damage to the submarine itself. To avoid any such potential and costly destruction, North Korea has constructed a land-based SLBM launch platform at Sinpo, barely a kilometer away from the Gorae’s submarine pen. We believe this to be the only such facility heretofore identified by open-source intelligence. Destroying it — and the Gorae next door — would deliver a crushing body blow to the North’s SLBM program.

0

Source: Strategic Sentinel

Whether North Korea could realistically achieve a working long-range, nuclear SLBM by 2025 remains in serious doubt. Actually producing a functioning naval nuclear deterrent is several other matters entirely. The Gorae-class subs would need to be both quiet and capable of traveling the length of the Pacific Ocean to get into range of the United States, and both of these prospects seem a ways off. Once the vessel design is perfected, North Korea would need to produce at least six such submarines to maintain a continuous, credible deterrent. Then there’s the need for reliable command, control, and communications infrastructure, all of which would need to markedly improve on current conditions. North Korea remains rather far from a sea-based deterrent; one successful strike on Sinpo could set them back many more years.

Scanning a satellite photograph (dated December 2016) of Sinpo’s naval facilities and the Mayang-Do Naval Base not three kilometers off the coast, I personally counted over 25 docked submarines. Satellite imagery from March and May of that year do not reveal quite so many, but still well over a dozen are clearly visible. Most of these were the older, less capable Yono­- and Romeo-class models. Still: the quantity of submarines facing simultaneous destruction is more than high enough to warrant attention; these smaller submarines can be used to traffic North Korean Special Ops into South Korean territory; the brand new Gorae lies within two kilometers of the other clustered submarines; and the research, testing, and naval support facilities add substantially to the base’s strategic value.

0 (1)

Source: Strategic Sentinel

Predictably, a surprise strike would be practically necessary to eliminate all of these assets in one fell swoop. The DPRK would be expected to disperse their submarines during times of heightened tension. (Note that the satellite images from March 2016 — taken during the annual U.S.-South Korea military exercises — show fewer submarines than in December.) A surprise strike could effectively cripple the North Korean East Sea Fleet; recall that submarines are the backbone of the DPRK Navy. Mayang-Do is one of but two east coast submarine bases, and Sinpo is the flagship of the North’s SLBM program.

Vulnerability

Rarely in military strategy do significance and vulnerability pair as smoothly together as they do at Sinpo and Mayang-Do. Generally, a base’s significance bestows upon it a certain vulnerability, for shrewd adversaries tend to strike their opponent’s center of gravity. This can then be ameliorated with physical fortifications, air defense networks, missile defense systems, secrecy, and so on. But truly, little in North Korea is “well defended” by modern military standards.

Sinpo and its related military facilities lie within close range of Toksan and Iwon air bases, both loaded with MiG-21 fighter aircraft. North Korea possesses several sophisticated or pseudo-sophisticated air defense systems, from the ancient SA-2 to the more modern KN-06. The KN-06 is very similar to the Russian S-300 and the Chinese HQ-9, the latter itself also being curiously similar to the S-300. This makes the KN-06 North Korea’s most advanced surface-to-air missile to date and the most plausible threat against American or allied aircraft. The KN-06 is still undergoing testing, however, and it is unclear how many batteries the North plans to produce.

As of right now, MiG-21s and S-200s look to be the most likely defenders of Sinpo and Mayang-Do. These platforms represent no real threat to the U.S., South Korean, or Japanese air forces. In Operation Desert Storm, American F-15s made quick work of Iraqi MiG-21s, 23s, 29s, and Su-25s. North Korea does not currently operate a single aircraft better than those the United States easily defeated over 25 years ago. Perhaps the North Korean Air Force or its SAMs would get lucky and destroy a few U.S. aircraft. Perhaps they get really lucky and slay a few more. Unless they can somehow shoot down most of the planes involved in a first strike — possibly including stealthy F-22s and B-2s or pseudo-stealthy F-35s — and intercept the cruise missiles fired from American and allied ships, the North Koreans would not be able to defend their base from utter destruction.

Conclusion

A strike on Sinpo and the island of Mayang-Do would be a tactician’s dream. One full salvo on the submarines stationed there (and their supportive infrastructure) could constitute the most brutally efficient military operation of the next Korean War. The risk-reward ratio dramatically favors the aggressor. Esteemed professionals — two former secretaries of defense, for example — have called for preventative strikes against North Korean military facilities. That is not what I am doing here. But should an aggressor choose to target Sinpo in such a wave, they could simultaneously cripple much of North Korea’s submarine force and slam its SLBM program to a halt.