CNN Reported Dossier Basis for Trump Surveillance, But…

Posted on April 19, 2017April 19, 2017 by Denise Simon

The FBI last year used a dossier of allegations of Russian ties to Donald Trump’s campaign as part of the justification to win approval to secretly monitor a Trump associate, according to US officials briefed on the investigation.

The dossier has also been cited by FBI Director James Comey in some of his briefings to members of Congress in recent weeks, as one of the sources of information the bureau has used to bolster its investigation, according to US officials briefed on the probe.

This includes approval from the secret court that oversees the Foreign Intelligence Surveillance Act (FISA) to monitor the communications of Carter Page, two of the officials said. Last year, Page was identified by the Trump campaign as an adviser on national security. More here from CNN.

Okay, so everyone remains angry with James Comey right? Okay, well hold on….this could get complicated. We cant dismiss the notion that Obama and Susan Rice had a valid reason for their surveillance

actions, at least some as the below case was provided to the White House.

Enter Evigeniy Mikhailovich Bogachev.

Image result for evgeniy mikhailovich bogachev

U.S. v Evgeniy Mikhailovich Bogachev et al by Brian Ries on Scribd

Bogachev was a case from 2014 investigated by CrowdStrike and then later offered help to the FBI office in Omaha and later the FBI office in Pittsburgh finally after countless months, ran a global cyber operation and succeeded in stopping international bank thefts in the millions of dollars. Many Russian immigrants located in Brighton Beach were recruited to be mules going to domestic banks, opening accounts and later withdrawing funds, cleaning all traces of the stolen millions. It should be noted that CrowdStrike was the same firm the Hillary campaign hired to investigate intrusions.

Image result for evgeniy mikhailovich bogachev

Now it gets even more interesting.

The matter of Bogachev with his named operation of ‘Business Club’ and his global cyber operatives hacking with sophisticated bots, malware and remote servers came to the attention of the Russian Federation. They liked what the Bogachev Zeus operation had the ability to do. So, top Kremlin officials allowed the operation to continue without prosecution if they would work to gather intelligence on the global reaction to Putin annexing Crimea and moving in on Ukraine.

All of this came to the attention also of U.S. based private cyber professional where they studied the code, the IP addresses, the servers, the patterns, names and other common cyber traits. The DNC hack attributions are a dovetail to the ‘Business Club’ operation due to style, coding, networks, language and server locations.

In 2015, the Obama State Department issued sanctions and a $3 million dollar bounty on Bogachev who operated with the alias of ‘Slavik’. Russia of course is not only not cooperating but refuses to admit any such action was real and the evidence is not vetted. This is a usual response by top Russian officials.

An estimated $100 million was stolen via cyber operations by Slavik and computers infected with various versions of Zeus still exist while the FBI was able to seized all those known to their sting operation.

The FBI described the cyber sting operation as hand to hand combat with Bogachev and his operation on the Zeus case was deemed successful. It is unknown at this time who and where is he still operating. The summary of this operation was taken from the full article published by ‘Wired’ under the title ‘The Hunt for Russia’s Most Notorious Hacker’

Late last year, the DHS released a joint statement which read in part:

This activity by Russian intelligence services is part of a decade-long campaign of cyber-enabled operations directed at the U.S. Government and its citizens. These cyber operations have included spearphishing, campaigns targeting government organizations, critical infrastructure, think tanks, universities, political organizations, and corporations; theft of information from these organizations; and the recent public release of some of this stolen information. In other countries, Russian intelligence services have also undertaken damaging and disruptive cyber-attacks, including on critical infrastructure, in some cases masquerading as third parties or hiding behind false online personas designed to cause victim to misattribute the source of the attack. The Joint Analysis Report provides technical indicators related to many of these operations, recommended mitigations and information on how to report such incidents to the U.S. Government.

A great deal of analysis and forensic information related to Russian government activity has been published by a wide range of security companies. The U.S. Government can confirm that the Russian government, including Russia’s civilian and military intelligence services, conducted many of the activities generally described by a number of these security companies. The Joint Analysis Report recognizes the excellent work undertaken by security companies and private sector network owners and operators, and provides new indicators of compromise and malicious infrastructure identified during the course of investigations and incident response. The U.S. Government seeks to arm network defenders with the tools they need to identify,, detect and disrupt Russian malicious cyber activity that is targeting our country’s and our allies’ networks.

Putin’s Think Tank Crafted 2016 U.S. election Interference – documents

Posted on April 19, 2017April 19, 2017 by Denise Simon

Reuters: A Russian government think tank controlled by Vladimir Putin developed a plan to swing the 2016 U.S. presidential election to Donald Trump and undermine voters’ faith in the American electoral system, three current and four former U.S. officials told Reuters.

They described two confidential documents from the think tank as providing the framework and rationale for what U.S. intelligence agencies have concluded was an intensive effort by Russia to interfere with the Nov. 8 election. U.S. intelligence officials acquired the documents, which were prepared by the Moscow-based Russian Institute for Strategic Studies [en.riss.ru/], after the election.

The institute is run by retired senior Russian foreign intelligence officials appointed by Putin’s office.

The first Russian institute document was a strategy paper written last June that circulated at the highest levels of the Russian government but was not addressed to any specific individuals.

It recommended the Kremlin launch a propaganda campaign on social media and Russian state-backed global news outlets to encourage U.S. voters to elect a president who would take a softer line toward Russia than the administration of then-President Barack Obama, the seven officials said.

A second institute document, drafted in October and distributed in the same way, warned that Democratic presidential candidate Hillary Clinton was likely to win the election. For that reason, it argued, it was better for Russia to end its pro-Trump propaganda and instead intensify its messaging about voter fraud to undermine the U.S. electoral system’s legitimacy and damage Clinton’s reputation in an effort to undermine her presidency, the seven officials said.

The current and former U.S. officials spoke on the condition of anonymity due to the Russian documents’ classified status. They declined to discuss how the United States obtained them. U.S. intelligence agencies also declined to comment on them.

Putin has denied interfering in the U.S. election. Putin’s spokesman and the Russian institute did not respond to requests for comment.

The documents were central to the Obama administration’s conclusion that Russia mounted a “fake news” campaign and launched cyber attacks against Democratic Party groups and Clinton’s campaign, the current and former officials said.

“Putin had the objective in mind all along, and he asked the institute to draw him a road map,” said one of the sources, a former senior U.S. intelligence official.

Trump has said Russia’s activities had no impact on the outcome of the race. Ongoing congressional and FBI investigations into Russian interference have so far produced no public evidence that Trump associates colluded with the Russian effort to change the outcome of the election.

Four of the officials said the approach outlined in the June strategy paper was a broadening of an effort the Putin administration launched in March 2016. That month the Kremlin instructed state-backed media outlets, including international platforms Russia Today and Sputnik news agency, to start producing positive reports on Trump’s quest for the U.S. presidency, the officials said.

Russia Today did not respond to a request for comment. A spokesperson for Sputnik dismissed the assertions by the U.S. officials that it participated in a Kremlin campaign as an “absolute pack of lies.” “And by the way, it’s not the first pack of lies we’re hearing from ‘sources in U.S. official circles’,” the spokesperson said in an email.

PRO-KREMLIN BLOGGERS

Russia Today and Sputnik published anti-Clinton stories while pro-Kremlin bloggers prepared a Twitter campaign calling into question the fairness of an anticipated Clinton victory, according to a report by U.S. intelligence agencies on Russian interference in the election made public in January. [bit.ly/2kMiKSA]

Russia Today’s most popular Clinton video – “How 100% of the 2015 Clintons’ ‘charity’ went to … themselves” – accumulated 9 millions views on social media, according to the January report. [bit.ly/2os8wIt]

The report said Russia Today and Sputnik “consistently cast president elect-Trump as the target of unfair coverage from traditional media outlets.”

The report said the agencies did not assess whether Moscow’s effort had swung the outcome of the race in Trump’s favor, because American intelligence agencies do not “analyze U.S. political processes or U.S. public opinion.” [bit.ly/2kMiKSA]

CYBER ATTACKS

Neither of the Russian institute documents mentioned the release of hacked Democratic Party emails to interfere with the U.S. election, according to four of the officials. The officials said the hacking was a covert intelligence operation run separately out of the Kremlin.

The overt propaganda and covert hacking efforts reinforced each other, according to the officials. Both Russia Today and Sputnik heavily promoted the release of the hacked Democratic Party emails, which often contained embarrassing details.

Five of the U.S. officials described the institute as the Kremlin’s in-house foreign policy think tank.

The institute’s director when the documents were written, Leonid Reshetnikov, rose to the rank of lieutenant general during a 33-year-career in Russia’s foreign intelligence service, according to the institute’s website [bit.ly/2oVhiCF]. After Reshetnikov retired from the institute in January, Putin named as his replacement Mikhail Fradkov. The institute says he served as the director of Russia’s foreign intelligence service from 2007 to 2016. [bit.ly/2os4tvz]

Reuters was unable to determine if either man was directly involved in the drafting of the documents. Reshetnikov’s office referred questions to the Russian institute.

On its website, the Russian institute describes itself as providing “expert appraisals,” “recommendations,” and “analytical materials” to the Russian president’s office, cabinet, National Security Council, ministries and parliament. [bit.ly/2pCBGpR]

On Jan. 31, the websites of Putin’s office [bit.ly/2os9wMr] and the institute [bit.ly/2oLn9Kd] posted a picture and transcript of Reshetnikov and his successor Fradkov meeting with Putin in the Kremlin. Putin thanked Reshetnikov for his service and told Fradkov he wanted the institute to provide objective information and analysis.

“We did our best for nearly eight years to implement your foreign policy concept,” Reshetnikov told Putin. “The policy of Russia and the policy of the President of Russia have been the cornerstone of our operation.”

(Reporting by Ned Parker and Jonathan Landay, additional reporting by Warren Strobel and Arshad Mohammed; Editing by David Rohde and Ross Colvin)

*** In part:

The wide range of scientific work is ensured by the structural subdivision of the

RISS into the Research Center of CIS countries, Center for Asia and the Middle

East Research, the Center for Euro-Atlantic Studies (‘geographical departments’),

Center for Economic Research, Centre for Defense Studies as well as the Humanitarian

Research Center (functional departments).8 The latter represents a

new department, introduced almost simultaneously with the Presidential Decree

of 2009 and it is preoccupied with “the contentious issues of the foreign relations

history and the role of the religious factor.”9 Its introduction has added a new task

of “counteracting the falsification of history in the post-Soviet space”10 to RISS

scientific activities which are determined by the need of the Russian government

to provide strategic interests in the post-Soviet space. Here, there is a serious element

of propaganda for Russian state interests. Upon the whole, we can conclude

that the Presidential Decree of 2009 has turned the RISS into a useful tool providing

abundant data and research for an appropriate “articulation of the strategic

directions of the state policy in the sphere of national security.” Read more here.

Due to N. Korea, Hawaii Calls for Emergency Response

Posted on April 17, 2017April 17, 2017 by Denise Simon

CAMP H.M. SMITH, Hawaii — The U.S. Pacific Command (USPACOM) detected and tracked what we assess was a North Korean missile launch at 11:42 a.m. Hawaii-Aleutian Standard Time, April 4. The launch of a single ballistic missile occurred at a land-based facility near Sinpo.

The missile was tracked until it landed in the Sea of Japan at 11:51 a.m.

Initial assessments indicate that the type of missile was a KN-15 medium-range ballistic missile (MRBM).

USPACOM is fully committed to working closely with our Republic of Korea and Japanese allies to maintain security.

The North American Aerospace Defense Command (NORAD) determined that the missile launch from North Korea did not pose a threat to North America.

Specialists Think North Korea Poses Nuclear Threat to Hawaii

Nuclear arms experts think North Korea already has, or soon will have, the ability to target Hawaii with a nuclear-tipped intercontinental ballistic missile with possibly about the same destructive force as the bombs dropped on Hiroshima and Nagasaki.

Warnings are mounting apace with that growing threat.

“North Korea’s unprecedented level of nuclear testing and ballistic missile development offers a sobering reminder that the United States must remain vigilant against rogue nation-states that are able to threaten the homeland,” Air Force Gen. Lori Robinson, who heads the North American Aerospace Defense Command, told a congressional committee Thursday.

In Hawaii a profusion of four-star military commands — including U.S. Pacific Command, which oversees U.S. military activity over half the globe — makes Oahu a strategic and symbolic target. The threat from an unpredictable North Korea, in turn, is prompting a revisitation of some old Cold War practices that until recently seemed laughable.

Duck and cover? Still there in the form of “shelter in place,” state officials say.

Nuclear fallout shelters? In 1981, Oahu had hundreds of them. The Prince Kuhio Building could hold 14,375 people — not because it has a secret underground bunker, but because its concrete parking structure could be used as shelter.

“Each one of those facilities had to be surveyed for how much concrete density [was present],” said Toby Clairmont, executive officer of the Hawaii Emergency Management Agency, the successor to Civil Defense. “And they had to be equipped, so they put medical kits in them, food, sanitary kits, all that kind of stuff.”

As time went on, funding for those provisions stopped, and the stocks were disposed of because they became too old, Clairmont said. In the majority of cases, existing fallout shelter markings are out of date and no longer applicable.

Alternatively, the U.S. military would try to shoot down an incoming North Korean ICBM with ground-based interceptors in Alaska and California, although the $36 billion system was rated by the Pentagon in December as having low reliability.

With the collapse of the Soviet Union, ICBMs in the late 1990s came off Hawaii Emergency Management’s threat list of mostly natural hazards. Terrorism was added, and in 2006 the state practiced for a half-kiloton explosion in Honolulu Harbor that resulted in up to 8,000 casualties with injuries or radiation.

A new threat

President Donald Trump, who met last week with Chinese President Xi Jinping in Florida, has warned that the United States might take unilateral action against North Korea unless China does more to rein in its pugnacious neighbor. He did not mention a pre-emptive first strike per se.

Such a first strike presumably would take out the fixed launch sites at Sohae and Tonghae, but North Korea is also believed to have road-mobile launchers that could survive to retaliate — if they actually work.

With North Korea emerging as a new threat, state Emergency Management Administrator Vern Miyagi said it’s time to update the previous plans.

“If you were to ask me what is the status of North Korea, and is [a missile attack] a high probability — no, it’s a low probability,” said Miyagi, a retired Army two-star general who served at the Pacific Command as senior adviser for military support to civil authorities operations and Reserve and National Guard affairs.

“But then, so, we have to keep a lookout for that [threat]. That’s why we’re talking about updating the plan. It’s an awakening. Maybe we should get involved with” fallout shelters again and identify where still-usable shelters are located, he said.

Fallout protection exists to some degree in any building, but it is most effective in heavy concrete buildings and underground structures, he said.

The agency does monthly tests with the Pacific Command using secure communications, Miyagi said. The advice in the event of a missile attack is still to duck and cover and “get into a substantial building,” he said.

“The bottom line in our plan right now is close coordination with Pacific Command, the military side, so that we understand what’s happening, and we can prepare for it with what we have — and what we have right now is very thin,” Miyagi said.

Looking for a solution

During the Cold War, the state envisioned moving hundreds of thousands of Oahu residents to the neighbor islands if things heated up with the Soviet Union. However, a North Korean ICBM could reach Hawaii in under 20 minutes with no warning, experts say.

Robinson, the North American Aerospace Defense commander, said 2016 was “one of North Korea’s most active years in terms of nuclear weapon and missile program development in pursuit of weaponizing a nuclear ballistic missile capable of reaching the United States.”

Riki Ellison, chairman of the nonprofit Missile Defense Advocacy Alliance, is among a growing number of voices calling for “operationalizing” the Aegis Ashore facility on Kauai in emergencies to be able to shoot down North Korean missiles. Right now, it’s used for missile defense testing only.

Ellison said the new SM-3 Block IIA missile, which is expected to have ICBM shoot-down capability, is a “critical asset required for the region and Hawaii.”

“For U.S. homeland defense, the emergency operational activation of the Aegis Ashore site, to include the AN/TPY-2 radar at the Pacific Missile Range Facility,” is needed in the short term, Ellison said in a release.

In 2015, Adm. Bill Gortney, then commander of North American Aerospace Defense, said, “Our assessment is that they [North Korea] have the ability to put … a nuclear weapon on a KN-08 [missile] and shoot it at the homeland.”

Jeffrey Lewis, director of the East Asia Nonproliferation Program and founding publisher of Arms Control Wonk.com, said the road-mobile KN-08 hasn’t been flight-tested yet.

“This is a very important caution because an ICBM that has never been tested is very unreliable,” he said in an email. If it works, it can probably hit targets throughout the U.S., he said.

North Korea claimed that its last nuclear test validated a standardized warhead of at least 10 kilotons for its long-range missiles, but it “may be significantly more than that,” Lewis added. Ellison, with the Missile Defense Advocacy Alliance, maintains North Korea might have a miniaturized warhead around 20 kilotons.

The atomic bomb dropped on Hiroshima in 1945 was 15 kilotons, while a 20-kiloton device was detonated over Nagasaki.

This article is written by William Cole from The Honolulu Star-Advertiser and was legally licensed via the Tribune Content Agency through the NewsCred publisher network.

Pyotr Levashov Arrested in Barcelona, Hacker

Posted on April 9, 2017April 9, 2017 by Denise Simon

All domestic news media has been blaming the Russians for cyber election intrusion. Conservative outlets have pushed back asking for evidence. There are investigations on The Hill regarding Russian interference and the House Intelligence Committee, chaired by Devin Nunes has seen the documents and share them with the White House. The committee co-chair Adam Schiff was angry he was not read on early enough. A big political conflict has occurred and Nunes recused himself from the specific committee investigation regarding Russia as Nunes remains chairman of the committee.

Okay so what you ask?

Well we want to blame the FBI, Comey and ODNI, Clapper for not being more forthcoming on the matter. Slow down everyone, as cyber investigations are international in scope and it takes a mobilized set of experts and agencies and international collaboration to make attribution by using exceptional tools, cyber talent and agreements. So….what does all this mean? It means the lid could soon blow off this whole operation.

You see, there was malware, phishing and countless botnet systems that were part of the U.S. election interference as we saw with the DNC hack and the John Podesta emails via WikiLeaks. There are countless moving parts and they are international. It is gratifying to know however, not only is government part of the investigation, but outside cyber corporations are doing their own due diligence and offering additional clues, evidence and assistance to the FBI. How so you ask?

From Krebs on Security: Then, on Jan. 26. 2012, I ran a story featuring a trail of evidence suggesting a possible identity of “Severa“ (a.k.a. “Peter Severa”), another SpamIt affiliate who is widely considered the author of the Waledac botnet (and likely the Storm Worm). In that story, I included several screen shots of Severa chatting on Spamdot.biz, an extremely secretive Russian forum dedicated to those involved in the spam business. In one of the screen shots, Severa laments the arrest of Alan Ralsky, a convicted American spam kingpin who specialized in stock spam and who — according to the U.S. Justice Department – was partnered with Severa. Anti-spam activists at Spamhaus.org maintain that Peter Severa’s real name is Peter Levashov (although the evidence I gathered also turned up another name, Viktor Sergeevich Ivashov). Read more here, it is fascinating and well done.

*** No wonder attribution takes a very long time right? Yes so read on please…..

Programmer Pyotr Levashov reportedly suspected in US election hacking arrested

Madrid: A Russian computer programmer, Pyotr Levashov, has been arrested in the Spanish city of Barcelona, a spokesman for the Russian embassy in Madrid said on Sunday.

It was unclear why Levashov was arrested. The embassy spokesman declined to give details for his arrest, and Spanish police and the interior ministry were not available for comment on Sunday.

Russian television station RT reported that Levashov was arrested under a US international arrest warrant and was suspected of being involved in hacking attacks linked to alleged interference in last year’s US election.

Peter Carr, a spokesman for the US Justice Department’s criminal division, said: “The US case remains under seal, so we have no information to provide at this time.”

The criminal division is separate from the national security division, which is responsible for investigating state-sponsored cyber crimes.

A US Department of Justice official said it was a criminal matter without an apparent national security connection.

Spanish authorities notified the Russian embassy of Levashov’s arrest on Friday, the embassy spokesman said.

In January, Spanish police arrested another Russian computer programmer, whose name was given as “Lisov” and who was wanted by the United States for leading a financial fraud network.

Russia’s embassy in Madrid. Photo: Wikimedia/Luis García (Zaqarbal)

The US government has formally accused Russia of hacking Democratic Party emails to help the campaign of Republican President Donald Trump. The US Congress is also examining links between Russia and Trump during the election campaign.

Russian officials, including President Vladimir Putin, have repeatedly denied that Russia tried to influence the election.

Reuters

January 2017: Spain has arrested a 32-year-old Russian computer programmer at Barcelona airport who is alleged to have designed and used software to steal bank account details from banks and individuals, Spanish police said on Friday.

Working with the U.S. Federal Bureau of Investigation (FBI), the man, named Lisov, was arrested by Spanish police on Jan. 13 as he waited to take a flight to another European country. He is suspected of leading a financial fraud network, the police said in a statement.

Lisov, wanted by the United States under an international arrest warrant, had been under observation by authorities for several days in the north-eastern region of Catalonia, police said. Police did not give the man’s first name. More here.

Tip sheet on above:

ALEXSEY BELAN

Conspiring to Commit Computer Fraud and Abuse; Accessing a Computer Without Authorization for the Purpose of Commercial Advantage and Private Financial Gain; Damaging a Computer Through the Transmission of Code and Commands; Economic Espionage; Theft of Trade Secrets; Access Device Fraud; Aggravated Identity Theft; Wire Fraud

Seems we need to be more patient when it comes to the FBI and associated international agencies…eh?

Russian Spy Buryakov Deported, and that is it?

Posted on April 5, 2017April 5, 2017 by Denise Simon

You mean there was no swap or something for this spy? How about an apology for this constant problem of our U.S. diplomats around the globe? And most of the country thinks that Russia does nothing wrong or intercepting phone calls of foreign agents that are occurring with Americans is wrong and names should not be requested to be unmasked. How about insider threats? Okay, well read on….

Russian intelligence and security services have been waging a campaign of harassment and intimidation against U.S. diplomats, embassy staff and their families in Moscow and several other European capitals that has rattled ambassadors and prompted Secretary of State John F. Kerry to ask Vladimir Putin to put a stop to it.

At a recent meeting of U.S. ambassadors from Russia and Europe in Washington, U.S. ambassadors to several European countries complained that Russian intelligence officials were constantly perpetrating acts of harassment against their diplomatic staff that ranged from the weird to the downright scary. Some of the intimidation has been routine: following diplomats or their family members, showing up at their social events uninvited or paying reporters to write negative stories about them.

But many of the recent acts of intimidation by Russian security services have crossed the line into apparent criminality. In a series of secret memos sent back to Washington, described to me by several current and former U.S. officials who have written or read them, diplomats reported that Russian intruders had broken into their homes late at night, only to rearrange the furniture or turn on all the lights and televisions, and then leave. One diplomat reported that an intruder had defecated on his living room carpet. More here.

Russian banker convicted in U.S. spy ring deported to Moscow

A Russian banker convicted last year in the United States for involvement in a spy ring operating in New York City has been deported to Moscow, a U.S. law enforcement agency said on Wednesday.

Evgeny Buryakov, a former New York banker who was convicted in federal court of conspiring to act in the United States as an agent of the Russian Federation, is shown in this handout photo sitting on a commercial flight, escorted by deportation officers and turned over to… REUTERS

Evgeny Buryakov, 42, was escorted to Russia by deportation officers aboard commercial flights and turned over to Russian authorities, the U.S. Immigration and Customs Enforcement (ICE) said in a statement.

Buryakov was arrested in January 2015 and charged with two others. U.S. prosecutors said they had worked with the Russian intelligence service and conspired to gather economic intelligence on behalf of Russia, including information about U.S. sanctions against Russia, and to recruit New York City residents as intelligence sources.

Buryakov, who worked at Russian state-owned Vnesheconombank, was sentenced in May by a U.S. district judge in Manhattan to 2-1/2 years in prison after pleading guilty to having conspired to act improperly as an agent for the Russian government.

He received credit for 16 months already spent in custody and was in line to be deported after completing his sentence.

***

Department of Justice

U.S. Attorney’s Office

Southern District of New York

FOR IMMEDIATE RELEASE

Friday, March 11, 2016

Evgeny Buryakov Pleads Guilty In Manhattan Federal Court In Connection With Conspiracy To Work For Russian Intelligence

Evgeny BURYAKOV, a/k/a “Zhenya,” Worked for Russian Intelligence Under “Non-Official Cover” as a Banker in Manhattan

Preet Bharara, the United States Attorney for the Southern District of New York, and John P. Carlin, Assistant Attorney General for National Security, announced that EVGENY BURYAKOV, a/k/a “Zhenya,” pled guilty today to conspiring to act in the United States as an agent of the Russian Federation, without providing prior notice to the Attorney General.

U.S. Attorney Preet Bharara said: “An unregistered intelligence agent, under cover of being a legitimate banker, gathers intelligence on the streets of New York City, trading coded messages with Russian spies who send the clandestinely collected information back to Moscow. This sounds like a plotline for a Cold War-era movie, but in reality, Evgeny Buryakov pled guilty today to a federal crime for his role in just such a scheme. More than two decades after the end of the Cold War, Russian spies still seek to operate in our midst under the cover of secrecy. But in New York, thanks to the work of the FBI and the prosecutors in my office, attempts to conduct unlawful espionage will not be overlooked. They will be investigated and prosecuted.”

Assistant Attorney General John P. Carlin said: “Evgeny Buryakov pleaded guilty to covertly working as a Russian agent in the United States without notifying the Attorney General. Foreign nations who attempt to illegally gather economic and other intelligence information through espionage pose a direct threat to U.S. national security. The National Security Division will continue to work with our law enforcement partners to identify and hold accountable those who illegally operate as covert agents within the United States.”

According to the Complaint, the Indictment, other court filings, and statements made during court proceedings:

Beginning in 2012, bURYAKOV worked in the United States as an agent of Russia’s foreign intelligence agency, known as the “SVR.” BURYAKOV operated under “non-official cover,” meaning he entered and remained in the United States as a private citizen, posing as an employee in the Manhattan office of a Russian bank, Vnesheconombank, also known as “VEB.” SVR agents operating under such non-official cover – sometimes referred to as “NOCs” – typically are subject to less scrutiny by the host government, and, in many cases, are never identified as intelligence agents by the host government. As a result, a NOC is an extremely valuable intelligence asset for the SVR.

Federal law prohibits individuals from acting as agents of foreign governments within the United States without prior notification to the United States Attorney General. Department of Justice records indicate that BURYAKOV never notified the United States Attorney General that he was, in fact, an agent of the Russian Federation.

BURYAKOV worked in New York with at least two other SVR agents, Igor Sporyshev and Victor Podobnyy. From November 22, 2010, to November 21, 2014, Sporyshev officially served as a trade representative of the Russian Federation in New York. From December 13, 2012, to September 12, 2013, Podobnyy officially served as an attaché to the Permanent Mission of the Russian Federation to the United Nations. The investigation, however, showed that Sporyshev and Podobnyy also worked as officers of the SVR. For their roles in the charged conspiracy, Sporyshev and Podobnyy were charged along with BURYAKOV in January 2015. However, Sporyshev and Podbonyy no longer lived in the United States and thus were not arrested.

BURYAKOV’s Co-Conspirators Are Recorded Inside the SVR’s New York “Residentura”

During the course of the investigation, the FBI recorded Sporyshev and Podobnyy speaking inside the SVR’s offices in New York, known as the “Residentura.”

The FBI obtained the recordings after Sporyshev attempted to recruit an FBI undercover employee (“UCE-1”), who was posing as an analyst from a New York-based energy company. In response to requests from Sporyshev, UCE-1 provided Sporyshev with binders containing purported industry analysis written by UCE-1 and supporting documentation relating to UCE-1’s reports, as well as covertly placed recording devices. Sporyshev then took the binders to, among other places, the Residentura.

During subsequent recorded conversations, Sporyshev and Podobnyy discussed, among other things, Sporyshev’s SVR employment contract and his official cover position, their work as SVR officers, and the FBI’s July 2010 arrests of 10 SVR agents in the United States, known as the “Illegals.”

Sporyshev and Podobnyy also discussed BURYAKOV’s prior service with the SVR in South Africa. BURYAKOV worked in South Africa between approximately 2004 and 2009, officially as a representative of VEB. During a conversation about Sporyshev’s cover position in New York, Podobnyy related that, when BURYAKOV was working in South Africa, he had dinner with an SVR official and BURYAKOV’s supervisor at VEB and that, during the dinner, the SVR official told the VEB official that BURYAKOV was an “employee of the Service,” i.e., the SVR.

Further, Sporyshev and Podobnyy were recorded discussing, among other things, their (i) attempting to recruit New York City residents as intelligence sources for Russia; (ii) tasking BURYAKOV to gather intelligence; and (iii) transmitting intelligence reports prepared by BURYAKOV back to SVR headquarters in Moscow.

The directives from the SVR to BURYAKOV, Sporyshev, and Podobnyy, as well as to other covert SVR agents acting within the United States, included requests to gather intelligence on, among other subjects, potential United States sanctions against Russian banks and the United States’ efforts to develop alternative energy resources.

BURYAKOV’s Intelligence Taskings

Sporyshev was responsible for relaying intelligence assignments from the SVR to BURYAKOV.

BURYAKOV Drafts a Proposal for the SVR’s “Active Measures Directorate”

In May 2013, Sporyshev and Podbonyy were recorded discussing a proposal that BURYAKOV had drafted about a planned deal in which Bombardier Aircraft Company (“Bombadier”) in Canada would manufacture certain airplanes in Russia. Sporyshev noted that Canadian “unions were resisting” and that BURYAKOV’s “proposal [was] for MS” – the SVR’s Active Measures Directorate – to “pressur[e] the unions and secur[e] from the company a solution that is beneficial to us.” Other evidence developed during the investigation showed that, around the time of this conversation, BURYAKOV had conducted Internet searches relating to Bombardier and labor unions and, earlier, had obtained news articles regarding the planned deal and also attended a conference in Canada that Bombardier personnel also attended.

BURYAKOV Assists Sporyshev in Attempting to Obtain Sensitive Information About the New York Stock Exchange

Also, on May 21, 2013, Sporyshev called BURYAKOV, greeted him, and then described a tasking from “top sources” relating to three questions that ITAR-TASS, a Russian news agency, could put to the New York Stock Exchange. Sporyshev called the defendant back approximately 20 minutes later. During the call, BURYAKOV proposed questions regarding (i) exchange traded funds (ETFs), including the “mechanisms of their use to destabilize the market;” (ii) “curbing of trading robot activities;” and (iii) “technical parameters” and “other regulations directly related to the exchange.” On July 8, 2013, a purported “bureau chief” for ITAR-TASS sent an email to an employee of the New York Stock Exchange that parroted the questions that BURYAKOV proposed to Sporyshev.

BURYAKOV Assists Sporyshev in Analyzing the Effect of Sanctions

Another example of an intelligence tasking occurred in late March 2014. Specifically, on March 28, 2014, Sporyshev was recorded telling BURYAKOV that Sporyshev needed help researching the “effects of economic sanctions on our country,” among other things. A few days later, on April 2, 2014, Sporyshev called BURYAKOV and stated, in an intercepted conversation, that he had not seen BURYAKOV in a while, and asked to meet BURYAKOV outside VEB’s office in Manhattan in 20 minutes. A court-authorized search of BURYAKOV’s computer at VEB revealed that, at around the time of this telephone call, BURYAKOV conducted the following internet searches: “sanctions Russia consiquences” [sic] and “sanctions Russia impact.”

Two days later, on April 4, 2014, BURYAKOV called Sporyshev and, in an intercepted conversation, stated that he (BURYAKOV) “wrote you an order list,” and suggested that they meet. Approximately 20 minutes later, Sporyshev met BURYAKOV in the driveway of BURYAKOV’s home. Their encounter, which was captured by a video surveillance camera located near BURYAKOV’s residence, lasted approximately two minutes. On the video footage, the defendants appeared to exchange a small object.

Clandestine Meetings and Communications

During the course of their work as covert SVR agents in the United States, BURYAKOV, Sporyshev, and Podobnyy regularly met and communicated using clandestine methods and coded messages, in order to exchange intelligence-related information while shielding their associations with one another as SVR agents. These efforts were designed, among other things, to preserve their respective covers as an employee of VEB (BURYAKOV), a trade representative of the Russian Federation in New York (Sporyshev), and an attaché to the Permanent Mission of the Russian Federation to the United Nations (Podobnyy).

During the investigation, the FBI intercepted numerous calls between BURYAKOV and Sporyshev in which one of the men told the other that he needed to meet for some purpose, such as to transfer an item (such as a “ticket,” “book,” or “list,”) or for a purported social purpose. In fact, BURYAKOV and Sporyshev used this coded language to signal that they needed to exchange intelligence information.

FBI surveillance revealed that, at some of these meetings between BURYAKOV and Sporyshev, they exchanged documents or other small items. Notably, despite discussing on approximately a dozen occasions the need to meet to transfer “tickets,” BURYAKOV and Sporyshev were – other than one occasion where they discussed going to a movie – never observed attending, or discussing in any detail, events that would typically require tickets, such as a sporting event or concert.

BURYAKOV’s Receipt of Purported Official United States Government Documents

In the summer of 2014, BURYAKOV met multiple times with a confidential source working for the FBI (“CS-1”) and an FBI undercover employee (“UCE-2”). Both CS-1 and UCE-2 purported to be working on a casino development project in Russia.

During a conversation recorded on July 22, 2014, Sporyshev warned BURYAKOV that meeting with UCE-2 might be a “trap” but authorized BURYAKOV to go ahead so he could make a better assessment.

During the course of the subsequent meetings, and consistent with his interests as a Russian intelligence agent, BURYAKOV demonstrated his strong desire to obtain information about subjects far outside the scope of his work as a bank employee. During these meetings, BURYAKOV also accepted documents that were purportedly obtained from a U.S. government agency and which purportedly contained information potentially useful to Russia, including information about United States sanctions against Russia.

* * *

BURYAKOV, 41, pled guilty to one count of conspiring to act in the United States as an agent of the Russian Federation without providing notice to the Attorney General, which carries a maximum sentence of five years. This statutory maximum sentence is prescribed by Congress and is provided here for informational purposes only, as any sentence imposed on the defendant will be determined by the judge.

BURYAKOV will be sentenced on May 25, 2016, at 11:00 a.m.

U.S. Attorney Bharara praised the investigative work of the FBI’s Counterintelligence Division.

The prosecution is being handled by Assistant U.S. Attorneys Emil J. Bove III, Brendan F. Quigley, and Stephen J. Ritchin of the Terrorism and International Narcotics Unit of the U.S. Attorney’s Office for the Southern District of New York, with assistance provided by Senior Trial Attorney Heather Schmidt of the National Security Division’s Counterintelligence and Export Control Section.