Category Archives: Failed foreign policy

Anyone From the U.S. Mentioning this to China’s President Xi?

Posted on by

Remarkable site and well on top of this issue, for the summary go here.

Primer:

Out of a list of 57 companies accused by U.N. investigators of aiding North Korea, 43 of them haven’t been sanctioned by Treasury.

One of them is Glocom, a firm also known as Pan Systems Pyongyang Branch, a North Korean company based in Malaysia that investigators say uses a series of front companies and agents to procure components and sell communications systems in violation of U.N. sanctions. Pan Systems and another associated firm, Wonbang Trading Co., are operated by North Korea’s intelligence service, the Reconnaissance General Bureau, the U.N. says. Wonbang has also been one of the largest shippers of North Korea coal and Glocom has been investigated for arms shipments. Glocom, which maintains a website, didn’t respond to repeated requests for comment on the allegations.

Another network cited by the U.N. is a transport firm named Vast Win Trading, whose ship, the Jie Shun, was seized in Egypt last year with 30,000 rocket-propelled grenades. The owner of that ship, Chinese national Sun Sidong, has business ties to a network owned by Chinese national Chi Yupeng through a shared email address in China’s business registry, according to the nonprofit group, C4ADS, that monitors global threats. U.S. Attorneys and Treasury have already targeted the Chi Yupeng network with sanctions and seized funds. Mr. Sun’s network of companies has remained so far untouched. In August, Mr. Sun sold his $1.3 million home in Great Neck, N.Y., for cash, according to his real-estate agent. Mr. Sun couldn’t be reached through his U.S.- and U.K.-based companies or through an individual identified as his lawyer in New York property records.

One of his companies, Dandong Dongyuan Industrial Co. Ltd., is the largest exporter of what’s called “dual use” equipment that can include navigation systems and guidance devices that can be used for ballistic missiles, according to C4ADS. Mr. Sun is also the CEO of Dongyuan Enterprise, a Flushing, N.Y., firm.

U.N. investigators named several banks in North Korea that were established, managed or owned by Chinese firms. First Eastern Bank in Rason, North Korea, owned by Unaforte Hong Kong, was set up to provide loans to Chinese individuals and companies, for example. More here.

DoJ: On Aug. 3, 2016, a U.S. Magistrate Judge Joseph A. Dickson of the District of New Jersey signed a criminal complaint charging Ma Xiaohong (Ma) and her company, Dandong Hongxiang Industrial Development Co. Ltd. (DHID), and three of DHID’s top executives, general manager Zhou Jianshu (Zhou), deputy general manager Hong Jinhua (Hong) and financial manager Luo Chuanxu (Luo), with conspiracy to violate the International Emergency Economic Powers Act (IEEPA) and to defraud the United States; violating IEEPA; and conspiracy to launder monetary instruments.

Today, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) also imposed sanctions on DHID, Ma, Zhou, Hong and Luo for their ties to the government of North Korea’s weapons of mass destruction proliferation efforts.

In addition, the department filed a civil forfeiture action for all funds contained in 25 Chinese bank accounts that allegedly belong to DHID and its front companies. The department has also requested tha the federal court in the District of New Jersey issue a restraining order for all of the funds named in the civil forfeiture action, based upon the allegation that the funds represent property involved in money laundering, which makes them forfeitable to the United States. There are no allegations of wrongdoing by the U.S. correspondent banks or foreign banks that maintain these accounts.

“The charges and forfeiture action announced today allege that defendants in China established and used shell companies around the world, surreptitiously moved money through the United States and violated the sanctions imposed on North Korea in response to, among other things, its nuclear weapons program,” said Assistant Attorney General Caldwell. “The actions reflect our efforts to protect the integrity of the U.S. banking system and hold accountable those who seek to evade U.S. sanctions laws.”

***

For context:

Hong Kong (CNN)Easey Commercial Building is an unassuming mid-rise office tower on Hennessy Road, an artery that runs through Hong Kong’s busy Wan Chai district. The structure sits among scenery that’s classic Hong Kong: bright lights, tall buildings, people rushing about.

But camouflaged in the normalcy is a business that seemingly exists in name only.
Take the elevator to the Easey building’s 21st floor, and in room 2103 is the registered office of Unaforte Limited Hong Kong. It’s a company accused by the United Nations of violating sanctions on the Democratic People’s Republic of Korea (North Korea’s official name) for helping the country make money internationally, funding everything from its nuclear weapons program to the lavish lifestyles of North Korean Supreme Leader Kim Jong Un and Pyongyang’s most important players.
At least, Unaforte is supposed to be there. That is the address listed on its publicly available corporate filings provided to the Hong Kong government. When CNN visited the office, it found neither Unaforte nor its listed company secretary, Prolive Consultants Limited.
Instead, room 2103 was home to a seemingly unrelated company: Cheerful Best Company Services. Only one man was there when CNN stopped by, and he said a representative for Prolive Consultants only comes by every so often to pick up mail. He had not heard of Unaforte.
The United Nations Panel of Experts on North Korea — the body charged with monitoring sanctions enforcement on the hermit nation — said in two recent reports that Unaforte opened and owned a bank in the North Korean city of Rason. That is likely a violation of the latest UN Security Council resolution banning joint international ventures with North Korea, according to Christopher Wall, a lawyer who specializes in international trade law and a partner at Pillsbury Winthrop Shaw Pittman in Washington, DC.
North Korea is believed to use these types of practices to cover up much of its trade, from selling coal and fuel to exporting weapons.
“The (North Korean) regime accesses the international financial system through front companies and other deceptive financial practices in order to buy goods and services abroad,” Sigal Mandelker, the undersecretary for terrorism and financial intelligence at the US Department of the Treasury, said in Senate testimony on September 28.
Hong Kong is one of two business jurisdictions (along with the British Virgin Islands) where the UN Panel of Experts on North Korea has seen the largest share of North Korean-controlled front companies operating, said Hugh Griffiths, the panel’s coordinator.
When Unaforte’s company particulars show up in Hong Kong’s publicly available corporate records, the name of just one individual appears. He holds a passport from the small Caribbean island of Dominica. A passport number is there, but not a phone number.
Those details shed light on Hong Kong’s incorporation requirements. To start a company in Hong Kong, one needs at least one director (has to be an actual person) and a company secretary (which can either be a person or another company, but must be based in Hong Kong), according to the Companies Registry website.
Companies that are sanctioned in most cases cannot easily conduct transactions in the dollar, as US banks have to back those deals and would filter and flag sanctioned entities, Anthony Ruggiero, an expert in the use of targeted financial measures at the Foundation for the Defense of Democracies, told CNN.
The DHID charges revealed that to get around US prying eyes, North Korea uses a complex ledger and credit scheme to hide North Korea’s involvement in dollar transactions, Ruggiero explained to Congress in September.
Thirteen of DHID’s front companies were located in Hong Kong. Eleven shared the same registered address in Wan Chai, less than a kilometer away from the Easey Commercial Building, the indictment said. Read more here from CNN.

Subpoena Tim Geithner About the Uranium One Deal for Starters

Posted on by
Ever wonder where any Hillary emails are with regard to this case both as Secretary of State or through the Clinton Foundation? Perhaps Huma knows all…did Obama’s OFA take any kickbacks? What else is out there that the Obama administration hid from congress and oversight? Anyway read on for context and the people line-up.
Under the Treasury Department is also the responsibility of sanctions and where waivers to those sanctions occur.

The Secretary of the Treasury is the Chairperson of CFIUS, and notices to CFIUS are received, processed, and coordinated at the staff level by the Staff Chairperson of CFIUS, who is the Director of the Office of Investment Security in the Department of the Treasury.

The members of CFIUS include the heads of the following departments and offices:

  1. Department of the Treasury (chair)
  2. Department of Justice
  3. Department of Homeland Security
  4. Department of Commerce
  5. Department of Defense
  6. Department of State
  7. Department of Energy
  8. Office of the U.S. Trade Representative
  9. Office of Science & Technology Policy

The following offices also observe and, as appropriate, participate in CFIUS’s activities:

  1. Office of Management & Budget
  2. Council of Economic Advisors
  3. National Security Council
  4. National Economic Council
  5. Homeland Security Council

The Director of National Intelligence and the Secretary of Labor are non-voting, ex-officio members of CFIUS with roles as defined by statute and regulation.

Of note for the Uranium One transaction to happen, unless there was a waiver:

What steps can be taken with respect to information required by § 800.402 to further facilitate CFIUS review?

Suggestions include:

  1. Section 800.402(j)(1) requires submission of organizational charts showing control and ownership of the foreign person that is a party to the transaction.  CFIUS’s review would be aided if the parties provide such charts for the U.S. business and if the charts for the U.S. business and the foreign person diagram the ownership chains for the acquirer and target before and after the transaction being notified to CFIUS.  These should be as extensive and detailed as possible.
  2. Sections 800.402(c)(1)(iii) and (v) require submission of information related to the foreign person and its parents.  CFIUS’s review would be aided if the notice identifies whether the actual party in interest is the party to the transaction or one of the parents of the party to the transaction.  CFIUS does not consider special purpose vehicles, wholly-owned subsidiaries established for the sole purpose of the transaction, or other shell companies to be the actual parties in interest in a transaction.
  3. Sections 800.402(c)(3)(iii) and (iv) require information regarding certain United States Government contracts.  Parties are advised to update and verify United States Government contact information for such contracts. Private sector entities not party to the notice are not acceptable points-of-contact for contracts in question.
  4. Filers should ensure that all files in the electronic version of a notice are less than five megabytes (5MB) in size.

What steps, though not required for a notice to be determined complete, may facilitate CFIUS review?

  1. CFIUS agencies have found it very helpful in the past for filing companies to provide the following additional information, even if the activity is not the primary focus of their commercial operations.  CFIUS often requests this information after a voluntary notice has been accepted if it was not included in the initial filing.
    1. Cyber systems, products, services:  Identify whether the U.S. business being acquired develops or provides cyber systems, products, or services, including:
      • Business systems used to manage or support common business processes and operations (for example, enterprise resource planning, e-commerce, email, and database systems); control systems used to monitor, assess, and control sensitive processes and physical functions (for example, supervisory control, data acquisition, process and distributed control systems); safety, security, support, and other specialty systems (for example, fire, intrusion detection, access control, people mover, and heating, ventilating, and air conditioning systems); or
      • (ii) Telecommunications and/or Internet or similar systems, products or services.
    2. Natural resources:  Identify whether the U.S. business being acquired processes natural resources and material or produces and transports energy, and the amount processed, produced, or transported annually.
  2. Discussion in the notice of the business rationale for the transaction may be useful.
  3. The regulations require parties to provide information regarding any other applicable national security-related regulatory authorities, such as the ITAR, EAR, and NISPOM.  Some of the regulatory review processes under these authorities may have longer deadlines than the CFIUS process, and parties to transactions affected by these other reviews may wish to start or complete these processes prior to submitting a voluntary notice to CFIUS under section 721.

The FBI has a network of informants domestically and it did the job it is tasked to do, that is until the Holder Justice Department ensured it could no longer do the job with regard to the Uranium One Case.

Before the Obama administration approved a controversial deal in 2010 giving Moscow control of a large swath of American uranium, the FBI had gathered substantial evidence that Russian nuclear industry officials were engaged in bribery, kickbacks, extortion and money laundering designed to grow Vladimir Putin’s atomic energy business inside the United States, according to government documents and interviews.

Federal agents used a confidential U.S. witness working inside the Russian nuclear industry to gather extensive financial records, make secret recordings and intercept emails as early as 2009 that showed Moscow had compromised an American uranium trucking firm with bribes and kickbacks in violation of the Foreign Corrupt Practices Act, FBI and court documents show.

They also obtained an eyewitness account — backed by documents — indicating Russian nuclear officials had routed millions of dollars to the U.S. designed to benefit former President Bill Clinton’s charitable foundation during the time Secretary of State Hillary Clinton served on a government body that provided a favorable decision to Moscow, sources told The Hill.

The racketeering scheme was conducted “with the consent of higher level officials” in Russia who “shared the proceeds” from the kickbacks, one agent declared in an affidavit years later.

When this sale was used by Trump on the campaign trail last year, Hillary Clinton’s spokesman said she was not involved in the committee review and noted the State Department official who handled it said she “never intervened … on any [Committee on Foreign Investment in the United States] matter.”

In 2011, the administration gave approval for Rosatom’s Tenex subsidiary to sell commercial uranium to U.S. nuclear power plants in a partnership with the United States Enrichment Corp. Before then, Tenex had been limited to selling U.S. nuclear power plants reprocessed uranium recovered from dismantled Soviet nuclear weapons under the 1990s Megatons to Megawatts peace program.

Vadim Mikerin was a director of Rosatom’s Tenex in Moscow since the early 2000s, where he oversaw Rosatom’s nuclear collaboration with the United States under the Megatons to Megwatts program and its commercial uranium sales to other countries. In 2010, Mikerin was dispatched to the U.S. on a work visa approved by the Obama administration to open Rosatom’s new American arm called Tenam.

The kickbacks were known by the FBI, they had to happen to advance the case and to allow them as evidence of wrong-doing.

His, Mikerin’s, illegal conduct was captured with the help of a confidential witness, an American businessman, who began making kickback payments at Mikerin’s direction and with the permission of the FBI. The first kickback payment recorded by the FBI through its informant was dated Nov. 27, 2009, the records show.

In evidentiary affidavits signed in 2014and 2015, an Energy Department agent assigned to assist the FBI in the case testified that Mikerin supervised a “racketeering scheme” that involved extortion, bribery, money laundering and kickbacks that were both directed by and provided benefit to more senior officials back in Russia. More here.

Mikerin indictment document here.

The plea deal and 2 associated cases here.

Mikerin was sentenced to 4 years and forfeited $2,126,622.36  :

According to court documents, Mikerin was the director of the Pan American Department of JSC Techsnabexport (TENEX), a subsidiary of Russia’s State Atomic Energy Corporation and the sole supplier and exporter of Russian Federation uranium and uranium enrichment services to nuclear power companies worldwide, and the president of TENAM Corporation, a wholly owned subsidiary and the official representative of TENEX. Court documents show that between 2004 and October 2014, conspirators agreed to make corrupt payments to influence Mikerin and to secure improper business advantages for U.S. companies that did business with TENEX, in violation of the Foreign Corrupt Practices Act (FCPA). Mikerin admitted that he conspired with Daren Condrey, Boris Rubizhevsky and others to transmit approximately $2,126,622 from Maryland and elsewhere in the United States to offshore shell company bank accounts located in Cyprus, Latvia and Switzerland with the intent to promote the FCPA violations. Mikerin further admitted that the conspirators used consulting agreements and code words to disguise the corrupt payments.

Condrey, 50, of Glenwood, Maryland, pleaded guilty on June 17, 2015, to conspiracy to violate the FCPA and conspiracy to commit wire fraud. Rubizhevsky, 64, of Closter, New Jersey, pleaded guilty on June 15, 2015, to conspiracy to commit money laundering. Condrey and Rubizhevsky await sentencing.

***

Mikerin

 

Officials Potentially Influenced (Name; Title; Organization): 

  • Vadim Mikerin; President; TENAM Corporation
  • Vadim Mikerin; Director of the Pan American Department; JSC Techsnabexport (“TENEX”)

Defendant-Related Entities Involved in the Misconduct:    N/A

Third-Party Intermediary:   

  • Cypriot shell company , Shell Company
  • Latvian shell company , Shell Company
  • Swiss shell company , Shell Company
  • Vadim Mikerin , Agent/Consultant/Broker

 

Iran Nuclear Deal has a Complaint Commission

Posted on by

It is known as the Annex IV – Joint Commission

The Joint Commission will meet on a quarterly basis and at any time upon request of
a JCPOA participant to the Coordinator. The Coordinator will convene a meeting of
the Joint Commission to be held no later than one week following receipt of such a
request, except for consultations in accordance with Section Q of Annex I and any
other matter that the Coordinator and/or a JCPOA participant deem urgent, in which
case the meeting will be convened as soon as possible and not later than three
calendar days from receipt of the request.

Except as provided in Section 6 of this Annex which will be subject to the
confidentiality procedure of the UN, the work of the Joint Commission is confidential
and may be shared only among JCPOA participants and observers as appropriate,
unless the Joint Commission decides otherwise.
Based on where Congress takes this JCPOA with action and or clarity. the Iranian Supreme leader is turning once again to European leaders as he threatens to perhaps even shred it.
***
ANKARA (Reuters) – Iranian Supreme Leader Ayatollah Ali Khamenei said on Wednesday Tehran would stick to its 2015 nuclear accord with world powers as long as the other signatories respected it, but would “shred” the deal if Washington pulled out, state TV reported.

Khamenei spoke five days after U.S. President Donald Trump adopted a harsh new approach to Iran by refusing to certify its compliance with the deal, reached under Trump’s predecessor Barack Obama, and saying he might ultimately terminate it.

“I don’t want to waste my time on answering the rants and whoppers of the brute (U.S.) president,” Khamenei said in a speech to students in Tehran quoted by state television.

“Trump’s stupidity should not distract us from America’s deceitfulness … If the U.S. tears up the deal, we will shred it … Everyone should know that once again America will receive a slap in its mouth and will be defeated by Iranians.”

Trump’s move put Washington at odds with other parties to the accord – Britain, France, Germany, Russia, China and the European Union – who say Washington cannot unilaterally cancel an international accord enshrined by a U.N. resolution.

Khamenei, who has the final say on Iran’s state matters, welcomed European support but said it was not sufficient.

“European states stressed their backing for the deal and condemned Trump … We welcomed this, but it is not enough to ask Trump not to rip up the agreement. Europe needs to stand against practical measures (taken) by America.”

Under the deal, Iran agreed to curb its disputed uranium enrichment program in return for relief from international sanctions that crippled its economy, and U.N. nuclear inspectors have repeatedly certified Tehran’s compliance with the terms.

Trump accuses Iran of supporting terrorism and says the 2015 deal does not do enough to block its path to acquiring nuclear weapons. Iran says it does not seek nuclear arms and in turn blames the growth of militant groups such as Islamic State on the policies of the United States and its regional allies.

In decertifying the nuclear deal last week, Trump gave the U.S. Congress 60 days to decide whether to reimpose economic sanctions on Tehran that were lifted under the pact.

“DO NOT INTERFERE”

In a major shift in U.S. policy, Trump also said Washington will take a more confrontational approach to Iran over its ballistic missile program and its support for extremist groups in the Middle East.

Tehran has repeatedly pledged to continue what it calls a defensive missile capability in defiance of Western criticism. The United States has said Iran’s stance violates the 2015 deal in spirit as missiles could be tipped with nuclear weapons.

Tehran has said it seeks only civilian nuclear energy from its enrichment of uranium, and that the program has nothing to do with missile development efforts.

EU foreign ministers on Monday urged U.S. lawmakers not to reimpose sanctions on Tehran but also discussed Iran’s missile program, which they want to see dismantled.

“They must avoid interfering in our defense program … We do not accept that Europe sings along with America’s bullying and its unreasonable demands,” Khamenei said.

“They (Europeans) ask why does Iran have missiles? Why do you have missiles yourselves? Why do you have nuclear weapons?”

The Trump administration has imposed new unilateral sanctions targeting Iran’s missile activity. It has called on Tehran not to develop missiles capable of delivering nuclear bombs. Iran says it has no such plans.

N Korean Hackers’ Heist from Taiwan Bank

Posted on by

Taiwan Bank Heist Linked to North Korean Hackers

A recent cyber-heist that targeted a bank in Taiwan has been linked by security researchers to an infamous threat group believed to be operating out of North Korea.

Hackers exploited the SWIFT global financial network to steal roughly $60 million from Taiwan’s Far Eastern International Bank. The money was transferred to several countries, but bank officials claimed they had managed to recover most of it. Two individuals were arrested earlier this month in Sri Lanka for their role in the operation.

Researchers at BAE Systems have identified some of the tools used in the attack and found connections to the North Korean threat actor known as Lazarus. This group is also believed to be behind the 2014 attack on Sony Pictures and campaigns targeting several banks, including Bangladesh’s central bank.

The attack on the Bangladesh bank, which resulted in the theft of $81 million, also involved the SWIFT system. Similar methods were also used to target several other banks, but SWIFT said some of the operations failed due to the new security measures implemented by the company.

While it’s still unclear how attackers gained access to the systems of Far Eastern International Bank, an analysis of various malware samples apparently involved in the attack suggests that the hackers may have used a piece of ransomware as a distraction.

The ransomware involved in the attack is known as Hermes. According to Bleeping Computer, the threat surfaced in February and its latest version has an encryption mechanism that makes it impossible to recover files without paying the ransom.

However, researchers at McAfee discovered that the Hermes variant used in the attack on the Taiwanese bank did not display a ransom note, which led them to believe it may have been only a distraction.

“Was the ransomware used to distract the real purpose of this attack? We strongly believe so,” McAfee researchers said. “Based on our sources, the ransomware attack started in the network when the unauthorized payments were being sent.”

BAE Systems has seen samples that drop a ransom note in each encrypted folder, but even they believe Hermes may have been used to distract the bank’s security team.

Another malware sample linked by BAE Systems to this attack is a loader named Bitsran, which spreads a malicious payload on the targeted network. This threat contained what appeared to be hardcoded credentials for Far Eastern International’s network, which suggests the threat group may have conducted previous reconnaissance.

Some pieces of malware discovered by BAE Systems are known to have been used by the Lazarus group, including in attacks aimed at financial organizations in Poland and Mexico. The malware includes commands and other messages written in Russia, which experts believe is likely a false flag designed to throw off investigators.

It’s worth noting that the Hermes ransomware samples checked the infected machine’s language settings and stopped running if Russian, Ukrainian or Belarusian was detected. This is common for malware created by Russian and Ukrainian hackers who often avoid targeting their own country’s citizens. However, this could also be a false flag.

Another piece of evidence linking the Taiwan bank attacks to Lazarus is the fact that money was transferred to accounts in Sri Lanka and Cambodia, similar to other operations attributed to the group.

Some experts believe that these bank heists and the WannaCry attack, which has also been linked by some to Lazarus, are campaigns launched by North Korea for financial gain. However, many of these operations don’t appear to have been very successful on this front.

“Despite their continued success in getting onto payment systems in banks, the Lazarus group still struggle getting the cash in the end, with payments being reversed soon after the attacks are uncovered,” BAE Systems researchers explained.

“The group may be trying new tricks to disrupt victims and delay their ability to respond – such as different message formats, and the deployment of ransomware across the victim’s network as a smokescreen for their other activity. It’s likely they’ll continue their heist attempts against banks in the coming months and we expect they will evolve their modus operandi to incorporate new ways of disrupting victims (and possibly the wider community) from responding,” they added.

photo

*** Related reading: The Lazarus (aka DarkSeoul group) is allegedly controlled by Bureau 121, a division of the Reconnaissance General Bureau, a North Korean intelligence agency. Bureau 121 is responsible for conducting military cyber campaigns.

*** By the way, some of the North Korean hackers not only operate in China but many of those hackers are from India….

6,000 is the number of hackers working for North Korea, traced by American and British security officials.
Once scoffed at, North Korea’s cyber technology has now developed to a brink where it can create a havoc in the world’s cybersecurity. From theft to political agenda, North Korea now launches attacks in the form of ransomware, digital bank heists, online video game cracks and Bitcoin exchanges.

In the first week of October, India’s Ministry of External Affairs issued a strongly-worded statement condemning North Korea for conducting a powerful nuclear test. Few weeks down the line, a stunning report from the New York Times claims that India serves as a base for North Korea’s cyber warfare.

Citing a report by the Recorded Future, the American publication said nearly a fifth of the Pyongang’s attacks originate from India.

The report claims that most of North Korean cyber operations are carried out from foreign countries like India, Malaysia, New Zealand, Nepal, Kenya, Mozambique, and Indonesia. While in some cases, the North Korean hackers route their attacks through their computers from abroad, in cases like that in India, hackers are physically stationed to carry out attacks.

The cyber mission as envisaged by Kim Jong-il in the 1990s was expanded by his dictator son Kim Jong-Un after he took power in 2011.

On of the most successful cyber attacks carried out by North Korea dates back to 2014 on Sony pictures to prevent them from releasing a comedy film that was based on the assassination of Kim Jong Un.

Last May, a widespread global ransomware attack caused panic and briefly stalled the Britain’s National Health Services.

The digital bank heists in Philippines in 2015 and in Vietnam in the same year also earned them some hard cash from cyber attacks.

The report by Recorded Future also indicates that India, despite serving as a base for North Korea’s cyberwar, also remains at a potential threat from similar attacks. While the world lives under the fear of North Korea emerging as a nuclear superpower, the country is silently building a strong brigade of hackers.

Scope of Russian Troll Operation Explained

Posted on by

Information warfare = Troll warfare

Russian journalists publish massive investigation into St. Petersburg troll factory’s U.S. operations

A day after Dozhd television published an interview with a former member of Russia’s infamous Internet Research Agency, the magazine RBC released a new detailed report on the same organization’s efforts to meddle in U.S. domestic politics. Meduza summarizes RBC’s new report here.

photo

The Internet Research Agency, Russia’s infamous “troll farm,” reportedly devoted up to a third of its entire staff to meddling in U.S. politics during the 2016 presidential election. At the peak of the campaign, as many as 90 people were working for the IRA’s U.S. desk, sources told RBC, revealing that the entire agency employs upwards of 250 people. Salaries for staff working in the U.S. department apparently range from 80,000 to 120,000 rubles ($1,400 to $2,100) per month.

The head of the IRA’s U.S. desk is apparently a man originally from Azerbaijan named Dzheikhun Aslanov (though he denies any involvement with the troll factory).

In August and September this year, Facebook, Instagram, and Twitter suspended 118 communities and accounts run by the St. Petersburg “troll factory,” disabling a network capable of reaching 6 million subscribers. In 2016, at the height of the U.S. presidential campaign, this network reportedly produced content that reached 30 million people each week.

A source also told RBC that the Internet Research Agency spent almost $80,000 over two years, hiring roughly 100 local American activists to stage about 40 rallies in different cities across the United States. The activists were hired over the Internet, communicating in English, without their knowledge that they were accepting money or organizing support from a Russian organization. According to RBC, internal records from the IRA verify its role in these activities.

The main activity in the troll factory’s U.S. desk was to incite racial animosity (playing both sides of the issue), and promoting the secession of Texas, objections to illegal immigration, and gun rights.

RBC estimates that the Internet Research Agency’s total salary expenses approach $1 million per year, with another $200,000 allocated to buying ads on social media and hiring local activists in the U.S.

According to RBC, the IRA still has a U.S. desk, though its staff has apparently dropped to 50 employees.

Note: Formally, the Internet Research Agency ceased to exist roughly two years ago, rebranding itself under different names, but sources say the organization continues to operate as before.

***

One part of the factory had a particularly intriguing name and mission: a “Department of Provocations” dedicated to sowing fake news and social divisions in the West, according to internal company documents obtained by CNN.

Prigozhin is one of the Kremlin’s inner circle. His company is believed to be a main backer of the St. Petersburg-based “Internet Research Agency” (IRA), a secretive technology firm, according to US officials and the documents reviewed by CNN. Prigozhin was sanctioned by the US Treasury Department in December of 2016 for providing financial support for Russia’s military occupation of Ukraine. Two of his companies, including his catering business, were also sanctioned by Treasury this year.
CNN has examined scores of documents leaked from Prigozhin’s companies that show further evidence of his links to the troll factory.
One contract provided IRA with ways to monitor social media and a “system of automized promotion in search engines.”
Prigozhin has a colorful past. He spent nine years in prison in the 1980s for fraud and robbery, according to Russian media reports. After his release, he went into the catering business — renovating a boat and opening New Island, one of a half-dozen upscale restaurants he owns in St. Petersburg. Putin turned to him to cater his birthday parties as well as dinners with visiting leaders, including President Bush and Jacques Chirac of France. A headline in The Moscow Times referred to Prigozhin as Putin’s “Personal Chef.”
Prigozhin subsequently won lucrative catering contracts for schools and Russia’s armed forces. He escorted Putin around his new food-processing factory in 2010. By then he was very much a Kremlin insider with a growing commercial empire. More here.
***
Trolling NATO? Yuppers

Seventy percent of Russian-language tweets targeting NATO military activities in Eastern Europe are generated by automated Russian trolls, according to a survey done by the military alliance.

“Two in three Twitter users who write in Russian about the NATO presence in Eastern Europe are robotic or ‘bot’ accounts,” the NATO Strategic Communications Centre of Excellence stated in a report made public this week.

The Russian bots sent 84 percent of all Russian language messages. English language tweets against the alliance also were found to be automated, with some 46 percent generated by automated Twitter accounts.

The report criticized the global social media platform for not doing enough to counter Russian bot activities on Twitter. “Our impression is that Twitter in Russian is policed less effectively than it is in English,” the report said.

A Twitter spokesman could not be reached for comment. Colin Crowell, Twitter’s vice president for public policy, stated in a recent post on the company website that “we strictly prohibit the use of bots and other networks of manipulation to undermine the core functionality of our service.” Read more here.