What did Putin Know About Flynn?

U-S lawmakers say there is new evidence that Soviet-era leaders were backing plans for a secret war to be fought by Soviet agents in America during the cold war.

Former agents of the Soviet intelligence service, the K-G-B, say there were plans for sabotage, assassination, and perhaps even the use of small nuclear devices on U-S soil as late as the 1970’s. And you think Moscow is trustworthy? Remember, China and Russia are the lead team now dealing with the North Korea threat.

Disinformation across ages: Russia’s old but effective weapon of influence

Fragment of the cover of Disinformation, a book by Ion Mihai Pacepa, ex-deputy chief of communist Romania’s foreign intelligence, and law professor Ronald J. RychlakFragment of the cover of Disinformation, a book by Ion Mihai Pacepa, ex-deputy chief of communist Romania’s foreign intelligence, and law professor Ronald J. Rychlak 

Article by: Marko Mihkelsoni

I. The Metropol gala

It may have seemed like any other Thursday in Moscow. The dismally overcast sky and near-freezing temperature lay heavy on the city, heralding the darkening days of winter. On that morning, the historical Art Nouveau-style Hotel Metropol Moscow, situated between the Kremlin and the FSB (formerly KGB) headquarters, was slowly and quietly filling with important guests. It is unlikely that many passers-by noticed the members of Russia’s power elite, headed by President Vladimir Putin, arriving one by one at the hidden entrance.

It was 10 December 2015. Russia’s global propaganda television channel RT (formerly Russia Today) was celebrating its 10th anniversary with a lavish gala. The organizers had put great effort into hand-picking the guests: the tables were filled with high-calibre figures active in the fields of politics, the economy, and propaganda.

When analyzing images taken at the event in light of the information available today, it is immediately clear to a watchful eye that this was a carefully planned Russian active influence operation. Its main objective was not to promote the television channel but to prepare for the massive interference in the upcoming US presidential elections.

Retired US General Michael T. Flynn had taken his place at Putin’s right hand. By that time, it was well known in Moscow that Flynn could play a key role in advising presidential candidate Donald Trump on national security issues. A battle-hardened veteran of the Iraq and Afghanistan wars, Flynn’s pronounced negativity towards Islam suited Russia very well.

Putin and General Flynn at the celebration of RT anniversary in Moscow, 10 December 2015. Photo: Mikhail Klimentyev

Flynn did not fail to meet the expectations of those who had ordered the speech. For 40,000 dollars, the retired general scolded Obama’s administration for its Middle East policy and kept mum about Russia’s aggression in Ukraine, as well as the many civilian casualties of air strikes in Syria. One must not forget that during the Metropol gala the international situation was rather tense, especially when it came to Russia’s relationship with the West. Only a couple of weeks had passed since Turkey had shot down a Russian Su-24M attack aircraft on 24 November 2015. Flynn was not bothered by this.

Putin did not shy away from egging Flynn on during their dinner-table talk. Having essentially been removed from the position of director of the Defence Intelligence Agency (DIA), Flynn had a bone to pick with President Barack Obama. Thus, Putin’s jaundiced views on Obama and Hillary Clinton fell on fertile ground. Flynn admitted in a later interview with Dana Priest of The Washington Post that the only thing he remembers from his table talk with Putin was the latter’s deep mistrust of the Obama administration.

Flynn had likely been under surveillance for a while. When he was still the director of the DIA in 2013, the three-star General Flynn received an unusually warm welcome in Moscow. He was the first—and so far the only—high-profile US officer to have entered the headquarters of Russia’s Main Intelligence Agency (GRU). Flynn himself remembers this with great pride because he was asked to conduct a masterclass on the professional development of leadership. The mind boggles at the thought of what the listeners made of him at the time. After all, countering the activities of the US and its allies was and continues to be one of the GRU’s main priorities.

Nevertheless, it is evident that Flynn ending up as the main guest at the December 2015 gala was no coincidence; the role of RT commentator was merely a suitable cover. However, Flynn was not the only one to attract attention on that table of ten bigwigs.

Right across from Putin sat another fateful figure from the US—the Green Party’s presidential candidate Jill Stein, who is known for her accentuated friendliness towards Russia. She also made a presentation at the gala, although her presence was advertised more modestly than Flynn’s. Still, it was Stein who became the dark horse of the November 2016 elections.

To-be U.S. presidential candidate Jill Stein in Moscow’s Red Square, December 2015. Screenshot from a video

To-be U.S. presidential candidate Jill Stein in Moscow’s Red Square, December 2015. Screenshot from a video

Stein drew more votes in the swing states of Pennsylvania, Wisconsin, and Michigan than Trump’s margin of victory over Hillary Clinton. Stein received the votes of 1.4 million people nationwide, i.e. 1% of voters. All this could have been an additional reason for stopping Clinton from becoming president.

Putin was not the only one gracing Flynn and Stein with his undivided attention at the main table. The conversation was steered by the then Kremlin Chief of Staff and former KGB general Sergey Ivanov, the president’s press secretary Dmitry Peskov (who is also regarded in intelligence circles as Putin’s national defence adviser), one of the Kremlin’s leading propaganda chiefs Alexey Gromov, and RT’s Editor-in-Chief Margarita Simonyan, who is known to be friends with Putin.

In order to help Flynn and Stein blend in with the crowd, the main table also included Willy Wimmer, a veteran German politician from Angela Merkel’s party and a former member of the Bundestag (1976–2009), and the former Czech foreign minister, Cyril Svoboda. Both are also known for their pro-Russian attitude. For instance, Wimmer has said that pursuing an anti-Russia policy is a crime against the whole of Europe. As expected, Wimmer’s analysis has no room for Russia’s aggression against Ukraine, because he believes that the coup in Kyiv was caused by the West.

The picture of what transpired at the Metropol would be incomplete without mention of Julian Assange, whose presentation was broadcast via a live link and who was later suspected of leaking 20,000 emails stolen from the server of the US Democratic Party; former Mayor of London Ken Livingstone, who has justified Russia’s aggression against Ukraine with the need for protection from NATO; and a former analyst at the Central Intelligence Agency, Raymond McGovern, who had become a scandalous political activist in the 1990s. McGovern later admitted to having voted for Stein in the 2016 elections.

As the event at the Metropol drew to a close, few people realized that something big was happening. Back then, nobody outside his immediate circle knew Flynn. Today, his name features in the international media almost every day, and with good reason. The most dramatic outside interference in the US presidential elections is a fact, and Flynn played one of the key roles in it.

Trump and Flynn during the 2016 presidential race. Photo: George Frey

Trump and Flynn during the 2016 presidential race. Photo: George Frey

Even though his career as President Trump’s national security adviser was cut short, his suspicious and covert ties managed to cause serious damage to the reputation of the US as the leader of the Western world. The story does not end there. One thing is certain: this is the first time the global public has felt the reach of Russia’s influence operations and the professionalism of its subterfuge so clearly. Many see this as something new and unexpected but, in reality, it was a long time coming.

II. The Marquis de Custine’s timeless testament

In 1839, a French aristocrat, the Marquis de Custine, traveled to Russia to seek support for his reactionary views. He was resentful of the representative democracy of his own country and thought it would lead to mob rule. He was a well-known travel writer and had published eloquent accounts of Spain and Italy.

Custine got the idea to write about Russia from the 1835 book by Alexis de Tocqueville, Democracy in America, in which the author foretells a great future for Russia and the US. Custine was later called “the Russian Tocqueville”.

He spent most of his time in Russia in Saint Petersburg, but he also visited Moscow and Yaroslavl. Custine was interested in the lives, customs, and mindsets of both the aristocracy and common folk. His hopes of finding support for his ideas in Russian authoritarianism were promptly crushed. He was especially appalled by the fact that Russians were ready to cheerfully collaborate with their own enslavers.

Having collected only one year’s worth of immediate impressions and information, Custine managed to turn the material into a book titled La Russie en 1839, which captures the nature of Russia extremely well. The book was so successful that for a long time it was banned by the Russian authorities. The unabridged version of Custine’s book was finally published in Russia 157 years later, in 1996.

Among other things, the author noticed the tendency of Russians to deceive their guests or alter reality. Custine wrote that everything in the country was an illusion and the professional misleading of foreigners was a practice only known in Russia.

In 1839, Custine recorded the thoughts of a noble Russian companion on the role of lie in his government’s policy

A former US ambassador in Moscow, General Walter Bedell Smith, wrote an introduction to the English edition of Custine’s book in 1951. Smith stressed that Custine’s political analysis was “so penetrating and timeless that it could be called the best work so far produced about the Soviet Union.” All of today’s extensive historical books on Russia owe thanks to Custine’s contribution. In Russia, however, the Frenchman is seen as the father of classic Russophobia.

Custine was not the first or only person to draw attention to Russia’s “Susaninist” nature. Even during the Livonian War (1558–83), the tsar’s negotiators tried to leave the misleading impression that Tallinn was situated on ancient Russian land and that Livonia should, therefore, be ruled by Moscow. The “villages” of Prince Potemkin, a favorite of Catherine the Great, have even acquired a proverbial meaning.

III. The KGB and the beginnings of disinformation as a science

The Bolshevik Revolution of 1917 changed everything. All previous experiences paled before the extent to which deliberate lying, deception and misleading became a conscious choice in the forge of the Bolshevik special services. In the course of a century, many people from all over the world, from popes to presidents, from countries to international organizations, witnessed the disinformation skills of the Cheka/GPU/NKVD/KGB/FSB and the implementation of active influence measures in the service of Russian foreign policy.

The use of disinformation as a tactical weapon of influence became organized as early as 1923, when the Deputy Director of the GPU, Józef Unszlicht, formed a special disinformation unit to conduct active intelligence operations. Born in Poland, Unszlicht was one of the founders of the Cheka and saw disinformation as an excellent opportunity to create successful diversions in open Western societies.

On 22 December 1922, Unszlicht and Roman Pillar wrote to Stalin’s Politburo that the special disinformation unit should focus on the creation and distribution of misleading information. The best way to spread disinformation in a credible manner was to use the media of open societies. Stalin and the Politburo approved the proposal and urged Unszlicht to proceed.

The first notable and successful use of disinformation was Operation Trust. This ran from 1923 to 1927 with the aim to mislead the White Army and monarchist organizations in exile and foreign intelligence institutions with false information about an extensive resistance organization, Trust, operating within the Soviet Union. The illusion helped to lure many anti-Soviet (Boris Savinkov and Pavel Dolgorukov) and foreign (Sidney Reilly) agents into Russia, who were then arrested and executed. Interestingly, both the beginning and the end of the operation had close ties to Estonia and Latvia.

Trial of Boris Savinkov, an ardent anti-Bolshevik, who was lured to the USSR by Soviet secret services in August 1924. He was sentenced to 10-year imprisonment and was said to have committed suicide in jail in May 1925. Photo: Wikimedia Commons

Trust was followed by a number of other known and less-known operations that have provided material for hundreds of books. One of the best sources is the collection of notes made by Vasili Mitrokhin during his 30 years as a KGB archivist before he fled to the West in 1992. The historian Christopher Andrew has written two hefty books based on these notes.

Another person who deserves a mention is Ion Pacepa, a general in the Romanian communist special service Securitate, who fled to the US in 1978. In 2013, he published the book Disinformation, in which he uses his own immediate knowledge to shed light on the creation of false narratives such as the framing of Pope Pius XII as “Hitler’s Pope” during World War II.

In the Soviet Union, disinformation became a science in its own right and was honed to perfection over the years. The term was first used in The Great Soviet Encyclopaedia in 1952, where it was presented as classic disinformation. According to the book, disinformation constitutes false news distributed in the media with the intention of misleading the public. The entry added that such tactics were used by the West against the Soviet Union. The truth was, naturally, the exact opposite.

Curiously, “disinformation” did not enter Western dictionaries until the late 1980s. The English word is directly derived from the Russian дезинформация [dezinformatsiya — ed.].

In the late 1960s, the Director of the KGB, Yuri Andropov, took disinformation as a successful instrument of influence to a whole new level. Andropov himself said that

“disinformation is like cocaine—sniff once or twice, it may not change your life. If you use it every day, though, it will make you an addict—a different man.”

andropov-plaque

FSB reinstalled the memorial plaque to Andropov, which was dismantled in 1991, on its Moscow headquarters in December 1999, shortly before ex-FSB director Vladimir Putin became acting president of Russia. Photo: Anatoly Novak

In general, it is customary for foreign intelligence services to be created on the basis of collected information to advise a country’s political authorities in matters of foreign relations. However, in addition to collecting past facts, the tasks of Russian foreign intelligence involve manipulating the future.

Furthermore, the masterclass of Russian special services includes the creation of a new past to destabilize the opponent, which is then used to tamper with the latter’s international image. I will look at Estonian examples later, but Russian attempts to change the past to serve its foreign-policy interests are best illustrated by the subject of World War II.

It is crucial to understand that the fall of the Soviet Union changed nothing. The KGB was broken up and reorganized, but its tasks remained roughly the same. Mistrust in the Western system of values and security persisted.

For instance, in his 2007 book Comrade J, Pete Earley uses the story of Sergei Tretyakov, a high-ranking Russian intelligence officer who defected while at the UN in 2000, to demonstrate how Moscow continued with active intelligence and influence operations against the US even in the 1990s, the friendliest period in their relationship.

Tretyakov makes a thought-provoking statement in the book:

I want to warn Americans. As a people, you are very naive about Russia and its intentions. You believe because the Soviet Union no longer exists, Russia now is your friend. It isn’t, and I can show you how the SVR [Russia’s Foreign Intelligence Service — ed.] is trying to destroy the US even today and even more than the KGB did during the Cold War.

Thanks to the endless possibilities of the internet, disinformation and national propaganda acquired an entirely new meaning with the rise to power of the former KGB intelligence officer and FSB director Vladimir Putin in 1999. The KGB’s machinery was polished and harnessed to serve Russia’s imperialist interests. The state quickly assumed control over the media, and the leading television stations became the world’s most professional propaganda outlets.

The authorities turned their attention to information security, which quickly found its way into new strategy documents. Its nuances were made famous by Russian general and current Chief of the General Staff, Valery Gerasimov, in his notorious doctrine.

The introduction of social media and its rapid development have proved to be an unprecedented goldmine for intelligence services. The distribution of disinformation is considerably easier in today’s world than it was in the late 1980s, for instance.To compare: it took more than three years for the KGB’s Operation INFEKTION to succeed in spreading a global rumor that the HIV virus originated from the Pentagon’s biological weapons program. This information leak first appeared in a small pro-Soviet Indian paper, Patriot, on 17 July 1983. Two years later, this was referenced by a popular Soviet weekly, Literaturnaya Gazeta, as the source of the scandalous story. From there it found its way to the front page of a British tabloid, and by April 1987 the fake news had been published by the mainstream media of 50 countries.

A standard message featured by a leftist paper within the AIDS disinformation campaign

A standard message featured by a leftist paper within the AIDS disinformation campaign

On the eve of the decisive round of the 2017 French presidential elections, the favorite, Emmanuel Macron, fell victim to a massive hacking attack. The database of his e-mails and other documents went viral on a file-sharing service within minutes. In the space of just three hours, the post was shared around 47,000 times, and half a day later it was trending worldwide on Twitter. Even though Russia has denied involvement, the cyber trails prove otherwise.

In the noughties, several Western intelligence leaders were already complaining that Russia had become more active than it had been during the Cold War, but this went largely unnoticed. Russia was off the radar while the focus lay on Afghanistan and the Middle East in general. The Western political elite began to regard Russia as a threat only after the occupation and annexation of Crimea. This also brought Moscow’s activities back into the sights of intelligence services.

IV. Estonia as a target of Russian information attacks

Depicting Estonia (and Latvia) as a country that discriminates against minorities and promotes Nazism has been one of Russia’s largest and most consistent international deception operations in the last 25 years. The reasons for this are numerous, the main one being Moscow’s strategic interest in restoring its authority over the Baltic States. Russia became particularly pushy in the 1990s when Estonia and the other Baltic States were applying for membership of NATO and the European Union.

On 4 December 1991, only three months after the restoration of independence, the Estonian foreign ministry was forced to send its Soviet counterpart a note condemning President Mikhail Gorbachev’s hostile attitude towards the Baltic States during his appearance on Soviet Central Television the previous day. Gorbachev first blamed the Baltic States for violating the human rights of minorities and then added that Russians, Ukrainians and other minorities living in the Baltic States had requested protection from the Soviet Union. Estonian diplomats treated this as a threat to national security.

Active measures continued to be taken in this spirit on both diplomatic and journalistic levels for years. Essentially, it has not stopped, even today. The situation was particularly severe in the 1990s when Russia tried to influence the West to ignore the Baltic States. Moscow also tried to discourage Estonia from adopting the Aliens Act in 1993 by issuing threats bordering on the undiplomatic.

For instance, on 18 June 1993, the then Russian deputy foreign minister, Vitaly Churkin, who later became Russia’s Permanent Representative to the UN, said on Radio Moscow that: “Russian-Estonian relations are clearly deteriorating. We are currently preparing a package of serious diplomatic, political and perhaps not only political measures with regard to Estonia.” Six days later, President Boris Yeltsin said that Estonia had “forgotten” geopolitical and demographic reality and threatened that Russia had the means to refresh its memory. Foreign Minister Andrey Kozyrev did not hold back on 14 August 1993, saying that international relations in the Baltic States had “strong potential for violence and unrest.”

On 23 August 1993—exactly 54 years after the signing of the Molotov–Ribbentrop Pact—Yeltsin’s press secretary, Vyacheslav Kostikov, naively stated that

“the forces that try to push Russia out of the Baltic States must consider that Russia governed the Baltic geopolitical area for centuries and it has invested great material and intellectual resources into its development.”

On 2 March 1994, Artur Laast, a diplomat at the Estonian Embassy in Moscow, was invited to the Russian foreign ministry, where the head of the Second European Department, Yuri Fokin, made a threatening oral statement about President Lennart Meri’s criticism of Russia in his speech at the annual Matthiae-Mahl dinner in Hamburg on 25 February. The memo of the meeting ends with Laast quoting the Russian diplomat: “If the course that is focused on aggravating the relations between the two neighboring countries does not change, Estonia will assume full responsibility.”

In the 1994 report “Russian Threats to Estonia” by the embassy in Moscow, an Estonian diplomat discusses political hazards among other questions. The author of the report writes that Russia

“attempts to influence Estonia by damaging us on the international arena. For this, it uses the well-known thesis of violating the human rights of the Russian minority, spreads rumors that Estonia has become a transit country for crime and that Estonian citizens participate in military conflicts in Tajikistan and Chechnya, and accuses us of supporting separatism in Russia.”

These are only a few examples from the archive of the Estonian foreign ministry that illustrate Russia’s diplomatic pressure on Estonia, but also on the West. At the time, occupying forces were still in Estonia. The troops were withdrawn on 31 August 1994.

When the First Chechen War broke out at the end of 1994, Russian media gave extensive coverage to a false news story about alleged Baltic female biathletes serving as snipers on Dudayev’s side. As the so-called “White Tights,” the phantom snipers even featured in songs.

From my time as a foreign correspondent in Moscow, I clearly remember a detailed, multi-page account in the daily Moskovskiye Novosti of how Estonians were skilled and disciplined killers: all this to distort our image and influence public opinion at home and abroad.

World War II has remained one of the main arguments in the information war against Estonia over the last 25 years. The tension grew at the beginning of Putin’s tenure and finally led to the Bronze Night events in 2007. Russia has not made much progress on this matter or on other topics.

Russian anti-Estonian cartoon attacks Estonian schools as an alleged hotbed of Nazism as opposed to Russian/Soviet-style “peace education.” Source: newsbalt.ru

Russian anti-Estonian cartoon attacks Estonian schools as an alleged hotbed of Nazism as opposed to Russian/Soviet-style “peace education.” Source: newsbalt.ru

Estonia has now been a member of NATO and the EU for 13 years and will use its presidency of the EU Council to collaborate with other member states to implement more effective means to combat Russia’s information attacks and disinformation campaigns.

V. In place of an epilogue

In 1930, Professor Dmitry Manuilsky of Moscow’s Leninist School of Political Warfare wrote that Russia was creating the world’s most progressive peace movement to lull the West to sleep. Convinced that a war between the two great systems was inevitable, Manuilsky thought that

“foolish and decadent capitalist countries will be happy to use the opportunity to cooperate with us to bring about their own destruction. They will use every opportunity to become friends. As soon as the enemy lets their guard down, we will crush them with our iron fist.”

The Soviet empire used various means to achieve its geopolitical goals and, to an extent, world domination. At the forefront of the campaign in the free world were the “useful idiots” and agents of influence.Moscow took good care of its mouthpieces. In the 1980s, French communists were paid 24 million dollars, while Americans received 21 million dollars. Finnish communists received a generous reward of 16.5 million dollars for their pro-Russian views. During the final two decades of the Soviet Union, Moscow distributed more than 400 million dollars of such benefits all over the world, mainly to extremist communist movements.

The fight for the hearts and minds of the free world was on, and it has not subsided even today. Russia’s new clients are mainly extremist forces of both left and right, and by supporting them Moscow tries to weaken the integrity of the European Union and NATO, disrupt the internal stability of their member countries, and create the circumstances for a Finlandization of Europe.

Russia has managed to make a right mess of America’s domestic politics. However, the Dutch and French elections provided some assurance that Moscow’s influence operations have limits and that Europe is not disintegrating. Then again, the fight continues and it is too early to draw any final conclusions.

The international debate has provided many good ideas and political suggestions to counter Russia’s aggression, information attacks, and propaganda. History provides good counsel, even here.

On 14 April 1950, only 12 months after the founding of NATO, the US National Security Council’s special task force presented President Harry Truman with top-secret report No. 68. The 58-page document was essentially the basis for the US long-term policy on the Soviet Union, which culminated with the victory in the Cold War in the late 1980s. The report described the challenge posed by the Soviet Union as something that could cause “the destruction not only of this Republic but of civilization itself.” The Soviet Union was treated as the exact opposite of the US, with Moscow’s expansionist policy deemed a great threat to the security of the free world.

Among other topics, the report also highlighted the fight against the Soviet Union’s influence operations. The document stressed that the campaign for truth must above all become a fight for people’s minds.

Putin boasts of Russia’s fight against ISIS in Syria to the filmmaker Oliver Stone showing a U.S. video from Afghanistan. Screenshots from Stone’s film The Putin Interviews (2017)

A lot has changed by 2017 but, in general, Russia and the US, together with the latter’s allies, remain in fundamental opposition. Hence it is vital that the allies’ conflict-avoidance strategy looks beyond the false hope of solving problems with meaningless dialogue.

C’mon White House, NEVER Trust China

Primer: Moscow hired thousands of North Koreans to build the infrastructure for the Sochi Olympics. Russia still uses North Korean slaves for mining and forestry. The North Koreans are hired slaves that have to send their pay checks back the the Kim regime. Not to be outdone, Qatar is doing the same with slaves from the DPRK, as they are hired to build the stadium for the FIFA World Cup Soccer games in 2020.

North Koreans are hired out to foreign corrupt governments to work 20 hours a day with a pay rate of $100 per month (US$) and 70% of that goes back to Pyongyang as a loyalty payment.

By the way, China, Kuwait, Libya, Africa, Oman and several other countries hire the slaves and their living conditions don’t even qualify as slums, they are much worse.

So, while there is much worry about the missile and nuclear program at the hands of North Korea, China is a major culprit in full assistance and cooperation in that regard. Further, China has aided North Korea and other terror regimes in skirting not only United States sanctions, but those from applied by other nations.

Over the last eight years, the Obama administration has hardly taken any aggressive stance with regard to North Korea and consequences except to shut off humanitarian exports to the country. President Trump meanwhile is trusting Russia and China to deal with North Korea? Worse mistake yet.

Deeper dive…

The Global Web That Keeps North Korea Running

Pyongyang’s ties with 164 countries help it amass money and know-how to develop nuclear weapons

WSJ: North Korea may be one of the world’s most isolated countries, but the tightening sanctions regime it has lived under for the past two decades is anything but impermeable.

An examination of North Korea’s global connections reveals that even as it becomes increasingly dependent on China, Pyongyang maintains economic and diplomatic ties with many nations. Those links—from commercial and banking relationships to scientific training, arms sales, monument-building and restaurants—have helped it amass the money and technical know-how to develop nuclear weapons and missiles.

The nature and extent of North Korea’s global ties comes from current and formal officials, researchers, North Korean defectors, U.N. decisions, NGO’s and an analysis of economic statistics.

North Korea: What Comes After the ICBM Test?

In some cases, North Korea leans on old allies, particularly those like Cuba from the former Communist bloc, or those like Syria that are similarly hostile to the U.S. In others, notably in Africa, it has more transactional relationships to supply items such as cheap weaponry or military training. In the Middle East, it supplies laborers for construction work and pockets almost all their earnings.

Sanctions against North Korea haven’t been as broad as those applied to Iran over its nuclear program, nor as rigidly enforced.

David S. Cohen, undersecretary of the Treasury for terrorism and financial intelligence during the Obama administration, wrote in an op-ed in April that “North Korea has gotten off relatively easy, especially as compared with Iran.”

Trying to crack down on North Korean business activities is like a game of Whac-A-Mole. North Korean defectors have detailed how the regime uses front companies to conceal its commercial activities in foreign countries, or adopts business names that obscure their identity by avoiding using North Korea’s full name, thereby benefiting from confusion over whether the entity is North or South Korean.

Pyongyang maintains diplomatic ties with 164 countries and has embassies in 47, according to the National Committee on North Korea, a Washington-based nongovernmental organization, and the Honolulu-based East-West Center.

Although it lags far behind China, India has been North Korea’s second biggest trade partner in the past couple of years, buying commodities including silver and selling it chemicals among other goods. Russia has exported petroleum products to North Korea and imported items such as garments and frozen fish. Last year, North Korea attempted to export military communications equipment to Eritrea via front companies in Malaysia, according to a recent U.N. report.

Most North Koreans abroad are involved in providing funds for the state, defectors say. One of the primary roles of North Korean diplomats is to help develop and maintain cash flows for the regime, according to former embassy officials. North Korea missions typically have to be self-financed to maximize revenue for the state, these people say.

In recent months, under pressure from the Trump administration, there are signs more countries have begun to clamp down on North Korea. In February, Bulgaria had Pyongyang send home two diplomats in its embassy in Sofia, in line with U.N. Security Council resolutions passed in September calling on countries to reduce the number of North Korean diplomats abroad.

Italy this year moved four North Koreans studying at the International Center for Theoretical Physics in Trieste to switch to less-sensitive majors in line with a Security Council resolution calling for member nations not to provide education that could aid Pyongyang’s weapons program.

In March, Senegal said it suspended issuing visas for artisans from North Korea’s Mansudae Art Studio, a state-run organization that has erected monumental sculptures across Africa.

This image, from North Korea's KRT, shows what it said was the launch of a Hwasong-14 intercontinental ballistic missile.

This image, from North Korea’s KRT, shows what it said was the launch of a Hwasong-14 intercontinental ballistic missile. Photo: /Associated Press

More than 50,000 North Korean workers are employed abroad, according to the Asan Institute for Policy Studies, a Seoul-based think tank, many in construction or factory jobs. For these workers, wages are paid directly to North Korean officials, raising hundreds of millions of dollars a year for the state, human-rights groups say.

These ties are under scrutiny as Pyongyang’s success at launching a missile that could reach Alaska is escalating the crisis over its weapons program. This week’s missile test took place on the back of a Chinese truck imported to North Korea for logging purposes, according to analysts.

U.N. sanctions are primarily intended to block North Korea’s illegitimate trade and revenue streams that have a suspected link to its weapons programs. The U.N. doesn’t target all of Pyongyang’s business activities abroad, such as the chain of restaurants it operates in Asia and the Middle East, or its dispatch of laborers.

U.S. sanctions go further in trying to disrupt North Korea’s trade and revenue, including a recent move to block access to the U.S. financial system for a bank in China on which Pyongyang relied. The U.S. has sanctioned North Korean leader Kim Jong Un, a move that would freeze any of his assets in America.

Secretary of State Rex Tillerson on Tuesday called on the global community to stop doing business with Pyongyang.

Video from a North Korean state news bulletin Tuesday was said to show leader Kim Jong Un applauding after the launch.

Video from a North Korean state news bulletin Tuesday was said to show leader Kim Jong Un applauding after the launch. Photo: Yonhap News/Zuma Press

This week, Sen. Cory Gardner (R., Colo.), chairman of the Senate Foreign Relations Committee’s subpanel on East Asia, said he was drafting legislation that he says would create a “global embargo” on North Korea.

“We need to shut off North Korea’s access to oil, to trade, to currency, to financial institutions,” he said in an interview Thursday, calling for “Iran-style” sanctions. “They are far from being ‘sanctioned out.’ They are certainly isolated, but they have to recognize they ain’t seen nothing yet.”

China has had close ties to North Korea since the 1950s when it sent troops to fight U.S.-led forces backing the South in the Korean War.

In 2001, China accounted for around 18% of North Korea’s exports and 20% of its imports, ranking behind Japan on both measures, according to customs figures compiled by Harvard University’s Atlas of Economic Complexity.

Since U.N. sanctions on North Korea were tightened in 2009, Japan and other countries have curtailed commercial ties with Pyongyang, leaving China as by far its biggest trade partner.

For the past five years, China has accounted for more than 80% of North Korea’s imports and exports, providing an economic lifeline even as political relations between Beijing and Pyongyang have deteriorated.

During that period, China has imported mostly industrial raw materials from North Korea, especially coal, but also seafood and clothing such as men’s suits and overcoats.

In recent days, President Donald Trump has expressed frustration with China for expanding trade with North Korea despite U.S. appeals to exert more pressure.

China says it enforces U.N. sanctions and since February it has banned imports of North Korean coal—one of Pyongyang’s main sources of hard currency.

However, U.N. sanctions still allow trade that isn’t deemed to benefit North Korea’s nuclear and missile programs, and China’s customs figures show that its exports to North Korea have increased this year. Crucially, China continues to be North Korea’s biggest source of crude oil, according to diplomats and experts on the region.

Much of North Korea’s trade takes place over the 880-mile land border with China, which is porous and sparsely guarded. Small Chinese and North Korean companies quietly ferry coal, iron ore and other resources over the border, far from checkpoints.

U.N. sanctions introduced in March 2016 banned exports of North Korean iron ore unless they were exclusively for “livelihood purposes”—a loophole China continues to exploit.

While North Korea gained notoriety in the early 2000s for state-backed exports of illegal drugs and counterfeit U.S. dollars, Pyongyang has mostly shifted its strategy to allow private North Korean enterprises to take the lead, with the regime collecting bribes from these enterprises in a primitive system of taxation, says Justin Hastings, a lecturer at the University of Sydney who has researched North Korea’s overseas smuggling networks.

The shift in strategy means that North Korea can outsource some of the risk involved in the trade while continuing to fill its coffers.

“North Korea is not infinitely adaptable, but it’s far more adaptable than people have thought and its ability to adapt to sanctions has not been reached yet,” Mr. Hastings said.

One informal Chinese trader that Mr. Hastings interviewed for a soon-to-be-published academic paper was importing truckloads and boatloads of North Korean iron ore and other minerals across the river into China for resale as recently as a year ago, when the interview took place.

 

 

N. Korea’s Most Successful Launch to Date

The first ICBM Hwangsong-14 launch is the most successful so far. Location is estimated by photos below:

6,8 km South-East from Panghyon military airbase Coordinates: 39.872153, 125.269192

Update: U.S. now believes North Korea tested a two-stage intercontinental ballistic missile. It is also believed by experts the ICBM was launched by a Chinese truck converted from previously being a timber hauler. The missile reached 1741 miles in altitude. Russia has agreed to work with China to resolve the crisis with North Korea. There remains a dispute over the range and altitude of the missile causing discussions on being either an intermediate or long range launch.

CAMP H.M. SMITH, Hawaii, July 4, 2017 — U.S. Pacific Command detected and tracked what they assessed was a North Korean missile launch at 2:40 p.m. Hawaii Standard Time yesterday, Pacom officials said in a statement.

The single launch of a land-based, intermediate-range ballistic missile occurred near Panghyon Airfield, North Korea, the statement said.

The missile was tracked for 37 minutes and landed in the Sea of Japan, the statement said.

“We are working with our interagency partners on a more detailed assessment.  We continue to monitor North Korea’s actions closely. U.S. Pacific Command stands behind our ironclad commitment to the security of our allies in the Republic of Korea and Japan,” the officials said.

The North American Aerospace Defense Command assessed that the missile launch from North Korea did not pose a threat to North America, the statement said.

 

Technology for ballistic and cruise missiles is advancing in countries from North Korea and Iran to Russia and China, increasing potential threats to the U.S. even if they don’t carry nuclear warheads, according to a new Pentagon report.

Among the new technologies are hypersonic glide vehicles being developed by Russia and China.

“HGVS are maneuverable vehicles that travel at hypersonic (greater than Mach 5) speed and spend most of their flight at much lower altitudes than a typical ballistic missile,” according to the report. “The combination of high speed, maneuverability, and relatively low altitude makes them challenging targets for missile defense systems.”

Other findings in the report by the National Air and Space Intelligence Center and the Defense Intelligence Ballistic Missile Analysis Committee:

  • “Tehran’s desire to have a strategic counter to the United States could drive it to field an ICBM. Progress in Iran’s space program could shorten a pathway to an ICBM because space launch vehicles (SLV) use inherently similar technologies.” Iran has modified its medium-range Shahab 3 ballistic missile, which is based on a North Korean model, to extend its range and effectiveness. The longest-range variant reportedly is able to reach targets at a distance of about 2,000 kilometers (1,250 miles.) The U.S. agencies assess that Iran currently has fewer than 50 Shahab 3s.
  • “China continues to have the most active and diverse ballistic missile development program in the world. It is developing and testing offensive missiles, forming additional missile units, qualitatively upgrading missile systems, and developing methods to counter ballistic missile defenses.”China is expected to increase the number of warheads on its ICBMs capable of threatening the United States to substantially more than 100 by 2022 from the “relatively small number of nuclear armed, liquid-propellant” CSS-3 and CSS-4 ICBMs capable of reaching the U.S. today.
  • Russia, which surpassed the U.S. in 2014 in deployed nuclear warheads, “is expected to retain the largest force of strategic ballistic missiles outside the United States.”

WannaCry Hacking Bad, but This is Terrifying

WASHINGTON — CIA Director Mike Pompeo says he thinks disclosure of America’s secret intelligence is on the rise, fueled partly by the “worship” of leakers like Edward Snowden.

“In some ways, I do think it’s accelerated,” Pompeo told MSNBC in an interview that aired Saturday. “I think there is a phenomenon, the worship of Edward Snowden, and those who steal American secrets for the purpose of self-aggrandizement or money or for whatever their motivation may be, does seem to be on the increase.”

Pompeo said the United States needs to redouble its efforts to stem leaks of classified information. More here.

***

A Cyberattack ‘the World Isn’t Ready For’

Golan Ben-Oni, of the IDT Corporation, which was attacked in April with two cyberweapons stolen from the National Security Agency.  Justin T. Gellerson for The New York Times

NEWARK — There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.

And he is determined to track down whoever did it.

“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”

Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.

The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.

But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.

Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack.

Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.

Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons. Mr. Ben-Oni and other security researchers worry that many of those other infected computers are connected to transportation networks, hospitals, water treatment plants and other utilities.

An attack on those systems, they warn, could put lives at risk. And Mr. Ben-Oni, fortified with adrenaline, Red Bull and the house beats of Deadmau5, the Canadian record producer, said he would not stop until the attacks had been shut down and those responsible were behind bars.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

And, he added, “The world isn’t ready for this.”

Targeting the Nerve Center

Mr. Ben-Oni, 43, a Hasidic Jew, is a slight man with smiling eyes, a thick beard and a hacker’s penchant for mischief. He grew up in the hills of Berkeley, Calif., the son of Israeli immigrants.

Even as a toddler, Mr. Ben-Oni’s mother said, he was not interested in toys. She had to take him to the local junkyard to scour for typewriters that he would eventually dismantle on the living room floor. As a teenager, he aspired to become a rabbi but spent most of his free time hacking computers at the University of California, Berkeley, where his exploits once accidentally took down Belgium’s entire phone system for 15 minutes.

To his parents’ horror, he dropped out of college to pursue his love of hacking full time, starting a security company to help the city of Berkeley and two nearby communities, Alameda and Novato, set up secure computer networks.

He had a knack for the technical work, but not the marketing, and found it difficult to get new clients. So at age 19, he crossed the country and took a job at IDT, back when the company was a low-profile long-distance service provider.

As IDT started acquiring and spinning off an eclectic list of ventures, Mr. Ben-Oni found himself responsible for securing shale oil projects in Mongolia and the Golan Heights, a “Star Trek” comic books company, a project to cure cancer, a yeshiva university that trains underprivileged students in cybersecurity, and a small mobile company that Verizon recently acquired for $3.1 billion.

Which is to say he has encountered hundreds of thousands of hackers of every stripe, motivation and skill level. He eventually started a security business, IOSecurity, under IDT, to share some of the technical tools he had developed to keep IDT’s many businesses secure. By Mr. Ben-Oni’s estimate, IDT experiences hundreds of attacks a day on its businesses, but perhaps only four each year give him pause.

Nothing compared to the attack that struck in April. Like the WannaCry attack in May, the assault on IDT relied on cyberweapons developed by the N.S.A. that were leaked online in April by a mysterious group of hackers calling themselves the Shadow Brokers — alternately believed to be Russia-backed cybercriminals, an N.S.A. mole, or both.

The WannaCry attack — which the N.S.A. and security researchers have tied to North Korea — employed one N.S.A. cyberweapon; the IDT assault used two.

Both WannaCry and the IDT attack used a hacking tool the agency had code-named EternalBlue. The tool took advantage of unpatched Microsoft servers to automatically spread malware from one server to another, so that within 24 hours North Korea’s hackers had spread their ransomware to more than 200,000 servers around the globe.

The attack on IDT went a step further with another stolen N.S.A. cyberweapon, called DoublePulsar. The N.S.A. used DoublePulsar to penetrate computer systems without tripping security alarms. It allowed N.S.A. spies to inject their tools into the nerve center of a target’s computer system, called the kernel, which manages communications between a computer’s hardware and its software.

In the pecking order of a computer system, the kernel is at the very top, allowing anyone with secret access to it to take full control of a machine. It is also a dangerous blind spot for most security software, allowing attackers to do what they want and go unnoticed. In IDT’s case, attackers used DoublePulsar to steal an IDT contractor’s credentials. Then they deployed ransomware in what appears to be a cover for their real motive: broader access to IDT’s businesses.

Mr. Ben-Oni learned of the attack only when a contractor, working from home, switched on her computer to find that all her data had been encrypted and that attackers were demanding a ransom to unlock it. He might have assumed that this was a simple case of ransomware.

But the attack struck Mr. Ben-Oni as unique. For one thing, it was timed perfectly to the Sabbath. Attackers entered IDT’s network at 6 p.m. on Saturday on the dot, two and a half hours before the Sabbath would end and when most of IDT’s employees — 40 percent of whom identify as Orthodox Jews — would be off the clock. For another, the attackers compromised the contractor’s computer through her home modem — strange.

The black box of sorts, a network recording device made by the Israeli security company Secdo, shows that the ransomware was installed after the attackers had made off with the contractor’s credentials. And they managed to bypass every major security detection mechanism along the way. Finally, before they left, they encrypted her computer with ransomware, demanding $130 to unlock it, to cover up the more invasive attack on her computer.

Mr. Ben-Oni estimates that he has spoken to 107 security experts and researchers about the attack, including the chief executives of nearly every major security company and the heads of threat intelligence at Google, Microsoft and Amazon.

With the exception of Amazon, which found that some of its customers’ computers had been scanned by the same computer that hit IDT, no one had seen any trace of the attack before Mr. Ben-Oni notified them. The New York Times confirmed Mr. Ben-Oni’s account via written summaries provided by Palo Alto Networks, Intel’s McAfee and other security firms he used and asked to investigate the attack.

“I started to get the sense that we were the canary,” he said. “But we recorded it.”

Since IDT was hit, Mr. Ben-Oni has contacted everyone in his Rolodex to warn them of an attack that could still be worming its way, undetected, through victims’ systems.

“Time is burning,” Mr. Ben-Oni said. “Understand, this is really a war — with offense on one side, and institutions, organizations and schools on the other, defending against an unknown adversary.”

‘No One Is Running Point’

Since the Shadow Brokers leaked dozens of coveted attack tools in April, hospitals, schools, cities, police departments and companies around the world have largely been left to fend for themselves against weapons developed by the world’s most sophisticated attacker: the N.S.A.

A month earlier, Microsoft had issued a software patch to defend against the N.S.A. hacking tools — suggesting that the agency tipped the company off to what was coming. Microsoft regularly credits those who point out vulnerabilities in its products, but in this case the company made no mention of the tipster. Later, when the WannaCry attack hit hundreds of thousands of Microsoft customers, Microsoft’s president, Brad Smith, slammed the government in a blog post for hoarding and stockpiling security vulnerabilities.

For his part, Mr. Ben-Oni said he had rolled out Microsoft’s patches as soon as they became available, but attackers still managed to get in through the IDT contractor’s home modem.

Six years ago, Mr. Ben-Oni had a chance meeting with an N.S.A. employee at a conference and asked him how to defend against modern-day cyberthreats. The N.S.A. employee advised him to “run three of everything”: three firewalls, three antivirus solutions, three intrusion detection systems. And so he did.

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it. He has since threatened to return their products.

“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This is an unknown problem. We’re not ready for this.”

No one he has spoken to knows whether they have been hit, but just this month, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems. There are now YouTube videos showing criminals how to attack systems using the very same N.S.A. tools used against IDT, and Metasploit, an automated hacking tool, now allows anyone to carry out these attacks with the click of a button.

Worse still, Mr. Ben-Oni said, “No one is running point on this.”

Last month, he personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.

The F.B.I. did not respond to requests for comment.

So Mr. Ben-Oni has largely pursued the case himself. His team at IDT was able to trace part of the attack to a personal Android phone in Russia and has been feeding its findings to Europol, the European law enforcement agency based in The Hague.

The chances that IDT was the only victim of this attack are slim. Sean Dillon, a senior analyst at RiskSense, a New Mexico security company, was among the first security researchers to scan the internet for the N.S.A.’s DoublePulsar tool. He found tens of thousands of host computers are infected with the tool, which attackers can use at will.

“Once DoublePulsar is on the machine, there’s nothing stopping anyone else from coming along and using the back door,” Mr. Dillon said.

More distressing, Mr. Dillon tested all the major antivirus products against the DoublePulsar infection and a demoralizing 99 percent failed to detect it.

“We’ve seen the same computers infected with DoublePulsar for two months and there is no telling how much malware is on those systems,” Mr. Dillon said. “Right now we have no idea what’s gotten into these organizations.”

In the worst case, Mr. Dillon said, attackers could use those back doors to unleash destructive malware into critical infrastructure, tying up rail systems, shutting down hospitals or even paralyzing electrical utilities.

Could that attack be coming? The Shadow Brokers resurfaced last month, promising a fresh load of N.S.A. attack tools, even offering to supply them for monthly paying subscribers — like a wine-of-the-month club for cyberweapon enthusiasts.

In a hint that the industry is taking the group’s threats seriously, Microsoft issued a new set of patches to defend against such attacks. The company noted in an ominously worded message that the patches were critical, citing an “elevated risk for destructive cyberattacks.”

Mr. Ben-Oni is convinced that IDT is not the only victim, and that these tools can and will be used to do far worse.

“I look at this as a life-or-death situation,” he said. “Today it’s us, but tomorrow it might be someone else.”

2016 Internet Crime Report

IC3 Releases Annual Report Highlighting Trends in Internet Crime

Giving someone access to your computer is like giving out a key to your front door. A computer can have your bank account information, family photos, and other private documents and data—information that fraudsters would like to steal. That’s why tech support fraud has become a significant trend in online crime, according to the 2016 Internet Crime Report from the FBI’s Internet Crime Complaint Center (IC3).

In tech support fraud cases, criminals convince unsuspecting victims to provide remote access to their computer by calling and posing as tech support personnel from a legitimate company. The criminal can then simply charge your credit card for a fake anti-virus product, or, in more sinister situations, they can steal your personal information or install malware. More than 10,000 incidents of tech support fraud were reported to the IC3 in 2016, with victims losing nearly $8 million. Though anyone can be a victim, older computer users are the most vulnerable targets.

“They’ll trick you into letting them into your computer,” said IC3 Unit Chief Donna Gregory. “You open the door and allow them in. You may think you’re just watching them install a program to get rid of a virus, but they are really doing a lot of damage behind the scenes.”

In addition to tech support fraud, the other major fraud categories last year were business e-mail compromise, ransomware, and extortion.

The IC3 receives complaints on a variety of Internet scams and crimes, and it has received more than 3.7 million complaints since it was created in 2000. In 2016, the IC3 received a total of 298,728 complaints with reported losses in excess of $1.3 billion. The IC3 uses the information from public complaints to refer cases to the appropriate law enforcement agencies and identify trends. The IC3’s extensive database is also available to law enforcement. Internet users should report any Internet fraud to IC3, no matter the dollar amount. Additional data helps the FBI and law enforcement gain a more accurate picture of Internet crime.

The IC3 publishes the Internet Crime Report annually to increase public awareness of current trends in Internet crime. For this report, the IC3 has also created a separate state-by-state breakdown that allows users to select their state from a dropdown menu so they can review local trends in Internet crime. The top states for reported dollar amounts lost to Internet fraud in 2016 were California ($255 million), New York ($106 million), and Florida ($89 million).

Though Internet crime is a serious threat, there are ways to help keep yourself safe online. The IC3 recommends computer users update their anti-virus software and operating system. Additionally, the Internet is an especially important place to remember the old adage: If it sounds too good to be true, it probably is.

“Be aware of what you are clicking on and also what you’re posting on social media. Always lock down your social media accounts as much as possible,” Gregory said. “Try to use two factor authentication, and use safe passwords or things more difficult to guess. The tougher the password, the harder it is for someone to crack.”