Clinton Campaign Refused FBI Request for Computer Logs

Details, dates and motivations are everything when it comes decisions to cooperate with the FBI or not. Seems the powerbrokers in the Clinton campaign headquarters in Brooklyn did not trust the FBI either but one department within the agency is different from another.

Image result for clinton campaign headquarters brooklyn Reuters Image result for clinton campaign headquarters brooklyn

FBI warned Clinton campaign last spring of cyberattack

Yahoo: The FBI warned the Clinton campaign that it was a target of a cyberattack last March, just weeks before the Democratic National Committee discovered it had been penetrated by hackers it now believes were working for Russian intelligence, two sources who have been briefed on the matter told Yahoo News.

In a meeting with senior officials at the campaign’s Brooklyn headquarters, FBI agents laid out concerns that cyberhackers had used so-called spear-phishing emails as part of an attempt to penetrate the campaign’s computers, the sources said. One of the sources said agents conducting a national security investigation asked the Clinton campaign to turn over internal computer logs as well as the personal email addresses of senior campaign officials. But the campaign, through its lawyers, declined to provide the data, deciding that the FBI’s request for sensitive personal and campaign information data was too broad and intrusive, the source said.

A second source who had been briefed on the matter and who confirmed the Brooklyn meeting said agents provided no specific information to the campaign about the identity of the cyberhackers or whether they were associated with a foreign government. The source said the campaign was already aware of attempts to penetrate its computers and had taken steps to thwart them, emphasizing that there is still no evidence that the campaign’s computers had actually been successfully penetrated.

Related reading: Also Hacked, Democratic Congressional Campaign Committee

Related reading: Hey FBI, the Investigation into the DNC Hacking is Over Here

But the potential that the intruders were associated with a foreign government should have come as no surprise to the Clinton campaign, said several sources knowledgeable about the investigation. Chinese intelligence hackers were widely reported to have penetrated both the campaigns of Barack Obama and John McCain in 2008.

The Brooklyn warning also could raise new questions about why the campaign and the DNC didn’t take the matter more seriously. It came just four months after the DNC had also been contacted by FBI agents alerting its information technology specialists about a cyberattack on its computers, the sources told Yahoo News. As with the warning to the Clinton campaign, the FBI initially provided no details to the DNC.

As Yahoo News first reported this week, in early May a DNC consultant who was investigating Trump campaign chief Paul Manafort’s work for pro-Putin political figures in Ukraine alerted senior committee officials that she had been notified by Yahoo security that her personal email account had been targeted by “state-sponsored actors.” The DNC had already realized that it was the victim of a serious breach, but the red flag from the staffer prompted committee security officials to conclude for the first time that the suspected cyberhackers were likely associated with the Russian government.

By mid-May, Director of National Intelligence James Clapper was telling reporters that US. Intelligence officials “already had some indications” of hacks into political campaigns that were likely linked to foreign governments and that “we’ll probably have more.”

In a talk at the Aspen Security Forum Thursday, Clapper said the U.S. government is not “quite ready yet” to “make a public call” on who was behind the cyberassault on the DNC, but he suggested one of “the usual suspects” is likely to blame. “We don’t know enough [yet] to … ascribe a motivation, regardless of who it may have been,” Clapper said.

Related reading: The Covert Russian Influence, Targets Europe/USA

Clapper’s comments come amid a mounting debate within the Obama administration about whether to publicly blame the Russian government for the cyberattack on the DNC. (A senior law enforcement official told Yahoo News that the Russians were “most probably” involved in the cyberattack, but cautioned that the investigation is ongoing.) On Wednesday, Sen. Dianne Feinstein of California and California Rep. Adam Schiff, the ranking Democrats on the Senate and House Intelligence Committees, wrote President Obama calling for a stern response, asserting that if the accounts of Russian involvement are true, “It would represent an unprecedented attempt to meddle in American domestic politics.”

But Clapper is reportedly among a number of U.S. intelligence officials who have resisted calls to publicly blame the Russians, viewing it as likely the kind of activity that most intelligence agencies engage in. “[I’m] taken aback a bit by … the hyperventilation over this,” Clapper said during his Aspen appearance, adding in a sarcastic tone, “I’m shocked somebody did some hacking. That’s never happened before.”

The confirmation that the campaign was warned by the FBI as early as March of an attempted breach of its computers is a further indication that the scope of the possible Russian attack may have been far wider and extensive than the official DNC accounts.

The FBI’s request to turn over internal computer logs and personal email information came at an awkward moment for the Clinton campaign, said the source, familiar with the campaign’s internal deliberations. At the time, the FBI was still actively and aggressively conducting a criminal investigation into whether Clinton had compromised national security secrets by sending classified emails through a private computer server in the basement of her home in Chappaqua, N.Y. There were already press reports, to date unconfirmed, that the investigation might have expanded to include dealings relating to the Clinton Foundation. Campaign officials had reason to fear that any production of campaign computer logs and personal email accounts could be used to further such a probe. At the Brooklyn meeting, FBI agents emphasized that the request for data was unrelated to the separate probe into Clinton’s email server. But after deliberating about the bureau’s request, and in light of the lack of details provided by the FBI and the absence of a subpoena, the Clinton campaign chose to turn down the bureau’s request, the source said.

Hey FBI, the Investigation into the DNC Hacking is Over Here

Anyone ever see that Jack Ryan movie ‘Shadow Recruit’? It is playing out in a more nefarious form in real time.

May 2016: Director of National Intelligence James Clapper said today that presidential campaigns are a target for cyber intruders and that this political season has already seen some attempted hacks.

“We have already had some indications of that,” he said in response to a question about campaign website hacking, after speaking at the Center for Bipartisan Policy in Washington, D.C.

“I anticipate as the campaigns intensify, we will probably have more of it,” he added. He did not provide specifics about any attacks, but it has been reported that some hacking groups, such as Anonymous, have threatened to launch “total war” against Donald Trump‘s presidential campaign. Read more from ABC here.

Related reading: Clinton Foundation Said to Be Breached by Russian Hackers 

**** So –>> Director of National Intelligence James Clapper says the FBI is helping campaigns tighten up to protect against the threat and how has that worked out so far?

*****

Via ThreatConnect: In our initial Guccifer 2.0 analysis, ThreatConnect highlighted technical and non-technical inconsistencies in the purported DNC hacker’s story as well as a curious theme of French “connections” surrounding various Guccifer 2.0 interactions with the media. We called out these connections as they overlapped, albeit minimally, with FANCY BEAR infrastructure identified in CrowdStrike’s DNC report.

Now, after further investigation, we can confirm that Guccifer 2.0 is using the Russia-based Elite VPN service to communicate and leak documents directly with the media. We reached this conclusion by analyzing the infrastructure associated with an email exchange with Guccifer 2.0 shared with ThreatConnect by Vocativ’s Senior Privacy and Security reporter Kevin Collier. This discovery strengthens our ongoing assessment that Guccifer 2.0 is a Russian propaganda effort and not an independent actor.

Analyzing the Headers from Guccifer 2.0 Emails

On June 21, 2016, TheSmokingGun reported they communicated with Guccifer 2.0 via a French AOL account. We examined the French language settings observed in Guccifer 2.0’s Twitter metadata as well as a pattern of Twitter follows that suggested Guccifer 2.0’s account was created from a French IP address. We hypothesized at the time that Guccifer 2.0 might be using French infrastructure to interact with the media.

During the Email Import process ThreatConnect analyzes an email message header and highlights indicators of interest with a color code that reveals if the indicators already exist within the platform. This helps overburdened eyes or greenhorn analysts quickly understand what they are seeing. At the same time ThreatConnect excludes legitimate or benign details that are not of value to our investigation.

ThreatConnect Research Guccifer 2.0: All Roads Lead to Russia 1

As we can see here within ThreatConnect, Guccifer 2.0’s AOL email message reveals the originating IP address as 95.130.15[.]34 (DigiCube SaS – France). This is the IP address of the host which authenticated into AOL’s web user interface and sent the email. We can also tell this IP was not spoofed because the metadata was added by AOL when sent from within their infrastructure with appropriate DomainKeys Identified Mail (DKIM) configurations.

The fact that Guccifer 2.0 is indeed leveraging a French AOL account stands out from a technical perspective. Very few hackers with Guccifer 2.0’s self-acclaimed skills would use a free webmail service that would give away a useful indicator like the originating IP address. Most seasoned security professionals will be familiar with email providers that are more likely to cooperate with law enforcement and how much metadata a provider might reveal about their users. Taken together with inconsistencies in Guccifer 2.0’s remarks that make his technical claims sound implausible, this detail makes us think the individual(s) operating the AOL account are not really hackers or even that technically savvy. Instead, propagandist or public relations individuals who are interacting with journalists.

Drilling into Guccifer 2.0 Infrastructure: Picture of a VPN Starts to Emerge

As we focused in on IP Address 95.130.15[.]34 we queried public sources such as Shodan as well as Censys to discover what services might be enabled on this host. The goal of this was to better understand if this infrastructure is owned and operated, leased or co-opted by Guccifer 2.0 and how the infrastructure might be used to create space between an originating “source” network and investigators, or curious journalists.

ThreatConnect Research Guccifer 2.0: All Roads Lead to Russia 2According to Shodan, OpenSSH (TCP/22), DNS (UDP/53) and Point-to-Point Tunneling Protocol (PPTP) (TCP/1723) services have been enabled on this host. Secure shell (SSH) and point-to-point tunneling protocol services strongly suggest a VPN and/or a proxy, both of which would allow the Guccifer 2.0 persona to put distance between his originating network and those with whom he is communicating.

The SSH fingerprint can be used as an identifier, linking other IP addresses that use the same SSH encryption key. The SSH fingerprint for 95.130.15[.]34 (DigiCube SaS – France) is Fingerprint: 80:19:eb:c8:80:a1:c6:ea:ea:37:ba:c0:26:c6:7f:61. Searching for other servers that share this fingerprint at the time of writing, we discovered six additional IP Addresses over the course of our research (95.130.9[.]198; 95.130.15[.]36; 95.130.15[.]37; 95.130.15[.]38; 95.130.15[.]40;  95.130.15[.]41).

Each IP address falls within the 95.130.8.0/21 network range. This range is assigned to Digicube SAS, a French hosting provider which is assigned the Autonomous System AS196689. An IP address is analogous to the apartment numbers in an apartment building. The entire building is owned and operated by AS196689, but certain IP addresses may be let out to other companies and organizations.

ThreatConnect Research Guccifer 2.0: All Roads Lead to Russia fingerprint

The fact that Guccifer 2.0 would use a proxy service is not surprising, and our first stop was to check with various TOR proxy registration sites. None of these seven IP addresses are part of reported TOR infrastructure from what we were able to uncover. Read the full comprehensive detailed cyber investigation as published here by ThreatConnect.

*****

Meanwhile: FAS: The headquarters complex of the Foreign Intelligence Service (SVR) of the Russian Federation has expanded dramatically over the past decade, a review of open source imagery reveals.

Since 2007, several large new buildings have been added to SVR headquarters, increasing its floor space by a factor of two or more. Nearby parking capacity appears to have quadrupled, more or less.

The compilation of open source imagery was prepared by Allen Thomson. See Expansion of Russian Foreign Intelligence Service HQ (SVR; Former KGB First Main Directorate) Between 2007 and 2016, as of July 11, 2016.

Whether the expansion of SVR headquarters corresponds to changes in the Service’s mission, organizational structure or budget could not immediately be learned.

Russian journalist and author Andrei Soldatov, who runs the Agentura.ru website on Russian security services, noted that the expansion “coincides with the appointment of the current SVR director, Mikhail Fradkov, in 2007.” He recalled that when President Putin introduced Fradkov to Service personnel, he said that the SVR should endeavor to help Russian corporations abroad, perhaps indicating a new mission emphasis.

Russian intel buildings Russian intel from airPhotos courtesy of FAS

What you Need to Know About the Gerasimov Doctrine’

The FBI said on Monday that it was investigating the nature and scope of a cyberintrusion at the Democratic National Committee disclosed last month.

“A compromise of this nature is something we take very seriously, and the FBI will continue to investigate and hold accountable investigate and those who pose a threat in cyberspace,” the FBI said in a statement. More from BusinessInsider.

The FBI having any reach for prosecution in Russia is nil. Furthermore, the damage to America and American politics has already been done.

This site published an item as a primer of Russian aggression. Will the Obama administration address this condition with Russia? No, all deference has been given to both NATO with which to deal and further the deadly conflicts in Syria and Iraq have come under the management of Iran and Russia as decided by John Kerry and the White House National Security Council. How serious is this? Read on…

Gerasimov-Doctrine-and-Russian-Non-Linear-War-In-Moscow-s-Shadows

The above document describes the blurred lines between peace and war. This is an important condition and must be learned given the cyber hacks by Russia against the United States and most recently, the emails of the DNC. Russia has forged their way into American politics by which during the presidential election cycle, both nominees are ill prepared to address immediately.

 

General Valery Gerasimov, the Chief of Staff of the Russian Federation’s military, developed The Gerasimov Doctrine in recent years. The doctrine posits that the rules of war have changed, that there is a “blurring of the lines between war and peace,” and that  “nonmilitary means of achieving military and strategic goals has grown and, in many cases, exceeded the power of weapons in their effectiveness.” Gerasimov argues for asymmetrical actions that combine the use of special forces and information warfare that create “a permanently operating front through the entire territory of the enemy state.”

An overview of Russian activity in Latin America shows an adherence to Gerasimov’s doctrine of waging constant asymmetrical warfare against one’s enemies through a combination of means. These include military or hard power as well as shaping and controlling the narrative in public opinion, diplomatic outreach, military sales, intelligence operations, and strategic offerings of intelligence and military technology. All are essential components of the Russian presence and Gerasimov’s view that the lines between war and peace are blurred, and that non-military means of achieving power and influence can be as effective or more effective than military force.  Read more here.

*****

NATO, Russia, and the Gerasimov Doctrine

On April 29, a Russian fighter jet in the Baltic Sea flew within 50 feet of a U.S. reconnaissance plane and conducted a highly dangerous barrel roll, drawing a sharp rebuke from the Pentagon. Within the past month, there have been at least two other provocations by Russian aircraft in the region, with many officials suggesting it is in response to the North Atlantic Treaty Organization’s (NATO) decision to hold large military exercises in Poland next month and significantly increase its troop presence within Allied countries bordering Russia.

Washington, perceived by Moscow as NATO’s puppeteer, has quadrupled its European defense budget for 2017, adding nearly $3.5 billion. The exhibitionism from both Russia and NATO has led experts to conclude that geopolitical tensions “are at the highest levels since the end of the Cold War.”

Perhaps. However, barring any egregious miscalculation by either side, a large-scale conventional war between NATO and Russia is unlikely. While it is necessary to maintain modern militaries, their presence in the 21st century is more symbolic than practical—at least when considering the prospect of warfare between nuclear-armed adversaries. Any war that does take place will be far from conventional, requiring a skillful blend of military and non-military tools. Within this domain, it is Russia, shrewd and flexible, that will have the advantage, leaving NATO and its transnational bureaucracy to react and adapt effectively.

In a February 2013 issue of the Military Industrial Courier, Russia’s Chief of the General Staff Valery Gerasimov discussed how the rules of war have changed and become more blurred. Whether called “hybrid war,” “ambiguous war,” “non-linear war,” or “special war,” this type of conflict is not new, but has been adopted and successfully updated by Russia to account for all the modern era’s technological complexities. As applied to Russia, it has been coined “The Gerasimov Doctrine,” and it is Russia’s new normal.

“Whether called “hybrid war,” “ambiguous war,” “non-linear war,” or “special war,” this type of conflict is not new, but has been adopted and successfully updated by Russia to account for all the modern era’s technological complexities.”

Russia has been aggressively exploiting its non-NATO “near abroad” as fertile testing ground for hybrid war. Through a calculated combination of disinformation campaigns, espionage, special operations forces, and the cultivation of a cadre of so-called “deniable agents,” Russia was able to successfully annex Crimea while Kiev was still recovering from its post-Euromaidan chaos.

These blatant violations of international law, while drawing substantial criticism and the economic sanctions that drove Russia into recession, have not been enough to deter continued belligerence. In fact, in many ways the sanctions have been counterproductive: Putin’s favorability increased significantly to nearly 90 percent following Crimea’s annexation; a similar spike in popularity was observed in 2008 following Russia’s military invasion of Georgia. Thus, Putin has been able to blame domestic woes on the West while simultaneously generating a patriotic rally-around-the-flag effect.

A March 2016 report from the prominent London-based think tank Chatham House asserts NATO is ill-prepared to handle these hybrid threats from Russia. The Very High Readiness Joint Task Forces, established at the 2014 NATO Summit in Wales, are “appropriate for addressing purely military threats, but hardly appear adequate when compared with the scale of Russian preparations for conflict.” Moreover, they only provide “a single dimension of reassurance to front-line states,” meaning “additional elements are required to protect against Russian tools of influence other than conventional military attack.”

“NATO should swiftly acknowledge it needs to focus its attention vis-à-vis Russia from conventional to hybrid threat readiness.”

It is strongly thought that the three Baltic states (Estonia, Latvia, and Lithuania) are most vulnerable to Russian meddling. All three were previously part of the Soviet Union and border Russia directly. More worryingly, these three states have a relatively large percentage of ethnic Russians living within their borders that could be susceptible to Russian influence, just as the inhabitants of Crimea were.

Indeed, Russia is already dabbling in subversion within the Baltic and Nordic regions. Following a row in 2007 between Russian and Estonian officials over the removal of a Soviet monument in Tallinn, a host of Estonian government websites were subjected to persistent cyber-attacks for three weeks—although Moscow denies involvement. Furthermore, Sweden’s state security services have warned of an increased amount of Russian covert activity aimed at undermining closer collaboration between NATO and Sweden. Finally, Russian warships have been formerly accused by Lithuania, which receives nearly all of its gas from Russia, of disrupting the creation of power cables that would diversify its energy dependence.

NATO should swiftly acknowledge it needs to focus its attention vis-à-vis Russia from conventional to hybrid threat readiness. A good start would be to increase the number of NATO members meeting the defense expenditure requirements of 2 percent of gross national product. Only 5 of 28 Allied countries currently do so. This increased funding should then be allocated in ways that will address NATO’s greatest vulnerabilities, for instance, by precluding disinformation campaigns in the Baltics, increasing the number of experts on Russia, or solving the issue of weening Allied states off of Russian gas.

Already dealing with a raft of regional security concerns—the migrant crisis, terrorist threats, and sweeping nationalism—NATO must recognize Russia is doing everything it can to exploit Western disunity. But forget the tanks and planes: this conflict will be fought in the shadows.

 

 

DNC Email Hacks: GRU, Russian Military Intelligence

In part from Motherboard: In the wee hours of June 14, the Washington Postrevealed that “Russian government hackers” had penetrated the computer network of the Democratic National Committee. Foreign spies, the Post claimed, had gained access to the DNC’s entire database of opposition research on the presumptive Republican nominee, Donald Trump, just weeks before the Republican Convention. Hillary Clinton said the attack was “troubling.”

It began ominously. Nearly two months earlier, in April, the Democrats had noticed that something was wrong in their networks. Then, in early May, the DNC called in CrowdStrike, a security firm that specializes in countering advanced network threats. After deploying their tools on the DNC’s machines, and after about two hours of work, CrowdStrike found“two sophisticated adversaries” on the Committee’s network. The two groups were well-known in the security industry as “APT 28” and “APT 29.” APT stands for Advanced Persistent Threat—usually jargon for spies.

CrowdStrike linked both groups to “the Russian government’s powerful and highly capable intelligence services.” APT 29, suspected to be the FSB, had been on the DNC’s network since at least summer 2015. APT 28, identified as Russia’s military intelligence agency GRU, had breached the Democrats only in April 2016, and probably tipped off the investigation. CrowdStrike found no evidence of collaboration between the two intelligence agencies inside the DNC’s networks, “or even an awareness of one by the other,” the firm wrote.

Related reading: Remarkable work here including Julian Assange, Edward Snowden, Israel Shamir and Putin, FSB loyalties

This was big. Democratic political operatives suspected that not one but two teams of Putin’s spies were trying to help Trump and harm Clinton. The Trump campaign, after all, was gettingfriendly with Russia. The Democrats decided to go public.

Digitally exfiltrating and then publishing possibly manipulated documents disguised as freewheeling hacktivism is crossing a big red line and setting a dangerous precedent

The DNC knew that this wild claim would have to be backed up by solid evidence. A Post story wouldn’t provide enough detail, so CrowdStrike had prepared a technical report to go online later that morning. The security firm carefully outlined some of the allegedly “superb” tradecraft of both intrusions: the Russian software implants were stealthy, they could sense locally-installed virus scanners and other defenses, the tools were customizable through encrypted configuration files, they were persistent, and the intruders used an elaborate command-and-control infrastructure. So the security firm claimed to have outed two intelligence operations.

Then, the next day, the story exploded.

On June 15 a WordPress blog popped up out of nowhere. And, soon, a Twitter account, @GUCCIFER_2. The first post and tweet were clumsily titled: “DNC’s servers hacked by a lone hacker.” The message: that it was not hacked by Russian intelligence. The mysterious online persona claimed to have given “thousands of files and mails” to Wikileaks, while mocking the firm investigating the case: “I guess CrowdStrike customers should think twice about company’s competence,” the post said, adding “Fuck CrowdStrike!!!!!!!!!”

Along with the abuse, the Guccifer 2.0 account started publishing stolen DNC documents on the WordPress blog, on file sharing sites, and by giving“a few docs from many thousands” to at least two US publications, The Smoking Gun and Gawker. Mainstream media outlets quickly picked up the story and covered the Clinton campaign’s opposition research on Trump in hundreds of news items that revealed pre-rehearsed arguments against the presumptive Republican nominee: that “Trump has no core”; that he is a “bad businessman;” and that he should be branded “misogynist in chief.” Donor lists were leaked along with personal contact details and juicy dollar amounts.

The Guccifer 2.0 account also claimed that it had given an unknown number of documents containing “election programs, strategies, plans against Reps, financial reports, etc” to Wikileaks. Two days later, Wikileaks published a massive 88 gigabyte encrypted file as “insurance.” This file, which Julian Assange could unlock by simply tweeting a key, is widely suspected to contain the DNC cache. On 13 July, almost a month after the hack became public, the intruders leaked selected files exclusively to The Hill, a Washington outlet for Congressional and political news, and then made the original files available later.

Nine days later, on July 22, just after Trump was officially nominated and before the Democratic National Convention got under way, Wikileaks published more than 19,000 DNC emails with more than 8,000 attachments—“i sent them emails, i posted some files in my blog,” Guccifer confirmed by DM, when asked if he shared all files with Julian Assange. Two days later, on July 24, Debbie Wasserman Schultz, chair of Democratic National Committee, announced her resignation—the extraordinary hack and leak had helped force out the head of one of America’s political parties and threatened to disrupt Hillary Clinton’s nominating convention.

This tactic and its remarkable success is a game-changer: exfiltrating documents from political organisations is a legitimate form of intelligence work. The US and European countries do it as well. But digitally exfiltrating and thenpublishing possibly manipulated documents disguised as freewheeling hacktivism is crossing a big red line and setting a dangerous precedent: an authoritarian country directly yet covertly trying to sabotage an American election.

***

So how good is the evidence? And what does all this mean?

The forensic evidence linking the DNC breach to known Russian operations is very strong. On June 20, two competing cybersecurity companies, Mandiant (part of FireEye) and Fidelis, confirmed CrowdStrike’s initial findings that Russian intelligence indeed hacked Clinton’s campaign. The forensic evidence that links network breaches to known groups is solid: used and reused tools, methods, infrastructure, even unique encryption keys. For example: in late March the attackers registered a domain with a typo—misdepatrment[.]com—to look suspiciously like the company hired by the DNC to manage its network, MIS Department. They then linked this deceptive domain to a long-known APT 28 so-called X-Tunnel command-and-control IP address, 45.32.129[.]185.

One of the strongest pieces of evidence linking GRU to the DNC hack is the equivalent of identical fingerprints found in two burglarized buildings: a reused command-and-control address—176.31.112[.]10—that was hard coded in a piece of malware found both in the German parliament as well as on the DNC’s servers. Russian military intelligence was identified by the German domestic security agency BfV as the actor responsible for the Bundestag breach. The infrastructure behind the fake MIS Department domain was also linked to the Berlin intrusion through at least one other element, a shared SSL certificate.

The evidence linking the Guccifer 2.0 account to the same Russian operators is not as solid, yet a deception operation—a GRU false flag, in technical jargon—is still highly likely. Intelligence operatives and cybersecurity professionals long knew that such false flags were becoming more common. One noteworthy example was the sabotage of France’s TV5 Monde station on 9/10 April 2015, initially claimed by the mysterious “CyberCaliphate,” a group allegedly linked to ISIS. Then, in June, the French authorities suspected the same infamous APT 28 group behind the TV5 Monde breach, in preparation since January of that year. But the DNC deception is the most detailed and most significant case study so far. The technical details are as remarkable as its strategic context.

The metadata in the leaked documents are perhaps most revealing: one dumped document was modified using Russian language settings, by a user named“Феликс Эдмундович,” a code name referring to the founder of the Soviet Secret Police, the Cheka, memorialised in a 15-ton iron statue in front of the old KGB headquarters during Soviet times. The original intruders made other errors: one leaked document included hyperlink error messages in Cyrillic, the result of editing the file on a computer with Russian language settings. After this mistake became public, the intruders removed the Cyrillic information from the metadata in the next dump and carefully used made-up user names from different world regions, thereby confirming they had made a mistake in the first round.  More comprehensive details here from Motherboard.

Rubio was Right, the Russian Memo, Just the Facts

In 2014, this site posted a summary of Russia’s push into Nicaragua and Cuba for covert operations. It is important to note that with continued deference by the Obama administration to Russia for all things terror, Russia officially received that ‘reset’ button as a green light and the Kremlin under Putin has been aggressive.

Related reading: While You Were Sleeping, Russia Bombed the U.S., No Really

During one of the Republican debates, then candidate Marco Rubio and Donald Trump were in a one on one heated discussion over the Cuba policy. Rubio also mentioned during the debate the signals intelligence operation that Russia has in Cuba known as Lourdes.

 

Cuba has been a puppet and proxy for Russia going back to the Kennedy administration and since the relationship has continued.

Further, Guccifer 2.0 is noted to the hacker of the DNC email system and all cyber expert forensic analysis points back to Russia. An excellent summary is here from Motherboard.

As the United States military has been in sequestration, the normal 10 year competitive edge over adversaries such as Russia and China has waned substantially. Russia has formally announced a new creation,  1,616MPH Supersonic MIG-29M.

 Nominee Trump has overtly on several occasions sided with Moscow and has spoken on his lack of loyalty and necessity of NATO. Foreign policy leaders in Washington DC and within the NATO membership are emphatically pushing back and questioning this reasoning. This post is not so much about Trump’s pro Kremlin policy as it is more to the notion of real and building threats with Moscow.

We cant officially know Hillary’s policy on Russia going forward because she has a personal server, a failed reset button and does not have press conferences. Her mission as president is all about social justice issues which is in keeping with the DNC platform.

Talking Points Memo has done some remarkable work in uncovering that reasoning and it comes down to debt to the oligarchs. <– This is an excellent summary and a must read.

Beyond that, it is important to determine what Russia is doing and the reader must remember some frequent and recent events where Russia has not only challenged U.S. military assets with dangerous flyby’s but when Barack Obama was in Cuba during the normalizing relations meeting and baseball game, Russia was there too.

So, let’s go deeper…..facts are funny things that cannot be disputed. (full citations are noted below the summary)

FPRI: Two Western media outlets reported on 23 June that Russia was engaged in building a signals intelligence[1] (SIGINT) base in Nicaragua as “part of a recent deal between Moscow and Managua involving the sale of 50 T-72 Russian tanks.”[2] The reports came shortly after the 14 June expulsion of some United States Homeland Defense personnel by the Nicaraguan government. The United States State Department claimed Nicaragua expelled three officials with diplomatic passports. The Nicaraguan government claimed it expelled two Homeland Defense officials who were in the country performing work related to counterterrorism without first notifying Nicaraguan authorities.[3]

One published report stated that the third American was “performing what could be construed as espionage-related activities on the construction of the Grand Interoceanic Canal.”[4] The reference is to the Nicaraguan trans-isthmus shipping channel under construction by the Chinese infrastructure firm, HK Nicaragua Canal Development Investment Group. The report identified the person in question as “Evan Ellis,” an “expert in China-Latin America relations at the US Army War College.”[5]

The coincidence of the two reports—suspicions of a covert Russian SIGINT base in Nicaragua and the Nicaraguan government’s sudden expulsion of Americans—no doubt is intriguing in itself. What the reports failed to make clear, however, is that the sale of Russian tanks to Nicaragua was discussed openly for some time. So what is happening?


GLONASS: Russia’s GPS

At the root of American suspicions of SIGINT activities in Nicaragua is Russia’s Global Navigation Satellite System. Commonly known as GLONASS—the transliterated acronym of Global’naya navigatsionnaya sputnikovaya sistema—it is operated by Russia’s Aerospace Defense Forces or “VKO” (Voyska Vozdushno-Kosmicheskoy Oborony), which resides within the Defense Ministry. GLONASS is analogous to the United States’ Global Positioning System or “GPS,” the satellite-based navigation system operated by the United States Defense Department.

GLONASS is a legacy of the Soviet period. Its first operational satellites went into service in December 1983. GLONASS survived the Soviet Union’s dissolution to reach full operational status in December 1995,  with 24 satellites in three different orbital planes. By 2002, however, only eight remained in operation, as satellites were failing in orbit and Russia was unable to launch new ones. A May 2007 Presidential Decree granted free unrestricted international access to GLONASS, which in February 2009 was declared the legal property of the Russian Federation.

Despite a 2004 promise to have eighteen operational satellites by 2007 (the minimum number needed)—and another one in December 2009, when Russian space agency’s (ROSCOSMOS ) Anatoly Permnov promised then-Prime Minister Putin a full (24) operational satellite constellation in 2010—GLONASS did not regain full operational capability until December 2011. In May 2016, Russian Defense Minister Dmitry Rogozin announced that the Collective Security Treaty Organization—a regional mutual defense alliance comprised of Russia, Belarus, Armenia, Kazakhstan, Kyrgyzstan, Tajikistan, and Uzbekistan—would henceforth use GLONASS.[6] In December 2015, the Russian Space Systems Association[7] certified GLONASS on behalf of the Russian Defense Ministry.

Defense Minister Rogozin—speaking after a December 2014 meeting in Havana with Raul Castro, who chairs Cuba’s State Council and the Council of Ministers—called a recently enacted United States law barring GLONASS monitoring stations on American territory “unconstructive and shameless,”[8] referring to a provision in the 2014 National Defense Authorization Act (NDAA).[9] In May 2012, Russia asked for approval to locate GLONASS signal quality monitoring sites in the United States, one of 30 countries approached at the time to host monitoring stations.[10] Russia threatened to respond in kind to the 2014 NDAA prohibition—there were GPS stations in Russia at the time—but settled in the end for implementing a delayed relay between GPS stations and satellites, ostensibly eroding the military and intelligence value of GPS positioning data.[11] While GPS remains operational inside Russia today, Russia acted on Mr. Rogozin’s promise to place monitoring stations “in other countries.” GLONASS, he predicted, “may soon outstrip the American GPS”:

“They’ve lost what they had on Russian territory, and they’ll get a network of GLONASS navigation systems surrounding the United States, so it won’t be GPS breathing down our necks but instead we’ll be breathing down the neck of GPS.”[12]


GLONASS Comes to Latin America

The accuracy of GLONASS—just like the American GPS and any other Global Navigation Satellite System (GNSS) including the European Union’s Galileo and China’s Beidou—depends upon a network of reference stations located around the globe to detect and correct any changes in satellite orbits. GLONASS monitoring stations are operated by ROSCOSMOS, which in February 2013 established its first site in Latin America, located at the University of Brasilia Centre for Technological Development. In July 2014, ROSCOSMOS entered into an agreement with the Agência Espacial Brasileira to open two more monitoring stations, one at the Federal University of Santa Maria in Rio Grande do Sul; and the other at the Federal University of Pernambuco’s Technological Institute in Recife.[13]

That same month, Russia’s ambassador to Nicaragua, Nikolay Vladimir, confirmed reports that the two countries had agreed to build a GLONASS monitoring site in the Managua area “within two years.”[14] It would join the 19 monitoring stations inside Russia, plus the one in operation in Brazil and three others in Antarctica. In August 2015, the Instituto Nicaragüense de Telecomunicaciones y Correos (“Nicaraguan Institute of Telecommunications & Mail” aka TELCOR) signed an agreement authorizing construction of the GLONASS monitoring site. The Nicaraguan National Assembly had already authorized the project in April. Nicaragua gained access to GLONASS’ full constellation of 24 satellites (plus four reserves).[15] One published report stated that “the satellites will be handled by Russian specialists around the clock, while a team of Nicaraguans is trained to use them.”[16]

A year earlier in August 2014, the Russian government announced a “framework agreement” with Cuba to collaborate in “the peaceful uses of space.” It included an agreement in principle to build a GLONASS monitoring station on the island, something that had been discussed since at least 2010.[17] One report suggested cryptically that the two sides needed additional time to reconcile what it called “different regulations” over “information exchanges” before the agreement could come into force.[18]

The discussion reconvened in Moscow in April 2015[19] and again in late October 2015, when now Deputy Prime Minister Rogozin reiterated, “We are planning to discuss with our Cuban friends the construction of a GLONASS monitoring station on Cuban territory.”[20] The Russian government’s official October 2015 announcement of a final agreement declared, “Russia is returning to Cuba.”[21]


Is Russian SIGINT Returning to Cuba?

Russia undoubtedly is engaged in intelligence-gathering activities in the Caribbean and Central America including SIGINT. As Diana Villiers Negroponte of the Woodrow Wilson International Center noted:

“The day before the U.S. delegation was due to start normalization talks in Havana, a Russian warship docked in Havana. The Meridian-class intelligence ship with a crew of approximately 200 had visited Havana in February and March 2014.”[22]

While the Russian government steadfastly denied it—speaking in Brasilia on 17 July 2014, President Putin said “Russia is capable of solving problems related to its defense capabilities without this element [Lourdes]”[23]—the Russian daily Kommersant reported the previous day that the Russian and Cuban governments had agreed in principle to reopen the Soviet-era Lourdes signal intelligence station located south of Havana that Russia shuttered in 2001.[24] Mr. Putin is said to have agreed to write off some USD 32 billion in debt owed the Russian government by Cuba, amounting to some 90 percent of the Cuban government’s total indebtedness to Russia.

Russian SIGINT Site at Lourdes, Cuba (Source: Lenta.ru)
Russian SIGINT Site at Lourdes, Cuba (Source: Lenta.ru)[25]

 

The Soviet Union began building its Lourdes SIGINT site in July 1962 and it became fully operational in 1967. Lourdes went on to become the locus of perhaps the most significant intelligence collection effort directed at the United States during the Cold War. It was jointly operated by Russian military intelligence[26] and the Federal Agency for Government Communications,[27] and Cuba’s main intelligence directorate, respectively.[28] Russia’s Foreign Intelligence Service, the SVR (Sluzhba vneshney razvedki), also operated a communications center there, which it used to communicate with agent networks in North and South America. According to Kommersant, the Russian government contemplated using a re-opened Lourdes facility to communicate with Russian naval surface and subsurface vessels. It quoted former SVR director and current Russian First Deputy Foreign Minister Vyacheslav Trubnikov:

“Lourdes gave the Soviet Union the ability to see the entire western hemisphere. From this perspective its loss impacted our knowledge of what was happening in the region. For a Russia that today must defend its legitimate rights and place in the world, it [the Lourdes SIGINT site] is no less valuable than it was to the USSR.”[29]

A year later, however, some Russian officials publicly questioned the Lourdes site’s usefulness. On the one hand, Sergey Naryshkin[30] welcomed the Cuban government’s interest in the Russia-led defense alliance, the Collective Security Treaty Organization, regarding which Mr. Naryshkin’s deputy in the State Duma, Vasily Likhachyov, said, “Today, it seems to me, this political offer takes on a geopolitical character in the interest of strengthening Cuban national security.”[31] At the same time, however, Andrei Klimov, who was deputy head of the Federation Council’s International Affairs Committee, had this to say:

“Military-technical and military-political cooperation with Cuba is a possibility. I can confirm this as the man who negotiated with them. But to enter the same river twice seems to me unproductive. The world is changing and realigning, so I don’t think we need to go back to Cuba like it’s the 1980s. If we’re talking about having a military and technical presence, our current methods allow us to achieve the same end through different means—it’s more efficient than having a SIGINT center there”[32]

Ten months later, the Interfax news agency asked the Foreign Ministry’s Latin American Department director, Aleksandr Shchetinin, “Are there plans to reopen the Lourdes radar center in suburban Havana that was abandoned in 2002?” He responded, “The Lourdes base was closed, and we don’t anticipate any steps to reopen it.”[33] The Interfax interviewer then queried, “Earlier, Sergei Lavrov and other Russian officials have stated that Russia could establish logistics bases in various parts of the world. Are there any plans to establish such bases in Latin America?” Mr. Shchetinin gave this carefully worded answer:

“The question of establishing logistics sites for the Russian Navy—it’s a matter for negotiation, something that’s entirely normal, low-key, reasonable. It’s related to the need for port calls to refuel, to rest crews, to replenish food supplies, and so on. When it’s deemed appropriate to discuss these needs, conversations take place with individual Latin American countries.”[34]


Russian Dreams of a Caribbean Footprint

Past statements by Russian government officials and other indicators give some basis to think that the agreement to permit a GLONASS site in Nicaragua may also allow Russian naval vessels to use Nicaraguan port facilities. Contemporary reports of Russian ambitions in Nicaragua if true are nothing new. Asked in 1984, ‘What do you see as the greatest security threat in Central America?’ United States Ambassador Deane R. Hinton[35] replied:

‘The greatest security threat is the possibility that in a state such as Nicaragua with Soviet and Cuban ties, you’re going to end up with Soviet submarine bases.’[36]

The Latin American proxy war between the United States and the Soviet Union came full force to Nicaragua when the Sandinista regime assumed power in 1979. The country can claim the dubious distinction, in one assessment, “as one of the hottest battlegrounds of the Cold War.”[37]

Starting in the early 1980s, the Soviet Union began exploring a permanent naval and naval air presence in Nicaragua. With its Cuban partner, the Soviet Union constructed a military airbase at Punta Huerte, Nicaragua,[38] in partial exchange for granting Soviet naval reconnaissance aircraft refueling and overflight rights. The Soviet objective was to conduct air reconnaissance missions along the coast of the western United States similar to existing Soviet air reconnaissance along the eastern United States.[39] The Soviets had the option to base reconnaissance aircraft at Punta Huerte, or to have Soviet aircraft based at San Antonio de los Baños, Cuba, overfly Nicaraguan airspace to the Pacific.

Some American intelligence analysts believed that the Soviets intended to establish a military “center of gravity”[40] in the Caribbean Basin, using Nicaragua to augment Soviet bases in Cuba. The 1984 Kissinger Report concluded that Cuba was “a hemispheric base for Soviet nuclear-capable aircraft and submarines.”[41] The Soviet Union could quickly exercise its Nicaraguan option by obtaining access to sites there and upgrading them as required, reserving the option of a purpose-built infrastructure for later.

Indeed, overflight rights in Nicaraguan airspace allowed Soviet naval air assets to conduct reconnaissance missions up and down the United States’ western coastline. Intelligence analysts cautioned that American national security interests would be severely jeopardized should the Soviets gain “access to Nicaraguan facilities,” since this would mean that they “for the first time…[have] the option of establishing a permanent air and naval presence in the eastern Pacific and along the U.S. west coast.”[42] While these analysts qualified that “Soviet naval access is currently limited by harbor depth and inadequate facilities,” in Nicaragua, “this will change,” they warned, “within the next three to five years with the completion of the port development program.”[43]  In the end it was the Soviet Union’s collapse that brought the effort to an abrupt end.

While advising that “there are no known submarine facilities existing or under construction in Nicaragua,”[44] American intelligence analysts identified two Nicaraguan seaports—the Caribbean port of El Bluff and the Pacific port of Corinto—as sufficiently developed to allow Soviet blue water naval forces on a limited basis, subject to further modification and deepening. Specific to Soviet submarines already known to operate in the Caribbean, dredging Nicaragua’s “El Bluff facility…[to] an eventual depth of 20 meters…would provide access to virtually any ship in the Soviet fleet, including nuclear submarines…”[45].  Of greater immediate concern was the belief that:

“As an intermediate measure, or to avoid the costs of constructing a permanent base, the Soviet Navy could move to establish a protected anchorage in Nicaraguan territorial waters, an option which they have employed frequently in the past when shore-based facilities have not been available. This alternative would allow the Soviets to sidestep the problem of harbor depth.  In the parlance of the Soviet fleet, such an anchorage is known as a “floating rear,” and might feature a repair ship, a destroyer or submarine tender, a barracks ship, a supply barge, and even a floating dry dock.”

“Floating bases of this type…[have] provided the Soviets with an expedient means of sustaining a naval presence in areas where they might not otherwise have access to the necessary logistical support. Such a facility could be established relatively quickly and might be expected to generate less political fallout than the establishment of a more permanent naval presence ashore.”[46]

Since the Soviet Navy had used floating rear-type configurations in several Cuba harbors, this concern was well founded.

To “the possibility that Moscow might attempt to use Nicaragua…as an expedient base for cruise-missile submarines (SSGNs) or even Yankee-class SSBNs,” there were “at least two cases which might serve as a precedent for such an action,” one of which was “the Soviet attempt to build a nuclear submarine base at Cienfuegos, Cuba, during the early 1970s.”[47] Regarding the Cienfuegos “precedent”‘:

“There is an important difference between the cases of Cuba and Nicaragua. The 1962 accords prohibiting the placement of offensive weapons in Cuba, though invoked at the time of the Cienfuegos incident, would not apply to the deployment of Soviet nuclear-capable forces in Nicaragua.”[48]

Nonetheless, American intelligence analysts believed that the Soviet Union would approach “any move in this direction cautiously”:

“It is unlikely that Moscow would risk provoking a potentially dangerous incident over this issue— perhaps leading to a replay of the Cuban missile crisis—by attempting to present the United States with an obvious challenge.”

“The promise of Soviet caution seems to be borne out by their behavior during the Cienfuegos incident, where Soviet probing to determine the limits of the 1962 accord was carried out in a responsible, if carefully orchestrated manner.  The Soviets tested the limits of U.S. tolerance by sending, in sequence, a conventional attack boat, nuclear-powered cruise-missile submarine, and a diesel-powered ballistic-missile submarine into the Cuban ports of Cienfuegos, Antilla, and Havana.  In all, some seven nuclear-capable Soviet submarines visited Cuban ports.”[49]

While as of February 1989 there were “no known submarine facilities existing or under construction in Nicaragua,”’[50] the Pacific seaport of Corinto “could accommodate limited numbers of Soviet missile or attack submarines, together with submarine support ships.” Regarding the principal port facilities “on the Atlantic/Caribbean side of Nicaragua,” the conclusion regarding El Bluff was “probably not submarines’; and Rama, “not submarines.”[51] However, “Soviet reconnaissance planes flying out of Punta Huerte”—an airfield constructed in 1982 “with Cuban assistance”—”would be able to fly missions along the U.S. Pacific Coast just as they now reconnoitre the U.S. Atlantic coast from Cuba.”[52]

Fast forward to August 2014, when Nicaraguan Army commander (General de Ejército) General Julio César Avilés [Castillo] announced that Nicaragua was acquiring “new naval and air assets” from Russia to patrol Nicaraguan maritime territory in the Caribbean.[53] The Nicaraguan navy and the Russian FSKN have conducted joint interdiction operations in the Caribbean since 2014.[54] During a February 2016 ceremony in which outgoing Russian Ambassador Nikolay Vladimir was awarded the Order José de Marcoleta by President Daniel Ortega, Mr. Vladimir disclosed that Russia was helping to “modernize” Nicaraguan military and national police “defensive” and “transport” aircraft as well as facilities at the Augusto C. Sandino airport.[55]


Is Nicaragua’s GLONASS Site a Covert Russian SIGINT Base?

Sergey Aksyonov writes in a recent commentary published in Russkaya Planeta:

“The first alarm bells sounded for the United States in February 2014, when [Russian Defense Minister Sergei] Shogu delivered a bombshell about Russia’s global military plans during a visit to Nicaragua. ‘In addition to Vietnam and Cuba, we plan to increase the number of military bases in countries such as Venezuela, Nicaragua, Seychelles, Singapore, and others.’ He explained why. ‘We maintain active air patrols. But to do so, we need refueling bases. […] Obviously, it makes sense to take advantage of geography when deciding where to locate a military base. In the case of Nicaragua, it’s its proximity to the United States.”[56]

When the recent reports appeared alleging that Russia was building a SIGINT base in Nicaragua under the guise of a GLONASS monitoring station, a Russian Foreign Ministry spokesperson quickly dismissed it, saying, “it’s difficult to comment on a science fiction fantasy.”[57] This, Mr. Aksyonov writes, was the exact right response:

“It’s necessary in this situation for Russia to buy time. Time to put the reconnaissance center into operation and to implement a security plan. It seems the responsible authorities are already doing this. American media revelations provoked an immediate response from the Russian Foreign Minister, which is a ‘cover’ story. ‘The Russian Federation in fact is cooperating on GLONASS with a number of Latin American countries, on the basis of absolutely open and transparent agreements,’ he declared. That’s right, every agency of the Russian government must do its job—the military its job, the diplomats their job.”[58]

The online Russian newspaper Vzglyad writes that the American media report:

“[G]ives no information on the intelligence center’s location in Nicaragua or when it was finished [but] only that the site is disguised as a navigation satellite tracking station of the Russian GLONASS system, which is about to finish construction…It is worth pointing out that the Russian GPS site in Nicaragua was opened by Defense Minister Sergei Shoigu on 23 February 2015. It is that site, apparently, which the U.S. media had in mind.”[59]

It quotes Boris Martynov, who is Deputy Director of the Russian Academy of Sciences’ Institute of Latin American Studies, who said he is inclined to see the report as baseless speculation, stating Russia had “nothing left in Latin America” after closing its the Soviet-era intelligence center in Lourdes, Cuban in 2000.

“Moreover, there’s an effort now to bring up again old information about Russia The United States woke and realized it was losing its grip on Latin America. So in this sense it’s not surprising. It’s just an effort to sway opinion.”[60]

In April, the FSLN[61] leader in Nicaragua’s National Assembly, Edwin Castro, announced that the Nicaraguan government had agreed to purchase 50 surplus Russian T-72B1 tanks[62] at a stated cost of USD 80 million. The tanks “will be used by the Nicaraguan Army in the fight against drug trafficking.”[63] The first twenty tanks completed their refurbishment in late April 2016.[64] “Russian support has been resolute and selfless, and it has attached great importance to Nicaragua because it understands the problem with drug trafficking” and how “drugs end up to Europe and Asia,” said Mr. Ortega, while suggesting that Russia’s cooperation has been “extraordinary” in recent years.[65]

Mr. Aksyonov speculates about a connection between the tank purchase and the GLONASS site:

“The size of Nicaragua’s purchase demonstrates the equipment’s significance to Managua. The amount it paid Russia—9 million dollars—exceeds the country’s annual defense budget. It is ironic that some experts wonder whether such an old-fashioned approach to defense as building up the armored component of the Nicaraguan Army is inappropriate. If the United States decides to ‘close’ the Russian tracking center, it will act through a foreign proxy. One of Nicaragua’s neighbors, for example. Everyone knows that traditionally, Central American countries are heavily influenced by Washington, and that present-day Panama’s territory was taken from Columbia by armed force just for the sake of building a ship canal. So organizing such an attack [on the Nicaraguan GLONASS site] would not be difficult. Maybe this scenario is unfolding already. In connection with Nicaragua’s tank purchase, Costa Rica has already expressed interest in escalating the arms race.”[66]


What Does the Future Hold?

Regional reaction so far has been sharply critical. Costa Rican President Luis Guillermo Solis called the tank purchase “inappropriate and unjustified,” with Foreign Affairs Minister Manuel Gonzalez adding that it raises the specter “of a regional arms race”[67] in Central America. Speaking in Managua, Cardinal Leopoldo Brenes added, “No tanks were needed in Nicaragua.” President Ortega in early May clamped down on further discussion of Russian tanks, ordering Nicaraguan government officials not to speak about it. “Only the President and the Army of Nicaragua are empowered to address issues of national security,” Mr. Ortega declared.[68]

So, does Russia intend to use the Nicaraguan GLONASS site for SIGINT? That question cannot be answered definitively on the basis of the open-source information available today. Several aspects of what is known invite speculation—the on again, off again reopening of the Soviet-era Lourdes SIGINT site, located just 155 miles from the United States; Russian technicians operating the GLONASS site in Nicaragua; and renewed Russian interest in establishing a Caribbean basin naval presence, to mention just three. Each is interesting; none of course is probative. So, too, is Russia’s direct support for the Nicaraguan government’s counter-trafficking operations, and China’s role in the construction of a new trans-isthmus canal in Nicaragua.[69]

For some final conjecture, we return to Mr. Aksyonov’s Russkaya Planeta commentary:

“Here’s what Russia needs to have a full-fledged military presence in the region. The main opponent of constructing a new ship canal [across Nicaragua] is the United States. After all, the Panama Canal has been under its de facto control for a century. Panama tried five times to regain control of the canal, but to no avail. The last time, Washington accused its leader, Manuel Noriega, of drug trafficking, and took him out of the country with a bag on his head and threw him into an American prison. So Russia should be fully prepared to challenge United States hegemony in Latin America. The number one priority is to know everything that’s going on in the region. For this, it needs a signals intelligence center.”


The translation of all source material is by the author unless noted otherwise.

[1] Signals intelligence (SIGINT) is traditionally considered to be one of the most important and sensitive forms of intelligence. One of the better definitions comes from the United States Air Force Intelligence Targeting Guide [Air Force Pamphlet 14-210. Intelligence. 1 February 1998]: “SIGINT is a category of intelligence comprising, either individually or in combination, all communications intelligence (COMINT), electronics intelligence (ELINT), and foreign instrumentation signals intelligence, however transmitted. It is derived from foreign communications and electronics signals in two principal categories: COMINT, which is derived from the intercept of foreign communications; and ELINT, which is derived from the analysis of foreign noncommunications and electromagnetic radiation emitted from other than nuclear detonations or radio-active sources.” The United States Army Field Manual FM 2-0 [17 May 2004] adds a third SIGINT category called FISINT, or “Technical information and intelligence derived from the intercept of foreign electromagnetic emissions associated with the testing and operational deployment of non-US aerospace, surface, and subsurface systems. Foreign instrumentation signals include but are not limited to telemetry, beaconry, electronic interrogators, and video data links.” By one assessment at least, “Russia continues to maintain one of the most sophisticated SIGINT programs in the world.” {Interagency OPSEC Support Staff (1996). Intelligence Threat Handbook rev. May 1996. UNCLASSIFIED (Washington, D.C.: Interagency OPSEC Staff) 3-1.

[2] See: “Is Moscow preparing for new Cold War? Russia agrees to build spy base in Nicaragua and prepares to deploy missiles on Polish border.” The Daily Mail [published online 23 June 2016].

http://www.dailymail.co.uk/news/article-3656494/Is-Moscow-preparing-new-Cold-War-Russia-agrees-build-spy-base-Nicaragua-prepares-deploy-missiles-Polish-border.html. Last accessed 25 June 2016. See also: “Moscow Building Spy Site in Nicaragua.” Washington Free Beacon [published online 23 June 2016]. http://freebeacon.com/national-security/moscow-building-spy-site-nicaragua/. Last accessed 25 June 2016.

[3] “Nicaragua explica a EE.UU. caso de los funcionarios expulsados.” El Nuevo Diario [published online in Spanish 16 June 2016]. http://www.elnuevodiario.com.ni/nacionales/395534-nicaragua-explica-ee-uu-caso-funcionarios-expulsad/Last accessed 25 June 2016.

[4] “Expulsa Nicaragua a 3 funcionarios de EE.UU. y crece tensión.” Telesurtv.net [published online in Spanish 17 June 2016]. http://www.telesurtv.net/news/Expulsa-Nicaragua-a-3-funcionarios-de-EE.UU.-y-crece-tension-20160617-0003.html. Last accessed 25 June 2016.

[5] A faculty roster posted on the United States Army War College Strategic Studies Institute website reads, “Dr. R. Evan Ellis is a research professor of Latin American Studies at the Strategic Studies Institute, U.S. Army War College, with a research focus on the region’s relationships with China and other non-Western Hemisphere actors.” GLONASS like all Global Navigation Satellite Systems http://strategicstudiesinstitute.army.mil/pubs/people.cfm?authorID=580. Last accessed 24 June 2016.

[6] “Rogozin: ODKB budet ispol’zovat’ vozmozhnosti GLONASS i sozdast SP po remontu tekhniki.” TASS [published online in Russian 20 May 2016]. http://tass.ru/armiya-i-opk/3299393. Last accessed 25 June 2016.

[7] The Russian Space Systems Association was formerly part of the United Rocket and Space Corporation Russian transl.: Ob’yedinennaya raketno-kosmicheskaya korporatsiya), a government-owned corporation formed in August 2013. The United Rocket and Space Corporation was merged into the Federal Space Agency in December 2015 to form the ROSCOSMOS State Corporation for Space Activities aka “ROCOSMOS”.

[8] Rogozin: GLONASS skoro mozhet operedit’ GPS.” TASS [published online in Russian 20 December 2014]. http://tass.ru/kosmos/1662068. Last accessed 25 June 2016.

[9] Section 1602(b) of the 2014 National Defense Authorization Act prohibits the President from authorizing or permitting “the construction of a global navigation satellite system ground monitoring station directly or indirectly controlled by a foreign government” on United States territory unless the Secretary of Defense and the Director of National Intelligence, respectively, “jointly certify” to Congress that any such ground station “will not possess the capability or potential to be for the purpose of gathering intelligence in the United States or improving any foreign weapon system.”  They may jointly grant a waiver to that requirement if certain conditions are met. See: https://www.congress.gov/113/plaws/publ66/PLAW-113publ66.pdf. Last accessed 25 June 2016.

[10] “Russians Consider IGS as Congress Moves to Limit GLONASS, Foreign GNSS Monitoring Stations on U.S. Soil.” Inside GNSS [published online in Russian 16 December 2013]. http://www.insidegnss.com/node/3830. Last accessed 25 June 2016.

[11] Gary Bearden (2015). “Washington Should Reconsider Russian Satellite Navigation” Real Clear Defense [published online 30 September 2015]. http://www.realcleardefense.com/articles/2015/09/30/washington_should_reconsider_russian_satellite_navigation_108525.html. Last accessed 25 June 2016.

[12]TASS [20 December 2014], op cit.

[13] “Russia Installs Glonass Satellite Station in Brazil.” Satellite Today [published online 17 July 2014]. http://www.satellitetoday.com/regional/2014/07/17/russia-installs-glonass-satellite-station-in-brazil/. Last accessed 25 June 2016.

[14] “Glonass funcionará en dos años en Nicaragua.” El Nuevo Diario [published online in Spanish 18 July 2014]. http://www.elnuevodiario.com.ni/politica/325066-glonass-funcionara-dos-anos-nicaragua/. Last accessed 25 June 2016.

[15] “Nicaragua y Rusia firman implementación de Glonass

Plazo.” El Nuevo Diario [published online in Spanish 20 August 2015]. http://www.elnuevodiario.com.ni/politica/368042-nicaragua-rusia-firman-implementacion-glonass/. Last accessed 25 June 2016.

[16] Ibid.

[17] “Na Kube predlozhili postroit’ stantsii GLONASS.” Lenta.ru [published online in Russian 18 June 2014]. https://lenta.ru/news/2014/06/18/glonass/. Last accessed 25 June 2016.

[18] “Rusia instalará en Cuba una estación de ‘corrección y monitoreo’ de satélites.” Diario de Cuba [published online in Spanish 13 May 2014]. http://www.diariodecuba.com/cuba/1399996235_8560.html. Last accessed 25 June 2016.

[19] “Kuba i Rossiya segodnya obsudyat vopros razmeshcheniya nazemnoy stantsii GLONASS.” Vestnik GLONASS [published online in Russian 23 April 2015]. http://vestnik-glonass.ru/news/vo_vlasti/kuba-i-rossiya-segodnya-obsudyat-vopros-razmeshcheniya-nazemnoy-stantsii-glonass/. Last accessed 25 June 2016. Another report gave details of a 5-year agreement under which Russia and Cuba “will discuss the construction of ground stations on the island.” See: “Cuba-Russia Agree on 5-Year Plan.” Havana Times [published online 26 April 2015]. http://www.havanatimes.org/?p=110867. Last accessed 25 June 2016.

[20] “Rogozin: Rossiya planiruyet sozdat’ tsentry kalibrovki signala GLONASS na Kube.” TASS [published online in Russian 22 October 2015]. http://tass.ru/politika/2370648. Last accessed 25 June 2016.

[21] https://rg.ru/2015/10/22/kuba-site-anons.html. Last accessed 25 June 2016.

[22] Russian Engagement in the Western Hemisphere.” Testimony before the House Foreign Affairs Committee, Subcommittee on Western Hemisphere, 22 October 2015 by Diana Villiers Negroponte, JD, Ph.D., Public Policy Scholars, Woodrow Wilson International Center for Scholars. http://docs.house.gov/meetings/FA/FA07/20151022/104073/HHRG-114-FA07-Wstate-NegroponteD-20151022.pdf. Last accessed 27 June 2016.

[23] “Putin oproverg informatsiyu o razmeshchenii rossiyskogo radara v kubinskom Lurdese.” TASS [published online in Russian 17 July 2014]. http://tass.ru/politika/1322847. Last accessed 26 June 2016.

[24] “Imeyushchiy ushi da vnov’ uslyshit: Rossiya vozvrashchayet na Kubu svoy tsentr radioperekhvata.” Kommersdant [published online in Russian 16 July 2014]. http://www.kommersant.ru/doc/2525998. Last accessed 26 June 2016.

[25] “MID oproverg soobshcheniya o vosstanovlenii tsentra elektronnoy razvedki na Kube.” Lenta.ru [published online in Russian 25 March 2016]. https://lenta.ru/news/2016/03/25/lurdes/. Last accessed 28 June 2016.

[26] More commonly known as the “GRU” for its transliterated Russian acronym (Glavnoye razvedyvatel’noye upravleniye), it was the main foreign military intelligence main agency of the Soviet Army General Staff; and in the post-Soviet period, the Russian Federation Armed Forces General Staff.

[27] More commonly known as “FAPSI” for its transliterated Russian acronym (Federal’noye Agentstvo Pravitel’stvennoy Svyazi i Informatsii), it was the Soviet-era equivalent of the United States National Security Agency. FAPSI was part of the KGB, the main Soviet era security agency (Komitet gosudarstvennoy bezopasnosti), and was responsible for signal intelligence and the security of governmental communications. FAPSI was abolished by presidential decree in March 2003 and its functions were divided between the Federal Security Service (aka “FSB” for Federal’naya sluzhba bezopasnosti Rossiyskoy Federatsii) and the Defense Ministry. The name if its FSB component is the Special Communications and Information Service (Sluzhba spetsial’noy svyazi i informatsii, Spetssvyaz’ Rossii) also known as the Spetssvyaz.

[28] The Cuban government’s main state intelligence agency is the Dirección de Inteligencia (aka  “DI” or “G2”) or Intelligence Directorate. It was established under the Cuban Interior Ministry in late 1961 and until 1989 was known as the Dirección General de Inteligencia (“DGI”) or General Intelligence Directorate.

[29] Kommersdant (16 July 2014), op cit.

[30] Mr. Naryshkin chairs the State Duma and the Collective Security Treaty Organization’s Parliamentary Assembly. The State Duma—its full name is the “State Duma of the Federal Assembly of the Russian Federation” (Predsedatel’ Gosudarstvennoy Dumy Federal’nogo sobraniya Rossiyskoy Federatsii)—is the lower house of the Federal Assembly of Russia (Federalnoye Sobraniye), the upper house of which is the Federation Council (Sovét Federátsii).

The Collective Security Treaty Organization (CSTO) is a regional mutual defense alliance, the members of which are Russia, Belarus, Armenia, Kazakhstan, Kyrgyzstan, Tajikistan, and Uzbekistan. It was formed in 2002 after several former Soviet republics rejected the May 1992 Treaty on Collective Security (“Tashkent Treaty”), a Russian initiative intended to provide a regional security structure within the CIS. At the time, Russian Defense Minister Sergei Ivanov spoke of the CSTO as a potential Eurasian partner for NATO.

[31] “Rossiya mozhet vozrodit’ voyennuyu bazu na Kube.” Izvestia [published online in Russian 8 May 2015]. http://izvestia.ru/news/586277. Last accessed 28 June 2016.

[32] Ibid. Mr. Klimov agreed that it made sense to cooperate with the Cuban government to allow Russian naval vessels to be serviced there.

[33] “Aleksandr Shchetinin: Dopingovyy skandal ne meshayet podgotovke k priyemu rossiyskikh sportsmenov v Rio-de-Zhaneyro.” Interfax.ru [published online in Russian 25 March 2016]. http://www.interfax.ru/interview/500355. Last accessed 28 June 2016.

[34] Ibid.

[35] Hinton was a career Foreign Service officer who served in Guatemala (1954-1969), and later as U.S. Ambassador to El Salvador (1981-1983), Costa Rica (1987-1990), and Panama (1990-1994).

[36] Dean R. Hinton 1984). “Democracy Under Fire: An Interview with Ambassador Deane R. Hinton.” The Fletcher Forum. 8:1, 1.

[37] Jussi M. Hanhimäki & Odd Arne Westad (2003). The Cold War: A History in Documents and Eyewitness Accounts. (London: Oxford University Press) 379.

[38] CAPT Steven N. Bishop, USAF (1986). A Historical Study of the Effectiveness of U.S. Security Assistance to Panama, Costa Rica, and Nicaragua. (Wright-Patterson AFB: USAF Institute of Technology) 91.

[39] Gordon McCormick, Edward Gonzalez, Brian Jenkins & David Ronfeldt (1988). Nicaraguan Security Policy: Trends and Projections. AD-A213-820 Report R-3532-PQ&E. (Santa Monica, CA: RAND) 51. http://www.dtic.mil/dtic/tr/fulltext/u2/a213820.pdf.  Last accessed 25 September 2013.

[40] Ibid., viii.  This report was prepared by RAND’s Trends in the Caribbean Basin project at the request of the US Secretary of Defense to “forecast what developments might occur in the second decade of the Sandinista revolution (1989-1999) that could affect U.S. security planning.” Ibid., iii.

[41] Interestingly, the 1984 Kissinger Report refers to “the submarine base in Cienfuegos,” Cuba, as an established fact.  The “hemispheric base” was a theme of Dr. Kissinger’s for at least a decade and a half: he referred in a 22 February 1971 telephone conversation about the deployment of Soviet ballistic missile submarines “into or from Cuba’ to ‘the business of the hemisphere.” See: United States National Security Council (1971). “Memorandum of Telephone Conversation, 22 February 1971. U.A. Johnson/Kissinger (secure phone).” http://nsarchive.chadwyck.com.libproxy.kcl.ac.uk/quick/displayMultiItemImages.do?Multi=yes&queryType=quick&QueryName=cat&&ResultsID=140C6292CC2&QueryName=cat&ItemNumber=15&ItemID=CKA04970.  Last accessed 27 September 2013.

[42] McCormick, et al. (1988), op cit., vii.

[43] Ibid., ix.

[44] United States Department of Defense (1989). “Soviet Bloc Military Equipment Supplied to Nicaragua (Jul 1979-Dec 1988),” 3. Non-classified report c. February 1989. http://nsarchive.chadwyck.com.libproxy.kcl.ac.uk/quick/displayMultiItemImages.do?Multi=yes&queryType=quick&QueryName=cat&&ResultsID=140BC2AE369&QueryName=cat&ItemNumber=1&ItemID=CNI03145.  Last accessed 25 September 2013.

[45] McCormick, et al. (1988), op cit.,. 54.

[46] Ibid., 55.

[47] Ibid., 56.

[48] Ibid., 56.

[49] Ibid., 56.

[50] United States Defense Department (1989). op cit.,  3.

[51] Ibid., 4.

[52] Ibid.

[53] “Ejército de Nicaragua gestiona con Rusia armamento para vigilar los espacios marítimos.” El Espectador [published online in Spanish 15 August 2014]. http://www.elespectador.com/noticias/elmundo/ejercito-de-nicaragua-gestiona-rusia-armamento-vigilar-articulo-510939. Last accessed 25 June 2016.

[54] “Ejército de Nicaragua condecora al jefe antidroga de Rusia por su cooperación.” Terra [published online in Spanish 11 September 2014]. http://noticias.terra.com.mx/mundo/latinoamerica/ejercito-de-nicaragua-condecora-al-jefe-antidroga-de-rusia-por-su-cooperacion,8fea9c21b6768410VgnCLD200000b2bf46d0RCRD.html . Last accessed 25 June 2016. Russia’s Federal Drug Control Service is known by its transliterated Russian acronym, FSKN (Federal’naya sluzhba Rossiyskoy Federatsii po kontrolyu za oborotom narkotikov).

[55] “Embajador de Rusia: Gobierno de Nicaragua adquirió aeronaves rusas.” La Prensa [published inline in Spanish 9 February 2016]. http://www.laprensa.com.ni/2016/02/09/nacionales/1983254-embajador-de-rusia-gobierno-de-nicaragua-adquirio-aeronaves-rusas. Last accessed 25 June 2016.

[56] “SSHA ispugalis’ rossiyskogo razvedtsentra v Nikaragua.” Russkaya Planeta [published online in Russian 24 June 2016]. http://rusplt.ru/society/nikaragua-rossiya-sbor-dannyih-26675.html. Last accessed 28 June 2016.

[57] “Rossiyskiy razvedtsentr v Nikaragua vstrevozhil Pentagon.” Vzglyad [published online in Russian 23 June 2016]. http://vz.ru/world/2016/6/23/817635.html. Last accessed 25 June 2016.

[58] Russkaya Planeta [24 June 2016], op cit.

[59] Vzglyad [23 June 2016], op cit.

[60] Ibid

[61] FSLN in the acronym of Nicaragua’s governing political party Frente Sandinista de Liberación Nacional, the members of which are commonly referred to as Sandinistas.

[62] According to open source reports, the fifty T-72B1 main battle tanks purchased by the Fuerzas Armadas de Nicaragua Nicaraguan (“Nicaraguan Armed Forces”) are surplus vehicles that recently underwent maintenance and armament upgrades at the 61st Armor Repair Facility in Strelna. The T-72B1 is nicknamed “the White Eagle” for its stock color (photo source: http://www.tehnoomsk.ru/node/2053).

The T-72B1 "White Eagle" (photo source: http://www.tehnoomsk.ru/node/2053)

[63] “Tanques rusos “contra narcos” en Nicaragua.” La Prensa [published online in Spanish 30 April 2016]. http://www.laprensa.com.ni/2016/04/30/politica/2027577-tanques-rusos-contra-narcos-en-nicaragua. Last accessed 25 June 2016.

[64] “Rossiya nachala postavku Nikaragua tankov T-72B1.” Vzglyad [published online in Russian 25 April 2016]. http://www.vz.ru/news/2016/4/25/807327.html. Last accessed 25 June 2016.

[65] “Ortega: Rusia armará al Ejército: El Presidente inconstitucional alega que hay que modernizar al ejército y justifica que ya hubo bases de EE.UU. en Nicaragua.” La Prensa [published online in Spanish 4 June 2014]. http://www.laprensa.com.ni/2014/04/06/nacionales/189866-ortega-rusia-armara-al-ejercito. Last accessed 25 June 2016.

[66] Russkaya Planeta [24 June 2016]. op cit.

[67] “Glava MID Kosta-Riki: Rossijskie tanki v Nikaragua—militarizaciâ regiona! Politika Prezident Kosta-Riki «opečalen» postavkoj tankov iz Rossii v Nikaragu.” Regnum [published online in Russian 29 April 2016]. https://regnum.ru/news/polit/2126896.html. Last accessed 25 June 2016. The article points out that as a result of a “large Nicaraguan diaspora,” than 287,000 Nicaraguans now live in Costa Rica, and that this figure may reach as high as 800,000 people if the full weight of illegal immigration is taken into account. It also referenced a December 2015 International Court of Justice decision recognizing Costa Rican sovereignty over a 2.5-square-kilometer disputed territory on its border with Nicaragua, and ordering Nicaragua to compensate Costa Rica for damage caused to its territory.  [http://www.ticotimes.net/2015/12/16/hague-court-calero-island-belongs-costa-rica. Last accessed 25 June 2016]

[68] “Ortega ordena callar sobre compra de 50 tanques rusos.” La Prensa [published online in Spanish 1 May 2016]. http://www.laprensa.com.ni/2016/05/01/nacionales/2027898-daniel-ortega-ordena-callar-sobre-compra-de-50-tanques-rusos. Last accessed 25 June 2016.

[69] This latter factor, while well outside the scope of this essay, may have significant bearing on the outcome of Nicaragua’s November 2016 presidential election. There is been widespread, continuous speculation that the Hong Kong Nicaragua Development Group—the company building the canal—is in financial trouble. As the aforementioned Dr. Evan Ellis of the United States Army War College wrote, this and other factors might challenge Russian reliance on the Sandinista government as the lynchpin of its strategy in the Caribbean Basin. See: “Russian Influence in Latin America.” The Cipher Brief [published online 5 January 2016]. https://www.thecipherbrief.com/article/russian-influence-latin-america. Last accessed 28 June 2016.