Western intelligence agencies thwarted a plot involving two Russians intending to travel to a Swiss government laboratory that investigates nuclear, biological and chemical weapons, and hack its computer systems. According to two separate reports by Dutch newspaper NRC Handelsblad and Swiss newspaper Tages-Anzeiger, the two were apprehended in The Hague in early 2018. The reports also said that the Russians were found in possession of equipment that could be used to compromise computer networks. They are believed to work for the Main Intelligence Directorate, known as GRU, Russia’s foremost military intelligence agency. The apprehension was the result of cooperation between various European intelligence services, reportedly including the Dutch Military Intelligence and Security Organization (MIVD).
The laboratory, located in the western Swiss city of Spiez, has been commissioned by the Netherlands-based Organization for the Prohibition of Chemical Weapons (OPCW) to carry out investigations related to the poisoning of Russian double agent Sergei Skripal and his daughter Yulia in March of this year. It has also carried out probes on the alleged use of chemical weapons by the Russian-backed government of President Bashar al-Assad in Syria. In the case of the Skripals, the laboratory said it was able to duplicate findings made earlier by a British laboratory.
Switzerland’s Federal Intelligence Service (NDB) reportedly confirmed the arrest and subsequent expulsion of the two Russians. The Swiss agency said it “cooperated actively with Dutch and British partners” and thus “contributed to preventing illegal actions against a sensitive Swiss infrastructure”. The office of the Public Prosecutor in the Swiss capital Bern said that the two Russians had been the subject of a criminal investigation that began as early as March 2017. They were allegedly suspected of hacking the computer network of the regional office of the World Anti-Doping Agency in Lausanne. The Spiez laboratory was a target of hacking attempts earlier this year, according to a laboratory spokesperson. “We defended ourselves against that. No data was lost”, the spokesperson stated.
On April 14, Russian Minister of Foreign Affairs Sergei Lavrov stated that he had obtained the confidential Spiez lab report about the Skripal case “from a confidential source”. That report confirmed earlier findings made by a British laboratory. But the OPCW, of which Russia is a member, states that its protocols do not involve dissemination of scientific reports to OPCW member states. Hence, the question is how Foreign Minister Lavrov got hold of the document.
As intelNews reported in March, in the aftermath of the Skripals’ poisoning the Dutch government expelled two employees of the Russian embassy in The Hague. In a letter [.pdf] sent to the Dutch parliament on March 26 —the day when a large number of countries announced punitive measures against Russia— Holland’s foreign and internal affairs ministers stated that they had decided to expel the two Russian diplomats “in close consultation with allies and partners”. The Russians were ordered to leave the Netherlands within two weeks. It is unknown whether the two expelled Russian diplomats are the same two who were apprehended in The Hague, since none have been publicly named.
A November 2017 parliamentary letter from Dutch minister of internal affairs Kajsa Ollongren, states[4] that Russian intelligence officers are “structurally present” in the Netherlands in various sectors of society to covertly collect intelligence. The letter added that, in addition to traditional human intelligence (HUMINT) methods, Russia deploys digital means to influence decision-making processes and public opinion in Holland.
***
Meanwhile:
The investigation can be viewed here.
An ongoing Bellingcat investigation conducted jointly with The Insider Russia has confirmed through uncovered passport data that the two Russian nationals identified by UK authorities as prime suspects in the Novichok poisonings on British soil are linked to Russian security services.
The reporting team determined that the passport data of Petrov is highly unusual and indicates that he is linked to Russian security services.
Alexander Petrov’s passport dossier is marked with a stamp containing the instruction “Do not provide any information”. This stamp does not exist in standard civilian passport files. A source working in the Russian police force who regularly works with the central database confirmed to Bellingcat and The Insider that they have never such a stamp on any passport form in their career. That source surmised that this marking reserved for operatives of the state under deep cover.
Category Archives: Russia
Hey Moscow, What About the ‘neuroweapons’ Used in Cuba attacks
General view of the U.S. Embassy in Havana after the U.S. government pulled more than half of its diplomatic personnel out of Cuba in September 2017. (Photo: Ernesto Mastrascusa/Getty Images)
Primer:
Intelligence agencies investigating mysterious “attacks” that led to brain injuries in U.S. personnel in Cuba and China consider Russia to be the main suspect, three U.S. officials and two others briefed on the investigation tell NBC News.
The suspicion that Russia is likely behind the alleged attacks is backed up by evidence from communications intercepts, known in the spy world as signals intelligence, amassed during a lengthy and ongoing investigation involving the FBI, the CIA and other U.S. agencies. The officials declined to elaborate on the nature of the intelligence.
The evidence is not yet conclusive enough, however, for the U.S. to formally assign blame to Moscow for incidents that started in late 2016 and have continued in 2018, causing a major rupture in U.S.-Cuba relations.
Since last year, the U.S. military has been working to reverse-engineer the weapon or weapons used to harm the diplomats, according to Trump administration officials, congressional aides and others briefed on the investigation, including by testing various devices on animals. As part of that effort, the U.S. has turned to the Air Force and its directed energy research program at Kirtland Air Force Base in New Mexico, where the military has giant lasers and advanced laboratories to test high-power electromagnetic weapons, including microwaves.
Although the U.S. believes sophisticated microwaves or another type of electromagnetic weapon were likely used on the U.S. government workers, they are also exploring the possibility that one or more additional technologies were also used, possibly in conjunction with microwaves, officials and others involved in the government’s investigation say.
The U.S. has said 26 government workers were injured in unexplained attacks at their homes and hotels in Havana starting in late 2016, causing brain injuries, hearing loss and problems with cognition, balance, vision and hearing problems. Strange sounds heard by the workers initially led investigators to suspect a sonic weapon, but the FBI later determined sound waves by themselves couldn’t have caused the injuries. More here.
*** Truth be told, this investigation and the details are rather disjointed and weird.
Four scientists, including the first doctor to examine the diplomats reporting symptoms in Cuba, took part in a Pentagon-sponsored teleconference on Friday, where they announced new research results, including what they determined to be the probable use of “neuroweapons” in what they called the Havana Effect.
At issue are the more than two dozen U.S. government officials stationed in Havana, who have described hearing strange sounds, followed by a combination of medical symptoms, including dizziness, hearing loss and cognitive problems. More recently, a similar case has been reported in a U.S. embassy worker in Guangzhou, China. For months, a mix of secrecy and speculation has surrounded those incidents, including an increasingly popular theory that the diplomats were the victims of microwave weapons.
Michael Hoffer, an otolaryngologist at the University of Miami, who was the first to conduct tests on the embassy workers, said on the Friday call that the diplomats are suffering from a “neurosensory dysfunction,” which is primarily affecting their sense of balance.
The Friday call was organized as part of a study program sponsored by the Pentagon and titled “Probable Use of a Neuroweapon to Affect Personnel of US Embassy in Havana: Findings, Pathology, Possible Causes, and Disruptive Effects.”
A Pentagon official told Yahoo News that the briefing was offered by the scientific team for interested people in the Defense Department and was to gain “general knowledge” about their findings. “This didn’t have an operational element,” the official said. Read on from here.
Middleweight Boxing Champion Led a Crime Syndicate
The Shulaya Enterprise was an organized criminal group operating under the direction and protection of Razhden Shulaya, a/k/a “Brother,” a/k/a “Roma,” a “vor v zakone” or “vor,” which are Russian phrases translated roughly as “Thief-in-Law” or “Thief,” and which refer to an order of elite criminals from the former Soviet Union who receive tribute from other criminals, offer protection, and use their recognized status as vor to adjudicate disputes among lower-level criminals. As a vor, Shulaya had substantial influence in the criminal underworld and offered assistance to and protection of the members and associates of the Shulaya Enterprise. Those members and associates, and Shulaya himself, engaged in widespread criminal activities, including acts of violence, extortion, the operation of illegal gambling businesses, fraud on various casinos, identity theft, credit card frauds, trafficking in large quantities of stolen goods, money laundering through a fraudulently established vodka import-export company, payment of bribes to local law enforcement officers, and the operation of a Brooklyn-based brothel.
The Shulaya Enterprise operated through groups of individuals, often with overlapping members or associates, dedicated to particular criminal tasks. While many of these crews were based in New York City, the Shulaya Enterprise had operations in various locations throughout the United States (including in New Jersey, Pennsylvania, Florida, and Nevada) and abroad. Most members and associates of the Shulaya Enterprise were born in the former Soviet Union and many maintained substantial ties to Georgia, Ukraine, and the Russian Federation, including regular travel to those countries, communication with associates in those countries, and the transfer of criminal proceeds to individuals in those countries.
Not too sure he was not a spy either frankly.
Georgian former boxing champion Avtandil Khurtsidze has been sentenced to 10 years in prison for working as the “chief enforcer” for an “elite” criminal enterprise.
He was convicted in June in New York of racketeering and wire fraud conspiracy.
Prosecutors said the 38-year-old boxer had “substantial influence” in the criminal underworld as part of a Soviet Union crime gang.
They said Khurtsidze used violence in service of the group’s activities.
He and his associates, known as the Shulaya Enterprise, were blamed for crimes across the US including extortion, wire fraud, illegal gambling and operating a brothel in Brooklyn.
Many of the crew’s activities were based in New York but they also operated in other major cities as well as abroad, a justice department statement said.
Officials say most of its members were born in the former Soviet Union, with strong ties to Georgia, where the boxer was born.
Khurtsidze was caught on film twice carrying out assaults, with prosecutors describing him as a “heavyweight enforcer” for the group’s members and leadership.
He was also accused of participating in a complex fraud scheme to predict casino slot machines algorithms, which involved kidnapping a software engineer in Las Vegas in 2014.
On top of his decade federal jail sentence, the Georgian boxer was given two further years supervision on release.
“Thanks to our dedicated law enforcement partners around the globe, Khurtsidze’s reign of extortion and violence has been halted,” US attorney Geoffrey Berman said in a statement.
‘Just a waste’
Khurtsidze held the interim WBO middleweight title in 2017.
His last professional fight was against British boxer Tommy Langford in April 2017, which he won.
A later bout against Billy Joe Sanders was cancelled after Khurtsidze was arrested along with more than 30 others in a swoop against the organised crime syndicate.
Following his conviction, his former promoter Lou DiBella criticised the boxer for squandering his career.
“He let many people down who believed in him, but no one more than himself. Just a waste, and it’s all on him for choosing the dark side,” Mr DiBella told ESPN.
Nations Stand with Britain Against Russia and Poison Attack
LONDON — The leaders of the United States, France, Germany and Canada on Thursday endorsed Britain’s assessment that a nerve-agent attack on a former Russian spy and his daughter in March was conducted by Russian military officers and “almost certainly” approved at a senior level of the Russian government.
The leaders urged Russia to provide a “full disclosure” of its Novichok nerve-agent program and said they would “continue to disrupt together the hostile activities of foreign intelligence networks on our territories.”
The joint statement was released shortly before London’s and Moscow’s envoys to the United Nations squared off in an emergency Security Council meeting called by Britain to brief diplomats on the investigation.
British ambassador Karen Pierce methodically outlined evidence that she said pointed to the Kremlin’s complicity in the attack, which occurred March 4 in the quiet English city of Salisbury.
Two Russians — using the names Alexander Petrov and Ruslan Boshirov — were charged Wednesday in absentia with attempting to murder Sergei Skripal and his daughter, Yulia, with Novichok, a military-grade nerve agent.
Pierce acknowledged the two suspects, who flew back to Russia shortly after the attack, cannot be extradited under the Russian constitution. But she said Britain will ask Interpol to issue an alert to arrest them if they ever leave Russian territory, so they can be tried in Britain. More here from the Washington Post.
Very important short video
Deeper dive:
Sergei Skripal, the Russian double agent who was poisoned with a military-grade nerve agent in England earlier this year, worked with Spanish intelligence after his defection to the United Kingdom, according to sources. Skripal, a former military intelligence officer who spied for Britain in the early 2000s, had kept a low profile while living in the English town of Salisbury. He was resettled there in 2010 by the British Secret Intelligence Service (MI6), after he was released from a Russian prison. But he and his daughter Yulia made international headlines in March, after they were poisoned by a powerful nerve agent that nearly killed them. The attack has been widely blamed on the Russian government, but the Kremlin denies that it had a role in it.
The attempt to kill Skripal surprised some intelligence observers due to the fact that the Russian government had officially pardoned the double agent prior to exchanging him with Russian spies who had been caught in the West. As intelNews wrote in May, “typically a spy who has been pardoned as part of an authorized spy-swap will not need to worry about being targeted by the agency that he betrayed. If it indeed tried to kill Skripal, the Russian government may therefore have broken the unwritten rules of the espionage game”. Eventually, however, it was revealed that, instead of retiring after his defection to the UK, Skripal traveled extensively in Eastern Europe, where he advised local intelligence agencies on how to defend against Russian espionage. The double agent participated in MI6-sponsored events in which he briefed intelligence practitioners in at least two countries, Estonia and the Czech Republic. These activities may have convinced the Kremlin that Skripal had broken the unwritten conditions of his release, namely that he would not participate in any intelligence-related activities against Russia.
Now The New York Times has claimed that, in addition to consulting for Czech and Estonian spies, Skripal also visited Spain, where he met with officers from the country’s National Intelligence Center (CNI). Citing an unnamed Spanish former police chief and Fernando Rueda, a Spanish intelligence expert, The Times said that Skripal advised the CNI about the activities of Russian organized crime in Spain and the alleged connections between Russian mobsters and the Kremlin. When he traveled to Spain under MI6 protection, said the paper, Skripal was effectively returning to the place where he had been initially recruited to spy for the British. Skripal spent several years in Spain, said The Times, serving as a military attaché at the Russian embassy in Madrid. It was there that he began to work secretly for MI6. However, the precise timing of Skripal’s return trips to Spain after 2010, as well as the content of his discussions with Spanish intelligence officials, remain unknown, according to The Times. Hat tip.
Iran Using Same ‘Active Measure’ Tactics Against the U.S.
When traveling internet sites, social media accounts and various news aggregator services, one needs to be even more suspect of what information is out there. Russia has been applying propaganda ‘active measure’ tactics for decades and due to the global internet system, the volume has gone beyond measure.
With all things Russia going on in Washington DC and in media, the success of active measures has been noticed by both China and Iran. Both have launched robust propaganda operations forcing the West and citizens to question authenticity of sites, articles and posts of all forms.
Watch out for those hashtags….influencing voters and fake/false news goes back to at least 2016. The operations are so effective that even big media has been duped and corrections are printed or made often when recognized. Some items are never corrected.
(Reuters) – Alphabet Inc’s (GOOGL.O) Google said on Thursday it had identified and terminated 39 YouTube channels linked to state-run Islamic Republic of Iran Broadcasting.
Google has also removed 39 YouTube channels and six blogs on Blogger and 13 Google+ accounts.
“Our investigations on these topics are ongoing and we will continue to share our findings with law enforcement and other relevant government entities in the U.S. and elsewhere,” Google said in a blog post here
On Tuesday, Facebook Inc (FB.O), Twitter Inc (TWTR.N) and Alphabet Inc (GOOGL.O) collectively removed hundreds of accounts tied to an alleged Iranian propaganda operation.
Google, which had engaged cyber-security firm FireEye Inc (FEYE.O) to provide the company with intelligence, said it has detected and blocked attempts by “state-sponsored actors” in recent months.
FireEye said here it has suspected “influence operation” that appears to originate from Iran, aimed at audiences in the United States, the U.K., Latin America, and the Middle East.
Shares of FireEye rose as much as 10 percent to $16.38 after Google identified the company as a consultant.
***
The Daily Beast went for a deeper dive on the tactics by Iran and explained a few cases.
An Iranian propaganda campaign created fake Bernie Sanders supporters online, Facebook disclosed Tuesday.
In a press release, the social-media giant said it had removed 652 pages associated with political-influence campaigns traced to Iran, including coordinated inauthentic behavior that originated in Iran and targeted people across multiple internet services in the Middle East, Latin America, U.K., and U.S.”
The cybersecurity company FireEye, which first alerted Facebook to the influence campaign months ago, wrote in a separate posting on its site that it had traced the campaign—including posts from supposed “American liberals supportive of U.S. Senator Bernie Sanders”—to Iran through email addresses and phone numbers associated with the “inauthentic” accounts.
The investigation began with FireEye’s discovery of a fake U.S. news outlet called Liberty Front Press, which Facebook says was created in 2013. The actors behind that site over time branched out into different personas intended to appeal to different audiences including “anti-Saudi, anti-Israeli, and pro-Palestinian themes.” Examples included accounts like The British Left, which published content in support of U.K. Labour party leader Jeremy Corbyn, and the pro-Palestinian Patriotic Palestinian Front. FireEye also says it “identified multiple Arabic-language, Middle East-focused sites” as part of the effort.
Unlike the Russian cyberinfluence campaign in 2016, FireEye didn’t find a complementary hacking campaign attached to the propaganda activity. Iran has spent big on developing its offensive online capabilities, but FireEye said it found no links to APT35—a hacking group that has targeted U.S. defense companies and Saudi energy firms. Instead, the security firm found links between the campaign and Iran’s state-run TV propaganda channel, PressTV.
The Iranian actors behind the campaign expanded beyond Facebook and Instagram and onto Twitter, according to FireEye. In a separate statement late Tuesday, Twitter announced it had suspended 284 accounts for what it said was “coordinated manipulation” and that “it appears many of these accounts originated from Iran.”
The Daily Beast recovered tweets from what appears to be an account associated with the campaign. @libertyfrontpr has since been deleted, but Google cache results show it linked back to the LibertyFrontPress.com website FireEye attributed to be part of the propaganda effort. The account was active as of at least Tuesday and is not listed as suspended on the platform.
The account used hashtags like “#Resist” and #NotMyPresident when tweeting out anti-Trump sentiments. It also weighed in against the Supreme Court nomination of Judge Brett Kavanaugh. “The #Senate has a responsibility to reject any nominee who would fail to be a fair-minded constitutionalist. That is #BrettKavanaugh. We must #StopKavanaugh.”
In a rare move for Holocaust-denying Iranian propaganda, @libertypr slammed the Republican Party for allowing anti-Semite and Holocaust denier John Fitzgerald to run for a seat in the California legislature.
In addition to the U.S. themes, Liberty’s Twitter account also targeted opponents of the Iranian government, including the Mujahedeen Khalq exile group, or MEK, which advocates the overthrow of Iran’s clerical government, with hashtags like “#BanTerrorOrg.”
The takedown marks the second time since the 2016 election that Facebook has appeared to act without U.S. government pressure to stop an alleged political-influence campaign. In late July, Facebook took down a handful of sock-puppet accounts purporting to be black, Hispanic, and #Resistance activists. Facebook didn’t attribute that campaign to a specific country or group, but it did note that some of the accounts had links to the infamous Russian Internet Research Agency troll farm.
Facebook said Tuesday that it had taken down the new batch of pages only after waiting “many months” after being alerted to the campaign by FireEye. The delay allowed the company to further investigate the campaign and improve its defenses against future efforts.