SPY NEWS: 2022 — Week 28

Summary of the espionage-related news stories for the Week 28 (July 10–16) of 2022.

1. Who Are the Russian Spies in Belgium

The EU Observer published a new investigative article uncovering some identities of Russian officials based in Belgium who have direct or indirect connections with the intelligence community of Russia. For example, Russian Consul General George Kuznetsov who has links with the Federal Security Service (FSB).

2. L3 Harris Drops for NSO Group’s Cyber Espionage Solutions, Insiders Say it Bid Was Backed by the US Intelligence Community

This week it was officially announced that L3 Harris “has ended talks with blacklisted Israeli spyware company, NSO Group, to buy the firm’s hacking tools following intelligence and security concerns raised by the Biden administration.” This is a follow up from week 24 (story #31) announced plans to acquire the Israeli NSO Group. The New York Times also published a story on this stating that despite Biden Administration publicly stating that NSO Group acts “contrary to the national security or foreign policy interests of the United States”, the article highlights that “five people familiar with the negotiations said that the L3Harris team had brought with them a surprising message that made a deal seem possible. American intelligence officials, they said, quietly supported its plans to purchase NSO, whose technology over the years has been of intense interest to many intelligence and law enforcement agencies around the world, including the F.B.I. and the C.I.A.”

3. UK Labour Party Calls for Investigation into Boris Johnson’s Private Meeting with former SVR Alexander Lebedev

Last week the British Labour Party sent a letter calling “for an urgent Cabinet Office investigation into Boris Johnson’s meeting with an ex-KGB agent two days after attending a high-level Nato summit that focused on Russia.” The article refers to an April 2018 meeting between Boris Johnson and Russian businessman and former KGB (during the Soviet Union) and later SVR intelligence officer, Alexander Lebedev. The meeting took place at an Italian compound right after the NATO Foreign Ministers’ Meeting in Brussels, Belgium. As per the article, “Johnson met Lebedev during a weekend-long party at a castle in Perugia owned by Evgeny Lebedev, Alexander’s son, immediately after attending a Nato foreign ministers’ meeting in Brussels scheduled at the height of the Salisbury poisoning crisis.”

4. Massive Reshuffling in South Korea’s NIS

On July 10th it was announced that South Korea’s “National Intelligence Service (NIS) recently ordered 27 heads of departments, all level-1 public servants, to move to its internal education arm — the Graduate School for National Intelligence — without particular job assignments. Whenever the administration is changed, the NIS goes through a massive reshuffling and reorganization. Insiders liken the situation to what happened during the Korean War, when the North Korean military was in power at night and the South Korean troops were in charge during the day.” The article then gives various historical examples of what happens in NIS when the administration changes. For example, “the former NIS agent, who wished to be identified only as “Mr. A,” said the top spy agency’s North Korea operations were paralyzed after Moon took office and Suh Hoon was named new chief of the NIS in May 2017. According to Mr. A, about 30 level-2 and level-3 workers and another 30 level-4 workers were sent to the in-house education institute in Pangyo, Gyeonggi, in September 2017. Those who had successful careers during the 10 years of conservative presidents were forced to undergo a one-year education. NIS workers sarcastically called the program the “Samcheong reeducation camp” named after the infamous concentration camp operated under the rule of general-turned-president Chun Doo Hwan.”

5. Inside Al-Shabaab’s Formidable Spy Wing

Dr. Joseph Fitsanakis of the IntelNews published a short article on Monday covering the intelligence wing of the Al-Shabaab terrorist organisation. This is based on a research paper indicating that “counter-terrorism researchers have been focusing on al-Shabaab’s operational, logistical and financial capabilities, to the detriment of its formidable intelligence wing. The latter, Nor kheyre claims, has been a priority of al-Shabaab for years, and is today more efficient that the Somali federal government’s own intelligence agency, the National Intelligence and Security Agency (NISA). He quotes one Somali insider who exclaims that “without Amniyat, al-Shabaab would be nothing”. Based on interviews with 15 former senior members of Amniyat and the Jabha (al-Shabaab’s military wing), as well as with several former NISA senior officials, Nor kheyre’s article provides a remarkably detailed and up-to-date insight into Amniyat’s command structure and modus operandi.”

6. 1968 Document Shows the CIA Providing Cars to Turkish MİT

On Thursday the Turkish ODA TV4 released a declassified document from 1968 showing how the United States Central Intelligence Agency (CIA) was improving its relationship with the Turkish National Intelligence Organisation (MİT). The article notes that especially in the period of Turkish diplomat Fuat Doğu leading MİT (1966–1971) the two agencies came very close. Quoting the article, “as a result of these relations, the CIA provided many technical equipment assistance to MİT. One of them was listening devices. The USA, which did not want to lose Turkey to the Soviet bloc, provided some aid to Turkey through grants.” The document is from 1968 and it was the transfer of 11 cars to MİT as part of those support grants.

7. Scotland Well Placed to Set Up Domestic Spy Agency

Andrew Neal published an article discussing how Scotland’s Police is well placed to start the establishment of an intelligence agency similar to MI5 but in a smaller scale. Quoting, “Police Scotland already engages in intelligence gathering and covert operations. The National Crime Agency operates in Scotland and covers much of the serious crime that a domestic security service might be concerned with. Parts of these organisations share a home with several other anti-crime agencies at the Scottish Crime Campus at Gartcosh, Glasgow. This hub of Scottish domestic intelligence capability would have an obvious future role. Scotland would not be able to recreate a serious foreign intelligence service like MI6. Few countries have dedicated foreign services, which require extensive overseas human resources. The same would be true for a dedicated signals intelligence agency like GCHQ. The Scottish Government proposed in its 2014 Scotland’s Future document to create a single integrated intelligence service. On paper, this would be an unusual arrangement, but in practice, it is a recognition that a Scottish security service would be largely domestically focused, perhaps with a few externally-facing capabilities. Scotland’s newly independent military would also have something akin to the UK’s fourth intelligence agency — Defence Intelligence — as part of its planning and decision-making structures.”

8. Webinar: The President, The Spymaster and Watergate with Jefferson Morley (50th Anniversary)

The International Spy Museum published this 1-hour long recording of a virtual event that originally took place on June 17th. As per the description, “fifty years ago on June 17, 1972, five men were discovered breaking into the Democratic National Committee Headquarters at the Watergate in Washington, DC. President Nixon, desperate to shut down the FBI’s investigation of the crime, sought the support of CIA Director Richard Helms. To mark this unhappy anniversary join us for a discussion with Jefferson Morley the author of the new book, “Scorpion’s Dance: The President, the Spymaster, and Watergate,” and James Rosen, author of “The Strong Man: John Mitchell and the Secrets of Watergate.” In conversation, Morley and Rosen will explore the concealed, deadly power struggle between Nixon and Helms, two Cold Warriors whose edgy relationship dated back to the 1950s. Both president and spymaster knew secrets about the disastrous Bay of Pigs invasion of Cuba as well as off-the-books American government and CIA plots to remove Fidel Castro and other leaders in Latin America. Both had enough information on each other to ruin their careers. Nixon knew that most of the Watergate burglars were retired CIA agents, contractors, or long-term assets with deep knowledge of the Agency’s most sensitive secrets. Nixon and Helms circled each other like scorpions, defending themselves with the threat of lethal attack. Morley and Rosen, both veteran Washington reporters, will discuss the various theories of Watergate and the long-neglected evidence Morley has uncovered to give a new perspective on one of America’s most notorious presidential scandals.”

9. Honeytraps: Lonely, Junior Personnel Are a Clearer Mark for Spy Agencies in the Age of Social Media

On Monday the Indian Defence Research Wing (IDRW) published this short article covering several recent cases of Pakistani Inter-Services Intelligence (ISI) targeting Indian government and military personnel using online Human Intelligence (HUMINT) techniques combined with the traditional honeytrap tradecraft. That is, posing online as attractive people trying to establish a relationship which eventually results in the development and recruitment of agents inside India’s government and military.

10. Armenia’s NSS Arrests Serviceman Acting as Foreign Agent

On July 11th Armenia’s National Security Service (NSS) announced the arrest of an active duty military male who was recruited by a foreign intelligence agency via social media in order to conduct espionage. Among others, he provided information about “his military unit, type of groups included in it, unit locations of guarded positions, equipment, and other information related to combat duty, as well as personal and service data of the command staff.” Additionally, he “photographed and transferred the military unit’s buildings, positions, roll call book, rules of engagement, and military manuals.”

11. North Korean Cyber Operation Targets Small and Midsize Businesses

The Microsoft Threat Intelligence Center (MSTIC) published on July 14th that a group of nation-state actors from North Korea have been targeting small and midsize businesses in multiple countries since September 2021 in order to deploy ransomware and obtain ransom payments in cryptocurrencies, thus bypassing the economic sanctions imposed by the United Nations, to fund the various government programs. Historically, those operations were conducted by the intelligence agencies of North Korea.

12. Podcast: History Happy Hour : Interrogating German Generals in Washington DC

This week, the History Happy Hour published a new 1-hour long episode which is described as: “during WWII, a top-secret facility 15 miles from the White House conducted intelligence and espionage operations kept secret for more than 50 years. The facility at Fort Hunt was known only by its codename: PO Box 1142. Here, fifteen German generals and thousands of other high value Nazi prisoners were bugged and questioned by American interrogators, many of whom were themselves German born Jews. Chris and Rick welcome Robert K. Sutton, author of “Nazis on the Potomac: The Top-Secret Intelligence Operation that Helped Win World War II.”

13. Dutch AIVD and MIVD Supervision is a National Security Risk

On July 13th, NRC published a story discussing the risk of not having sufficient supervision in the espionage activities of the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD) of the Netherlands. The AIVD/MIVD failed to delete data “of millions of citizens illegally” collected as the law says, but on the other hand, “by using the hacking powers, the services have collected important intelligence in recent years about, among other things, Dutch travelers to ISIS territory, attack threats against Dutch military units abroad, assassination attempts in the Netherlands by the Iranian secret service and the use of chemical weapons by the Syrian regime against its own people.”

14. Iran Plots Covert Assassinations of American Officials

Investigative journalist Jana Winter published an exclusive story quoting anonymous sources inside the US intelligence community. As per the article, among others the intelligence report obtained says that “the Iranian regime is waging a multipronged campaign — including threats of lethal action, international legal maneuvering, and the issuance of Iranian arrest warrants and sanctions — against select US officials to avenge the death of IRGC-QF Commander Soleimani in January 2020, raising the threat at home and abroad for those Iran views as responsible for the killing.” Another quote from the intelligence report obtained was that “since January 2021, Tehran has publicly expressed a willingness to conduct lethal operations inside the United States and has consistently identified former President Donald Trump, former Secretary of State Michael Pompeo, and former CENTCOM Commander General Kenneth McKenzie as among its priority targets for retribution,” the report says. “Iran would probably view the killing or prosecution of a US official it considers equivalent in rank and stature to Soleimani or responsible for his death as successful retaliatory actions.”

15. New North Korean Cyber Espionage Operations Targeting South Korean Entities

Cyber threat intelligence researcher “CyberWar — 싸워” published technical indicators associated with active cyber espionage operations attributed to North Korea. The indicators shared impersonate various South Korean entities such as: 1) The NAVER online platform, 2) NongHyup, one of the country’s largest banks, 3) The NAVEOS healthcare provider, and more.

16. Ukraine’s SBU Detained Russian Agent in Odessa

Through a formal announcement on July 11th, Ukraine’s Security Service (SBU) stated that they successfully detained a Russian agent in the region of Odessa. As per the announcement, he was “recruited by a representative of the special services of Russia to carry out subversive actions in Odessa. To communicate with each other, they used a specially created anonymous Telegram channel.” Among the various tasks received by his Russian handler, the spy was also tasked with “the formation of an extensive intelligence network in the south.”

17. Motherboard Reveals the Covert Operation of the FBI to Wiretap the Global Network of the ANOM Mobile Phone Users

Jospeh Cox of the Motherboard published an article detailing the exact code that the United States Federal Bureau of Investigation (FBI) used in the Operation TROJAN SHIELD. As per the article, “the FBI secretly ran an encrypted phone company called Anom for years and used it to hoover up tens of millions of messages from Anom users.” And the article continues that “Motherboard has obtained this underlying code of the Anom app and is now publishing sections of it due to the public interest in understanding how law enforcement agencies are tackling the so-called Going Dark problem, where criminals use encryption to keep their communications out of the hands of the authorities. The code provides greater insight into the hurried nature of its development, the freely available online tools that Anom’s developers copied for their own purposes, and how the relevant section of code copied the messages as part of one of the largest law enforcement operations ever.”

18. Russian SVR States that that Poland Tries to Disguise Expansion to West Ukraine

On Tuesday the Russian Foreign Intelligence Service (SVR) did a press release signed off by SVR Director Sergey Naryshkin. The press statement says that “in Warsaw, they hoped that in the conditions of tense geopolitical confrontation, neither Kiev, nor Washington, nor Moscow would pay attention to their methodical preparations for the seizure of Ukrainian lands. Poland hoped that when the conflict in Ukraine entered the phase of a diplomatic settlement, the parties would be forced to recognise “Polish expansion” as a fait accompli. Now, due to the leakage of sensitive information, the Polish leadership is forced to remove the concerns that sound from “comrades in NATO and the EU.” In Warsaw, they hope to correct the matter with massive propaganda. Controlled “think tanks” and media were instructed to launch a campaign that would disguise Poland’s actions to strengthen its position in Ukraine and refute “inappropriate rumours.” Emphasis is proposed to be made on creating an image of “collective participation” of all European neighbours of Ukraine in the affairs of Kiev. To do this, Warsaw is ready to go for more active cooperation on the Ukrainian issue with Hungary and Romania, thus hiding behind them to implement their own plans.”

19. Podcast: SpyCast: A Conversation with Counterintelligence Legend Jim Olson

On July 12th International Spy Museum’s SpyCast published a new episode featuring James Olson, a 31-year veteran of the Central Intelligence Agency’s (CIA) Clandestine Service, who among others, also served in Russia. The intelligence topics covered are: 1) His views on Russia and its trajectory since the Cold War’s end, 2) His frank assessment of Putin and admiration for the Russian people, 3) His time in Moscow with 3 rotating KGB teams surveilling him, and 4) His time as Chief of Station in the city of spies, Vienna.

20. French DGSE Invests in the New Cyber Campus

French President Emmanuel Macron announced the Cyber Campus, a place for sharing, exchanges and meetings related to cyber security. It is a 13-storey tower, located in La Défense. This week, the French DGSE announced that “ is happy to invest in the Cyber ​​Campus and will engage its expertise and experience, with the various private and public actors, in order to develop technological innovation in this field and thus ensure the security of the digital transformation. of our country.”

21. Turkish MİT Operatives Abduct 3 Citizens from Syria

According to ANHA, operatives of the Turkish National Intelligence Organisation (MİT) “raided the homes 3 citizens of Gorran village in Jandres district, kidnapped them and took them to an unknown place. The source mentioned the names of the kidnapped: Muhammad Ismail Waheed (32 years), Hussein Walid Mahmoud, and Abdo Muhammad Battal (34 years).”

22. Video: The USA’s Numbers Station Was Traced To This Secret Facility

On July 11th the Ringway Manchester YouTube channel published an 11-minute long video talking about how radio enthusiasts managed to uncover a secret US government facility located in Virginia, with some links to the CIA, used to broadcast number station messages, likely to communicate with spies stationed in non-permissive environments. Eventually, this led to the discovery of the Warrington Training Centres network of NCS Stations.

23. Grave of KGB Colonel Desecrated in Moscow, Russia

On Friday it was reported that “the grave of a Soviet counter-intelligence officer recruited by the FBI was desecrated at the Kuntsevo cemetery in Moscow.” The article continues that “we are talking about the grave of KGB Colonel Alexei Kulak, who died in 1984 from a brain tumour. The guards found the inscription “Judas” on the tombstone, as well as the damaged engraving “Hero of the Soviet Union”. In addition, a postscript appeared near the portrait: “By a decree of the USSR Armed Forces of 1990, he was deprived of his military rank and awards (posthumously) for spying for the United States since 1962.” Law enforcement agencies are looking for attackers.”

24. EU is Constructing an €8 Million ‘Spy-Proof’ Bunker

The EU Observer released a new exclusive story for the construction of a secure facility in Brussels, Belgium at a cost of €8 million. Its intention is to provide a secure facility for classified discussions. As per the article, “the chamber could host around 100 people — up to 34 leaders and their 34 note-takers, as well as protocol, technical, and catering staff. The room will be offline but equipped with internal big-screen conferencing technology and microphones hardwired to equally secure booths for 30 interpreters. And both the meeting room and booths will be enclosed in a Nato-certified insulation cage to “mitigate the risk of exploitation of compromising emanations” — electro-magnetic and radio waves generated by IT screens and wires, which can be remotely intercepted. Anyone who goes in, even if they’re a cleaner, must have “SECRET EU” security clearance and a “need-to-know” reason for being there. SECRET EU is the bloc’s second-highest level of classification. It covers information that could “seriously harm” EU interests if it got out. Leaks could “raise international tensions” or “threaten life” or “public order” in Europe, according to EU security guidelines. And EU leaders and staff will have to leave their phones, laptops, smart watches, electronic key fobs and even hearing aids in soundproof lockers outside the chamber. The facility is to be built by 2024 in the EU Council complex in Brussels, which already hosts summits. The exact location has not been decided yet, but officials are looking for somewhere near the normal EU summit room so that leaders can go back and forth more easily.”

25. CIA Director Announces New CIA General Counsel

On July 14th, CIA Director William J. Burns issued a press release stating that “we’re delighted by Kate Heinzelman’s Senate confirmation to serve as General Counsel of the Central Intelligence Agency (CIA) and looking forward to welcoming her to the Agency family. Her experience and impressive legal talent will serve the Agency well.”

26. Polish AW Releases More Intercepted Russian Communications

On Thursday, the Foreign Intelligence Agency (AW) of Poland published an article along with intercepted Russian military communications. Note this is the third week since AW started employing this tactic (see week 27 story #68 and week 26 story #61). As per AW’s article, “in the recording captured by Polish intelligence, you can hear a soldier who took part in the war of Russia against Ukraine. A participant in the fighting critically evaluates the situation in the army, complains about the makeshift actions of the commanders, which, in his opinion, causes large losses among the soldiers. The man recalls that the Kremlin’s decision to start a war against Ukraine cost the lives of many Russians. The Russian troops were broken up by the defenders of Ukraine (“the boys I traveled with are no more” … “3 people are left from our platoon”). The man believes that the hostilities against Ukraine were poorly prepared, for which the soldiers were paying (“with all those who traveled it is not good … either wounded or seriously injured”). The soldier recorded in the video also complains about the wrong decisions of the commanders. Their morale and professionalism are to be very low. The man recalls that in one of his units the deputy commander “lost” the soldier (“ on the third day the tankers found him”). The Russian soldier adds that the image of the war Russia is waging against Ukraine is far from propaganda. It discourages everyone from joining the troops fighting at the front (“if people are awakened by heroism … let them go there … then we’ll talk”).”

27. Spy Way of Life: Hotel Phoenix — Denmark

This week’s selection of Intelligence Online’s Spy Way of Life series was Hotel Phoenix, located in Copenhagen, Denmark. As per the article, this is one of “the favourite haunts of the Danish intelligence services, which are generally chosen for their discretion and four-star comfort.”

28. Kazakhstan’s KNB Celebrates 30th Anniversary

On July 13th, Kazakhstan’s spy agency, the National Security Committee (KNB), celebrated its 30th anniversary. For this reason KNB released a collection called “Chronicles of the Domestic Special Service” containing the most high-profile operations of the agency. Those were: 1) A 1992 hostage rescue operation codenamed NABAT, 2) A 1994 operation to remove nuclear material from Kazakhstan codenamed SAPPHIRE, 3) A 1996 operation to eliminate an international drug trafficking network codenamed SAFARI, 4) A 1997 operation to uncover and arrest Iranian spies codenamed VICTORIA, and 5) A 2018 operation to rescue Kazakhstan citizens from Syria codenamed ZHUSAN.

29. Podcast: Lex Fridman: KGB Spy Jack Barsky

Lex Fridman published a new, nearly 4-hours long, podcast episode featuring Jack Barsky, a former KGB officer who defected to the United States, and author of the book “Deep Undercover: My Secret Life and Tangled Allegiances as a KGB Spy in America”. The podcast covers a wide variety of intelligence-related topics, from Cold War to today and from tradecraft to more strategic concepts.

30. Cyber Espionage Operations Targeting Journalists and Media

Cyber security firm Proofpoint published an analysis covering recent cyber espionage operations targeting journalists and media. The operations described were from China, North Korea, Turkey, and Iran. The Proofpoint intelligence analysts state that “those involved in media make for appealing targets given the unique access, information, and insights they can provide on topics of state-designated import.”

31. Bogus Report on Nicaragua by “60 Minutes” Exposed as Propaganda from CIA-linked National Endowment for Democracy

On July 15th, Susan Lagos of the Covert Action Magazine published this article based on a recent 60 Minutes episode. According to the article, the 60 Minutes episode portrayed pro-US government views instead of unbiased journalism, with every person interviewed being either linked or benefited from the US government, unlike the people living in Nicaragua who were negatively impacted by the US governments covert and overt actions.

32. Austria Began to Perceive Russia as a Direct Security Threat

The News1 published an article that although Austria historically had very close ties with Russia, they, lately, have been looking more at Russia as a national security threat. The article notes that “there is a law in Austria according to which espionage is a crime only if it is directed against Austria itself. So spies in this country feel quite at ease” so many Russian officers operate from Austria. The article also highlights that “a certain employee worked in Austrian intelligence, he led undercover agents, he had previously served in Turkey and Italy. Now he is suspected of selling classified data to the Kremlin. According to the investigation, the intelligence officer, using his official position, requested secret information from other European intelligence services, and then he passed this information to Russia.”

33. Ukrainian SBU Publishes Summary of Recently Completed Counter-Intelligence Operations

On Saturday Ukraine’s SBU published a summary of 3 recently completed counter-intelligence operations. Those were: 1) Pro-Russia Ukrainian blogger and Deputy Head of the Kherson-Civillian Admininistration, Kyril Stremousov, was sentenced to 8 years in prison for acting as a Russian agent. 2) In the region of Cherkasy, SBU exposed a woman disseminating pro-Russia content online, and 3) In the area of Sumy, SBU’s cyber unit elimited “a scheme to embezzle money collected for the Armed Forces. The organiser of the event appropriated money received from citizens through mobile banking applications.”

34. The Saudi Spy Chief Who Pioneered Secret Relations With Israel

Yossi Melman of Haaretz published this story explaining how “the former head of Saudi intelligence and its National Security Council, Prince Bandar bin Sultan, met for years with Jewish leaders, Mossad chiefs and prime ministers.”

35. Major Kyrylo Budanov, the Star of Ukraine’s Military Intelligence

Intelligence Online published a story for Major Kyrylo Budanov of the Ukrainian Military Intelligence (GUR), highlighting that “Major General Kyrylo Budanov has two new stars freshly sewn on his uniform and is fighting on all fronts for Kyiv. From information campaigns to collecting intelligence about Minsk and localising Russian agents, in the name of war, the GUR is taking on many new missions.”

36. Former CIA Engineer Convicted for WikiLeaks Espionage Case

On Thursday it was announced Jurors in Manhattan federal court convicted Joshua Schulte, 33, a former CIA software engineer, on 8 espionage charges and one obstruction charge over the Vault 7 leak in WikiLeaks. Quoting the article: “Today, Schulte has been convicted for one of the most brazen and damaging acts of espionage in American history,” in undermining U.S. efforts to battle “terrorist organizations and other malign influences” around the world, U.S. Attorney Damian Williams in Manhattan said in a statement.”

37. Podcast: Spy Chat with Former CIA CTC Deputy Director Darrell M. Blocker

On July 12th the International Spy Museum published a video recording from a virtual event that originally took place on June 23rd. As per the description, “join us for an online discussion of the latest intelligence, national security, and terrorism issues in the news. Spy Museum Executive Director Chris Costa will lead the briefing. Costa a former intelligence officer of 34 years with 25 of those in active duty in hot spots such as Panama, Bosnia, Afghanistan, and Iraq is also a past Special Assistant to the President and Senior Director for Counterterrorism on the National Security Council. He will be joined by Darrell M. Blocker, former Deputy Director of the CIA’s Counterterrorism Center. Blocker is the Chief Operating Officer for MOSAIC Security, a strategic intelligence, crisis management, and executive advisory firm. He retired from government service after a successful 32-year career in the US intelligence community, including 28 years as a CIA operative. Blocker is an ABC News National Security Analyst and Contributor with expertise on North Korea, Iran, and terrorism. He was awarded the CIA’s Distinguished Career Intelligence Medal and was recognized as the most senior Black officer in CIA’s Directorate of Operations upon retirement in 2018. Blocker is developing espionage-themed content in Hollywood, serving as a tv consultant, and volunteers with nonprofits dedicated to serving youth in the foster care system (Peace4Kids.org).”

38. Armenia Considers Creation of a Foreign Intelligence Service

Armenian media reported that “Armenia plans to create a separate foreign intelligence service, Secretary of the Security Council of the Republic Armen Grigoryan said on July 12 during parliamentary hearings. When discussing the formation of the Ministry of Internal Affairs in Armenia, Grigoryan explained that it is planned to carry out reforms in the law enforcement system and in the defence sphere in the republic. “We plan to create a separate foreign intelligence body. The Security Council has already begun discussions with partners to form this structure ,” the Security Council Secretary said. According to him, reforms in the law enforcement system should be considered in such a broad context.”

39. Former Greek NIS Chief Made 46,000 Interceptions “Disappear”

Following week 19 (story #78) where it was revealed that interceptions of the Greek National Intelligence Service (NIS) related to the assassinated journalist Giorgos Karaivaz disappeared, this week it was reported that under the leadership of Yannis Roubatis (2015–2019), NIS had issued some legal case but “46,000 phone interceptions have disappeared.”

40. Five Former Gambian Intelligence Officers Convicted of Murdering Opposition Activist

This week it was revealed that the former Chief of Gambia’s National Intelligence Agency (NIA) along with 4 of his officers were “sentenced to death for the 2016 murder of an opponent of ex-president Yahya Jammeh, a rare instance of criminal accountability for Jammeh-era crimes.” The article states that “the court issued the sentences late on Wednesday against Yankuba Badjie, the former director-general of the National Intelligence Agency and four other senior NIA officials for the murder of Solo Sandeng. Two other defendants were acquitted. The defendants all denied wrongdoing. Sandeng, an activist from the opposition United Democratic Party (UDP), was arrested at a rally in April 2016, beaten to death and buried in an unmarked grave, witnesses said. Adama Barrow, representing a coalition of opposition parties, defeated Jammeh in an election later that year. Jammeh tried to cling to power but eventually fled to Equatorial Guinea under threat of a regional military intervention. Barrow’s government has said it will prosecute Jammeh and others for killings, rapes and other crimes committed during his 1994 to 2017 rule in line with recommendations by a truth and reconciliation commission last year. But Jammeh remains in exile, and victims groups have complained about how slow progress toward prosecutions has been.”

41. MI5 is Looking for More Funds to Tackle Right-wing Threat

The Guardian published an article stating that “MI5 should be given increased funding to help tackle the rising threat of extreme-right terrorism, which now accounts for approaching a fifth of the spy agency’s investigations, a parliamentary watchdog has said. MPs and peers on the intelligence and security committee said the agency had been forced to progress other work — almost certainly relating to Islamist terrorism — more slowly and had been unable to expand other activities as it had hoped.” The article also notes that “MI5 told the committee that “a significant percentage” of extreme rightwing terror suspects were under the age of under 24, and that the equivalent proportion in relation to Islamist terrorism was “much lower”. But some of the most recent high-profile attacks were carried out by older men, such as the attack on worshippers at Finsbury Park mosque in 2017 in which one person was killed and 12 were wounded. The attacker, Darren Osborne, who was 47 at the time, was jailed for life.”

42. Dissident Saudi Spy Chief Says MBS Poses Threat to the United States

Daily Mail released a story featuring Saad Aljabri, former Saudi Arabia intelligence chief who has defected to Canada. He said that Crown Prince of S. Arabia, Mohammed bin Salman Al Saud (MBS), is “a psychopath with no empathy, doesn’t feel emotion, never learned from his experience. And we have witnessed atrocities and crimes committed by this killer.” He also warned of the threat Saudi Arabia poses to the United States, especially around taking everything they want from the US in return of oil.

43. Russian Cyber Espionage Operation Targeting Ukraine

Cyber security firm MalwareBytes Labs published an analysis based on recently observed cyber operations targeting Ukraine from an actor associated with the intelligence services of Russia. As per the analysis, “lures are based on important matters related to the ongoing war and humanitarian disaster happening in Ukraine.” If the targets open the lure documents, a custom cyber espionage software implant is installed. According to the authors, the main targets were Ukrainian government entities.

44. The Russian Diplomats Expelled from Belgium had GRU Links

On July 10th, the Dossier Centre published an analysis showing that the Russian diplomats expelled from Belgium in March 2022 (see week 13 story #32), were directly linked with Russia’s military intelligence (GRU). This was later disseminated by news agencies too.

45. Cyber Operators Attempted to Wiretap ECB’s Head Mobile Phone

The Associated Press reported that the President of the European Central Bank (ECB), Christine Lagarde, was recently targeted in a cyber espionage operation. The infiltration attempt was “identified and halted quickly” according to ECB. Quoting anonymous sources, the article says that “Lagarde was contacted by text message from what appeared to be former German Chancellor Angela Merkel’s cellphone number by someone claiming that Merkel wanted to communicate with her by WhatsApp because that would be more secure. It said that Lagarde then contacted Merkel by phone to ask whether she really wanted to communicate by WhatsApp and that whoever was behind the attempt apparently aimed to gain control of the accounts of various prominent figures on WhatsApp and other messaging services.”

46. Australian Court Drops Charges for Whistleblower that Uncovered the 2018 ASIS Clandestine Bugging Operation

This is a follow up from week 21 (story #47) related to a 2018 case where former Attorney-General of the Australian Capital Territory, Bernard Collaery, and one of his clients (referenced as Witness K) leaked information about a clandestine Australian Secret Intelligence Service (ASIS) operation to bug the government offices of a neighbouring country, the Democratic Republic of Timor-Leste. This week it was officially announced that the prosecution ended and no charges will be filed. Note that “the attorney-general emphasised that he was not establishing any sort of precedent for an end to whistleblower prosecutions. The Collaery case was “exceptional,” he insisted.”

47. South Korean Convicted Spy Acquitted After 20 Years in Prison

After 20 years in prison, “a South Korean man who was sentenced to death on espionage charges under Park Chung Hee’s former administration has been acquitted in a retrial 47 years later.” The convicted spy, “Yoo Jong Sik, now 83, was found not guilty of violating the National Security Law by the Seoul Supreme Court.”

48. Russian Hacktivist Publish Details of 700 Ukrainian SBU Employees and 2500 People Associated with GUR

On July 11th it was reported that a previously unknown hacktivist group identifying themselves as “RaHDit” together with another Ukrainian group known as “Bereginya” “obtained secret operational documents about the actions of the Ukrainian army and the situation at the front.” The groups leaked those files online. Some of the leaks it was personal information of 2500 people associated with Ukraine’s military intelligence (GUR) as well as details of 700 employees of Ukraine’s Security Service (SBU).

49. Greek NIS and Police on High-Alert Over Death of Turkish Official

On Friday it was reported on local media that Ahmet Mete, a 57-year old Turkish religious figure representing Turkey in the area of Xanthi, Greece died of cancer. The initial reaction from the Turkish authorities were to “challenge the forensic report” resulting in the Greek National Intelligence Service (NIS) and the Police being on high-alert in fear of this being used as an “opportunity for provocation” by Turkey using covert means.

50. US Government Uses Spy Balloons for Military Intelligence

According to Al-Arabiya, the United States military has been deploying and operating autonomous blimps (described as spy balloons by Al-Arabiya) to collect intelligence and act as early warning systems for missile launches by Russian and Chinese militaries.

51. EU to Create New Anti-Eavesdropping Unit

On Thursday, EU Observer reported that “EU institutions are creating a new cell to prevent signals interception by foreign spies. The ‘CSC-TSCM Expert Group’ will bring together specialists from EU states “to prevent, detect and potentially neutralise eavesdropping of information in any physical or electronic form” including “inspection of facilities and vehicles and the protection of classified meetings” in the EU Council, Parliament, and Commission after it is agreed 25 July, an internal EU memo said.”

52. The Psychology of an Officer Who Falls Prey to Honey-Trapping

Following story #9, One India published an article expanding further into this issue that seems to be a major concern of the Indian counter-intelligence services after the recent successes of the Pakistani ISI using this method. This article takes a different perspective, quoting: “Officials OneIndia spoke with say that honey trapping cases continue despite the officials being sensitised about the problem. In most cases what has been noticed is that older officials are being honey trapped and this brings us to the question about whether the selection process needs a revamp.” The article then explains more of the psychology behind those recruitment operations.

53. Podcast: Spy Chat with Malcolm W. Nance

This is a recording from the International Spy Museum’s Spy Chat series, the virtual event originally took place on July 7th. As per the description, “join us for an online discussion of the latest intelligence, national security, and terrorism issues in the news. Spy Museum Executive Director Chris Costa will lead the briefing. He will be joined by Malcolm W. Nance, counterterrorism expert, policy adviser, and media commentator. Nance, will be streaming in live from Ukraine where he joined the fight in January 2022. Nance is a former career US Naval Intelligence Officer specializing in counterterrorism, intelligence, and violent extremism as advisor for the US government’s law enforcement, Homeland Security and intelligence agencies. As an Arabic-speaking special intelligence collections operator field interrogator he provided top secret anti and counterterrorism support to national intelligence agencies while on numerous reconnaissance and combat operations in the Balkans, Middle East, and sub-Saharan Africa.
Spy Museum Advisory Board Member Nance was honored as one of the Noteworthy African-Americans in American Espionage History. He is author of The Terrorist Recognition Handbook, The Terrorists of Iraq: The Strategy and Tactics of the Iraq Insurgency, An End to al-Qaeda: Destroying Bin Laden’s Jihad, the New York Times best-seller Defeating ISIS: Who They Are, How They Fight, What They Believe and The Plot to Destroy Democracy: How Putin and His Spies are Undermining America and Dismantling the West among other books.”

54. US Government to Create Counter-Influence Programmes in Indo-Pacific

Intelligence Online reported that the US State Department is creating plans to “implement economic security measures and develop counter-influence programmes, notably in Cambodia and Sri Lanka.” Those are organised by the Congressional-Executive Commission on China (CECC) with the Central Intelligence Agency (CIA) being a key contributor in the covert part of those counter-influence programmes targeting China.

55. Long-Classified U.S. Estimates of Nuclear War Casualties During the Cold War Regularly Underestimated Deaths and Destruction

On July 14th, the United States National Security Archive published a new story, including several previously classified documents from the CIA and other agencies, covering the Cold War estimates of nuclear war casualties. As per the overview, “apprehensions over escalation risks involved with the current Ukraine war have brought the issue of potential casualties, even from possible limited Russian nuclear strikes, back to the forefront of public attention even though averting a superpower conflict is a high White House priority. To put the problem of nuclear casualty estimates in broad perspective, today’s posting of almost two dozen high-level White House, State, Defense, CIA, and other records features a broad range of the fatality estimates and related information U.S. strategists produced from the late 1940s into the late 1970s.”

56. Hacktivist Group Infiltrated Iranian Steel Facilities and Leaked Classified and Proprietary Documents Online

A hacktivist group known as “Gonjeshke Darande” compromised multiple Iranian steel facilities and leaked nearly 20GB of data online, including documents indicating affiliation between those entities and the Iranian Islamic Revolutionary Guards Corps (IRGC). As per the news story, “the shadowy outfit claims to be independent, but some speculation has suggested it could be the work of the Israeli government.” The Times of Israel reported that “Israeli Defense Minister Benny Gantz ordered an investigation into recent media leaks that “hinted” that an Israeli military intelligence unit was responsible for the attack on the steel facilities.”

57. Ukrainian SBU Spying on OSCE Staff

According to media reports, in the period of 2014–2021 Ukraine’s Security Service (SBU) was “systematically spying on representatives of the Organisation for Security and Cooperation in Europe (OSCE), right down to their personal lives.” The article highlights that “it is worth noting that the OSCE Special Observation Mission in Ukraine is the largest operation ever carried out by the organisation.”

58. Israeli NSO Group is Conducting a Lobbying Campaign to Get Off the US Blacklist

On July 12th the ProPublica released a news story describing how the Israeli cyber espionage solutions provider NSO Group started a lobbying campaign in the United States to get removed from the Entity List. The company was added to the list since there were evidence that many of their customers were oppressive regimes’ spy agencies that used their solutions (mainly the Pegasus product) to plan assassinations of activists, journalists, track and imprison dissidents, and other similar cases.

59. Presentation & Panel: Operación Jaque — The Daring Rescue Mission That Freed 15 Hostages

On Friday the International Spy Museum published the recording of an over 2-hours long presentation and panel discussion about Operación Jaque. As per the description, “Operación Jaque was one of the most daring and effective operations in intelligence history. A grand deception, entirely planned and executed by Colombian forces, it involved codebreaking, cover identities, and the successful rescue of 15 hostages held by the FARC in the Colombian jungles — and all without spilling a drop of blood. This panel discussion about Operación Jaque was held at the International Spy Museum on May 26, 2022 in collaboration with the Embassy of Colombia highlights the military operation that resulted in the successful rescue of 15 hostages, including former Colombian presidential candidate, Íngrid Betancourt. The panel features those involved in the mission and one of the hostages who was rescued. Please note: this video includes subtitles generated by YouTube. We understand there are errors, but we thought the content was important to share.”

60. Former Vice President of India Says he Never Invited Nusrat Mirza

This week, the former Vice President of India, Hamid Ansari, did a statement saying that “he never knew or invited Pakistan journalist Nusrat Mirza to any conference, including the 2010 conference mentioned by Nusrat Mirza.” Note that “Mirza also claimed to have given secret and classified information to the Pakistani spy agency Inter-Services Intelligence (ISI).”

61. Ukraine’s SBU Detained Russian Agents in Mykolaiv

On July 15th, Ukraine’s SBU announced the detainment of Ukrainian nationals in the Mykolaiv who were collaborating with Russian forces as informants. The announcement says that the detained spies were “residents of Mykolaiv Oblast. They transmitted the collected information to their handler through the tried-and-tested channels of closed communication. During the search conducted at the residences of the perpetrators, computer equipment and mobile phones with evidence of illegal activity were discovered and seized.” The detainees were providing geolocation and target information to their Russian handler to adjust the shelling strikes.

62. Meet the Ex-CIA Officers Deciding Facebook’s Content Policy

Alan MacLeod of the MR Online published an article detailing several Facebook employees who joined the social media company from the Central Intelligence Agency (CIA) and are now holding influential positions such as Senior Product Policy Manager for Misinformation, Workflow Risk Project Manager, Director of Trust & Safety, Head of Harmful Content Operations, and others. The article concludes that “Facebook, however, is vastly more influential than the New York Times or Reuters, reaching billions of people daily. In that sense, it stands to reason that it would be a prime target of any intelligence organization. It has become so big and ubiquitous that many consider it a de facto public commons and believe it should no longer be treated as a private company. Considering who is making many of the decisions on the platform, that distinction between public and private entities is even more blurry than many presume.”

63. Podcast: True Spies: Special Relationships, Part I: The Zimmerman Telegram

SpyScape’s True Spies series released a new 27-minute long episode related to the Zimmerman Telegram. As per the description, “after a shaky start, the friendship between Britain and America has blossomed in to one of the most important alliances on the world stage. In this anthology, Vanessa Kirby relates three crucial chapters in the evolution of the Special Relationship. In Part 1, scholar and intelligence professional Dr. Anthony Wells is your guide to the unprecedented carnage of World War One — and how a crafty British Naval Intelligence officer tipped the scales by bringing the USA in to the conflict.”

64. French DGSE Under Investigation for Nexa Technologies Surveillance Equipment Sold to Libyan Intelligence Services

According to local media reports, the French DGSE is under investigation by the judicial authorities to find out the “degree of involvement” of the agency along with the private firm Nexa Technologies (formerly Amesys) on the sale of surveillance equipment to Libyan intelligence services during the regime of Colonel Muammar Gaddafi. The article notes that “one of Nexa’s engineers admitted that the system sold to Libya includes a backdoor that allows French agents to monitor what the devices in Tripoli were surveilling.” So far, 3 DGSE officers have testified on the case. The report says that “the founder of the French company Nexa was an executive director at Amesys, which provided Libya, during the era of Colonel Gaddafi, a system capable of intercepting internet traffic in the country.”

65. Webinar: Breaking Historical Ciphers with Modern Algorithms

On Saturday, the British National Museum of Computing (TNMOC) released an over 1-hour long webinar recording of a virtual presentation by Elonka Dunin and Klaus Schmeh. As per the description, “many old encryption methods are still hard to break today. For instance, cryptanalyzing a short 19th century Playfair cipher is far from trivial, and it is especially difficult when the ciphertexts are short. On the other hand, techniques for breaking historical ciphers have recently made considerable progress with computer-based cryptanalysis methods being successfully applied to break original WWII Enigma messages, as well as the most famous unsolved codes, a 1970 ciphertext sent by the Zodiac Killer. This presentation introduces the most important historical ciphers, and modern techniques to break them with many real-world examples and entertaining slides using Lego brick models, self-drawn cartoons, and animations.”

66. Ukrainian SBU Announces Odessa GRU Spy Sentenced to 8 Years in Prison

On July 13th, the Ukrainian SBU announced that a suspect detained in January for plotting subversive actions in Odessa was sentenced to 8 years in prison. The announcement says that “in the course of the investigation, it was established that the foreign agent periodically came to Ukraine on behalf of the Russian special services. His handlers were representatives of Russian military intelligence operating from the territory of the unrecognised Transnistrian Moldovan Republic. The agent’s main task was to destabilize the socio-political situation in the Odessa region through sabotage and terrorist acts. It was established that he organised the arson of a military vehicle of the Armed Forces of Ukraine in Odessa in December 2021, and the defacement of the Heroes of the Heavenly Hundred memorial sign. The next objectives of the agent’s encroachment were the offices of volunteer and patriotic organisations, as well as military equipment in the Odessa region. Thus, on the eve of Russia’s full-scale invasion of Ukraine, the Russian special services wanted to conduct information and psychological special operations in the context of the alleged “presence in the Odessa region of a pro-Russian underground and anti-Ukrainian sentiments.””

67. Espionage Charges Against Former Argentinian President Dropped and Case Dismissed

As it was reported before (see week 8 story #41), the former President of Argentina, Mauricio Macri was prosecuted for abusing the Federal Intelligence Agency’s (AFI) capabilities to conduct surveillance on the families of the 44 sailors who died in the 2017 ARA San Juan (S-42) submarine accident. This week it was officially announced that “a Buenos Aires Federal Court Friday dismissed all charges against former President Mauricio Macri for allegedly spying on the relatives of the crew members of the ARA San Juan submarine killed when the vessel sank in the South Atlantic. The court of appeals understood that no crimes were committed and Friday’s ruling also benefitted former Federal Intelligence Agency (AFI) chiefs Gustavo Arribas and Silvia Majdalani, in addition to lower-ranked AFI operatives in Mar del Plata. “The truth won. The truth can still win in Argentina. Let us not lose faith. There is less and less time left for Argentina to change forever,” Macri said.”

68. Podcast: Secrets & Spies: Spy Game with Michael Frost Beckner

On Friday the Secrets & Spies podcast series published a new 1.5-hour long episode. As per the video’s description, “on today’s podcast, we are joined by Michael Frost Beckner. Michael was the writer of my favourite spy film “Spy Game”. He joins us to discuss the making of that film and we also look at his TV show “The Agency” which was the first TV show to get access to the CIA headquarters and it had direct assistance from the CIA on certain stories and episodes.”

69. Taiwan: 14 Former Catcher Technology Employees Indicted for Corporate Espionage by Chinese Luxshare Precision

On Saturday it was announced that the “New Taipei District Prosecutors Office has filed corporate espionage-related charges against 14 individuals for stealing classified information from their former Taiwanese employer, Catcher Technology Co., to give to their company in China. New Taipei prosecutors said that Catcher, a manufacturer specializing in making metal casings for devices like computers and smartphones, is one of the main suppliers of metal cases for American tech conglomerate Apple’s iPhone and iPad products and currently has the highest market share in metal casing in Taiwan. Prosecutors said that Catcher’s Chinese competitor, Luxshare Precision, wanted to enter the market quickly to secure orders from Apple, noting that to achieve that goal, Luxshare moved to “poach” one of Catcher’s research and development teams based in China. Prosecutors said the 14-member R&D team, led by a management-level employee, surnamed Cheng, was offered increased salaries, relocation bonuses, and management-level positions when it brought Luxshare’s products to market. It is alleged that before Cheng and his team left Catcher for Luxshare, they worked together to steal large amounts of Catcher’s R&D and management secrets to use in Luxshare.”

70. Nambi Narayanan Opens Up On ISRO Espionage Accusations

This was one of the most high-profile espionage case in India’s modern history. It took place in 1994 and involved the stealing of classified documents from the Indian Space Research Organisation (ISRO). In this article (and video) ISRO rocket scientist and one of the defendants in this case, Nambi Narayanan, gives his perspective and how it was uncovered in 2021 that it was a conspiracy involving government officials, which led to the court dismissing some of the evidence.

71. In Albania an ex-Mujahedeen Spy Planned MEK Official’s Murder

According to Albanian Daily News, the Special Anti-Corruption Structure (SPAK) conducted searches “in the residences of 9 former members of the MEK, as they are suspected of being part of the espionage group, where former mujahedin Bijan Poolagrad was arrested earlier.” This is related to the case from week 26 (story #22). The article continues that “Iranian Bijan Poolagrad is accused by SPAK of being part of a terrorist cell, which was planning to carry out attacks on senior Iranian opposition officials who were sheltered in the Ashfraf 3 camp in Manez, Durrës. The former resident of the Mujahideen camp is facing Albanian justice for several charges, such as “performing services and actions with blacklisted persons”, “terrorist organization”, or “illegal interception of computer data”. It is learned that the defendant allegedly cooperated with employees of the Iranian secret services known as the Revolutionary Guards and received payments from them.”

72. S2 Underground: Tradecraft: One-Time Pads

On Saturday the S2 Underground published a 50-minute long instructional video about One-Time Pads (OTP) under the series “Tradecraft.” This was a very common method for secure communications in the espionage world for decades.

73. FBI: FaceApp Poses “Potential Counterintelligence Threat”

As reported by Live News Club, the United States FBI “said that FaceApp and other mobile applications developed in Russia pose a “potential counterintelligence threat.” In a letter to US Senator Chuck Schumer, the FBI pointed out the potential counterintelligence risk from mobile apps developed in Russia. Senator Schumer called for an investigation into the face-editing app.”

74. US Intelligence Community Experts Agree That SCIF Life Needs to Change

On July 14th former US government employee Jillian Hamilton published a short article based on a discussion from the Intelligence and National Security Alliance (INSA) fifth annual symposium. The article goes through the challenges of working in Sensitive Compartmented Information Facilities (SCIF), how COVID-19 pandemic changed the views of many in the Intelligence Community (IC), and how to move forward with the challenges of the “SCIF life” that most intelligence professionals are dealing with.