SPY NEWS: 2022 — Week 31

Summary of the espionage-related news stories for the Week 31 (31 July-6 August) of 2022.

1. Amniyat: Al-Shabaab’s Secret Security and Intelligence Wing

Last Sunday, Bobby Payne of the Grey Dynamics published this article summarising how the spy wing of the Al-Shabaab terrorist organisation works, how it’s structured, and some historical examples of their activities.

2. Podcast: Shawn Ryan Show: CIA Senior Officer Marc Polymeropoulos

On August 1st, the Shawn Ryan Show published a new 2.5 hours-long podcast episode featuring Marc Polymeropoulos, a highly decorated former CIA intelligence officer with extensive experience in the domain of counter-terrorism. As per the description, “Marc Polymeropoulos gives great insight of what a career from start to finish at CIA would be like. We discuss how he was recruited, his training at the farm, and his deployments killing bad guys.
Marc then discusses his trauma from Havana syndrome. Believed to be caused by microwave weapons.”

3. Former Greek Minister States He Was Under Surveillance by Four Intelligence Agencies

Following last week’s (story #34 and #58) revelations of espionage targeting Greek journalists and politicians, this week the former Minister of Productive Reconstructions, Environment and Energy (2015) Panagiotis Lafazanis stated that “I am officially informing you that, as the Minister of Energy in the SYRIZA administration and due to the negotiations that resulted in an agreement with Russia for the passage of a large pipeline through our country, I was under covert surveillance by at least four agencies during that period. Greek and foreign intelligence agencies.”

4. Former Senior CIA/DIA Officers Comments on Russian Spies Across the United States

Fox News published a video featuring former United States CIA Moscow Chief of Station (COS) Dan Hoffman and former DIA inteligence officer Rebekah Koffler commenting on the threat of foreign spies operating inside the United States. This was based on last week’s story #25 from Hawaii and #72 from Florida.

5. Japanese Hyogo Medical University Closed Confucius Institute for Being a Chinese Spy Hub

It was officially announced that the “Confucius Institute of Traditional Chinese Medicine” was closed for counter-intelligence reasons on February 28th, 2022. That institute was jointly operated by the Japanese Hyogo Medical University and a Chinese university after it was established by the Chinese government in 2004 to promote the Chinese language and culture. As per the article, it was “a spy and propaganda agency of the Chinese Communist Party.”

6. The Power of Counterintelligence: The Venona Papers Identified Soviet Spies in America

On July 31st, 30+ CIA veteran Christopher Burgess published an article stating that “for those who follow the history of the Soviet Union spying in the United States, the Venona Papers no doubt has percolated to the top of your reading list. Venona confirmed the collaboration of a number of individuals with the Soviet Union and their intelligence apparatus. In July 1995, the CIA released the first group of the Venona translations to the public, and in 1996 at a conference on the papers, the remainder of the 2900 Soviet intelligence messages were shared.”

7. Armed Man Linked with Iranian Spy Agency Arrested in New York After 2 Days of Stalking Known Iranian Dissident

The Daily Mail reported that “Khalid Mehdiyev, 23, was found Thursday with the loaded assault rifle, a separate high-capacity magazine and more than $1,000 worth of cash hidden in a suitcase in his car, according to a federal complaint. For two days prior, it says, he had been sitting in his gray Subaru Forester SUV on a Brooklyn street with an Illinois license plate for several hours, focusing on the home of dissident journalist Masih Alinejad. During that time, federal officials say, he began acting suspiciously — ordering food to be delivered to his car, looking inside the window of the home and even attempting to open the front door. He was eventually stopped by the NYPD on Thursday at around 3pm when he rolled through a stop sign. Cops at the time found he was driving without a license, and placed him under arrest.” The report continues that “according to a federal indictment last year, the Iranians researched how to get Alinejad out of New York, with one of the four named defendants researching a service offering ‘military-style speedboats for self-operated maritime evacuation out of New York City, and maritime travel from New York to Venezuela.’ Alireza Shahvaroghi Farahani is described in charging documents as the spy chief. He worked with Mahmoud Khazein and Omid Noori plus Kiya Sadeghi. The four named defendants ‘monitored and planned to kidnap a US citizen of Iranian origin who has been critical of the regime’s autocracy, and to forcibly take their intended victim to Iran, where the victim’s fate would have been uncertain at best,’ the indictment read.”

8. French DGSE Exhibition “The World of Espionage” in Paris

This week it was announced that on September 17–18, 2022 the French DGSE will host an exhibition at Musée de l’Armée in Paris, France. The exhibition is called “le monde de l’espionnage” (The World of Espionage) and among other artefacts, it will also display a WWII-era Enigma cipher machine.

9. US DoE Would Mandate Polygraph Screening of Chinese, Russian, and other Foreign Nationals as Counter-Intelligence Measure

This is about a new Senate Bill for the United States Department of Energy (DoE) which, among others, is responsible for nuclear power plants and critical infrastructure of the energy sector. According to this, “U.S. senators John Barrasso (R-WY) and Roger Marshall (R-KS) introduced Senate Bill 4634, “A bill to require the Secretary of Energy to administer polygraph examinations to certain foreign nationals with access to nonpublic areas or information of the National Laboratories.”.”

10. Fake Turkish MİT Officers Arrested While Trying to Blackmail Interpol Wanted Criminal

As it was reported in local media, “in the Alanya district of Antalya, 5 people, including a lawyer, went to the house of an Estonian national named H.R. whom they learned was wanted by Interpol. The suspects were planning to get money by blackmailing the criminal. However, the members of the network who could not find the suspect at his home went to the police station, said that they were intelligence officers, and showed them their fake permit papers and IDs with the MİT logo. The suspects demanded the arrest of the person wanted by the Interpol. However, it turned out that their documents were fake. Four of the suspects were arrested for “forgery of official documents” and “illegal undertaking of public office”. One person was released on condition of judicial control. The Estonian suspect, whom the network wanted to set a trap for, was also caught and handed over to the Antalya Removal Centre.”

11. Cyber Espionage Operation by Russia’s FSB Targeting Ukraine

On Monday, cyber threat intelligence researcher Souiten discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as GAMAREDON, who has been previously associated with Russia’s FSB. The operation involved lure documents sent to Ukrainian officials which, if opened, were covertly installing a cyber espionage software implant.

12. SDF Arrested 36 Turkish Spies in the Kurdistan Region of Syria

Following the last week’s assassinations of Kurdish officials by the Turkish MİT, this week RUDAW reported that the Kurdish-led Syrian Democratic Forces (SDF) “launched a covert operation against alleged spies and infiltrators claiming they work for Turkey, arresting dozens in the process. The operation, dubbed Oath, was conducted by the SDF in several areas under its control, including parts of the provinces of Hasaka, Deir ez-Zor, Raqqa, and Aleppo, and “resulted in arresting 36 persons involved in espionage activities,” the US-backed force reported. “The Turkish occupying state and its intelligence work extensively to create spy networks and agents and allocated a large budget,” the SDF said, calling the alleged Turkish recruitment of spies and agents within SDF-held territories a method of “undermining the trust of our people and arousing suspicion and skepticism.” The operation coincides with growing concern over a fresh Turkish operation in northern Syria, with Ankara targeting key leaders of the SDF and launching a spate of drone attacks on Manbij and Tal Rifaat — areas it seeks to seize control of.”

13. Latvian VDD Detained Russian Agent in Counter-Intelligence Operation

On August 1st, with an official statement, the Latvian State Security Service (VDD) announced that on July 30 (Saturday) they detained a Latvian national who “justified the hostilities initiated by Russia in Ukraine and the war crimes committed by the Russian armed forces in several Russian propaganda resources, as well as spread misinformation about Latvia and its allied countries with the aim of discrediting them. Also, the information available to the service shows that the person cooperated with a person included in the EU sanctions list.”

14. CIA: Honouring the Mission of Project AZORIAN

The United States Central Intelligence Agency (CIA) published a new story as part of its 75th anniversary, this time for Project AZORIAN, a covert CIA operation from 1968 to recover intelligence from a Soviet Union submarine that sank to the floor of the Pacific Ocean. This story features Sherman Wetmore, a lead engineer on Glomar Explorer, the modified ship that was used in Project AZORIAN.

15. Ukrainian SBU Detains Two Russian FSB Agents in Sumy

On Monday, Ukraine’s Security Service (SBU) issued an announcement for the detainment of two Ukrainian nationals were were acting as Russian FSB agents in the region of Sumy. As per the announcement, the two suspects “were looking for “weak spots” in the defence lines of the Sumy Oblast. The suspects collected information about the deployment locations, the number of troops and weapons, as well as the available fortifications of the Ukrainian Defence Forces. According to operational information, the enemy planned to use these data for the possible transfer of sabotage and reconnaissance groups to the territory of the region. The two men were recruited by Russian intelligence services during the invasion of Ukraine. They informed their handlers about the situation at the border. The perpetrators took photos and videos of military facilities and handed over files linked to the area to FSB officers.”

16. Podcast: State Secrets: The Potential for Integrating Intelligence & Intuition

On August 1st, the State Secrets podcast released a new 27-minute long episode where “Suzanne talks with former CIA Deputy Director of Intelligence and founder of the Mossbridge Institute, Dr. Julia Mossbridge.” As per the title, the subject is the potential for integrating intelligence and intuition.

17. Potential Indian Cyber Espionage Operation Targeting Pakistan

Cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation that has hallmarks of an actor dubbed as DONOT, who has been previously associated with an Indian cyber espionage solutions vendor. The operation includes a lure document which likely impersonates the Financial Action Task Force (FATF), and is targeting Pakistani entities. If the lure file is opened, it is covertly installing a custom cyber espionage software implant.

18. Chinese University Publishes Research on Indoor Optical Fibre Eavesdropping — Links to Intelligence Collection Capabilities

Researchers from the State Key Laboratory of Precision Measurement Technology and Instruments of the Department of Precision Instrument, as well as the Key Laboratory of Photonic Control Technology, both from the Tsinghua University of China, published a research paper stating that “the optical fiber network has become a worldwide infrastructure. In addition to the basic functions in telecommunication, its sensing ability has attracted more and more attention. In this paper, we discuss the risk of household fiber being used for eavesdropping and demonstrate its performance in the lab. Using a 3-meter tail fiber in front of the household optical modem, voices of normal human speech can be eavesdropped by a laser interferometer and recovered 1.1 km away. The detection distance limit and system noise are analyzed quantitatively. We also give some practical ways to prevent eavesdropping through household fiber.” Russian media reported this week that this technique can be used “for listening to conversations inside rooms where fibre optic cables run. They are used, for example, to provide internet connectivity, so you can find them everywhere.”

19. Iranian MOIS Detained Bahai Group Members for Espionage

With an official announcement the Ministry of Intelligence (MOIS) of Iran stated that their counter-intelligence unit arrested a number of members of the Bahai group, which according to MOIS, is backed by the Israeli Bait al-Adl centre, based in Palestine. The Iranian counter-intelligence discovered “documents that indicate that the centre had communicated a strategy to revive the organisation of the heretical Bahai sect inside Iran under the title of “aggressive propaganda” and a special operation for intelligence gathering of targeted nature by the dismantled network.” MOIS continues that the arrested agents were propagating Bahai teachings and were “infiltrating educational environments at different levels.”

20. Podcast: Cleared Hot: Former SOF and CIA GRS Mike Glover

The Cleared Hot podcast published a new 1.5-hour long episode featuring Mike Glover. As per the description, “Mike spent 18 years in the US Army and as a government contractor for OGA (Other Government Agency). He served as a SGM (Sergeant Major) in Special Forces in various positions and deployed multiple times to combat theaters. He is an expert in Counter-Terrorism, security, and crisis management operations and is the host of the Fieldcraft Survival Podcast on iTunes and Soundcloud. Mike is an avid outdoorsman, overland, traveler, and hunter. He has a bachelor’s degree in Homeland Security and resides in Utah, where he is the CEO of Fieldcraft Survival.”

21. Pakistani ISI Reportedly Uses Drones in the Border with India

According to the Times of India, “more sightings of Pakistani drones have forced the Border Security Force (BSF) and the border range police to step up vigil ahead of Independence Day. But ground fire won’t do. Shooting down enemy UAVs in the Indian skies will require smart border technology.” The article continues that “Pakistani spy agency Inter-Services Intelligence (ISI) is suspected to be using using drones extensively to push arms, ammunition, and drugs into India. “With each sortie, the Pakinstani drone pilots gain more experience and their observation of the Indian posts improves,” said a source.”

22. Ex-NIS Director Suh Returns Home Amid Probe Into Repatriation of N. Korean Fishermen

Following week 29 story #2, this week it was reported that “former National Security Adviser Suh Hoon has returned home from the United States recently to face allegations of wrongdoing in connection with the 2019 repatriation of two North Korean fishermen. Suh was accused of ordering an early end to a government debriefing of the North Koreans captured near the inter-Korean sea border when he was the country’s spy chief, in a suspected attempt to send them back to their homeland despite their expression of a desire to defect to South Korea. Suh, who had stayed in the U.S. for months at the invitation of a think tank, returned home late last month, and prosecutors plan to call in him for questioning after wrapping up investigations of working-level officials first.”

23. Nigeria’s Spy Agency (DSS) Arrested Boko Haram Leader Who Took a Security Job to Spy in Ogun State

Last Sunday, operatives of Nigeria’s main security agency, the Department of State Services (DSS), arrested a Boko Haram leader. As per the report, “the suspected Boko Haram leader was arrested at Ijaye area of Abeokuta. It was also learnt that the suspect initially put up a resistance before bowing to the superior power of DSS operatives during the operation carried out at night. A security source told the publication that the suspected terrorist arrived Abeokuta from Katsina, took up security job at Ijaye, while gathering intelligence for terrorist attacks. He reportedly moved to Abeokuta to set up terrorists’ cell for kidnapping and terror attacks.”

24. Matt Bryden, a Briton Convicted of Espionage, Threatens Somali Journalists

According to The Somalia Star “Matthew David Bryden, a British citizen who runs a regional disinformation firm in Kenya’s capital and was last year convicted of “leaking” Somalia’s national secrets to others, is threatening with death Somali journalists who wrote a critical editorial on President Hassan Sheikh Mohamud of Somalia. “Don’t waste your time on the walking dead,” Bryden wrote in a tweet on Sunday that was roundly condemned by Somalis who called him “evil” and a “war profiteer.” “He must be held responsible for anything that happens to the journalists of The Somalia Star, Allah forbid,” former lawmaker Zakariye Mahmud Haji Abdi said. It was not clear what in particular prompted Bryden’s anger, or whether he was issuing the threat on behalf of President Hassan, the subject of the editorial, to frighten The Somalia Star journalists into silence. Bryden and Hassan have been friends for a long time. A day after Hassan’s reelection, Rashid Abdi, an employee of Sahan Research, which Byrden serves as its director, boasted that he was the author of the president’s campaign strategy.”

25. Podcast: Jack Barsky — A Spy Among Us

On Monday, the Keep Talking YouTube channel published a new 1.5-hour long episode featuring former KGB spy Jack Barsky. As per the video’s description, “Jack Barsky is a former KGB spy who worked undercover in the United States for ten years, from 1978 to 1988. During our conversation, Jack talks about his early life in East Germany, being selected for espionage by the Soviet government, his prior commitment to and belief in Communism, his impression of the United States and its people upon entering the U.S., his objectives as a spy, his experience living in America, the flaws and dangers of utopianism, and the KGB experience of one of his contemporaries, Vladimir Putin. Jack is now a U.S. citizen, and his life story, detailed both in his memoir, “Deep Undercover,” and in the podcast “The Agent,” is one of the most fascinating that I have come across. He has lived for decades in two parallel worlds — in Soviet and American civilization — and has important wisdom and reflections to share about his experiences and each system’s compatibility with human nature.”

26. Ukrainian GUR Reports that Russian Mobile Applications are Used for Intelligence Gathering

The Ukrainian military intelligence (GUR) reported that “through Russian mobile applications in the form of a game the enemy receives from user data about the location of military facilities, critical infrastructure or induces citizens to unknowingly help the occupiers, therefore the Ministry of Internal Affairs of Ukraine warns about the danger of using mobile applications developed by the intelligence services of Russia. The user should be alerted if the application offers to take photos of the area, share geolocation information or overlay a “picture” on the asphalt. For safe use of online applications, the cyber police recommends downloading them only from official sources — AppApp Store, Google Play, Galaxy Store, AppGallery, etc. And also check all available data, such as information about developers, access permissions that the application requires during installation, user reviews, etc.”

27. Former Greek Minister States that NIS has the Israeli Predator Cyber Espionage Suite

Following story #3, former Minister of Foreign Affairs (2019) Georgios Katrougalos stated that the National Intelligence Service (NIS) did conduct convert surveillance on opposition leaders and journalists under the Prime Minister’s orders and now they are jointly attempting a cover-up. He also “maintains the position that that the Predator espionage system was purchased by the Greek State. Mr. Katrougalos supports that NIS is directly involved in the covert surveillance cases and assigns the political responsibility to the Prime Minister, Kyriakos Mitsotakis, to whom he attributes the “attempted cover-up”.”

28. Podcast: A Peek Into China’s All-Pervasive Espionage Network

The Stat News Global released a 28-minute long podcast episode featuring French investigative journalist and author Roger Faligot, author of the book “Chinese Spies: From Chairman Mao to Xi Jinping” covering the topic of Chinese espionage activities. As per the video’s description, “be it enforcing COVID-induced lockdowns, managing restive regions such as Xinjiang, policing the cyberspace for anti-establishment posts or keeping an eye on dissidents both in China and abroad, the Chinese Communist Party resorts to the liberal use of surveillance aided by technology. And espionage has been part of Chinese statecraft, starting from the times of Mao Zedong.”

29. US NSA Announcement for Catherine S. Aucella

On August 4th, the United States National Security Agency (NSA) issued an announcement stating that “Ms. Catherine S. Aucella serves as the Executive Director of the National Security Agency. In this capacity, she works with the NSA’s Director and Deputy Director to provide leadership in all areas of the enterprise and to represent NSA’s interests both internally and externally.”

30. AFCEA’s SIGNAL Journal for August 2022 was Published

This week the Armed Forces Communications and Electronics Association (AFCEA) released a new version of their website as well as the August 2022 edition of their international journal, the SIGNAL, with articles such as: “Army Aims to Fully Push Electromagnetic Spectrum” and “Addressing the Need for Secure Waveforms and Radio Equipment.”

31. Australia’s ASIO Publishes Photo for Tradecraft Tuesday

On August 2nd, the Australian Security Intelligence Organisation (ASIO) published an archived photo with various spy gadgets used by ASIO spies during the Cold War era. As per the description, “handbags contain many items, but for this ASIO surveillance officer it was more than keys, coins & lipstick. This bag from 1978 concealed a camera, radio transmitter & receiver to record clandestine meetings between spies & terrorists.”

32. Cyber Espionage Operation Targeting Turkish Navy

Cyber threat intelligence researcher Souiten discovered and disclosed technical indicators of a new cyber espionage operation targeting the Turkish Navy. It was a series of documents impersonating the Turkish National Research Institute of Electronics and Cryptology and other official entities which if opened were covertly installing a customer cyber espionage software implant. Currently, it is not known who is the actor behind this operation so it’s temporarily dubbed as ACTOR210426.

33. OSINT: Tracking the Faceless Killers who Mutilated and Executed a Ukrainian POW

On August 5th, the Bellingcat published this investigation report using a wide variety of Opens Source Intelligence (OSINT) methods and analytic techniques. As per the article, “on July 28, a series of horrifying videos circulated on pro-Russian social media which depicted an act of sexual violence and execution of what appeared to be a Ukrainian prisoner of war. Bellingcat has not linked to these videos due to their extremely graphic nature. The three videos (hereafter ‘the violent videos’) were initially posted on a Russian telegram channel whose name translates as ‘Cargo 200, death to Ukrainians’, which extolls casualties among Ukrainian armed forces. The videos were subsequently reposted on the popular Rosich Telegram channel run by a nationalist Russian mercenary group. The videos were initially celebrated by the channel administrators and most of the commenting users, until several hours later they were suddenly disowned by the same as “likely forgeries”, allegedly planted in the pro-Russian channels by agents of Ukraine aiming to discredit the Russian army.”

34. SIGINT Historian: Source Protection

The former departmental historian of Britain’s GCHQ, Tony Comer, published this blog post on August 4th. As per the post, “Sigint End Product (EP) is the intelligence sent to customers which contains the producing agency’s considered view of what material it has intercepted actually means, and is therefore carefully protected, as it can reveal both the source of the intelligence and the methods by which it has been produced. As early as the First World War, was separated into two types depending on whether it had been derived from cryptanalysis or traffic analysis (TA, though up to 1940 it was more commonly referred to as Wireless Telegraphy Intelligence (WTI)). TA reporting was given a wider circulation than cryptanalytic, as it was reasonable to assume that people in other countries knew that their wireless traffic could be intercepted and that it might be possible to draw inferences from it, but both types of reporting were classified. Protecting the source of the intelligence, to ensure that it was not compromised as a source, was part of the process.”

35. DGSE Announces Anniversary Films from the World of Espionage

As per of this year’s 40th anniversary of the French DGSE, there will be two special films presented on September 15th and 16th respectively. The first, titled “OSS 117: Rio No Longer Responds” and the second “The Shadow Army.”

36. Ukrainian SBU Releases Details of 5 Russian Collaborators

On August 4th, Ukraine’s Security Service (SBU) released the details of 5 individuals who, according to the SBU, “help the Russian Federation legalise the occupation in the east.” The 5 individuals are: 1) A resident of Rubizhne, former deputy of the city council from the “OPZZH” party, who was appointed “deputy head of the administration” of the temporarily occupied Svativ district, 2) A deputy of the local council, who assumed the position of “deputy head of the administration of the Markiv district of the LPR,” 3) the head of the life support department of the Starobilsk district, 4) A resident of Donetsk region, who headed the “administration of the Volnova district of the DNR,” and 5) The head of the “Mangush settlement council of the DNR.”

37. Polish ABW Prepares for Drone Terrorist Attacks

Through an official announcement the Polish government stated that the domestic spy agency, ABW, worked with the country’s anti-terror units in exercises that took place on July 26–28 at the training ground in Zielonka near Warsaw. The exercises were focused on counteracting “drones adapted to transporting explosives, which were prepared using materials available at home in order to carry out a terrorist attack.”

38. Dutch MoD and Challenges with Moving SIGINT Station from Burum to Secret Location

This week it was reported that the Dutch Ministry of Defence (MoD) “will not succeed in moving the interception station in the Frisian Burum before September 1, 2022 to a secret location abroad. That station operates on the 3.5GHz band and is one of the barriers to the adoption of 5G frequencies within that band.” One of the potential candidates for moving the station is Greece according to the article.

39. Podcast: SpyCraft 101: 6 New Episodes Published

During this week, the SpyCraft 101 published 6 new podcast episodes. Those were: 1) The CIA Men Tortured in Fidel Castro’s Cuba with Justin Black, 2) Espionage in Academia and Higher Education with Daniel Golden, 3) The True Story of the Portland Spy Ring with Trevor Barnes, 4) Life as a Nicaraguan Contra with Luis Moreno, 5) The Story of a Soviet Defector with Alexandra Costa, and 6) Assassination by Poisoning: Russia and the Soviet Union with Justin Black.

40. Cyber Intelligence: Strategic Warning is Possible

This week, CryptoMe released a 2022 research paper originally published at the International Journal of Intelligence and Counterintelligence. The abstract of the paper is: “Governments and private security firms have studied many intelligence aspects of cyberconflict, but the public literature has not described the existence of a strategic cyber warning function or addressed the question of whether strategic warning of significant cyberattacks is possible. This article argues that it is, but technical characteristics of cyberspace and the rapidly evolving nature of cyber-related conflict make cyber warning more difficult than traditional strategic warning. Addressing these complexities requires specialized teams of experts. In the U.S. case, new warning skills and institutions are needed.”

41. Decades After End of Northern Irish Conflict, the Legacy of Spies Remains Obscure

Joseph Fitsanakis of the Intel News published this article stating that “The Northern Irish conflict was a 30-year irregular war involving the government of the United Kingdom and an assortment of paramilitary groups. By the mid-1990s, when most of these groups had declared ceasefire, over 3,600 people had been killed and over 40,000 injured. The major paramilitary groups that participated in the conflict were the separatist Provisional Irish Republican Army (IRA) and Irish National Liberation Army (INLA), and the pro-UK, or ‘loyalist’, Ulster Volunteer Force (UVF) and Ulster Defence Association (UDA). Although the bloody conflict has been the subject of numerous studies, its intelligence component is still obscure.”

42. Kosovo Detains Russian Journalist at the Border Over Espionage Concerns

As reported by Reuters, “Kosovo’s interior minister said on Saturday it has arrested a Russian journalist at the border on suspicion that she could be a spy, and security authorities were searching “for her intentions.” The country’s interior minister Xhelal Svecla named the journalist as Daria Aslamova. “Many countries have proven that she was engaged in espionage for Russian military intelligence and that she pretended to be a journalist,” Svecla said in a press statement.”

43. Podcast: SpyCast: Becoming a Russian Intelligence Officer

This week the International Spy Museum’s SpyCast released a new podcast episode featuring Janosh Neumann (born Alexy Yurievich Artamonov), a former Russian Federal Security Service (FSB) officer who defected to the United States in 2008. The intelligence topics covered are: 1) Why Jan defected to the United States, 2) How you get recruited and trained as a Russian intelligence officer, 3) What it is like to recruit and run agents in Moscow, and 4) His take on what he did for the Russian state.

44. SBU Detained Ukrainian for Acting as Russian Agent

On August 3rd, Ukraine’s SBU announced that they detained an assistant of a current People’s Deputy who was planning to “head the occupation administration in Cherkasy region, if the enemy managed to capture the region. Together with one of their henchmen, they carried out information-subversive activities in favour of Russia, claiming that the war in Ukraine is exclusively an internal civil conflict. The extras considered it inexpedient to resist the aggressor, were waiting for the occupation of the city and condemned the activities of the military and political leadership of Ukraine. However, when the attacker realised that the armed forces were successfully countering the Russian army and liberating the occupied territories, he tried to flee abroad. The SBU detained the deputy on the eve of his departure to the USA.”

45. Director of CIA on the Passing of Gary Schroen

On August 1st, the Director of the United States Central Intelligence Agency (CIA), William J. Burns issued the following press release: “Today, CIA mourns the passing of Gary Schroen, a legend and inspiration to every Agency officer. In Afghanistan more than two decades ago and in every other role he served at CIA, Gary embodied the very best of our organization. We will never forget his unwavering dedication, loyalty, and perseverance to protect and defend our country. In the aftermath of the September 11, 2001 attacks, Gary delayed his retirement to lead an exceptional team of CIA officers–the first Americans into Afghanistan–on a mission against al-Qa’ida and its Taliban supporters. That mission, Operation JAWBREAKER, will forever stand as a tribute to Gary’s courage and leadership. We are fortunate to have the Mi-17 helicopter that Gary and his team used to carry out this daring mission dedicated on CIA’s grounds, where it will serve for generations to come as a reminder of Gary’s extraordinary place in CIA history. Gary will be greatly missed, but never forgotten.”

46. Britain Helps Ukraine Hunt for Russian Spies Eyeing Western Military Aid

Dominic Nicholls of The Telegraph published this story saying that “Britain is helping Ukraine hunt Russian spies targeting Western-supplied weapons, the acting deputy head of Kyiv’s military intelligence has said. Finding and destroying military aid flowing into Ukraine from Western countries is “goal number one for Russian agents”, according to Major General Vadym Skibitsky. Long-range artillery pieces, such as the US-supplied Himars system, have brought Moscow’s advance almost to a halt and in recent days have rendered bridges in the Kherson region impassable to Russian vehicles, cutting off troops as Ukraine prepares a counter offensive. Western officials believe Moscow has instructed intelligence agents, possibly including spies from the GRU’s Unit 29155 — deemed responsible for the 2018 Salisbury nerve agent attack and other attempted assassinations — to find the weapons donated by Western partners.”

47. Albanian Cyber Attack Evidence Suggest Iranian Operatives Were Behind it

On August 5th the Overt Operator published an analysis for a recent cyber attack that hit Albania. As per the description, “on July 17, 2022, Albania experienced the most aggressive cyber attack in its history. At first, the country had only experienced DDoS attacks on a few targets in the private and government sector, but the most recent attack disrupted the entire country’s online services for weeks. A hacktivist group by the name of ‘@homelandjustice’ claimed responsibility for the attack, and started posting leaks and videos from the hack to their website (homelandjustice.ru), Twitter (@homelandjustic1), and Telegram channel (@homelandjustice). The group has shown hostility towards the People’s Mojahedin Organization of Iran (PMOI, MEK, MKO) — a political-militant organization that advocates overthrowing the current Iranian government. Since early 2013 until 2016, Albania, under the request of the United States and NATO, has granted political asylum to approximately 3,000 members of the organization and their current headquarters is in Manëz, Durrës, Albania (41°25′36″N 19°34′26″E). The organization holds annual meetings with the other branches located around the world, with the meeting for this year scheduled to take place on July 23–24. The cyberattack started one week before the scheduled meeting. According to Mandiant, attackers deployed ransomware from the Roadsweep family, utilized a previously unknown backdoor, called Chimneysweep, as well as a new strain of the Zeroclear wiper — all indicators of Iranian APTs.”

48. Sri Lanka Refuses to Dock Chinese Ship that Spied on India

The Akhbar Al Aan news website reported that “India called on Sri Lanka to delay docking of Chinese ship accused of espionage” which is a demand that Sri Lankan government complied with. The report is about the “Yuan Wang 5” ship of People’s Liberation Army (PLA) Strategic Support Force of China. According to the Chinese PLA it is a research vessel, but according to India’s counter-intelligence it has advanced intelligence gathering capabilities.

49. Podcast: Grey Dynamics: Former Military Intelligence Analyst Alcon S2

This week Grey Dynamics released their second podcast episode with the following description: “today we spoke with former military intelligence analyst and New Zealand native Alcon S2. We talked about the role of OSINT in social media discourse and taking the mystique out of intelligence analysis tradecraft on social platforms.”

50. How the CIA’s Hit On Terror Kingpin Zawahiri Went Down

The Warzone released an article for the assassination of Al Qaeda leader Ayman Al Zawahiri. The article creates a timeline of events for this CIA-led counter-terrorism operation.

51. Rare Pegasus Screenshots Depict NSO Group’s Spyware Capabilities

The Apple Insider published an article including screenshots obtained by the Israeli newspaper Haaretz. The screenshots are from an old version of the Pegasus cyber espionage solution, developed and sold by the Israeli NSO Group to several intelligence agencies around the world.

52. The German Intelligence Story of Issuing a Warning for the Use of the Russian Kaspersky Cyber Security Vendor

Hakan Tanriverdi published an investigative article describing, via inside knowledge from Germany’s domestic spy agencies, the decision of the German government to issue a warning against the use of Kaspersky cyber security products.

53. Ukraine’s SBU Detains FSB Agent in Dnipro

With an announcement, including a video, Ukraine’s SBU stated that they “detained a Russian agent who was collecting data for adjusting missile strikes on Dnipro airfields. The FSB agent was also covertly collecting intelligence on the functioning of the Dnipro railway facilities, locations and movements of the Armed Forces and Teroborona units. According to SBU counter-intelligence, the agent transmitted the collected intelligence to a representative of the Russian special services through closed communication channels. In his “reports”, he described in detail each object with the surrounding territory, indicated its coordinates with photo and video recording. The occupiers used this information to plan sabotage and massive shelling of the infrastructure. According to the investigation, the traitor is an employee of one of a private security company of Dnipro. After the beginning of the full-scale aggression of Russia, he was recruited by a staff member of the FSB, having received an “offer” for cooperation through Messenger.”

54. Greece’s Intelligence Chief Resigns Amid Phone-Tapping Scandal

After this week’s stories #3 and #27 as well as last week’s (story #34 and #58), the head of the Greek National Intelligence Service (NIS), Panagiotis Kontoleon, submitted his resignation.

55. Podcast: Janes: OSINT in the Commercial Sector with LifeRaft

This week Janes’ World of Intelligence published a new podcast episode. As per the description, “in this episode of The World of Intelligence we speak with Neil Spencer on the value of OSINT in the commercial sector. Neil Spencer is the Director of Strategy and Partnerships for LifeRaft. He has more than twenty years of security industry experience, during which time he has advised both corporate and government sectors. His research focuses on the security and intelligence markets to understand how new technologies, trends, and online data sources impact assets and operations.”

56. United States FBI Counterintelligence Behind the Iranian Spy Plane Grounded in Argentina

Following week 24 (story #55) and week 25 (story #6) were Argentinian intelligence grounded a covert cargo plane used by Iranian spies for transportation, this week the United States FBI’s Counterintelligence Division (CD) worked with the Department of Justice to issue a “request to Argentinian authorities today to seize a Boeing 747–300M cargo plane following the unsealing of a seizure warrant in the U.S. District Court for the District of Columbia. The warrant, which was issued on July 19, 2022, alleges that the U.S.-made plane is subject to forfeiture based on violations of U.S. export control laws related to the unauthorized transfer of the plane from Mahan Air, an Iranian airline affiliated with the Islamic Revolutionary Guard Corp-Qods Force (IRGC-QF), a designated terrorist organization, and Empresa de Transporte Aéreocargo del Sur, S.A. (EMTRASUR), a Venezuelan cargo airline and subsidiary of Consorcio Venezolano de Industrias Aeronáuticas y Servicios Aéreos, S.A (CONVIASA), a Venezuelan state-owned company.”

57. Top Russian Hypersonic Missile Scientist Arrested on Treason Charge

As reported this week “a leading Russian scientist in hypersonic flight was arrested on suspicion of treason on Friday, according to Russian state media. Dr Alexander Shiplyuk, director of the Institute of Theoretical and Applied Mechanics of the Russian Academy of Sciences’ Siberian Branch, is the third Russian scientist this summer to be arrested on suspicion of treason.
The institute’s scientific director Vasily Fomin told the Russian news agency TASS that Shiplyuk was sent to the Lefortovo pre-trial detention center in Moscow. His detention comes after the arrest on June 27 of the chief researcher of the institute, Anatoly Maslov, who is suspected of transferring state secret data related to hypersonic missiles. According to the institute’s website, Shiplyuk heads a technology lab with unique wind tunnels purpose-built for simulating hypersonic conditions.”

58. Recently Captured Russian Military Documents Within Kherson Front Lines Exposes More Information on Russian Military Radio Codeword Use

The Numbers Station published a post on August 1st going through some captured Russian military documents that provide insights into the use of codewords by the Russian military forces.

59. South Korea’s President Accused of Plotting Probes Against Former Spy Chiefs

After the recent (last 1–3 weeks) of former NIS intelligence officers in South Korea, on August 3rd it was reported that “Park told a local radio station that President Yoon’s office “made the planning and ordered it, the NIS filed complaints, and the prosecution is investigating,” the report said. He asserted that investigators “will find no wrongdoing whatsoever,” it added.”

60. United States NRO Completed Spy Satellite NROL-199 Mission

After the delays (see week 30 #52 and week 29 story #18), on August 4th, the US National Reconnaissance Office (NRO) completed it’s spy satellite Launch 199 (NROL-199) mission and issued a press release.

61. The Increment: The UK’s Most Secretive Special Forces Unit

Abbi Clark of Grey Dynamics published this article talking about “The Increment” which is also known as the “E Squadron” of the UK’s special operations forces. The article starts by stating that “in 2003, reports of a secretive branch of the UK SAS known only as ‘The Increment’ or E Squadron hit the mainstream press. Described akin to a unit directly out of a James Bond novel, The Increment reportedly undertakes sanctioned high value targeting and other incredibly dangerous and elusive tasks. These reports were flagged and reviewed by the UK Committee on Foreign Affairs, under suspicion that the information leak resulted from collusion between UK and Israeli Intelligence Services. This does seem to indicate some recognition of the existence of such an organisation, and knowledge of this unit within the UK Intelligence Community. However, how much does the public know about the Increment, and does the Increment even exist?”

62. Ukraine’s SBU Dismantles Russian Intelligence Network

On August 6th Ukraine’s SBU announced that they dismantled a network of Russian intelligence operatives who were gathering intelligence on the positions of Ukraine’s Armed Forces in the eastern front. As per the announcement, “one of the “links” of the network was a representative of the occupation administration of Russia — an “official” of the so-called “supreme court of the DNR”, involved in the persecution and illegal imprisonment of Ukrainians. The agent network included 6 local residents recruited by the special services of Russia after the start of the full-scale invasion. They transmitted the collected data to the invaders through specially created internet platforms in the form of coordinates on electronic maps with supporting photo and video recording materials.”

63. Podcast: Combat Story: SEAL Team 3 & DEVGRU Intel Officer Kristen Murdock

The Combat Story released a new podcast episode on August 6th. As per the video description, “today we hear the Combat Story of Kristen Murdock, who spent 13 years in the Navy as a Naval Intelligence Officer from an Aviation Squadron off a carrier to Naval Special Warfare Development Group (DEVGRU). Kristen spent most of her military time deployed around the world and focused primarily on intelligence in the Middle East, South Asia, North Africa, and the Horn of Africa, including deployments at the strategic level with joint staffs to the tactical with SEAL Team 3 and DEVGRU. After her time in service, Kristen transitioned thanks to a phenomenal program designed for Special Operations service members and support staff called The Honor Foundation which helped her find her next career in Silicon Valley working in the Trust and Safety space at Facebook and, most recently, Twitch, as a senior leader. Kristen narrowly avoided be kicked out of the Naval Academy and had her dreams of flying shattered at the last moment but ended up hustling to find a more rewarding path in Intel that serves as a great lessons for those still rising through the ranks and I hope you enjoy her insights into the shadowy world of intel at a Tier 1 unit as much as I did.”

64. Vadim Bakatin Last Acting KGB Chairman dies in Moscow, Russia

APA reported that “Vadim Bakatin, last acting KGB chairman and a well-known Soviet and Russian political and social activist, died in Moscow, Russia, aged 85, on Sunday, July 31, APA reports citing Euroweekly. Vadim Bakatin, the last acting KGB chairman, under whom the once all-powerful Russian agency was reformed, after which the KGB was divided into several independent security agencies, has died. The infamous KGB was the main security agency for the Soviet Union from March 13 1954 until December 3, 1991. Born on November 6, 1937, in Kiselevsk, now Kemerovo Region, Russia Vadim Bakatin the last KGB chairman, began his career in Kuzbass. There, he worked in Kemerovo construction management and “Kemerokhimstroi”, was the Secretary of the Kemerovo City Committee and Kemerovo Regional Committee of the CPSU. In 1983, Vadim Bakatin fell into the field of view of the future Politburo member Yegor Ligachev, who was head of the Party Organisation Department of the CPSU Central Committee, after which Bakatin’s career began to take off.”

65. Webinar: The ISRO Espionage Case of India

The Shankar IAS Academy published an almost 1-hour long webinar covering the ISRO espionage case, one of the most high-profile espionage cases in India. As per description, “Shri T P Sreenivasan, Former Indian Ambassador belonging to 1967 batch, will discuss about infamous espionage case of ISRO involving Mr. Nambi Narayanan. We suggest the viewers to watch the entire session. The session is part of Shankar IAS Academy’s free online initiative on international relations on YouTube for the benefit of Civil Service Aspirants. One class a week is conducted as a weekly capsule. The sessions are being explained by former Indian Foreign Service officer Shri T P Sreenivasan (IFS 1967), a former ambassador of India and a former Permanent Representative of India to the United Nations, Vienna. He has served in the Indian Foreign Service for 37 years. He has also served as the Governor for India at the International Atomic Energy Agency. He is also a former member of National Security Advisory Board of Government of India.”

66. China’s Military Exercises Are An Intel Bonanza — For All Sides

This article was published on Politico stating that the Chinese military exercises are used both as a cover to gather intelligence on China’s adversaries, as well as by the US and Taiwan to collect intelligence Chinese military capabilities and TTPs.

67. Latvian VDD Sends 3 Russian Agents to Prosecutor

The State Security Service (VDD) of Latvia issued a press released stating that they are sending 3 cases related to Russian agents to the prosecutor. The first is for a Latvian national who supported Russia’s actions in Ukraine. The second against a Latvian national who sent threatening emails to the Ukrainian Embassy in Latvia. And the third, about a Latvian national who was collecting funds to covertly support Russian actions in Ukraine.

68. Ukraine’s SBU Reports Penetration of GUR by Russia’s GRU

Ukraine’s SBU issued a lengthy statement on August 5th describing that a Deputy Head of Ukraine’s military intelligence (GUR) with the rank of Major General is being suspected of being an agent of Russia’s military intelligence (GRU). SBU states that he had close relationships with his Russian counterparts from his studying years during the USSR era where he was a student at the Moscow Higher Military Command Academy.

69. India’s Spy Agency: Inside Story of Double Agent Spy Rabinder Singh

The EPIC Channel published a documentary for a double agent of India’s spy agency, the Research & Analysis Wing (R&AW). As per the description, “Amar Bhushan, once the number 2 man of R&AW, handling the counter espionage unit of the intelligence agency began to suspect that a member of the agency was passing information to the CIA. The suspect was a former army major who rose to head the south East Asia desk. Rumours spread in the agency that the suspect — Rabinder Singh, had begun to get curious about the other operations that the agency was involved in. Determined to get to the bottom of it, Amar Bhushan led a surveillance team to monitor the suspect, at times even risking his job for national security”.

70. The Penetration Tactics of the CIA and the Israeli Mossad and the Chinese Experience

Modern Diplomacy published this article by Dr Nadia Helmy starting by saying that “what occupied me the most during the last period after the control of the American Central Intelligence Agency and the Israeli Mossad on a number of those around me, including: professors, colleagues and relatives, was to spread the story of my madness everywhere, despite my severe isolation from everyone, due to my strict academic and analytical intelligence nature, which completely compels me to move away about all aspects of luxury or racing to get to know others for purely security reasons, related to my personal safety, for being targeted by the Israeli Mossad and the American Central Intelligence for many years, which made me very sorry, for the decline of morals of some, and their selling of their conscience and morals at any price for a few pounds will end It is implemented quickly, but it has caused harm to a person who was looking for restoring the dignity and prestige of the Arabs and helping them dismantle all the American and Israeli spy networks in the Middle East and the region, as well as preparing new generations capable of challenging and imposing and dictating their conditions on everyone with strictness and firmness. But, in the midst of this struggle, I was shocked by the morals of many around me, who sold and betrayed at a cheap price.”

71. Pakistani Spy Agency ISI Funding Terror via Bitcoin

According to Times Now News, “crackdown on hawala operators in the recent past has led Pakistan’s spy agency Inter Service Intelligence (ISI) use bit coin channel to fund terror in Jammu and Kashmir. This came to light during multiple raids conducted by sleuths of State Investigation Agency (SIA) in Mendhar, Poonch, Baramulla, Kupwara and Handwara area in connection with terror financing case registered in Counter Intelligence Police Station in Srinagar. Investigations conducted by SIA have once again exposed nefarious design of ISI to aid and abet terror in this region to scuttle peace. Investigation reveals that how mastermind sitting across the border in Pakistan with the connivance of ISI officers pumped slush money to their agents in J&K. Through these agents, money is further distributed among terror outfits for fueling mass violence and terror related activities in J&K.”

72. Russian Military Satellite Appears to Be Stalking A New U.S. Spy Satellite

This is a new article on the Warzone stating that “a recently launched Russian satellite with capabilities unknown is getting suspiciously close to what is reportedly a new U.S. spy satellite.”

73. Ukrainian SBU Disrupts FSB Agent Network in Several Regions

Ukraine’s SBU issued a press release stating that “SBU stopped the activity of the Russian FSB agent network, which operated in several regions of Ukraine. Security Service officers exposed and detained members of the interregional FSB Russian agent network, which provided the enemy with information about military and strategic objects throughout Ukraine. Its handler turned out to be a resident of Odessa. He was recruited by the Russian FSB and received the nickname “Professor”. To fulfil the tasks of the Russian special service, he created an extensive agent-informant network, involving residents of other regions. The Russian special service was interested in information about the location of decision-making centres and strategic objects of critical infrastructure in the regions of Ukraine. SBU officers detained the “Professor” on the “hot spot” — during reconnaissance around the Odesa military administration. Another agent of this network in the Ivano-Frankivsk region has also already been detained.”

74. Russia to Launch Satellite on Behalf of Iran With Unprecedented Spying Capabilities

The Haaretz reported on August 5th that “Moscow will launch the Kanopus-V satellite system, a Russian-made satellite allowing for near-uninterrupted monitoring of large swaths of land, including sites in Israel and the Gulf.”

75. Ukraine’s SBU Detained a Russian Agent in Mykolaiv

On August 4, Ukraine’s SBU announced the detainment of a Ukrainian man in the area of Mykolaiv who “proactively “leaked” data through groups in social networks and messengers administered by Russian intelligence services. According to his information, the occupiers repeatedly fired artillery and rocket strikes at the city. During the search, communication devices containing evidence of his criminal activity were seized.”

76. Ukraine’s SBU Exposes FSB Agents in the South

On August 6th Ukraine’s SBU announced that they “exposed FSB agents who helped the enemy destroy the shipbuilding infrastructure in the south. Two criminals carried out reconnaissance and sabotage activities in the Mykolaiv region: they collected and passed on intelligence to the enemy about important infrastructure facilities, fuel depots, the deployment and movement of the armed forces and equipment. The occupiers used the received data to launch targeted missile strikes and massive artillery fire. As a result of the actions of this agent network, several objects of the city’s shipbuilding infrastructure were destroyed and damaged, including the factories “Equator”, “Krystal”, “Ocean”, warehouses with fuel and lubricants, destruction was caused to objects of social infrastructure. The agents carried out constant visual surveillance of the objects of interest to the enemy and sent the results to their handler using sophisticated closed electronic communication channels. Enemy agents were informed of the suspicion and a preventive measure was chosen — detention.”