SPY NEWS: 2022 — Week 34

Summary of the espionage-related news stories for the Week 34 (August 21–27) of 2022.

1. Interview — AFIO: Alex Finley, Former Operations Officer, Journalist, Author, Satirist, on Her CIA Career and Novels

On August 21st the US Association of Former Intelligence Officers (AFIO) published a new interview, which originally took place on May 23rd 2022, with Alex Finley. As per the description, “ALEX FINLEY is a former officer of the CIA’s Directorate of Operations (2003–09), where she served in West Africa and Europe. Before becoming a bureaucrat living large off the system, she chased puffy white men around Washington DC as a member of the wild dog pack better known as the Washington media elite. Her writing has appeared in Slate, Reductress, Funny or Die, POLITICO, and other publications. The voice behind the viral Twitter feed #YachtWatch that tracks the movements of Russian oligarchs’ yachts, she has spoken to C-SPAN’s Washington Journal, CBC’s The National, Sirius XM’s Yahoo! Politics, The Cipher Brief, the Spy Museum’s SpyCast, and numerous other media outlets. She has penned three satires about the CIA: Victor in the Rubble, Victor in the Jungle, and her latest, Victor in Trouble, released April 2022.”

2. Regional Head of Ukraine’s SBU Found Dead in Kirovohrad

It was announced that Ukraine’s Security Service (SBU) and State Bureau of Investigations (SBI) are investigating the suspicious death of Oleksandr Nakonechnyi who was the Head of SBU at the Kirovohrad Oblast. He was found dead from gunshot wounds in his house by his wife last Saturday night.

3. SIGINT Historian: The Prime Minister’s Visit to Hut 7

On Monday, Tony Comer, former historian of the British GCHQ published this blog post covering Winston Churchill’s visit at Bletchley Park on Saturday 6 September 1941. Specifically, about his visit of the Hut 7.

4. Russian GRU Cyber Espionage Operation Targeting Ukraine

On Friday cyber threat intelligence researcher Jazi discovered and disclosed a new lure Microsoft Word document associated with a Russian military intelligence (GRU) cyber espionage operation from mid-June 2022 targeting entities in Ukraine. The lure document was titled “Правила от радиста Кибы.docx” (Rules from radio operator Kiba.docx) and if opened it was covertly installing a custom cyber espionage software implant.

5. CIA’s 1953 Coup Against Mosaddeq Remains Source of Iran’s Distrust of U.S.

On August 21st, the Chinese Xinhua published this article stating that “almost seven decades have passed since a U.S.-orchestrated coup toppled Iran’s then Prime Minister Mohammad Mosaddeq, the notorious move still fuels Iranians’ deep distrust of America today. On the occasion of the anniversary of the U.S.-led coup in Iran, Ali Bahadori Jahromi, the spokesman for the Iranian government, said Friday that putting trust in the United States in international ties is “meaningless,” citing it as one of the three lessons for Iran from the 1953 coup d’etat.”

6. Socialite, Widow, Jeweller, Spy: How a GRU Agent Charmed Her Way Into NATO Circles in Italy

On Thursday, Bellingcat Russian investigator Christo Grozev published this article covering the case of Maria Adela Kuhfeldt Rivera, a Russian GRU spy who operated under non-official cover in Naples, Italy to infiltrate NATO.

7. The Honeytrap That Ensnared One Marine in a Sexpionage Case

Former CIA officer Christopher Burgess published this article on August 21st saying that “on this date, 35 years ago, August 21, 1987, Marine Corps Sgt. Clayton Lonetree, a member of the U.S. Embassy Moscow Marine Security Guard detachment was convicted of espionage and 12 related counts by an eight-member military tribunal. Lonetree would be sentenced to 30 years in prison and would have this sentence reduced several times over the ensuing years. He ultimately ended up serving nine years at the United States Disciplinary Barracks and was released in 1996.”

8. Webinar: Listening Posts: An Intro to SIGINT, and Tactical SIGINT

This week the S2 Underground published two webinars focusing on Signals Intelligence (SIGINT) using commercial solutions. The first is the “Listening Posts: An Intro to SIGINT” and the second is the “Basic Tactical SIGINT: Tracking Aircraft and SDR Scanning.”

9. Pegasus Spyware Creator NSO Group Plans Layoffs After CEO Steps Down

As reported this week, the Israeli cyber espionage solutions provider for government agencies, NSO Group, took some more drastic measures. As per the article, “following more than two years of controversy, the chief executive officer of Pegasus spyware creator NSO Group is stepping down. On Sunday, co-founder and outgoing CEO Shalev Hulio said he was handing over operations of the company to chief operating officer Yaron Shohat as part of a restructuring that will see it refocus on NATO-member countries. According to Bloomberg, NSO is also cutting its headcount. The firm reportedly plans to lay off about 100 employees before it appoints a permanent replacement for Hulio.”

10. Ukrainian SBU Detained 2 Russian Agents Targeting HIMARS Rocket Launchers in Donetsk and Selydove

On August 22nd, Ukrainian SBU announced that “during the counter-subversive “clearing” of the front-line areas of Donetsk region, the SBU detained two enemy agents who were correcting missile strikes in the region. First of all, the agents scouted and gave the occupiers the exact coordinates of the location of the personnel and equipment of the Armed Forces, including the combat positions of the “HIMARS” artillery systems. In addition, they collected information on the geolocation and functioning of local critical infrastructure facilities. It was established that on their “tip-off” the aggressors fired at the water intake system in the city of Selydove. The perpetrators transmitted the received intelligence through one of the officials of the so-called “People’s Militia of the DNR”, providing him with a photo with objects marked on digital maps.”

11. French DGSE Opened Recruitment Competition This Week

On Monday the French spy agency, DGSE, issued a press release for the opening of its 2022 recruitment competition. It will be open for applications from August 22nd to September 30th and is focusing on: Intelligence analysts, developers of technology tools, as well as people with expertise in project management, legal, finance, logistics, and human resources.

12. New Pakistani Cyber Espionage Operation Targeting India

The Shadow Chaser Group of the GcowSec team discovered and disclosed technical indicators of a cyber espionage operation attributed to an actor dubbed as SIDECOPY, who has been previously associated with the government of Pakistan. In this case, the actor used a lure document titled “SPL ALLCE ORDER IMPL” impersonating the Special Allowance Orders of the Indian government. If a target opened the lure document, a custom cyber espionage software implant was covertly installed.

13. LOVEINT: Cyber-Stalking by Spies

Ethan Lierens of Grey Dynamics published this article saying that “a term coined by NSA staff refers to the practice of using access to surveillance technology to gather information on partners or love interests. Simply put, LOVEINT is the practice of cyber-stalking. The term plays on the naming of intelligence collection techniques with the suffix ‘INT’, such as HUMINT referring to Human Intelligence.”

14. Podcast: Europol: Operation GREENLIGHT — Part 2: Action Day

Following last week’s part 1 (story #5), this week Europol published the 2nd part of the series of Operation GREENLIGHT. It is presented by FBI Special Agents Stephanie Stevens and Nicholas Cheviron together with Superintendent Ted Esplund from the Swedish Police’s National Operations Department’s Intelligence Unit, and Georgios Raskos, Head of the Organised Crime Unit at Europol’s European Serious and Organised Crime Centre.

15. Ukrainian SBU Uncovers Russian GRU Spy Network in Zaporizhzhia

On Monday Ukrainian SBU announced that “as a result of a multi-stage special operation in the Zaporizhzhia region, an intelligence group of the Main Directorate of the General Staff of the Russian Armed Forces (better known as the GRU), which collected data on the deployment and movement of the Ukrainian Defence Forces in the south, was neutralised. Its organiser is a resident of the temporarily occupied Melitopol, who was recruited by the Russian intelligence service to carry out subversive actions. According to the investigation, her husband is a member of the Russian occupying group and has direct involvement in combat operations units of the Russian Armed Forces on the southern front. To collect intelligence, the woman involved her father-in-law, who lived in the regional centre. He was supposed to carry out surveillance of the movement of Ukrainian troops and take photographs of objects. The traitor passed the information she received from her relative to the occupiers for planning and preparing a series of rocket and artillery strikes in the city.”

16. Albanian Counter-Intelligence Arrested 4 Czech Spies

Following week 33 (story #71), this week it was reported that apart from the 2 Russians and 1 Ukrainian spies arrested last week, “earlier that day, four people of Czech nationality were arrested for entering a defunct military factory in Polican in the south of the country” and now face charges of espionage. Note that this was the same facility (Gramsh military plant) that the Russian and Ukrainian spies were detained. The report continues that “according to the Ministry of Defence, the incident occurred at around 8:40 on Sunday morning in one of the tunnels of the plant. The military and state police “isolated the entrances to the tunnels, which are almost all communicating with each other, and after searches, they arrested two people of Czech nationality”, the police explained. It added that around noon at a distance of 1.5 km from the tunnels, two more citizens of Czech nationality, “cohabitants of the above two citizens, were found and accompanied”. The Ministry said that the security forces are carrying out procedures and verifications regarding the incident. According to media reports, the Czech citizens claim they are tourists who got lost.”

17. How NSA, U.S. Cyber Command Are Defending Midterms Elections

The United States NSA Public Affairs, Cyber National Mission Force Public Affairs published a news story stating that “with 75 days until the midterm elections, the Dept. of Defense is fully engaged to defend the U.S. electoral system from foreign interference and foreign influence alongside interagency partners. “This is an enduring, no-fail mission for U.S. Cyber Command and the National Security Agency, who bring unique insights and actions to the whole-of-government effort,” said U.S. Army Gen. Paul M. Nakasone, Commander of USCYBERCOM and Director of NSA/Chief, Central Security Service. “Together, we bring speed and unity of effort against any foreign adversary who might seek to undermine our democratic institutions.” The joint USCYBERCOM-NSA Election Security Group, stood up again in early 2022, aligns both organizations’ efforts to disrupt, deter, and degrade foreign adversaries’ ability to interfere with and influence how U.S. citizens vote and how those votes are counted.”

18. Dutch Government to Investigate Secret “Stay Behind” Cold War Organisation I&O

According to the Dutch newspaper de Volkskrant, the Cabinet of the Netherlands is commissioning an investigation into the archives of the, until recently, highly classified Cold War stay-behind organisation “Operatiën & Inlichtingen” (I&O), meaning “Operations & Intelligence” in English. The I&O operated clandestinely from 1945 to 1992.

19. Podcast: State Secrets: Lt. Gen Michael Groen USMC (Ret)

On August 25th The Cipher Brief published a new episode of its State Secrets podcast, this time featuring United States Marine Corps (USMC) Lieutenant General Michael Groen, who retired last month. His last posting was that of the Director of Pentagon’s Joint Artificial Intelligence Centre (JAIC), and the episode is focusing on the Chinese threats to the United States.

20. Ukrainian SBU Detained GRU Agent Spying on HIMARS Launchers in Mykolaiv

On August 24th Ukrainian SBU stated that “in the course of a counter-subversive special operation in the front-line areas of the Mykolaiv region, an agent of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (better known as the GRU) was detained. A resident of the Mykolaiv region collected intelligence on the deployment, movement and armament of the Defence Forces of Ukraine in the southern direction. According to the counter-intelligence data of the SBU, the main task of the traitor was to establish and transfer to the occupiers the coordinates of the combat positions of the “HIMARS” artillery systems. The aggressor planned to use the received information to prepare and carry out sabotage and missile strikes.” Based on the screenshots published by the SBU, the agent was using handwritten notes and the WhatsApp mobile application to communicate with his GRU handler.

21. Spy Collection: CIA Briefing: The Chernobyl Accident (1986)

We published this video on Saturday. As per its description, “the United States Central Intelligence Agency (CIA) started experimenting with the use of video for Presidential Briefings during the Reagan administration. This was done by CIA’s Global Video Program. One such example is this one. On April 26, 1986 USSR’s nuclear power plant in Chernobyl, Ukraine suffered a catastrophic accident. In the second week of May 1986, the CIA presented this intelligence briefing video to inform the then US President, Ronald Reagan, and the rest if the Executive Branch about the situation.”

22. Taliban Detains American and Afghan in Afghanistan on Espionage Accusations

As reported by Mirror Now on August 22nd, “the Taliban government in Afghanistan has detained independent American filmmaker Ivor Shearer as well as Afghan producer Faizullah Faizbakhsh on the suspicion of espionage, American media houses reported. According to the Committee to Protect Journalists (CPJ), on August 17, Shearer and Faizbakhsh were recording in District 10’s Sherpur neighbourhood in Kabul, where a US drone attack earlier that month claimed the life of Al-Qaeda commander Ayman al-Zawahiri when numerous security officers stopped them. Voice of America-Dari, a radio station supported by Congress, and two journalists with knowledge of the situation who talked to CPJ on the condition of anonymity out of concern for the Taliban’s retaliation. Some Taliban security officers allegedly prevented him from filming, according to CPJ. He was questioned about his employment and checked for a work permit. Additionally, their passports, ID cards, and cell phones were also checked. The Taliban guards kept constantly referring to him as an American spy, as per the American watchdog agency. After this, Shearer and Faizbakhsh were arrested.”

23. Study Assesses Hamas’ Double-Agent Operations Against Israeli Intelligence

Intel News reported this week that “a new study sheds light on the little-studied topic of counterintelligence operations launched against Israel by the Islamic Resistance Movement, better known as Hamas. Hamas is a Palestinian Sunni Islamist and nationalist organization with a 35-year history, which has controlled the Gaza Strip since 2007. As is typically the case with Middle Eastern non-state actors, Hamas is a complex umbrella organization that combines social-service and administrative functions with armed elements. The latter include internal policing components and a full-time military wing, as well as reserve armed forces.”

24. Russian FSB Detained Ukrainian Spy in Kursk

On Friday the Federal News Agency of Russia reported that “a Ukrainian intelligence agent who collected information about Russian military installations was detained in Kursk.” This was done by the Russian Federal Security Service’s (FSB) counter-intelligence, and the report continues that “the FSB indicated that the detained spy was found at home with special equipment provided by Ukrainian intelligence, literature on sniper training and guerrilla warfare. The Ukrainian is suspected of involvement in the collection and transfer of information about the objects of the Russian Ministry of Defence. A criminal case has been initiated.”

25. New Iranian Cyber Espionage Tool Discovered by Google TAG

Ajax Bash of Google’s Threat Analysis Group (TAG) reported that they discovered a new cyber espionage tool utilised by the Iranian cyber operators to covertly extract data from compromised devices. They dubbed this new too as HYPERSCRAPE and as per Google TAG, the Iranian cyber operators execute “HYPERSCRAPE on their own machine to download victims’ inboxes using previously acquired credentials. We have seen it deployed against fewer than two dozen accounts located in Iran. The oldest known sample is from 2020, and the tool is still under active development. We have taken actions to re-secure these accounts and have notified the victims through our Government Backed Attacker Warnings.”

26. Classified Material on Human Intelligence Sources Helped Trigger Alarm on Donald Trump’s Florida Home

On Friday the New York Times reported that “they risk imprisonment or death stealing the secrets of their own governments. Their identities are among the most closely protected information inside American intelligence and law enforcement agencies. Losing even one of them can set back American foreign intelligence operations for years. Clandestine human sources are the lifeblood of any espionage service. This helps explain the grave concern within American agencies that information from undercover sources was included in some of the classified documents recently removed from Mar-a-Lago, the Florida home of former President Donald J. Trump — raising the prospect that the sources could be identified if the documents got into the wrong hands. Mr. Trump has a long history of treating classified information with a sloppiness few other presidents have exhibited. And the former president’s cavalier treatment of the nation’s secrets was on display in the affidavit underlying the warrant for the Mar-a-Lago search. The affidavit, released in redacted form on Friday, described classified documents being found in multiple locations around the Florida residence, a private club where both members and their guests mingle with the former president and his coterie of aides.”

27. Lithuania to Liquidate the Organisation of the Ex-Politician Convicted of Spying for Russia

As reported this Friday by EuroIntegration, “the Lithuanian Prosecutor General’s Office filed a petition with the Vilnius District Court to liquidate the International Neighbourhood Forum, an organisation founded by ex-politician Algirdas Paleckis convicted of spying for Russia.”

28. Podcast: SpyCast: “The Beverly Hills Spy” — with The Hollywood Reporter’s Seth Abramovitch

The International Spy Museum’s SpyCast published a new episode this week featuring Seth Abramovitch, Senior Writer at The Hollywood Reporter. The intelligence topics covered are: 1) How a British war-hero became a spy for the other side, 2) Japanese espionage in Tinseltown, 3) How the story involves Boris Karloff, Charlie Chaplin and Yoko Ono’s father, and 4) The spy ring’s activities before and after Pearl Harbor.

29. Ukrainian SBU Prevented Russian FSB from Organising Protests During Ukraine’s Independence Day

On August 24th Ukrainian SBU reported that they “prevented plans by the FSB to use relatives of the Ukrainian military to exacerbate the socio-political situation in Kyiv, Zhytomyr and Poltava regions on the eve of Ukraine’s Independence Day. According to the plan of the enemy intelligence services, the “demonstrators” were to actively criticise and condemn the military command of Ukraine, and the organisers planned to film it on video. They sought to create the “necessary content” for Russian propagandists, and they, in turn, spread it as much as possible through the internet and the mass media controlled by them. The organisers of the pseudo-actions were supposed to be former members of the NGO “Journalists of Stremousov”. Currently, their leader Kirill Stremousov performs the duties of the “deputy of the occupation military-civilian administration” in Kherson.”

30. Chinese Cyber Espionage Operation Impersonating SIAC

The Malware Hunter Team discovered and disclosed technical indicators of a cyber espionage operation attributed to an actor dubbed as MUSTANG PANDA, previously associated with the intelligence services of China. The operation used a lure document titled “SIAC SU — UA economy in a dire condition L INT.rar” which, if opened, it was covertly installing a Chinese intelligence custom cyber espionage software implant, known as PLUGX.

31. IRGC Rejects Infiltration by Israel in its Intelligence Unit

Recently there were a lot of suspicions of Israeli penetration in Iran’s IRGC spy unit (see week 26 story #57, week 25 story #62, and week 22 story #48). On August 21st it was reported that “the spokesman for Iran’s Revolutionary Guard (IRGC) has rejected speculations that Israel or any other country has infiltrated the IRGC and its intelligence apparatus.”

32. British Intelligence Agencies Accused of Providing Information that Led to the Torture of a British Citizen in India

As reported by BBC Arabic, the “British national security agencies are accused of providing information to the Indian authorities about a British citizen before the latter kidnapped and tortured by the police in Punjab province. Jagtar Singh Johal, from Dumbarton, was visiting India in 2017, when he was kidnapped by people in an unmarked vehicle, his family said. Johal says he was “tortured for days, subjected to electric shocks, and has been in detention ever since.”

33. 3 Finnish Journalists on Trial for Revealing Defence Secrets

The Voice of America (VOA) reported on Friday that “three journalists went on trial Thursday in Finland on charges of revealing national defense secrets for allegedly publishing classified documents in a newspaper article. The article in daily newspaper Helsingin Sanomat, which published December 16, 2017, focused on the activities of the Finnish Intelligence Research Center, a military intelligence agency. The investigative report revealed the rough location and tasks of an intelligence unit of the defense forces. Reporters Tuomo Pietilaina and Laura Halmi, and the paper’s acting manager at the time, Kalle Silfverberg, have denied wrongdoing. If convicted, they face prison sentences of up four years, according to Finnish broadcaster MTV. The trio was not present at the District Court of Helsinki but are scheduled to testify at the end of November, MTV reported.”

34. Ukrainian SBU Detained Russian GRU Agent in Mykolaiv

On Saturday, Ukraine’s SBU reported that they “detained a Russian agent who “launched” missile attacks on the schools of Mykolaiv. The agent provided the enemy with the exact coordinates of the city’s educational institutions for so-called “intimidating” missile strikes, and also collected intelligence on the deployment, movement and armament of the Ukrainian Defence Forces in the south. It was established that on his “tip-off” several objects of military infrastructure were destroyed and damaged in Mykolaiv and a devastating blow was inflicted on two schools. Cyber ​​specialists of the SBU established that the detainee was recruited by a case officer of the Russian military intelligence after the beginning of the invasion. The man was an active participant in anti-state Telegram channels, where he did not hide his pro-Russian views and openly promoted Russian narratives. During the search, law enforcement officers found a mobile phone that the man used to communicate with his Russian handler.”

35. Mobile Intelligence Vendor Cellebrite Releases New Video Series

This week the Israeli mobile cyber intelligence collection vendor Cellebrite released a series of 25 new short videos demonstrating their products’ capabilities and features. You can find them in Cellebrite’s YouTube channel.

36. Russia Exports Digital Surveillance, Despite Sanctions

On Friday the Centre for European Policy Analysis (CEPA) published an article saying that “Despite Western sanctions and its overall technological backwardness, Russia continues to export digital surveillance technology — and to find willing buyers. Russian surveillance systems are supplied not only to foreign companies but also to foreign governments, including law enforcement agencies. Russian suppliers often partner with Western technology giants, avoiding sanctions imposed because of the Ukraine war.”

37. Indian Cyber Espionage Operation Targeting Pakistani Ministry of Interior

Cyber threat intelligence researcher Jazi discovered and disclosed technical indicators of a cyber espionage operation attributed to an actor dubbed as CONFUCIUS, previously associated with the intelligence services of India. The operation involved a lure document impersonating Pakistan’s Ministry of Interior which, if opened, it was covertly installing a cyber espionage software implant.

38. Al Shabaab Executes 6 CIA Agents in Somalia

According to Al Somal from August 22nd, the “Al Shabaab announced that it executed 6 people today on charges of espionage on behalf of the CIA. According to reports received, the executions took place in a public square in the “Kuneo Pro” area of the Lower Shabelle region, adjacent to the capital Mogadishu.”

39. Researchers Unveil Details of Sprawling pro-Western Influence Campaigns

CyberScoop reported on August 24th that “a pro-Western influence campaign involving dozens of Facebook profiles, pages, groups and Instagram accounts, along with more than 150 Twitter accounts pushed narratives promoting American interests and attacking U.S. rivals between March 2012 and August 2022 , researchers said in a report published Wednesday. “We believe this activity represents the most extensive case of covert pro-Western [information operations] on social media to be reviewed and analyzed by open-source researchers to date,” Stanford Internet Observatory Cyber Policy Center and social media intelligence company Graphika wrote in their joint report. The researchers analyzed data provided to them by Twitter and Meta, Facebook’s parent company, after the platforms removed in July and August overlapping sets of accounts that violated the platforms’ policies on inauthentic behavior. The resulting investigation found “interconnected web of accounts on Twitter, Facebook, Instagram, and five other social media platforms that used deceptive tactics,” the researchers said, and “appear to cover a series of covert campaigns over a period of almost five years rather than one homogeneous operation.” The operation included previously undocumented covert activity promoting pro-Western narratives in the Middle East and Central Asia. The campaigns maligned Russia, China and Iran, with a heavy emphasis on Russia, according to the analysis.”

40. ‘There Were Hundreds of Us’: Navalny ex-Staffer Tells of Being FSB Informer

This Friday The Guardian reported on Mikhail Sokolov, “former anti-corruption activist who has fled to Netherlands tells how Russian state infiltrated opposition.” As per the article, “when Mikhail Sokolov signed up to work for the FSB security services, he never imagined his journey would end here: in a crowded refugee camp on the outskirts of a sleepy town in the rural Netherlands. “The last six years were a rollercoaster. I am happy I am no longer in the claws of the FSB,” the former FSB informant and staffer for the jailed opposition leader Alexei Navalny’s anti-corruption network said in an interview with the Guardian this week. The 25-year-old is now living in a crowded dormitory, shunned by fellow activists, while being trolled online by his former FSB handlers. “I bet you’re smoking weed over there,” one handler recently wrote. Sokolov’s story shines a rare light on the inner workings of Moscow’s secretive security services and their attempts to infiltrate the Russian opposition at home and abroad.”

41. Diaspora Agency that Runs Covert Recruitment Programs with Turkish Intelligence Seeks Young Lobbyists in the US and Canada

Investigative journalist Levent Kenez reported this Friday that “the Presidency for Turks Abroad and Related Communities (YTB) has announced a training program called the “US-Canada Diaspora Advocacy Academy” that will take place in the US state of Maryland, not far from Washington, D.C., between September 25 and 29. According to the presidency, the Diaspora Advocacy Academy aims “to increase the awareness of successful Turkish youth about the US and Canadian democracies so that they become more cognisant of their rights and learn how to convey their concerns, aspirations, and expectations to their local, regional, and national leaders.” Nordic Monitor previously reported that Turkey’s National Intelligence Organization (MİT) recruited spies from diaspora communities in Europe, using nongovernmental organizations to reach out to candidates. According to a well-placed government insider, MIT planted operatives in several key government agencies that deal with Turks and non-Turkish Muslim communities abroad to run the vetting and recruitment program. A whistleblower also told Nordic Monitor that the regulations were designed to bypass the standard recruitment process for employment in government jobs for such candidates. “We saw some people hired on a temporary contract basis by the YTB and TİKA [Turkish Development and Cooperation Agency], but they were later shipped to the spy agency,” the source said.”

42. Ukrainian SBU Neutralised Russian Spy Network in Kiev

On Thursday Ukraine’s SBU announced that they “neutralised the Russian spy network, which in the early days of the war coordinated the offensive of Russian troops in Kiev. They turned out to be residents of the capital aged 35–45. The “main manager” was a woman from Kiev, who was recruited by the Russian intelligence services during trips to Russia. A few months before the invasion, the agency became more active in the information field. They started dispersing pro-Russian videos and publications on social networks. On the eve of February 24, the woman was instructed to collect intelligence on objects and the defence of Kiev, namely: 1) ️deployment/movement of servicemen and equipment of the Armed Forces, 2) ️the state of security of military facilities, 3) ️civil infrastructure objects of energy, transport, finance, communication, health care, etc.” Based on the screenshots SBU published, they were communicating using the WhatsApp mobile application.

43. ‘Where Intelligence Goes to Work’: NSA Recruitment Efforts Never Stop

The United States National Security Agency (NSA) published a news story on August 23rd for its recruitment efforts. As per the story, “the National Security Agency’s (NSA) greatest strength is truly the people and the workforce behind the mission. “NSA’s people have been a competitive advantage for the Agency and the Nation for over 65 years,” said GEN Paul M. Nakasone, Commander, USCYBERCOM, Director, NSA/Chief, CSS. “The national security demands on signals intelligence and cybersecurity are growing increasingly complex — our technical and professional skills must evolve to meet those demands.” In order to retain the Agency’s competitive advantage, NSA’s recruitment effort has been growing and strengthening to support the Director’s goal to build and sustain a diverse, expert workforce.”

44. Webinar: Curator’s Corner: Kevin P. Riehle on Russian Intelligence

The International Spy Museum published this webinar recording on Friday. As per its description, “the core responsibility of the Russian intelligence services is to preserve the Russian regime and protect it from internal and external threats. How exactly do they do that? And what can be learned? Dr. Kevin Riehle, Associate Professor at University of Mississippi Center for Intelligence and Security Studies, mined all the open-source information he could find to discover the answer. With his new book, Russian Intelligence: A Case-based Study of Russian Services and Missions Past and Present, he has created the definitive guide to Russian intelligence and security.”

45. Berlin Confirms Iran Arrested Another German Citizen

Iran International reported that “the German Foreign Ministry has confirmed that the Iranian government has detained a German citizen about 40 days ago. In response to an inquiry by Radio Farda, the ministry said the Islamic Republic has arrested the 66-year-old tourist more than a month ago over accusations of “taking pictures of prohibited areas”. According to information obtained by Radio Farda, he had travelled to different cities across Iran, including Tehran and Tabriz, by a motorcycle. The German national was arrested more than 40 days ago, and spent about half of it in solitary confinement. He is now imprisoned in the general ward of Aran-o-Bidgol prison near Kashan in the central Esfahan (Isfahan) prison.”

46. Turkish MIT Plans to Relocate Mercenaries to Saudi Arabia and Turkify North-Eastern Syria

On Monday the ANF News reported that “the Turkish MIT stepped into action after the demonstrations and held a meeting with mercenary groups in the occupied Azaz. MIT officials are said to have ordered some mercenary groups to prepare to move to Saudi Arabia. In a second meeting with Turkmen mercenary groups, Turkey introduced another plan for resettlement in the areas to be evacuated. According to the report, a meeting was held on August 11 in the Azaz region between the MIT officials on the ground and leaders of the Jabhat al-Shamiya group. The MIT, which has lost its control over the mercenary groups in the occupied regions, asked the mercenaries to make preparations to be relocated to Saudi Arabia and then to Yemen.”

47. Satellite SIGINT Operator Kleos Secures $7M Loan to Relieve Liquidity Pressure, Build Out Constellation

The Space Intel Report stated on August 24th that the “satellite-based signals intelligence serve provider Kleos Space has secured a debt facility that, while expensive, is designed to provide enough runway to build out its satellite constellation and generate revenue. The four-year debt facility from PURE Asset Management, valued at 10 million Australian dollars ($6.9 million), will be drawn down in two tranches, of 6 million and 4 million Australian dollars.”

48. Ukrainian SBU Exposed Russian FSB Officer in Kherson

On Friday the Ukrainian SBU announced that “in July 2021, SBU officers exposed this network and detained its members. Among them was an active officer of the regional department of the intelligence service. During the long pre-trial investigation, the crimes of the Moscow “handler” of this intelligence group were identified and documented. She collected secret information about the mobilisation deployment of Ukrainian special forces and the methods of their counter-subversive actions, in particular on the territory of the Kherson seaport. The network also “reported” on the socio-political situation in the Black Sea regions of Ukraine. According to operational data, the exposed FSB officer is now participating in a full-scale aggression against our state.”

49. Podcast: SpyScape: CASSIA Spy Ring, Pt. 1/2: The Priest and the CEO

On August 23rd the SpyScape published the first part of a new podcast episode. As per its description, “in the face of an historical evil, would YOU have the courage to resist? It’s a question that weighed heavily on the members of the CASSIA spy ring — a civilian resistance operation based out of a church in occupied Vienna. Vanessa Kirby joins ex-CIA officer Christopher Turner and Austrian intelligence expert Siegfried Bier to uncover a story of extreme courage in the face of insurmountable odds. In Part 1, we meet clergyman Heinrich Maier and rubber tycoon Franz Messner — unlikely friends who became the core of a new movement. Together, they recruited like-minded individuals to strike back at the Nazi regime.”

50. Greek PM Mitsotakis Seeks to Deflect Parliamentary Attacks Over Greek Spy Scandal

The espionage scandal of the Greek Prime Minister using the country’s spy agency to listen on the political opposition continues. As reported by Politico this week, “Greek Prime Minister Kyriakos Mitsotakis on Friday sought to deflect increasingly heated attacks in parliament over a spiraling phone-tapping scandal by accusing unidentified foreign entities of trying to destabilize the country amid an energy crisis and increased threats from Turkey. Earlier this month, Greece’s spy chief and the government’s general secretary lost their jobs after revelations that the phone of an opposition leader, Nikos Androulakis, had been tapped. In a labyrinthine case, Mitsotakis’ center-right government admits that the intelligence service conducted this legal wiretapping, but is denying any involvement with what it calls separate illegal cases, in which Androulakis and journalists were bugged with spy software called Predator. During a heated parliamentary session on Friday, Mitsotakis dug in and refused to answer the key question of why the phone of Androulakis, head of the center-left Pasok party, had been bugged. Alexis Tsipras, leader of the biggest opposition party, the left-wing Syriza group, slammed the hack as a “criminal act” and said that Mitsotakis’ handling of the case should lead to his resignation.”

51. Biden Appoints Former CIA Chief of Staff to President’s Intelligence Advisory Board

Homeland Security reported on Friday that “President Biden today announced two new appointments to the President’s Intelligence Advisory Board. The President’s Intelligence Advisory Board is an independent element within the Executive Office of the President. The President’s Intelligence Advisory Board exists exclusively to assist the President by providing the President with an independent source of advice on the effectiveness with which the Intelligence Community is meeting the nation’s intelligence needs and the vigor and insight with which the community plans for the future. The President is able to appoint up to 16 members of the Board. Jeremy Bash served as Chief of Staff at the CIA and the U.S. Department of Defense, in both roles for Secretary Leon Panetta. Bash held multiple roles on Capitol Hill, including as Chief Counsel of the House Permanent Select Committee on Intelligence and as Counsel to Congresswoman Jane Harman. He is the recipient of the Distinguished Intelligence Medal, the Clandestine Service’s Donovan Award, the CIA Director’s Award, and the Department of Defense Distinguished Public Service Medal. He is a magna cum laude graduate of Georgetown University and Harvard Law School, where he was an editor of the Harvard Law Review. Mr. Bash is currently a Managing Director of Beacon Global Strategies, an advisory firm he co-founded in 2013, and he serves on the boards of directors for two technology companies, as well as the board of directors for the Truman Center for National Policy and the International Spy Museum.”

52. Google TAG’s Bulletin for Q3 2022 Influence Operations

Shane Huntley, Director of Google’s Threat Analysis Group (TAG) released the group’s Threat Bulletin for Q3 2022 covering numerous cases of nation-state cyber operations that Google had to deal with in the period of April-July 2022. Those include, but are not limited, to: Influence operations by Russia, influence operations targeting Costa Rica, Chinese influence operations, Iranian influence operations, and Azerbaijani influence operations.

53. Spy Chief Warned Ottawa of Threat Taliban Pose to Canada After Afghanistan Withdrawal

On August 23rd it was reported that “Public Safety Minister Marco Mendicino was told in May 2021 by the Canadian Security Intelligence Service (CSIS) that Afghanistan could turn into a hotspot for “extremist travellers” who could then return to Canada to conduct an attack. “The evolving situation in Afghanistan and (the) take-over by the Taliban, a listed terrorist entity, has potentially created a safe haven and base for other extremist organizations, as well as a destination for Canadian extremist travellers,” the briefing document reads.”

54. South Korean Ex-Spy Chief: N. Korea Likely to Conduct Nuclear Test Before US Midterm Elections

The Korea Herald reported that the “former National Intelligence Service (NIS) Director Park Jie-won said Monday that North Korea will likely conduct a nuclear test ahead of November’s US midterm elections to show off its nuclear capability. “They are going to do it in order to demonstrate a threat that its missile can fly to the US carrying a miniaturized and lighter warhead, and to deal a blow to the Joe Biden administration ahead of the midterm elections,” Park said on KBS Radio. Park also said the North could undertake provocations in protest of military exercises that South Korea and the US kicked off Monday. “Chairman Kim Jong-un is not going to overlook it as if nothing happened,” he said. North Korea has long denounced such joint exercises as a rehearsal for invasion.”

55. Video: US NGA: Geography 2050: The Discussion Continues

The United States National Geospatial-intelligence Agency (NGA) published a 16-minute long recording from the second Geography 2050 symposium which take place on July 27 in Springfield, Virginia, US. The recording is the opening of the event. As per its description, “the event served as a learning opportunity for geography professionals and interested attendees to learn more about current trends in geography and NGA’s influence in the geography space. NGA Director Vice Adm. Frank Whitworth kicked off the event with opening remarks.”

56. The Assassination of Darya Dugina in Moscow, Russia

As per BBC, “the daughter of a close ally of Russia’s President Vladimir Putin has been killed in a suspected car bombing. Darya Dugina, 29, died after an explosion on a road outside Moscow, Russia’s investigative committee said. It is thought her father, the Russian philosopher Alexander Dugin, who is known as “Putin’s brain”, may have been the intended target of the attack.” According to evidence published by the Russian Federal Security Service (FSB), the assassination was executed by Ukraine’s SBU in collaboration with Estonia’s intelligence services. FSB claims that the perpetrator was Ukrainian national Natalya Vovk, born in 1979 who “rented an apartment in the house where Dugina lived. Also, a MINI Cooper car was used for surveillance, on which various licence plates were installed: at the entrance to Russia — with plates of the DPR (E982XH DPR), in Moscow — with plates of Kazakhstan (172AJD02), at the exit — with plates of Ukraine (AH7771IP).” The report states that after the explosion on August 21st, “Natalia Vovk, together with her daughter, left through the Pskov region to Estonia.” Note that a previously unknown entity calling themselves “National Republican Army of Russia” claimed responsibility of the assassination. According to the Covert Action Magazine, “Douglas Valentine says that “Zelensky doesn’t go to the bathroom without asking permission from his CIA case officer.” CIA expert Douglas Valentine, author of the seminal book The Phoenix Program (1990), believes that the CIA was behind the car bomb that killed Darya Dugina, a journalist and daughter of well-known Russian intellectual Alexander Dugin.”

57. Sensitive FBI, Interpol Info Leaked from Israeli Firm Cellebrite, Court Documents Show

On Tuesday Haaretz reported that “emails, invoices and even contracts from 2015–2017 between Israeli phone-hacking firm and clients, were disclosed to Japanese authorities, unbeknownst to management or clients.” The article continues that “sensitive and confidential information relating to intelligence, defense and law enforcement agencies across the globe, including the FBI and Interpol, leaked from Israeli firm Cellebrite, according to court documents cleared for publication at Haaretz’s request. The information is from 2015–2017 and includes almost half a million emails belonging to senior officials and directors at Cellebrite, their internal communications and exchanges with clients, invoices and even contracts. The company is known for its digital intelligence tools and phone-hacking technology. The information was transferred from Cellebrite to the Japanese Sun Corporation (the main shareholder in Cellebrite) and then handed over to Japanese officials — all without the knowledge or consent of Cellebrite’s Israeli management or its then-clients.”

58. Video: Former Turkish Intelligence Officer Tells: How Does MIT Protect the Seas?

On August 24th the Turkish YouTube channel GZT published an interview with former intelligence officer Ali Burak Darıcılı, who has been working in Turkey’s National Intelligence Organisation (MIT) for 15 years. As per the description, “the TCG Ufuk intelligence ship has now been added to the inventory of the National Intelligence Organisation. Why is this ship important, what gains does having this ship in our inventory bring us? Former intelligence officer Ali Burak Darıcılı answers questions on GZT youtube channel.”

59. Israeli Spy Chief Visits Egypt in Bid to Placate Tensions

The Middle East Eye reported on August 22nd that “following the Egyptian brokered ceasefire in Gaza, Cairo was angered that Israel continued to inflame tensions in the West Bank. Now Israel is seeking to mend fences.” The article states that “in a bid to repair relations between the two countries, Israel sent Shin Bet chief Ronen Bar, in charge of the country’s internal security service, to Egypt on Sunday. Bar’s visit has not been confirmed by either Israel or Egypt, but Hebrew-language media has reported on it. According to the reports, Bar met with Egyptian spymaster Abbas Kamel. Egypt, which has long served as the main interlocutor between Israel and Gaza-based groups, played a key role in mediating a ceasefire between the PIJ and Israel.” The article also states that “Israeli intelligence agents reportedly passed the following message to the PIJ through Egyptian intelligence: “We want to end this escalation. Give us until Sunday, and we are pushing them [Israel’s political leaders] to agree.”.”

60. Ukrainian SBU Exposed Ukrainians Disseminating Russian Information Operations Content

On Tuesday Ukraine’s SBU announced that in Dnipro, “during the last days, officers of the SBU exposed three supporters of Kremlin narratives. One of them is an entrepreneur from Dnipro. After the start of the full-scale invasion, he began active propaganda, because he was sure that the “Russian peace” would come quickly. Another enemy agitator — a businessman from Kryvyi Rih — regularly went to Russia to earn money. In social networks, he actively promoted content that discredits the Ukrainian authorities and the Armed Forces of Ukraine. An employee of one of the local enterprises in Kryvyi Rih published anti-Ukrainian content almost every day after February 24, in which he approved the armed aggression of the Russian Federation, called the occupiers “liberators” and discredited the Ukrainian military.” Additionally, in Poltava SBU “reported suspicion to 4 more people who openly spread manipulative information about the situation in Ukraine. Thus, a teacher at a Poltava educational institution promoted Russian narratives during classes. The woman recognised the legitimate occupation of Ukrainian territories. Another figure is a Russian citizen who came to live with his mother in Ukraine. The attacker supported the invading troops and campaigned for the introduction of a “ruble zone” on the territory of Ukraine. Anti-Ukrainian activities of two more residents of Poltava Oblast were blocked on the internet by SBU officers. It is documented that propagandists posted destructive materials on personal and fake pages and in thousands of communities in banned Russian social networks. According to all the exposed facts, the law enforcement officers have collected a sufficient evidence base to bring the perpetrators to justice.”

61. The Inside Story of the CIA vs Russia

Asia Times reported on Friday concluding that “we still get periodic reminders of CIA ruthlessness, such as the recent assassination without trial of al-Qaeda’s al-Zawahri. But the leadership of CIA directors Brennan and Burns has set the agency on a path that bodes well for its role in seeking a resolution to the current Ukraine crisis. The CIA, being the instrument of a democracy, is a broad church and there will always be conflicting voices. One senior source tells me the agency opposed the expansion of NATO that Moscow finds so abhorrent. Another, a veteran of Reagan’s Office of Soviet Analysis, insists its Kremlinologists are too apolitical for that kind of judgment to be upheld — and does not believe today’s analysts will be able to contribute to intelligence successes such as those achieved during the 1980s cold war era. But these competing views reflect a healthy struggle within the CIA to get at the truth. While the agency still has vocal critics and always will do, no one is calling for its dissolution today.”

62. Spy Way of Life: Bahrain Rugby Club

Intelligence Online’s selection for this week’s Spy Way of Life site was the Bahrain Rugby Club which they described as “a hub of British beer and influence in the Gulf.” The article describes as “an institution inherited from the time of British presence in the country, the Bahrain Rugby Club. Aside from sports fans and expat gatherings, you’ll find businessmen hoping to network, diplomats gleaning information and US soldiers socialising during a Manama stopover.”

63. Mossad Chief Barnea: New Nuclear Deal Will Not Block Us From Acting Against Iran

The Jerusalem Post reported on Thursday saying that “criticizing the United States for rushing into a terrible deal, Mossad Director David Barnea said on Thursday that a new nuclear pact with Iran would not block his agency from acting against the Islamic Republic to protect Israel’s security interests. Barnea made the comments in a marathon of private meetings he held with Prime Minister Yair Lapid and other top government officials on Thursday. “Israel has not signed on to the deal. Israel is permitted to defend itself in any way possible — and will act this way. We cannot sit quietly and just watch as the danger grows closer,” Barnea, who took over as spy chief in June last year, told them.”

64. Ukraine Spy Chief Says Russian Offensive Slowing Due to Fatigue

This week it was reported that “Ukraine’s top military intelligence official said on Wednesday that Russia’s military offensive was slowing because of moral and physical fatigue in their ranks and Moscow’s “exhausted” resource base. The remark on television by Defence Intelligence agency chief Kyrylo Budanov was one of the strongest signals by Kyiv that it believes Russia’s offensive power may be waning. “Russia has rather seriously slowed down the tempo of its assault. The reason for this is the exhaustion of their resource base, as well as a moral and physical fatigue from the fighting,” he said.”

65. Podcast: djvlad: Former Russian Spy Jack Barsky

This week the YouTube channel djvlad published a series of videos featuring former KGB non-official cover officer Jack Barsky. The videos published were: 1) How He was Approached to Join the KGB, 2) How He Snuck into the US with a New Identity to be a KGB Sleeper Agent, 3) Having a Wife & Baby in Both the US and East Germany, 4) Escaped the KGB Sleeper Agent Program by Lying about Having HIV, and 5) Getting Arrested by the FBI: I Asked Them “What Took So Long?”

66. Star American Professor Masterminded a Surveillance Machine for Chinese Big Tech

The Daily Beast reported that “a star University of Maryland (UMD) professor built a machine-learning software “useful for surveillance” as part of a six-figure research grant from Chinese tech giant Alibaba, raising concerns that an American public university directly contributed to China’s surveillance state. Alibaba provided $125,000 in funding to a research team led by Dinesh Manocha, a professor of computer science at UMD College Park, to develop an urban surveillance software that can “classify the personality of each pedestrian and identify other biometric features,” according to research grant documents obtained via public records request. “These capabilities will be used to predict the behavior of each pedestrian and are useful for surveillance,” the document read.”

67. Azerbaijan’s Spy Agency Prioritises Cyber Upgrades

On August 23rd Intelligence Online reported that “hoping to tap into the exodus of Russian and Ukrainian IT experts to boost their own pool of experts, the Azerbaijani intelligence services are determined to modernise their cyber ecosystem.”

68. TED Radio Hour: Jonna Mendez: A Day in the Life of a Master of Disguise

The TED Radio Hour released the first part of an episode with Jonna Mendez. As per the description, “Jonna Mendez is a retired CIA intelligence officer. She was recruited to the agency in 1966, and retired in 1993 from her role as the Chief of Disguise in the CIA’s Office of Technical Service. Mendez worked abroad from cities including Havana, Beijing and Moscow. After her retirement, she has worked as an author, lecturer, teacher and consultant on intelligence matters. She and her late husband, former CIA officer Antonio Mendez, cowrote several books about spies and espionage, including Spy Dust: A True Story of Espionage and Romance, Argo and The Moscow Rules.”

69. Ukrainian GUR Reports Hidden Mobilisation Inside Russia

On Saturday Ukraine’s Military Intelligence (GUR) issued a press release stating that “the depletion of the mobilisation potential of the main “donors” of the war against Ukraine — Buryatia, Tuva, the republics of the Caucasus and other disadvantaged regions — forces the Kremlin to become more active in the so-called “central regions”. The heads of the respective regions are appointed directly as managers of the mobilisation campaigns. In particular, Andrii Vorobyov, governor of the Moscow region. One of Putin’s “faithful bayonets” has held this position since 2012, replacing the current Minister of Defence of the Russian Federation, Sergei Shoigu. The basis of the mobilisation measures is a broad advertising campaign, which includes campaigning on the main TV channels, radio, on the internet, and in printed media. Men of draft age are offered to sign “volunteer” contracts for a period of 3 to 12 months. The main motivation is increased financial support. Candidates are promised a salary of up to 240,000 rubles, which is transferred to a special bank card from the Military Commissariat. During training and downtime — 30,000–45,000 rubles. The contract itself is signed after passing a number of mandatory procedures: psychological tests, filling out a questionnaire, as well as passing a Military Medical Commission (MMC). According to the “recruiters”, the VLK is held conditionally. In fact, everyone is accepted, even with category “B” in the military ticket. That is, limitedly suitable. Currently, the majority of applicants from Moscow and the Moscow region conclude contracts on the basis of military unit 73621 (1st tank army) of the Russian Armed Forces — Odintsovo, Bakovka microdistrict, Moscow region. After the contract is signed, contract workers are trained for 10 days to a month. The main focus is on the training of T-72B3 tank crews. In the future, newly minted “contract workers” are sent to the 56th training centre for junior specialists of motorised rifle troops (military unit 71717), which is located in Sertolovo, Leningrad Region, for in-depth training.”

70. I Tried the Privacy Phone Network Intended to Mask Your Identity

Joseph Cox of the Motherboard published an article describing his experiences using the Pretty Good Phone Privacy, or PGPP, a system that attempts to provide privacy/counter-surveillance capabilities on mobile phones.

71. Video: Interpol’s Top Secret Radio Network

The Ringway Manchester YouTube channel published a new video covering a secret radio network used by the Interpol until the early 1990s. The secret Interpol radio network started in 1935.

72. Chinese Engineer Accused of Stealing Apple’s Autonomous Vehicle IP Pleads Guilty

On August 23rd it was reported that “a former Apple employee working on Project Titan, the company’s autonomous car project, has pleaded guilty to stealing trade secrets. Xiaolang Zhang, a Chinese national who worked at Apple between December 2015 to May 2018, admitted to a single case of stealing a 25-page document containing detailed schematic diagrams of a circuit board used in self-driving cars.” As per the news story, “Zhang was intercepted and arrested while leaving the U.S. at the San Jose International Airport on a round-trip ticket to Beijing, China, in July 2018 and was indicted later in the same month.”

73. Ukrainian GUR Says Russian Troops Stationed in Kazakhstan Refuse to Return to Ukraine

On Saturday Ukrainian GUR stated that “the military contingent of the Russian Federation stationed in Kazakhstan refuses to leave the territory of the country and return to the places of permanent deployment. The formal reason for the refusal is the lack of special air transport, which is fully engaged in the war with Ukraine. In reality, the military does not want to replenish the composition of the occupation contingent. However, the command of the Russian Federation does not abandon its intentions to completely withdraw the troops from the territory of Kazakhstan, which were introduced there during the suppression of the January rallies against the current government. These are about a thousand military personnel with full weapons and equipment, who are currently stationed near critical infrastructure facilities — airfields, military training grounds, oil depots, the Baikonur Cosmodrome, etc. Also, the Russian Federation almost completely withdrew its military contingents with weapons and equipment from the territories of Tajikistan and Armenia to participate in the war against Ukraine.”

74. Podcast: Vitamin X: CIA Spy Andrew Bustamante

On August 21st, the Vitamin X Podcast released a new 2-hour long episode featuring former CIA Clandestine Service officer Andrew Bustamante.

75. Russia Spied on Ukrainians Training in Germany

According to Germany’s Military Counter-Intelligence Service (MAD), there are indications that “Russia spied on Ukrainian soldiers training in Germany.” DW reports that “following the start of the training course at two military sites, German military counterintelligence detected suspicious vehicles that could observe distances from the access roads to the barracks from their positions. Ukrainians are training at Idar-Oberstein in Rhineland-Palatinate and Grafenwöhr in Bavaria. Russia is said to have spied on both locations. The Bundeswehr is training Ukrainian soldiers on the self-propelled howitzer 2000 in Idar-Oberstein. In Grafenwöhr, US forces are training Ukrainians on Western artillery systems. Small drones also flew over the locations to observe training exercises. Security sources also told the magazine that Russia may have attempted to scoop up the Ukrainians’ mobile phone data with special telecommunications equipment, using a device such as a stingray.”

76. Settlements with Former CIA Officers Who Spied Electronically for UAE

The EuroNews Arabic reported this Friday that “the US State Department said on Friday it had made administrative settlements with three former US intelligence officers who spied online for the United Arab Emirates and admitted last year to violating US hacking laws. Under the settlements, Mark Baer, ​​Ryan Adams and Daniel Jeriche will be barred from participating directly or indirectly in any activities subject to the International Trade in Arms Regulations for a period of three years, the department said in a statement. The three officers belonged to a secret unit called Project Raven, first reported by Reuters.

77. Ukrainian GUR: Russian Preparations for Holding “Referendums” in Occupied Territories Almost Complete

On Friday Ukraine’s Military Intelligence (GUR) announced that “the implementation of the so-called “show of will” measures will depend on the situation at the front and whether the enemy will be able to break the resistance of the Ukrainians. Vadym Skibitskyi, a representative of the Ministry of Internal Affairs and Communications of Ukraine, stated this during an interview with the publication “RBK-Ukraine”. “If we talk about “referendums”, they can take place in different territories. First, these are the so-called “LPR” and “DNR”. There, Russia has already somewhat defined their status by recognising these illegal entities. Now we are primarily talking about the temporarily occupied territories of Zaporizhzhia and Kherson regions,” Vadim Skibitsky noted. According to him, the dates of the pseudo-referendums may be different. “For example, September 11, when they have the only voting day in the Russian Federation. There may be other options. But the military intelligence of Ukraine is now clearly monitoring all the processes taking place there. Today, we can confidently say that appropriate election headquarters, operational headquarters, voter lists have been compiled, and election commissions have been created. That is, all the processes related to the preparation for the “referendum” are almost completed,” said the representative of the military intelligence of Ukraine. The representative of the GUR of the Ministry of Defence of Ukraine noted that Russian politicians, government officials, so-called volunteers, who are responsible for the preparation of the voting process, are constantly coming to the temporarily occupied territories. Read more about the Kremlin’s plans for war in Ukraine, what is happening at the Zaporizhzhia NPP and whether there is a threat from Belarus on Saturday, August 27, in an interview with Vadym Skibitsky for RBC-Ukraine.”

78. Iranian MOIS Cyber Espionage Targeting Israeli Organisations

As reported by Bleeping Computer Iran’s Ministry of Intelligence (MOIS) is conducting cyber espionage operations “targeting Israeli organizations using the SysAid software.”

79. Podcast: What’s Inside the Army’s Intelligence, Electronic Warfare and Sensors Portfolio

FedScoop released a new podcast on Tuesday, as per description, “a shakeup could be coming for how the Department of Defense manages its Joint All-Domain Command and Control efforts. The Pentagon is also starting to turn to academia to help boost its research, development, test and evaluation efforts.” The episode features “Todd Harrison, senior vice president and head of research at Meta Aerospace, discusses the current state of DOD’s research and engineering efforts and greater uncertainty throughout the industrial base. Mark Kitz, program executive officer for Intelligence, Electronic Warfare and Sensors (IEW&S) at the U.S. Army, gives DefenseScoop reporter Mark Pomerleau some insight into what is in IEW&S’ portfolio.”

80. Details on North Korean Cyber Espionage Operation Targeting Security Researchers

Bleeping Computer published an article detailing how North Korean cyber operators have been targeting cyber security researchers throughout 2022, likely to steal their research and weaponise it for their own operations.

81. Podcast: Grey Dynamics: Punxsutawney Phil and FBI Insider Threat Detection With Kyle Cunliffe

On August 26th Ahmed Hassan of Grey Dynamics published a new podcast episode. As per the description, “we spoke with Kyle Cunliffe. Kyle is a lecturer at Salford’s University Intelligence Programs. His research focuses on intelligence and Cyberspace, particularly where those two meet. We spoke about: The difficulties facing human intelligence practitioners in a growing world of high-tech surveillance, How video games inspired Kyle to study intelligence, The Tensions between intelligence scholars and practitioners, Knowing what you are good at and utilising that for a role in Intelligence, Information overload through social media, And much more!”

82. The Art and Science of Intelligence in War

Hew Strachan published this article covering how “intelligence in war is as much a product of common sense as of technical brilliance. It must be understood and applied wisely to be of any use.”

83. Amid US-China EW Battle, US Shows Off Its Next-Gen EC-37B ‘Compass Call’ Electronic Warfare Plane

The EuroAsian Times released a news story on August 22nd that “the US Air Force (USAF) released new photos of its in-development next-generation Compass Call Electronic Warfare (EW) jet, called the EC-37B, which is slated to replace the USAF’s existing fleet of EC-130H jets currently used for Compass Call missions.” The article notes that “the Compass Call system also has a secondary intelligence gathering functionality, enabling it to detect, track and geolocate a broad range of emitters.”

84. Intellexa’s €8m Cyber Espionage Offer Leaked Online

A cyber criminal forum leaked documents of an offer for the NOVA cyber espionage suite, developed and sold by the Israeli Intellexa private company. The offer of €8,000,000 was for a Spanish-speaking customer and it included unknown to the manufacturers methods to covertly compromise Android and iOS mobile phones, as well as the NOVA cyber espionage platform, the ability to run up to 10 concurrent infections of devices with a total of 100 infections. The offer was for 12 months. According to some experts, this offer was for the CNI, the spy agency of Spain, but this has not been confirmed yet.

85. United States NGA: 2006 Deployable GEOINT Vehicle

On Saturday the United States NGA shared online details of their Domestic Mobile Integrated Geospatial-Intelligence System. The announcement said that “in 2006, NGA introduced a deployable vehicle with GEOINT software that enabled analysts to drive to a crisis location to provide on-the-spot analysis in support of operational requirements.” The agency also released a full article available here.

86. How Much Did Former KGB Officer Get for Betraying His Colleagues to Israeli Intelligence?

On August 24th the EUReporter published this news story based on 5TB of Russian emails leaked online by Ukrainian hacktivists earlier this month. The story covers “any of the studied documents are of no interest, others have yet to be analyzed. Among those that have been already reviewed, the bank statement of a relative of a former high-ranking official of the Russian Federation, Valery Nikolaevich Shnyakin, is worth our attention. We got the archive letters of Oleg Vyacheslavovich Smirnov — that’s the name of the son-in-law (daughter’s husband). For moral reasons, we will not provide access to the received archive.”

87. The French “Agency” Changes. A Reform in the CIA’s Way

On August 27th the Italian La Rivista published this article related to the French DGSE reforms announced recently (see week 30 story #8). As per the article, “the DGSE (Directorate General for External Security) “is one of the best intelligence services in the world”, “clearly among the top three partners”, with an “unparalleled” experience in counter-terrorism and Africa. In recent days, the French intelligence agency was celebrated by Gina Haspel , Director of the Central Intelligence Agency (CIA) for three years, from 2018 to 2021.” The article continues that “the very powerful Intelligence Directorate (DR, Direction du Renseignement ) disappears from the organisation’s chart. Four directorates remain: the General Secretariat for Analysis and Strategy (which analyses, synthesises and disseminates intelligence), the administrative management (which includes the human resources, training, purchasing and finance and real estate departments, as well as the operational support department and logistics), the research and operations department (responsible for the “development and preparation of the research and action resources necessary for the execution of the missions”) and the technical and innovation department (which involves half of the approximately 7,100 DGSE employees, responsible the development and preparation of the technical means necessary for the execution of the missions). Finally, the reform announces the creation of “mission centres”, another idea inspired by the CIA. Each deals with a specific theme: the list is not public but the French newspapers speculate that the themes will be based on the main current issues (such as terrorism, crime, proliferation of nuclear weapons and war in Ukraine) or on geographical areas of interest like the Sahel, the Indo-Pacific or the Balkans.”

88. Plot Thickens Over Albanian Espionage Incident

Following the recent (see week 33 (story #71), and this week’s story #16), the Albanian Exit News reported on Saturday that “a Moscow court has issued on Friday (26 August) an arrest warrant for Svetlana Timofeyeva, who is believed to be one of the individuals in custody in Albania and charged with espionage following an attempt to enter the Gramsh military facility last weekend. A court in the Meshchasky district of the Russian capital has accused the woman who has the same name and date of birth as the woman in custody in Albania, of illegally providing classified information to a list of wanted people, according to local media RBC. The court said she was arrested in absentia. The Russian embassy in Tirana has not responded to questions on the matter.”

89. Woman Posing as Rothschild Heiress Infiltrated Donald Trump’s Mar-a-Lago Home

As reported by The Telegraph, “FBI investigating immigrant Inna Yashchyshyn who accessed former president’s inner circle for Russian crime gangs.” The article continues that “a Ukrainian woman posed as a member of the Rothschild banking dynasty to infiltrate the Mar-a-Lago home of former President Donald Trump and gain influence with his inner circle on behalf of a front for Russian crime gangs.”

90. Microsoft MSTIC Report on Russian SVR’s Post-Compromise Methods for Cyber Espionage Operations

On August 24th the Microsoft Threat Intelligence Centre (MSTIC) published a technical report explaining how cyber operators of Russia’s Foreign Intelligence Service (SVR), dubbed as NOBELIUM by MSTIC, is using a previously unknown method to “authenticate as anyone” post-compromise. They dubbed this method as MAGICWEB and was leveraged to “possibly to maintain access during strategic remediation steps that could preempt eviction.”

91. SpyTalk: Brussels, the Den of Spies

Matt Brazil of SpyTalk published this article stating that “conjure up a list of cities considered world capitals of espionage. Those featured in movies and television, with their romantic atmosphere and scenery, include Vienna, Budapest, Berlin, London, Cairo, Tokyo, Shanghai, Hong Kong, Macau, Bangkok, and Saigon. Not to ignore the less romantic but important cities of Moscow, Beijing, and Washington, DC. By comparison, Brussels seems overlooked by spy novelists and film directors, but its unusual concentration of diplomatic missions to the European Union, NATO, and to Belgium itself brings a high ratio per square kilometer of diplomats and lobbyists — as well as spies. “Washington and Brussels compete for the largest number of embassies and other representations on earth” remarked an ICT (information and communications technology) executive close to the Belgian authorities.”