SPY NEWS: 2022 — Week 39
Summary of the espionage-related news stories for the Week 39 (25 September-1 October) of 2022.
1. Interview: AFIO: Wise Gals: The Spies Who Built the CIA and Changed the Future of Espionage
The United States Association of Former Intelligence Officers (AFIO) published a new virtual interview which was originally recored on August 5th, 2022. As per its description, it is an interview “between Nathalia Holt PhD, author of “Wise Gals: The Spies Who Built the CIA and Changed the Future of Espionage” and with host, AFIO President James Hughes, a former senior CIA Operations Officer. They discuss four women who served in the early days of OSS and CIA, enjoying exceptional careers, receiving recognition but not being considered, in those days, equal to their male colleagues in similar posts. Dr Holt explains how that began to change in 1953 with CIA’s Petticoat Panel which studied the role of women in intelligence. One of the four women featured in “Wise Gals” is Elizabeth Sudmeier, the boss of then newly-hired James Hughes (who served in the Middle East and rose to Chief of Station and higher both at CIA and NSA; current President AFIO). Opportunities for women today in the Intelligence Community are far greater today because of these brave trailblazers featured in “Wise Gals.” The interview runs 15 minutes.”
2. Ex-Director of the Kazakh-Russian University into Custody for Espionage
According to EurAsia Daily, “Marat Shaikhutdinov, former First Deputy Secretary of the Security Council of the Republic of Kazakhstan, was arrested in Astana.” The news story continues that “Shaikhutdinov is accused of espionage and providing state secrets to third countries. The official was dismissed from the Security Council of the Republic of Kazakhstan in March 2022. At that time, some Kazakh media wrote about the detention of Shaikhutdinov, but this information was then refuted by insiders. Doctor of Historical Sciences, Professor Marat Shaikhutdinov is 63 years old. Previously, he served as director of the Kazakh Institute of World Economy and Politics, deputy head of the Foreign Policy Centre of the Presidential Administration of the Republic of Kazakhstan. In 2000–2005 he was the director of the Kazakh-Russian University. Shaikhutdinov has been working in the Security Council of the Republic of Kazakhstan since 2019. Also, Kazakh media report that Yerlan Nigmatulin , the brother of the former speaker of the Majilis Nurlan Nigmatulin , has been arrested . He is charged with facts of fraud, tax evasion, customs payments, legalisation of criminal proceeds.”
3. Russian GRU: Rise of the (Telegram) MinIOns
Cyber threat intelligence and security firm Mandiant published an analysis showing that “multiple self-proclaimed hacktivist groups working in support of Russian interests. These groups have primarily conducted distributed denial-of-service (DDoS) attacks and leaked stolen data from victim organizations. Although some of these actors are almost certainly operating independently of the Russian state, we have identified multiple so-called hacktivist groups whose moderators we suspect are either a front for, or operating in coordination with, the Russian state. We assess with moderate confidence that moderators of the purported hacktivist Telegram channels “XakNet Team,” “Infoccentr,” and “CyberArmyofRussia_Reborn” are coordinating their operations with Russian Main Intelligence Directorate (GRU)-sponsored cyber threat actors. Our assessment is based in part on the deployment of GRU-sponsored APT28 tools on the networks of Ukrainian victims, whose data was subsequently leaked on Telegram within 24 hours of wiping activity by APT28, as well as other indicators of inauthentic activity by the moderators and similarities to previous GRU information operations.”
4. U.S. CIA’s In-House Museum Adds New Spy Exhibits
Reuters reported on September 25th that “ucked away in the corridors of its Langley, Virginia, headquarters, the revamped Central Intelligence Agency museum — while still closed to the public — is revealing some newly declassified artifacts from the spy agency’s most storied operations since its founding 75 years ago. Top among them: a slightly more than foot-long (30.5 cm)scale model of the compound in Kabul, Afghanistan, that was used to brief President Joe Biden before the drone strike that killed al Qaeda leader Ayman al-Zawahiri just two months ago.” The article includes 7 new photographs from: 1) A model of Al-Zawahiri compound which was used to brief U.S. President Joe Biden, 2) A view of the newly revamped Central Intelligence Agency museum, 3) A replica of the tunnel that spanned West to East Berlin, jointly built by CIA and the British Secret Intelligence Service (MI-6) during the Cold War, 4) The memorial wall of the CIA, 5) A ceiling with hidden messages, 6) A dead drop rat and other tools used in spycraft, and 7) Artefacts from Iraq including playing cards of the most-wanted members of Saddam Hussein’s government.
5. Agent Behind James Bond Spy Vesper Lynd Given New Role in UK-Poland Relations
On September 25th The Guardian reported that “the real-life model for Vesper Lynd, the alluring spy who so entranced James Bond in Casino Royale, has a new mission. Secret agent Krystyna Skarbek, who was fictionalised as 007’s lover in Ian Fleming’s novel, is now to be the figurehead of a campaign to remind Britain of its strong cultural ties with Poland. Skarbek, who was Winston Churchill’s favourite secret agent, received the George Medal for her second world war bravery and went under the name Christine Granville in Britain. Courageous and daring, her under-recognised legacy is now to spearhead a fresh mission, officially announced next week. The Granville-Skarbek Anglo-Polish cultural exchange will begin as an online museum and research site, run in tandem with a series of public events and exhibitions. After that, a move into a permanent physical home at the Polish Social and Cultural Association (Posk) in west London is planned. “Skarbek was a Polish aristocrat of Jewish descent and not only the first British female agent but the longest serving of any agent,” said Julia Griffin, curator of the new project. “She and her first husband, a Polish diplomat, were in Africa when war broke out. They immediately took a ship to Southampton, and Krystyna was accepted as an SOE [Special Operations Executive] agent.”.”
6. OSINT and Web Investigations of the Dutch Police
The Dutch Police & Wetenschap published a research on OSINT and internet-based investigations. As per its summary, “the police is moving along with the digitisation of society. Research by Twynstra Gudde, commissioned by the Police and Science research programme, shows that more and more organisational units within the police are collecting data online for the purpose of intelligence and investigation. This raises questions regarding the division of tasks and coordination between organisational units. Online data collection by the police takes place both manually and automatically and contributes to the intelligence position of the police and to the results of criminal investigations. However, the legal framework for online data collection by the police is currently still based on police work in the physical world. The ‘translation’ of this to the online world, as a temporary emergency solution, causes uncertainty in practice.”
7. Spy Way of Life: Piazza di Pietra, Italy
This week’s Intelligence Online’s selection for the Spy Way of Life Piazza di Pietra, located in Rome, Italy. As per the article, it is “an elegant square in Rome where master spies like to stroll and eat, sharing secrets along the way.” The article describes it as “a charming square steeped in secrets.”
8. Video Recording: The Hayden Centre: Keeping Secrets
On September 26th, the Hayden Centre published an over 1 hour long recording from an event that originally took place on September 20th at the Van Metre Hall of George Mason University, Virginia, US. As per its description, “in August 2022 the FBI conducted a raid on the home of former President Donald Trump at his Mar a Lago golf resort resulting in the seizure of over 100 documents marked as classified. This event put into the headlines the arcane world of how the US government classifies and protects its most sensitive secrets and the role of the President in its protection. Join us as the Hayden Center explores just how that is done, just how classified material is handled at the White House, and with the President, what exactly was found at Mar a Lago, what potential damage to US national security was incurred, what shortcomings the US system may have, and what remedies may exist. Michael Morell, former Acting Director of the Central Intelligence Agency and Hayden Center senior fellow, moderates. Joining him are Mary DeRosa, a former legal counsel at the National Security Council and Georgetown University law professor; John Fitzpatrick, formerly the director of the Intelligence Security Oversight Office at the National Archives and NSC senior director for Records Access and Information Security Management; and Larry Pfeiffer, director of the Hayden Center and formerly the senior director of the White House Situation Room and CIA Chief of Staff.”
9. Ukrainian SBU Detained Russian Agent in Odessa
On September 27th the Security Service (SBU) of Ukraine announced that they “detained a Russian agent who “directed” kamikaze drone strikes in the south of Odessa. He scouted the locations and movements of the Defence Forces of Ukraine in the south, gathering information about the locations of bases of units of the Armed Forces of Ukraine, law enforcement and law enforcement structures, the number of personnel and military equipment. In addition, he established the exact coordinates of checkpoints and sites of critical infrastructure, especially in the field of heat and energy supply. The enemy planned to use this data to prepare sabotage and carry out airstrikes, including cruise missiles and kamikaze drones. According to the investigation, the traitor is a resident of the city of Reni, who was recruited by the Russian intelligence services after the start of the full-scale invasion. He transmitted intelligence to the occupiers through an anonymous Telegram channel, in the form of a “photo report” with marks on an electronic map and a detailed description of “observations”. The attacker was detained while trying to transfer classified information to Russia.”
10. 12 Senior Indonesian Officials Targeted by NSO Software
The Jerusalem Post reported on Friday that “more than 12 senior Indonesian military and government officials were targeted by software developed by Israeli cyber company NSO Group, Ynet reported on Thursday night, citing sources familiar with the matter, six of whom were interviewed by Reuters and said they had also been targeted by the software. The officials include Coordinating Minister for Economic Affairs Airlangga Hartarto, a senior military official, two local diplomats and advisers to Indonesia’s foreign and defense ministers, according to the Ynet report. The report cited Apple and cybersecurity experts as saying the victims had been targeted using the ForcedEntry exploit, which is used to remotely hack into iPhones.”
11. U.S. Says Army Major and Wife Tried to Leak Military Health Data to Russia
Reuters reported on September 30th that “a U.S. Army major and his anesthesiologist wife have been criminally charged for allegedly plotting to leak highly sensitive healthcare data about military patients to Russia, the Justice Department revealed on Thursday. Jamie Lee Henry, the major who was also a doctor at Fort Bragg in North Carolina, and his wife, Dr. Anna Gabrielian, were charged in an unsealed indictment in federal court in Maryland with conspiracy and wrongful disclosure of individually identifiable health information about patients at the Army base.” You can find the official US Department of Justice press release here.
12. Russia Detains Japanese Consul on Spying Charge; Tokyo Hints at Retaliation
On September 27th Reuters reported that “Russia’s FSB security agency said on Monday it had detained a Japanese consul in Russia’s Pacific port city of Vladivostok for suspected espionage and ordered him to leave the country. The consul was released after a few hours of detention by the Russian agency. Tokyo has lodged a “strong protest” about the detention and signalled it may retaliate, Japan’s Chief Cabinet Secretary Hirokazu Matsuno told a media briefing on Tuesday. The FSB said the consul, Motoki Tatsunori, was declared persona non grata after he was caught “red-handed” receiving secret information on the effects of Western sanctions on the economic situation in Russia’s far east. It said the classified information, which also concerned Russia’s cooperation with an unnamed Asia-Pacific country, had been obtained in return for a “monetary reward”. Moscow has protested to Tokyo over the consul’s actions through diplomatic channels, it said.” Here is the official FSB announcement.
13. Crypto Museum: The Enigma G (Zählwerksmaschine G31)
This week the Crypto Museum published a new page for the Enigma G. As per its description, “Enigma G, or Enigma Model G31, is an Enigma cipher cipher machine, developed around 1931 by Chiffriermaschinen AG (ChiMaAG) in Berlin (Germany). It is a so-called Zählwerksmaschine (counter machine) and can be seen as a smaller version of its predecessor, Enigma Model A28. The machine is popularly known as Abwehr Enigma and also by its factory designator Ch.15a. During World War II, the codebreakers at Bletchley Park (BP) called it the 11–15–17 machine, after the number of turnover notches on the rotors. Approx. 350 units were manufactured.”
14. Podcast: Modern Wisdom: Navy Seal To CIA Contractor — Shawn Ryan
This week the Modern Wisdon Podcast released a new episode, nearly 2 hours long, featuring former US Navy SEAL and CIA GRS contractor, Shawn Ryan. As per the video’s description, “Shawn Ryan is a former US Navy SEAL, former contractor for the CIA and a podcaster. The world’s special operations are done in the darkness. If Navy SEALs are a spectre then CIA Contractors are their shadows. Shawn spent decades working behind enemy lines all over the world and has some crazy insights into that life, plus how it feels to re-integrate back into normal society. Expect to learn what it’s like to train Keanu Reeves for John Wick, why physical abuse from your fellow SEALs might be just what you need, the crazy breadth of tasks CIA contractors are asked to complete, why the establishment elite are losing touch with every day people, Shawn’s reflections on sobriety after drinking to deal with his anger and much more…”
15. Leaked: German Intelligence Helps Ukraine with Classified Information
On September 29th the Hungarian InfoStart published an article saying that “the joint research conducted by the ARD public television and the weekly newspaper Die Zeit shows that Germany supports Ukraine much more intensively than was previously known. For months, the Federal Intelligence Service has been providing Ukraine with militarily intelligence about Russian military activity. The information is handed over by the BND to the Ukrainian secret service with the approval of the German government. They contain analyses of the combat strength and morale of the Russian units, as well as intercepted radio and mobile phone communications and, to a large extent, satellite images. According to assessments, this information will provide significant assistance to the preparation of Ukraine’s planned military operations. According to the joint research since May, the German side has handed over more than a hundred text reports and satellite images to the Ukrainian partner service. The intelligence handed over included, among other things, intercepted so-called signal intelligence SIGINT data about ammunition warehouses in the occupied territories, as well as satellite images of the location and number of Russian aircrafts. The satellite images come from a system operated jointly by the German army, the Bundeswehr and the BND. The system in question has small satellites that take pictures independent of time of day and weather.”
16. Finnish Supo: National Security Review: The Way Russian Intelligence Operates is Changing
On September 29th the Finnish Security & Intelligence Service (Supo) issued a press release stating that “facing obstacles to human intelligence operations in the West, Russia has turned to the cyber environment and other intelligence sources, including foreigners in Russia. Published by the Finnish Security and Intelligence Service (Supo) on 29 September, the National Security Overview describes this revised approach.” According to it, “the main intelligence gathering approach traditionally applied by the Russian intelligence services is human intelligence under diplomatic cover. This has become substantially more difficult since Russia launched its war of aggression in Ukraine, as many Russian diplomats have been expelled from the West. Even though there are still some active intelligence officers working in Finland, the Finnish government has probably severed the connections to their Russian networks, at least for the time being, and little information is available through the usual channels. Russian intelligence will probably seek to adapt its operations to these new conditions. “We consider it highly likely that Russia will turn to the cyber environment over the winter,” explains Supo Director Antti Pelttari. The Russian security and intelligence services are increasingly targeting foreigners who reside in or visit Russia. Russians working in the West may also be a target of intelligence gathering when visiting their home country. Russian citizens serving in critical positions in Finland may be subject to coercion from Russian authorities.” The threat of corporate espionage by Russia is also increasing as sanctions necessitate the launch of high-technology manufacturing to replace imports from the West. This places a particular premium on data security in Finnish businesses.”
17. United States CIA Doctor Hit by Havana Syndrome Says he Was in ‘Disbelief’ as he Suffered What he Was Investigating
CNN published a story on September 25th stating that “CIA physician Dr. Paul Andrews was one of the first people sent to Havana, Cuba, to investigate a spate of mysterious health incidents that were impacting embassy and agency personnel in 2017 when he was struck by the same set of debilitating symptoms, he told CNN Chief Medical Correspondent Dr. Sanjay Gupta in his first public interview for a CNN Special Report: “Immaculate Concussion: The Truth About Havana Syndrome.” Andrews, who is using a pseudonym in order to speak publicly, had already been studying the first victims of what has come to be known colloquially as “Havana syndrome,” or officially as “anomalous health incidents.” Physicians in Florida had recorded a series of symptoms that hinted that victims were suffering from a brain injury that was impacting their balance, among other things. Andrews traveled to Cuba to investigate about two months after he became aware of the first cases. He wasn’t too worried for his own safety, at first. On his first night, he went to sleep around 11:30 p.m. in his hotel room. But shortly before 5 a.m., he was awakened by severe pain in his right ear, nausea and a terrible headache. Then he began to hear a clicking noise that past victims had reported hearing at the onset of their symptoms — a sound that Andrews had previously only heard on audio clips. His first thought was that he was dreaming. “This can’t be happening. And I sat on the edge of the bed for a minute, and things were getting worse and worse and worse,” he recalled. “I’m really in disbelief. And I start to think, is this a dream? I had no idea.” Because officials at the time suspected some kind of sonic attack, Andrews went into the bathroom and sat with headphones on for 45 minutes. The symptoms didn’t abate, and by 6 a.m., he had decided to pack up and leave the room. But he found that he could hardly pack.”
18. Ukrainian SBU Dismantled Russian Spy Network near Kramatorsk and Zaporizhzhia
On September 28th Ukraine’s SBU announced that they dismantled “a Russian intelligence network that was gathering intelligence about fortifications near Kramatorsk and Zaporizhzhia. The Security Service detained two Russian agents in the front-line areas of Donetsk region. They scouted combat positions and routes of movement of units of the Armed Forces in the region. In addition, the agents transmitted to the enemy information about geolocations and engineering features of fortifications near the lines of the eastern and southern fronts. One of the enemy accomplices was detained as a result of a special operation of the SBU counter-intelligence in Kramatorsk. According to the instructions of the occupiers, he was supposed to collect intelligence about the defence of the city. Another Russian agent was detained by the Security Service in Pokrovsk. The agent was scouting locations and movement routes of Ukrainian troops in the front-line areas of Donetsk region and Zaporizhzhia. For this purpose, she visited the territories of both regions and secretly observed the sites of the Armed Forces.”
19. Montenegro Investigates Possible Russian Espionage Network
DW reported on September 29th that “the Montenegrin authorities have launched an investigation into an unspecified number of people on suspicion of espionage, said on Thursday, September 29, a representative of the Special State Prosecutor’s Office (SDT) of the republic. According to the Podgorica newspaper Pobjeda , the National Security Agency of Montenegro (ANB) and the Special State Prosecutor’s Office detained six Russian diplomats, 30 Russian citizens with a temporary residence permit and two Montenegrins on suspicion of espionage. The publication indicates that among those detained on suspicion of collaborating with Russian intelligence services is Radomir Sekulovich, a long-term employee of the Montenegrin Ministry of Foreign Affairs, who was the press secretary of the Ministry of Foreign Affairs during the state union of Serbia and Montenegro. Meanwhile, the Ministry of Foreign Affairs of Montenegro declared 6 Russian diplomats from the Russian Embassy persona non grata. The actions of these persons are contrary to the Vienna Convention on Diplomatic Relations, explained in Podgorica.”
20. United States NSA, Intelligence Community Leaders Lift Veil on Strategic Priorities During 2022 Intelligence and National Security Summit
On September 26th the NSA reported that the “National Security Agency (NSA) Deputy Director George Barnes recently sat alongside leaders from five Intelligence Community (IC) counterparts to discuss the IC’s response to current events, emerging threats, and collaboration between government, industry, and academia at the 2022 Intelligence and National Security Summit. When each panelist was asked to discuss how their Agency’s focuses have shifted in the year since the previous summit, Mr. Barnes detailed NSA’s commitment to building a world-class workforce to prevail in strategic competition.”
21. Statement on the Fatal Flaws Found in a Defunct CIA Covert Communications System
Citizen Lab published a statement for their investigative work on September 29th saying that “in 2018, Jenna McLaughlin and Zach Dorfman of Yahoo News reported that a system used by the CIA to covertly communicate with its assets around the world had been compromised by Iran and China around 2011. The compromise reportedly led to the death of “more than two dozen sources” in China in 2011 and 2012, and also reportedly led Iran to execute some CIA assets and imprison others. Because the network was used by CIA assets around the world, the compromise also reportedly enabled Iran and China to track espionage activities outside of their borders, related to other countries. While relevant oversight bodies reportedly performed an investigation into the as-yet-unreported compromise in 2013, Yahoo News reported that those responsible for the intelligence failures were never held accountable: “One of the central concerns among those familiar with the scope of the breakdown is the institutions responsible for it were never held accountable.” In 2022, we learned from Reuters journalist Joel Schectman that a CIA asset who was captured in Iran, and subsequently served seven years in prison, communicated with his agency handlers via a hidden communications app on a website iraniangoals[.]com. Reuters reports that Iran’s compromise of the network may have led to the asset’s capture. We investigated the website in an effort to understand the vulnerabilities leveraged by Iran and China, and to learn whether the United States had been using an irresponsibly secured system for asset communication. Our investigation, led by Citizen Lab senior researcher Bill Marczak, confirmed the reports of a fatally insecure network. We shared our findings with Schectman, whose Reuters story can be found here: America’s Throwaway Spies: How the CIA failed Iranian informants in its secret war with Tehran.”
22. Turkish MIT Assassinates Kurdish PKK Member in Syria
QHA reported on September 28th that “the National Intelligence Organisation (MIT) neutralised PKK/KCK member Sabah Oğur, who was wanted in the red category and responsible for the forest fires, with the operation it carried out in the Syrian city of Aleppo. According to security sources, members of the organisation in Syria and Iraq were closely surveilled in order to neutralise the high-level cadres of the PKK/KCK-PYD/YPG. Thanks to the work carried out by the MIT, it has been determined that the MIT operates at a responsible level in Turkey, Iraq and Syria, take part in the actions, and provides new cadres to the organisation by carrying out so-called “children of fire” structuring, which carries out the forest fire actions in Turkey. It has been determined that Sabah Oğur, code-named “Şilan Emgihan”, who is in the red category in his list, crossed from Iraq to Syria. MIT pressed the button for the operation after it was determined that the exact location of Sabah Oğur, who was also stated to be involved in the management of the youth group affiliated to the PKK/KCK Presidential Council, was the Sheikh Maksut region of Aleppo. Oğur was neutralised in the operation. Zahra Oğur, a member of PKK/KCK-PYD/YPG, brother of Sabah Oğur, who gave instructions for many actions, was also neutralised in 2010.”
23. AFCEA’s International Journal: SIGNAL — October 2022
On Saturday the United States Armed Forces Communications and Electronics Association (AFCEA) released its October 2022 issue of the SIGNAL journal. Some of its articles are: 1) The NRO Adjusts Its Orbit, 2) Chasing a Moving Cyber Target, 3) Managing Open Source Data in Cross-Domain Environments, and others.
24. Fox News: Meet the Alleged Chinese Spy who Worked for Hunter Biden
This week Fox News published a short story about about Chinese espionage targeting US government officials, and diving into the details of alleged female Chinese spy JiaQi Bao, a former Chinese government researcher who worked at US President Joe Biden’s son, Hunter Biden, as his assistant. Leaked emails shown by Fox News demonstrate how Bao was influencing Hunter Biden to, in turn, influence his father’s decisions.
25. ASIO: 1970s Concealment Devices for Tessina Camera
On September 27th the Australian Security Intelligence Organisation (ASIO) published a tweet with some previously unknown concealment device saying that “ASIO once used rolled up magazines for more than swatting flies. These circa 1970 Caravan World magazines concealed a Tessina sub-miniature camera to covertly capture intelligence on spies & terrorists.”
26. Sabotage Suspected in Undersea Gas Pipeline Explosions in the Baltic
As reported by the Warzone, “various European leaders are suggesting that sabotage is the most likely reason for mysterious gas leaks that have struck two undersea pipelines in the Baltic amid confirmation of several explosions in the area. The leaks affect the Nord Stream 1 and 2 pipelines, used to carry gas from Russia to Europe and which have been at the center of an ‘energy war’ between Moscow and the West since Russia invaded Ukraine in late February.
27. US CIA Warned Berlin About Possible Attacks on Gas Pipelines in Summer
Following story #26, Reuters reported that “the U.S. Central Intelligence Agency (CIA) had weeks ago warned Germany about possible attacks on gas pipelines in the Baltic Sea, German magazine Spiegel said on Tuesday, after gas leaks in Russia pipelines to Germany were reported. The German government received the CIA tip in summer, Spiegel reported, citing unnamed sources, adding that Berlin assumes a targeted attack on Nord Stream 1 and 2 pipelines. A German government spokesperson declined to comment, Spiegel added.”
28. Swedish Intelligence Investigates Nord Stream Sabotage
Following stories #26 and #27, with an official statement on September 28th, the Swedish security agency stated that they “have taken over the preliminary investigation from the Swedish Police regarding the incident at Nord Stream. The crime classification is currently serious sabotage. The security service takes over the investigation because it may be a serious crime that may at least partially be directed against Swedish interests. Nor can it be ruled out that a foreign power is behind it.”
29. Denmark: Nord Stream Leaks Caused by Sabotage
Following stories #26, #27 and #28, Energy Intelligence reported that “Denmark’s Prime Minister said on Tuesday that gas leaks from the two Nord Stream pipelines in the Baltic Sea were the result of “deliberate actions.” Leaks were detected on Monday and Tuesday from the Nord Stream and Nord Stream 2 pipelines that were built to transport Russian gas beneath the Baltic Sea to Germany. Experts in Denmark and Sweden said seismic signals indicated that the leaks were triggered by explosions. “It is now the clear assessment by authorities that these are deliberate actions. It was not an accident,” Prime Minister Mette Frederiksen told reporters in Copenhagen. “There is no information yet to indicate who may be behind this action,” she added. Neither of the pipelines had been delivering gas to Germany recently because of the deterioration in relations between Europe and Russia over the war in Ukraine. US Secretary of State Antony Blinken, speaking to reporters in Washington on Tuesday, said that if initial reports of an “attack or some kind of sabotage” were confirmed, “that’s clearly in no one’s interest.” Russian President Vladimir Putin’s spokesman, Dmitry Peskov, said the incident was “unprecedented” and posed a major threat to the region’s energy security.”
30. Russian SVR Announced the 18th Meeting for the Heads of Intelligence Agencies from the CIS Member States
Through a formal press release the Russian Foreign Intelligence Service (SVR) stated that “on September 30, 2022, Moscow hosted the 18th Meeting of the Heads of Security Agencies and Intelligence Services of the CIS Member States for Intelligence Activities. The event was attended by delegations from Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Tajikistan and Uzbekistan. At the meeting, the results of interaction over the period that has passed since the last meeting were discussed, regional issues of cooperation between intelligence services in the field of ensuring security and stability in the Commonwealth countries in the context of the aggressive plans of the West to maintain global leadership on a concept unacceptable to the international community, based on a unipolar world order led by the United States. The heads of the intelligence agencies expressed the opinion that the open violation by the United States and its allies of international law, the norms of interstate treaties and agreements can unbalance the existing security architecture and significantly increase the potential for conflict in certain regions. The importance in the current conditions of further strengthening the diverse practical interaction between the special services of the CIS countries was emphasised. As part of the work of the advisory body, the Russian President met with the heads of the intelligence services of the Commonwealth countries via videoconference. In his address to the participants of the meeting, V. V. Putin noted that strengthening stability and security in the CIS space remains an invariable priority for our countries. He stressed the importance of consolidating the efforts of the intelligence services in joint work to counter external challenges and threats affecting the vital interests of the Commonwealth countries. The Memorandum adopted at the end of the meeting recorded the intention of the partner intelligence services to expand the forms and areas of cooperation, as well as to strengthen interaction in the work to ensure the security of the CIS states.”
31. US Designated Key Operatives of IRGC Quds Force Who Work with Turkey’s Intelligence Chief
On September 26th the Nordic Monitor published an investigative article stating that “the US designation of a Turkish-based money laundering network run by the Islamic Revolutionary Guard Corps (IRGC) Quds Force hit the close associates of Turkish intelligence chief Hakan Fidan, a pro-Iranian Islamist figure. The designation, announced by the US Treasury in May, sanctioned key operatives of the Quds Force that have secretly been working with Fidan for years. The information provided by US officials corroborated the findings of Turkish police, who had already identified the designated individuals as part of the Quds Force network during a criminal probe run by public prosecutors between 2011 and 2014. According to the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), Turkish nationals Hakkı Selçuk Şanlı, Abdulhamit Çelik and Seyyid Cemal Gündüz worked with IRGC official Behnam Shahriyari in an international oil smuggling and money laundering network that generated hundreds of millions of dollars on behalf of Iran and its proxy Hezbollah in Lebanon. The US move rings alarm bells for Turkish spy master Fidan, a confidant of Turkish President Recep Tayyip Erdoğan who was groomed in Shiite study circles during his youth and described as a high value asset by the IRGC.”
32. United States CIA Launches “Langley Files” Podcast Series
On September 29th the United States Central Intelligence Agency (CIA) launched a podcast series called “The Langley Files”, available at the Agency’s website. So far it has published: 1) The Langley Files -Trailer, 2) Episode 1 — CIA Director, Bill Burns, Brings the Agency Out from the Shadows, and 3) Episode 2 — CIA: 75 Years and Counting.
33. Ukrainian SBU Dismantled Russian Spy Ring in Odessa
On September 29th Ukraine’s SBU announced that they dismantled “a Russian intelligence network that was preparing provocations in Odessa for Putin’s birthday. Employees of the Security Service of Ukraine and the State Bureau of Investigation exposed the intelligence network of the Russian intelligence services in Odessa. The task of the group was to carry out subversive activities in the territory of the region. In particular, they performed the following tasks of the surveyors: ▪ ️collected information about law enforcement officers, pro-Ukrainian activists and ATO participants to form so-called “wipe-down lists” if the Russians managed to capture the region; ▪ ️carried out provocative actions and information operations about the alleged support of the “Russian Peace” by Odessans; ▪ ️bought weapons and related goods for the Russian DRG, which they planned to “throw” into the city. In particular, on August 22, they held a provocative action in Odessa on the day of the Russian national flag: they hung an enemy tricolor with the inscription “Odessa — русский город” and gave these photos to the Russian mass media. The next promotion was supposed to be “Happy Birthday to Putin” on October 7. The agents planned to create a picture allegedly of Ukrainian Odessa sincerely congratulating the president of Russia. This task, as well as the preparation of the “material and military base” for potential DRG groups, required significant funds. So they tried to kidnap one of the local pro-Ukrainian businessmen, for whom they planned to demand a ransom. The traitors were going to keep the man in the basement with the help of drugs, and under the threat of physical violence, force him to redraw the real estate and give up other valuables. However, thanks to the proactive actions of the Security Service, the attackers were apprehended during the attempted kidnapping of the businessman.”
34. US NSA Employee Leaked Classified Cyber Intelligence, Charged with Espionage
On September 29th the NextGov reported that “a former National Security Agency employee was arrested on Wednesday for spying on the U.S. government on behalf of a foreign government. Jareh Sebastian Dalke, 30, was arrested in Denver, Colorado after allegedly committing three separate violations of the Espionage Act. Law enforcement allege that the violations were committed between August and September of 2022, after he worked as a information systems security designer at the agency earlier that summer. Dalke allegedly used an encrypted email account to leak sensitive and classified documents he obtained while working at the NSA to an individual who claimed to have worked for a foreign government. The individual who received the documents was later revealed to be an undercover FBI agent. Dalke was arrested in September upon arriving at the location where he and the undercover agent agreed to exchange documentation for $85,000 in compensation. “Dalke told that individual that he had taken highly sensitive information relating to foreign targeting of U.S. systems, and information on U.S. cyber operations, among other topics,” the press release from the Department of Justice reads. “To prove he had access to sensitive information, Dalke transmitted excerpts of three classified documents to the undercover FBI agent. Each excerpt contained classification markings.” The classification of the leaked documents ranged from Secret to Top Secret. When Dalke shared the initial preview of each document to prove his access, he requested payment in cryptocurrency. The FBI agent initially complied with this request and deposited the sum to an address provided by Dalke.” Here is the official US Department of Justice press release.
35. Podcast: True Spies: Veil of Beads, Part 2/3: The Ritual
Following last week’s part 1, this week SpyScape’s True Spies series published the second of the three parts of the story. As per its description, “everywhere on Earth has its own flavors of greed, corruption and lies. And everywhere produces its own champions — beacons of light in the murk. In Sub-Saharan Africa, that champion is Anas Aremeyaw Anas — investigative reporter extraordinaire. Hiding his face behind a veil of beads, Anas goes deep undercover to expose the rot at society’s heart. In Part 2, Vanessa Kirby follows Anas and a rookie journalist, Henry Mhango, into a dangerous confrontation with a gang of unscrupulous ritual killers.”
36. Explainer: Britain’s Proxy War on Russia
On September 27th the Declassified UK published a new investigative article saying that “UK participation in the Ukraine conflict is far-reaching, involving military and intelligence support, arms supplies and information warfare. But as Ukraine makes gains on the battlefield, Whitehall sees the war not only as a way to defend Kyiv but to ensure the strategic defeat of its rival, Russia — a dangerous strategy.” Among others it states that “information on support to Ukraine from the UK intelligence agencies is, as ever, murky. But US reporter Tom Rogan, citing three Western intelligence sources, writes that the UK military effort is being led by MI6 and that “Ukraine’s deep battlespace effort owes especial thanks to Britain — specifically to British strike and reconnaissance special forces personnel inside Ukraine”. The US and UK are providing satellite, electronic warfare, signals, and cyber intelligence, Rogan writes. He adds that Ukraine’s escalating campaign is a direct extension of long-standing British special forces doctrine. This involves the deployment of very small (4, 8 or 16 person) patrols deep into enemy territory which gather targeting intelligence for commanders at the rear. Those teams also conduct sabotage operations against targets such as logistics trains, command centres, and high-value targets such as aircraft, ammunition dumps, and fuel depots.”
37. The United States NSA European Cryptologic Centre (ECC) in Germany
Dutch researcher Electrospaces published a Twitter thread giving an overview of the US NSA’s ECC. As per the thread, “in 2016, the NSA’s European Cryptologic Center (ECC) moved into the new Consolidated Intelligence Center (CIC), which is right in front of the Mission Command Center of the US Army Europe at the Lucius Clay Kaserne near Wiesbaden in Germany. Besides the European Cryptologic Center, the NSA also has four regional Cryptologic Centers in the United States: in Hawaii, Georgia, Texas and Colorado.”
38. Chinese National Convicted of Acting Within the United States as an Unregistered Agent of the People’s Republic of China
The US Department of Justice issued a press release on September 26th stating that “a federal jury in Chicago today convicted a Chinese national of acting illegally within the United States as an agent of the People’s Republic of China. JI CHAOQUN, 31, was found guilty on one count of conspiracy to act as an agent of a foreign government, specifically the People’s Republic of China, without first notifying the Attorney General; one count of acting as an agent of the People’s Republic of China without first notifying the Attorney General; and one count of making a material false statement to the U.S. Army. The jury acquitted Ji on two counts of wire fraud. The conviction for acting as an unregistered Chinese agent is punishable by up to ten years in federal prison, while the conspiracy and false statement convictions are each punishable by up to five years. U.S. District Judge Ronald A. Guzman did not immediately set a sentencing date.” The announcement also says that “evidence presented at the two-week trial in U.S. District Court in Chicago revealed that Ji worked at the direction of high-level intelligence officers in the Jiangsu Province Ministry of State Security, a provincial department of the Ministry of State Security for the People’s Republic of China. Ji, a Chinese citizen residing in Chicago, was tasked by Xu Yanjun, a Deputy Division Director within the Ministry of State Security, with providing an intelligence officer with biographical information on certain individuals for possible recruitment by the JSSD. The individuals included Chinese nationals who were working as engineers and scientists in the United States, some of whom worked for U.S. defense contractors. This tasking was part of an effort by the Jiangsu provincial department to obtain access to advanced aerospace and satellite technologies being developed by companies within the U.S. Xu was convicted last year in the Southern District of Ohio of conspiracy and attempting to commit economic espionage and theft of trade secrets.”
39. The CIA in Ukraine — Philip Agee Would Have Been Outraged
David Starr of the Covert Action Magazine published an article on September 27th starting by saying that that “the U.S. establishment called the 2014 overthrow of President Victor Yanukovych in Ukraine a “revolution.” But given his commitment to social justice and equality, former CIA agent-turned-CIA-whistleblower Philip Agee would have known better. He would call it more accurately a violent, CIA-backed coup. Agee would have recognized the usual pattern within the United States’s imperialist, foreign policy: to protect U.S. interests in its attempt to make Ukraine a market satellite, even though the latter is on the other side of the world. Agee would have been aware of the imposition of private monopolies characteristic of capitalism, or what is called neoliberalism. The idea of taking advantage of the wealth, resources and labor in the former Soviet republic as it has done in other nations.” The article concludes that “if Philip Agee were alive today, could he possibly expose CIA agents in Ukraine? It may be more difficult since the international situation has changed with the dissolution of the Soviet Union. Back in the 1960s and 1970s, the Left had momentum, which made it easier for Philip Agee to expose CIA agents compared to now with the Left on the defensive. The only revolution the U.S. was involved in was its own. It also contributed to defeating Nazism and fascism during the World War II. Other than that, it has supported counter-revolutions with the CIA playing a major role. In Ukraine, the pattern has continued with the CIA aiding and training Ukrainian Nazis. Philip Agee would not have been surprised.”
40. Podcast: Cold War Conversations: The 1962 Cuban Missile Crisis with Sir Max Hastings
On October 1st, the Cold War Conversations released a new episode. As per its description, “the 1962 Cuban Missile Crisis is reckoned to be one of the most perilous events in history when the World faced a looming nuclear collision between the United States and Soviet Union. During those weeks, the world gazed into the abyss of potential annihilation. I speak with Sir Max Hastings whose new history Abyss: The Cuban Missile Crisis 1962 tells the story from the viewpoints of national leaders, Russian officers, Cuban peasants, American pilots and British disarmers. The period is brought to life with eye-witness interviews, archive documents and diaries, White House tape recordings, and top-down analysis. More than purely a focus on the 13 days of the crisis, the book provides context through the Cold War experiences of Fidel Castro’s Cuba, Nikita Khrushchev’s Russia, and Kennedy’s America. Among the areas we discuss are how Cuba became a crisis, the failure of intelligence on both sides, and those nail-biting Thirteen Days in which Armageddon beckoned.”
41. Ukrainian SBU Uncovered FSB Agent in Khmelnytskyi
On September 30th, the Ukrainian Security Service (SBU) issued a press release stating that “as a result of a multi-stage special operation, the Security Service exposed in the Khmelnytskyi region an “opened” FSB agent — a Russian citizen, who arrived in Ukraine in January 2022. His “cover” was allegedly visiting relatives. And the real task is to create an extensive agent network for gathering intelligence and carrying out sabotage in the western regions of our country. The agent came to Ukraine on the personal instructions of the former head of the Vityaz Special Forces unit of the Russian Guard, Colonel Sergey Lysyuk. This ex-commander of the Russian special forces is part of the Kremlin’s inner circle. If the front line approaches Khmelnytskyi, he promised a Russian agent to “take” him to the occupied territory through a “special corridor.” According to the investigation, the spy is a former special forces officer of the internal forces of Russia, who repeatedly took part in hostilities, including in the North Caucasus. There he was on agent liaison with the FSB, but after his retirement, he was transferred to the “waiting mode” and “uncanned” by being transferred to Ukraine. The operatives of the Security Service established that the activities of the spy were coordinated by the personnel officer of the FSB, Colonel Yevhenii Petrushin with the call sign “Gestapo”. In the past, he was engaged in the training of special forces, and also held the positions of deputy head of the FSB department in Dagestan and “first deputy head of the KGB” of the self-proclaimed Transnistria. Coordinating with Petrushin, the agent scouted locations of deployment and movement of units of the Armed Forces of Ukraine and collected information on the state of mobilisation and features of operation of strategically important critical infrastructure facilities in the region. To do this, the attacker carried out covert surveillance and tried to establish “necessary” connections with local residents. He received money from his “handlers” from Russia for intelligence and subversive activities. Closed channels of electronic communication were used to communicate with each other.”
42. Turkish MIT Captured 3 PKK Members in Syria
On September 29th local media reported that “according to information obtained from the security sources, the National Intelligence Organisation (MIT), the terrorist organisation PKK / PYD / YPG 3 members, in order to carry out an action against the security forces through the operation zones cleared from terrorism in Syria, Tel Rifat-Azez-Afrin-Kilis/Gülbaba village route He determined that he was planning to transfer to Amanos. Following the MIT teams, Ferhad Edemen with the code name “Adnan Piro”, Ozan Tunç with the code name “Bahtiyar”, Mehmet Kaykır with the code name “Çem Riha” reached the Euphrates Shield Operation area, departing from Tel Rıfat. Terrorists were brought to the entrance of Afrin city centre from the Euphrates Shield Operation area by members of the Syrian National Army, who concealed their identity. MIT teams caught 3 terrorists with their weapons and equipment on the Afrin-Azez highway.”
43. New Russian GRU Cyber Espionage Tool “CredoMap” Used to Target Individuals in Ukraine
The Security Scorecard private cyber security firm published a technical analysis of a previously unknown cyber espionage tool, dubbed CredoMap, developed and used by the Russian GRU to target individuals in Ukraine.
44. Research Sheds Light on Japan’s Wartime Espionage Network Inside the United States
The Intel News published a new article on September 26th saying that “much has been written about the wartime intelligence exploits of the Allies against Japan. Such exploits range from the United States’ success in breaking the Japanese JN-25 naval code, to the extensive operations of the Soviet Union’s military intelligence networks in Tokyo. In contrast, very little is known about Japan’s intelligence performance against the Allies in the interwar years, as well as after 1941. Now a new paper by an international team or researchers sheds light on this little-studied aspect of intelligence history. The researchers, Ron Drabkin, visiting scholar at the University of Notre Dame, K. Kusunoki, of the Japan Maritime Self-Defence Force, and Bradley W. Hart, associate professor at California State University, Fresno, published their work on September 22 in the peer-reviewed journal Intelligence and National Security. Their well-written article is entitled “Agents, Attachés, Intelligence Failures: The Imperial Japanese Navy’s Efforts to Establish Espionage Networks in the United States Before Pearl Harbor”.”
45. North Korean Cyber Espionage Targeting EU Individuals
As reported by Bleeping Computer “the notorious North Korean hacking group ‘Lazarus’ was seen installing a Windows rootkit that abuses a Dell hardware driver in a Bring Your Own Vulnerable Driver attack. The spear-phishing campaign unfolded in the autumn of 2021, and the confirmed targets include an aerospace expert in the Netherlands and a political journalist in Belgium. According to ESET, which published a report on the campaign today, the primary goal was espionage and data theft. the EU-based targets of this campaign were emailed fake job offers, this time for Amazon, a typical and common social engineering trick employed by the hackers in 2022. Opening these documents downloads a remote template from a hardcoded address, followed by infections involving malware loaders, droppers, custom backdoors, and more.”
46. Podcast: Jane’s Intelligence: OSINT Ethical Considerations with Amy Zegart
This week Janes’ World of Intelligence released a new podcast episode. This episode is hosted by Harry Kemsley, President of Government & National Security, Janes and features Amy Zegart, the Morris Arnold and Nona Jean Cox Senior Fellow at the Hoover Institution. She is also a senior fellow at the Freeman Spogli Institute of International Studies, professor of political science at Stanford University, and a contributing writer to The Atlantic. As well as, “Sean Corbett retired from the Royal Air Force in September 2018 after a 30-year career as a professional intelligence officer, where he reached the pinnacle of his profession. He then established a Defence, Security and Intelligence Directorate within a ‘new space’ geospatial intelligence company, Earth-i, where he advanced innovative Al applications to earth observation data in support of the defence and security sector, and instigated the concept of ‘intelligence as a service’, leveraging a wide spectrum of publicly available information to answer challenging questions for the community. In October 2019, he set up his own business as a consultant specialising in the provision of strategic advice, commercial intelligence, the space sector, and the optimisation of organisational leadership and change management.”
47. Wiped Out: Major Blow to Putin as Spy Chief is Killed in ‘Pinpoint’ Ukrainian Strike with US-Made Missile Before Tyrant’s Speech
The Sun published this story on September 30th saying that “Colonel Aleksey Katerinichev was blasted in a “pinpoint” strike today — just hours before the tyrant gave a speech officially declaring four regions in Ukraine as Russian. Katerinichev, the deputy head of Russia’s occupying force in the Kherson region — one of the four areas being “annexed” by Putin — was hit by a US-made HIMARS missile, it is reported. A source told Russian state-owned TASS news agency: “Two rockets hit the house in which he was.” Katerinichev was in the centre of Kherson city when he was hit. His death is a major blow to the occupying forces and raises questions about Moscow’s control of areas it claims are now part of Russia. Katerinichev was a veteran of more than 20 counter-terrorist operations, and served also in the Russian border guards — part of the FSB — and the country’s emergency forces. It comes amid reports Alexei Nagin, commander of the infamous terror squad Wagner Group, has been killed in Ukraine. The 41-year-old was found dead near Bakhmut on September 20, according to reports. International intelligence community InformNapalm posted on Telegram that Nagin had been killed in Ukraine after serving in military operations in Chechnya, Georgia, Syria and Libya.”
48. UK: MI5 Website Briefly Knocked Offline by Possible Cyber Attack
On Friday the STV News reported that “the security service’s public site was briefly unavailable for intermittent periods in the morning but is now back online — with the incident resolved. The cause of the problem is being looked at but was considered to be a minor outage, the PA news agency understands. The website is believed to have been subject to a distributed denial-of-service (DDoS) attack, which seeks to disrupt a site by flooding it with web traffic in a bid to try and knock it offline. It is understood no sensitive information was held on, or connected to, the website and no data was lost. Anonymous Russia, reportedly a group of pro-Russian hackers, has apparently claimed responsibility for the attack, but whether they were behind it has not been verified.”
49. Podcast: Grey Dynamics: Corporate Intelligence, Global Risk and OSINT Tips with Gareth Westwood
On September 30th Grey Dynamics published a new podcast episode. As per its description, “in this episode of the Grey Dynamics Podcast, I spoke with Gareth Westwood. Garrett is an 11 year veteran of the intelligence community in the uk. He served in different roles in the military as well as in the foreign service. In the last two years, He spent his time building and running an internal global corporate intelligence team in a large pharmaceutical company as the head of Global Intelligence.”
50. United States NSA Announces Date of the National Cryptologic Museum Grand Opening
On September 28th the NSA issued an announcement saying that “the National Security Agency (NSA) is pleased to announce the Grand Opening of the National Cryptologic Museum (NCM) at 10:00 a.m. on Saturday, October 8, 2022. As NSA’s principal gateway to the public, the newly renovated museum will provide a unique opportunity to engage with cryptologic history in fresh and innovative ways — transporting visitors on a journey from the ancient world to present day exploring the dynamic role of cryptology in shaping our history. Located at the edge of NSA in Annapolis Junction, Maryland, the museum staff is busy preparing for the October opening. The October 8 grand opening event is open to the public and will include a variety of special events and offerings for visitors. Starting at 10:00 a.m. visitors will have the opportunity to see historic displays and artifacts spanning our Nation’s history from the Civil War, WWII, up through the Cold War. There will also be a Breakout Room, swag handouts, NSA K9 Police dog demonstrations, and so much more. Staff and docents will be there to answer your questions. And, if you’re staying a while to take it all in, you might want to take a break and visit some of the food trucks that will be on-site for this special event.”
51. 1 Key for 1 Lock: The Chinese Communist Party’s Strategy for Targeted Propaganda
Private intelligence firm Recorded Future published a threat analysis product on September 28th. As per its executive summary, “to maximize its influence over international audiences, the Chinese Communist Party (CCP) is striving to tailor its propaganda to the specific interests of target populations. This approach, which is defined by the concept of “precise communication”, adapts the market segmentation tactics of advertisers to design content and dissemination methods that appeal to the preferences
of a given group. China’s implementation of this strategy requires an in-depth understanding of target audiences, which is being attained — with the aid of international firms — through area studies research, in-country surveys, and online behavioral data. Precise communication has been heralded as a necessity and an era-defining shift by party-state media researchers; it is almost certainly driving an era of greater adaptability within the CCP’s propaganda apparatus, including party-state media’s deepening overseas localization, and very likely informing the CCP’s use of internet personalities for propaganda. Obstacles such as data privacy laws and international social media platform countermeasures are likely to inhibit the full realization of the CCP’s goal, but the party’s propaganda apparatus is actively seeking to find 1 “key” — a targeted message — for 1 “lock” — a specific audience that, from the party’s perspective, needs to be influenced.”
52. Pakistani ISI and CIA Cooperate Again under Pakistani Army Chief of Staff Qamar Javed Bajwa
On September 27th Intelligence Online reported that “the CIA and Pakistan’s ISI have buried the hatchet and started cooperating again, under the auspices of Pakistan’s armed forces chief, after tough negotiations between William Burns and Faiz Hamid.”
53. New Chinese Cyber Espionage Tool Found by Mandiant
As reported on September 29th, “Mandiant has discovered a new ecosystem of espionage-related malware targeting VMware ESXi, Linux vCenter servers, and Windows virtual machines that offers an attacker persistent administrative access, allows them to transfer files between hypervisors and guest machines, tamper with logging and execute arbitrary commands between virtual machines. The activity, detailed in a report released this morning, is being tracked under a new cluster, meaning Mandiant has not yet tied it to any previously known advanced persistent threat hacking group. The threat actor appears to be intentionally targeting devices without endpoint detection and response systems. Currently, Mandiant is aware of less than 10 organizations that are infected with the malware, but they expect that number to rise after their disclosure as security teams seek to detect the previously unknown activity.” The article also states that “the company offered few details regarding attribution or the identity or industries of the victims, saying only that the activity appears to have been done for espionage purposes and that they believe it has a “nexus to China,” an assessment that was made with only low confidence. That language is typically used by threat intelligence companies to convey that they believe a group may be operating from within a country or in ways that further their national interest but can’t conclusively be tied to any particular government.”
54. Pakistani NSC Picks Minister to Lead Panel Probing Audio Leaks
On September 29th it was reported that “the National Security Committee (NSC) on Wednesday constituted a body to investigate the leaks of conversations in the Prime Minister House, besides agreeing on putting in place a ‘legal framework’ pertaining to cyber security. Earlier in the day, Army Chief Gen Qamar Bajwa, while presiding over the corps commanders conference, directed the troops to go after terrorists as they have stepped up attacks, particularly against security forces. The NSC meeting was convened after a series of audio recordings of conversations featuring Prime Minister Shehbaz Sharif, key leaders of the ruling PML-N and senior officials surfaced on social media. The embarrassing leaks particularly raised concerns about the security arrangements at the PM House, which is otherwise considered a highly secure place. “The [NSC] meeting approved the formation of a high-powered committee to investigate the issue of audio leaks,” the PM Office said after the high-level session that was attended by key ministers, services chiefs and top spy agencies officials. The committee will be led by Interior Minister Rana Sanaullah.”
55. United States Spy Satellite Agency NRO Awards RF Geolocation Study Contracts to 6 Companies
Breaking Defense reported on September 28th that “the National Reconnaissance Office has kicked off a pilot program to collect data from satellites that track emitters of radio frequency signals — a long-awaited extension of the spy sat agency’s commercial data gathering portfolio. NRO today announced that Aurora Insight, HawkEye 360, Kleos Space, PredaSAR, Spire Global and Umbra Lab have won awards under NRO’s Strategic Commercial Enhancement’s (SCE) Broad Agency Announcement (BAA) Framework. Of the group, Luxembourg-based Kleos is the only non-US founded firm, although the company has a US subsidiary in Denver. “The contracts will have a 6-month base period of performance, with two 24-month options and additional options to extend further. Designed with low barriers to entry to accommodate emerging providers, we anticipate the initial value of each contract to be about $300K but they can quickly be scaled to much higher values as mission value, customer requirements, and on-orbit provider capabilities are confirmed,” a NRO spokesperson told Breaking Defense.”
56. Russian SVR: An English Guarding the Interests of our Country
On September 26th Russia’s SVR published an article for Sir Anthony Frederick Blunt (1907–1983). As per the article, “in 1937 he was involved in cooperation with the Soviet foreign intelligence on an ideological basis. The recruitment was carried out by the legendary illegal intelligence agent Arnold Deutsch, whom the art historian knew under the name Otto. During the Second World War, A. Blunt served in British counterintelligence. From him came information about the personnel of MI-5, British agents in other countries, materials of observation of the activities of Soviet intelligence in London. At the same time, on the instructions of Soviet intelligence, he attracted various persons to cooperate with it, from whom important intelligence was also received during the Second World War, including the position of England and the United States regarding the timing of the opening of a second front in Europe. In 1943, information intercepted by the British intelligence services was received from Anthony about the plans for the Nazi summer offensive in the Kursk and Orel region, which played an important role in the defeat of the Wehrmacht. Among the reports of Anthony — information about the separate negotiations between England and the United States with Nazi Germany in 1943–1944. In 1945, A. Blunt became an adviser to King George VI, but until the end of 1945 he remained in the personnel of the British counterintelligence MI-5. He used his connections in the British government with ministers and the queen’s personal secretary to obtain political information of interest to Soviet intelligence. Carried out confidential assignments of the British monarch in Europe. In 1956 he was awarded a knighthood by royal decree. In 1951, in connection with the exposure of Soviet intelligence agents D. MacLane and G. Burges, who were forced to move to Moscow, British counterintelligence had suspicions about A. Blunt. In 1964, British counterintelligence began the first interrogations of a Soviet agent, which were conducted in strict secrecy. Due to A. Blunt’s family ties with the royal family, no lawsuit was initiated against him, as this could compromise the monarchy. In 1979, British Prime Minister M. Thatcher, during a speech in parliament, announced that A. Blunt was a Soviet agent. Defending himself, he referred to the fact that during the Second World War, England had an agreement with the USSR on conducting joint intelligence and counterintelligence operations against Nazi Germany. The next years the scientist spent in the English capital and devoted himself to research activities in the field of art and architecture. He died on March 26, 1983. The feat of Anthony Blunt is a demonstration of how honest, strong-willed and conscientious people, risking their lives, freedom and reputation, fought for peace and did everything in their power to defeat fascism, as a phenomenon alien to humanity. Today this problem, unfortunately, has arisen again …”
57. Podcast: SpyCast: “The Past 75 Years” — with Historian of the CIA Rhodri Jeffreys-Jones
The International Spy Museum’s SpyCast podcast series published a new episode on September 27th. The intelligence topics covered are: 1) The CIA and the American presidents they served, 2) The founding of the CIA just as America became a global superpower, 3) Pearl Harbor, the USSR and covert action under Eisenhower, and 4) Assassinations, controversy, the Church Committee, and 9/11.
58. Turkey’s Intelligence Agency Fails to Submit 2021 Financial Report to Audit Court
On September 30th Ahval reported that “Turkey’s supreme auditing institution has failed to receive financial activity reports from the National Intelligence Organization (MİT) and the Turkish Statistical Institute (TurkStat) for the year 2021, Sözcü newspaper reported on Friday. TurkStat and MİT were among 17 public institutions that failed to provide the Turkish Court of Accounts, which performs audits on behalf of parliament, with their activity reports or financial statements for last year, Sözü said, citing the court’s “Activity General Evaluation Report 2021.” The Court of Accounts was thus unable to audit either institution, according to the report, which have come under criticism for increasingly coming under the influence of the President Recep Tayyip Erdoğan’s ruling Justice and Development Party (AKP). MİT in 2020 exceeded its budget by some 250 million ($35 million at the time) liras, Sözcü said. In 2021, the intelligence agency was allocated 300 million liras ($22 million) from the presidency investment budget, but spent more than double the amount of 631 million ($46.5 million) in investment last year, DW said.”
59. Virtual HUMINT Specialists Test New Avenues for Their Avatars
Intelligence Online published an article stating that “though increasingly sought after by government intelligence services, virtual human intelligence tools have reached a developmental dead-end. Social media sites have been tracking down avatars responsible for online influence campaigns.” The article is referring to private companies including: Cognyte, Cy4Gate, Verint and Vogel Group.
60. Former Hungarian European Parliament MP Sentenced to 5 Years for Spying for Russia
DW reported that “the Hungarian Supreme Court has sentenced Bela Kovacs, a former member of the European Parliament from the right-wing nationalist Jobbik party, to five years in prison on charges of spying for Russia , Mandiner reports on Tuesday, September 27. Kovacs was also found guilty of budget fraud and falsification of documents. In addition to a prison term, he is banned from holding public office for 10 years. Kovacs will be eligible for parole after serving two-thirds of his sentence, writes Mandiner. Kovacs himself was not present at the trial and is now in Moscow. The essence of the accusation was that in the period from 2012 to 2014, Kovacs regularly met with representatives of the Russian intelligence services and gave them information, including on energy issues, elections to the European Parliament and the internal political situation in Hungary. The goal was “to create an openly anti-European camp within the European Parliament, dismantle the institutions of the European communities from within and give priority to Russian interests,” the court concluded. During the meetings, Kovacs discussed with the Russian intelligence officer Gazprom, EU sanctions, the situation in Ukraine and many other issues. At the same time, the court of first instance in 2020 found that Kovacs had access only to publicly available information and, by sharing it, “helped the interests of Russia, but did not harm the interests of the EU”, which is why he cannot be accused of espionage. Already during the appeal, the jury found that in 2014 Kovacs shared classified information about EU energy policy with Russian intelligence.”
61. Suspected Ex-SBU Officer Arrested for Spying in Moscow, Russia
On September 28th Kommersant reported that “the Lefortovo Court of Moscow sent under arrest Ukrainian citizen Vladislav Krivoy, suspected of espionage (Article 276 of the Criminal Code of the Russian Federation). He will remain in custody until November 27, the court said. The press secretary of the court did not disclose the details of the case to Interfax, explaining that it was classified as “secret”. The maximum sentence for espionage is up to 20 years in prison. REN TV released an interview with Vladislav Krivoy in May. In the material, he was called a former agent of the Security Service of Ukraine (SBU). He said that he had worked in the SBU since 2014. According to him, he was “forced to collect information about the location of Russian military equipment.”.”
62. Britain’s Dirty Business in Bolsonaro’s Brazil
The Declassified UK published this article on September 29th. It says that “as Brazil goes to the polls, we look at Britain’s secret dealings with president Jair Bolsonaro and the Brazilian far right. UK officials have long had their eye on the country’s economic resources, including its oil and gas reserves.” Among others, the article states that “the documentary was released shortly before Brazilians go to the polls on 2 October, with former president and Workers’ Party (PT) candidate Luiz Inácio Lula da Silva the frontrunner. Concerns are mounting over whether Bolsonaro would accept electoral defeat if he were to lose the vote. While the documentary airs voices which are critical of the Bolsonaro regime, it omits a crucial detail of clear interest to the British public — the UK government’s secret dealings with the Bolsonaros. Documents obtained via the Freedom of Information Act offer details of UK collaboration with Brazil’s far right, and show how Bolsonaro’s Brazil has represented an opportunity for British business.”
63. Podast: Former CIA Officer: Who Blew Up the Nord Stream Pipelines: Part I
On September 30th former United States CIA officer Brad Johnson published an 11-minute long video (part 1) covering the Nord Stream pipelines sabotage. As per its description, “on 27 September, explosions disabled the natural gas pipelines running from Russia to Germany. Europe already faces major energy issues and winter is coming. Brad Johnson discusses who would most benefit from this sabotage. Part II to follow.”
64. Austria: Allies Remain Wary of Omar Haijawi-Pirchner’s Reformed Intelligence Service
Intelligence Online published this article on September 30th stating that “Vienna is still known as the “city of spies”, despite the Austrian authorities’ attempt to completely overhaul the country’s intelligence service, which is headed by Omar Haijawi-Pirchner. The service has long been associated with counter-espionage operations against the Russian services, and its European and American counterparts remain unconvinced by its efforts to reform.”
65. United States NRO Completed Launch 91 of Spy Satellite
On September 24th the United States National Reconnaissance Office (NRO) successfully launched NRO Launch mission 91 (NROL-91). According to Wikipedia, the payload was the KH-11 19 electro-optical surveillance satellite.
66. Iran Indicts 14 Over Killing of Its Top Nuclear Scientist Blamed on Israel
The Times of Israel reported that “fourteen people have been indicted in connection with their alleged roles in the 2020 killing of a top nuclear scientist in an attack Tehran has blamed on Israel, an Iranian state news agency said Monday. According to the report by the Islamic Republic News Agency, the 14 were charged on a number of counts, including “corruption on earth, contribution to intelligence and espionage for the Zionist regime, collusion aimed at disrupting Iran’s security, and endangering the Islamic country’s security.” There were no details given on the identity of the 12, including their nationalities. Iran frequently arrests, jails and executes individuals it accuses of spying for foreign nations, without offering proof. Iran has blamed Israel for killing its top nuclear scientist, Mohsen Fakhrizadeh, with a remote-controlled machine gun while he was traveling in a car outside Tehran.”
67. Turkish Intelligence Received 60K Citizen Tips in First 8 Months of 2022
On September 26th the Turkish Minute reported that “more than 60,000 people in Turkey provided information concerning threats to national security to the country’s National Intelligence Organization (MİT) in the first eight months of 2022, the Ankara Gazetecisi news website reported over the weekend. Under a section titled “How you can help” on the official MİT website, citizens are urged to share any information regarding threats to national security together with their name, phone number, e-mail address and residence or business address. Citing website statistics, Ankara Gazetecisi reported that 6,721 tips were received in September 2021, increasing to 9,180 in July 2022 and 11,013 last month –- the highest in the past year. A total of 150,807 people visited the website in August, one of the lowest figures in the past year, Ankara Gazetecisi also said, adding that 296,316 visited in April 2022 and 340,492 in October 2021, during periods when the website was visited the most.”
68. The Tale of the Disgruntled CIA Officer Who Sold Classified Information to Retaliate for a Dying Career
Former United States CIA veteran Christopher Burgess published this article saying that “to those who knew him, Douglas Groat was a talented technical support officer within the Central Intelligence Agency who was involved in some interesting operations in support of the Agency’s mission abroad. He also broke trust with his nation when he shared classified information with multiple governments in retaliation for his having his career parked after he had made a complaint to the CIA’s inspector general and for attempting to extort half a million dollars from the CIA. He was ultimately arrested, accepted a plea deal, and then sentenced to five years in prison on September 27, 1998.”
69. France — Autopsies of Stars: Philippe de Dieuleveult Executed? These Chilling Details About the Death of the Host of The Treasure Hunt
The French CloserMag published this article on September 28th. It says that “it was August 6, 1985, yet the death of host Philippe de Dieuleveult still remains a mystery. Back to a so-called accident that raises questions. Philippe de Dieuleveult had several lives and, according to rumours, he also had several deaths. The one who is best known for his role as host of the program La Chasse aux Trésors between 1981 and 1985 for Antenne 2 had a parallel activity: that of reserve captain of the General Directorate of External Security, also known as the name of DGSE. This role of reservist within the French intelligence services has been at the origin of some hypotheses but to date, the truth about the death of journalist Philippe de Dieuleveult has still not emerged.”
70. US Naval Institute: Cyber & Disinformation Panel Discussion
The United States Naval Institute published this 1-hour long recording of a panel discussion. As per its description, “join the U.S. Naval Institute at the Jack C. Taylor Conference Center Thursday, 29 September at 10:30 am for a discussion about the role that cyber threats and disinformation play in current events. Moderator: Dr. Fiona Hill is Robert Bosch Senior Fellow at the Center on the United States and Europe in the Foreign Policy program at the Brookings Institution, and former deputy assistant to the president and senior director for European and Russian affairs on the National Security Council. Her most recent book is There is Nothing for you Here: Finding Opportunity in the 21st Century. Dr. Bilyana Lilly is the geopolitical risk lead at the Krebs Stamos Group and has previously worked as a cyber manager at Deloitte and as a cyber expert for the RAND Corporation. Her most recent book is Russian Information Warfare: Assault on Democracies in the Cyber Wild West. Dr. Martin Libicki is the Maryellen and Richard Keyser Chair of Cyber Security Studies at the U.S. Naval Academy. His work involves the national security implications of information technology, notably as it pertains to cybersecurity and cyberwar. He is the author of Cyberspace in Peace and War, Second Edition. This event will take place at the U.S. Naval Institute’s Jack C. Taylor Conference Center, which is located on the grounds of the U.S. Naval Academy.”
71. Israeli Firm to Sell Social Media-Tracking Software to Orban’s Hungary
On September 28th the Times of Israel reported that “an Israeli technology firm is poised to sell software for mapping and tracking social media activities to Hungary, a senior official in the company told The Times of Israel’s Hebrew sister site Zman Yisrael. The Avnon Group, a high-tech conglomerate based in the Tel Aviv suburb of Kfar Saba, will provide Budapest with technology that will allow the government to track online discourse and analyze and understand public opinion, the senior official said. Avnon Group does not know for what specific purpose the Hungarian government wants the software beyond its general interest in tracking public opinion, according to the official. However, the official assumed that the Hungarian government’s interest in the technology stems from the growing social and political tensions in Hungary over Russia’s invasion of Ukraine and the entrance of tens of thousands of Ukrainian refugees into the country, some of them illegally. Hungary in recent years has faced growing criticism of its human rights abuses, particularly against LGBTQ people and women, as well as the country’s Roma minority. Budapest has also been accused of using the Israeli NSO Group’s powerful Pegasus software to hack and monitor the phones of journalists, politicians and human rights activists.”
72. Turkish MIT Captures 19 ISIS Terrorists in Syria
QHA reported on September 30th that “the National Intelligence Organisation (MIT) carried out an operation by the security forces of the Free Syrian Army (FSA) within the scope of Operation Euphrates Shield and Operation Peace Spring. As a result of the meticulous work carried out by the MIT, 19 DEASH terrorists were neutralised, one of whom was a member of the separatist organisation. A large number of explosives, weapons and ammunition were seized in the area. The captured DAESH terrorists admitted that they carried out intensive reconnaissance activities against the Turkish Armed Forces (TSK) base areas and Turkish institutions in Syria, and that they attempted 4 actions against TAF vehicles in August and September.”
73. United States Space Force Surveillance Telescope Now Operational in Australia
On September 30th the DefenseNews reported that “a U.S.-built space-monitoring telescope that was moved from New Mexico to Western Australia is officially operational, according to Space Operations Command. The Space Surveillance Telescope was developed by the Defense Advanced Research Projects Agency and the Massachusetts Institute of Technology to locate and track debris in geosynchronous orbit, about 22,000 miles above the Earth’s surface. In 2013, the U.S. Department of Defense signed an agreement with Australia to move the telescope to the Southern Hemisphere to fill a coverage gap. SST was relocated from White Sands Missile Range, New Mexico, in 2017 and in 2020 captured its first images. Since then, the system has moved through a rigorous test program that culminated in today’s initial operations milestone. The Space Force expects the telescope to be fully operational next year. “With testing complete, the Space Surveillance Telescope will allow greater space domain awareness by providing ground-based, broad-area search, detection and tracking of faint objects in deep space,” Australia’s Department of Defence said in a Sept. 30 statement.”
74. Video: SpyCameras: The Soviet KGB’s Tochka Camera- Type A.
This week the SpyCameras YouTube channel published a new video. As per its description, “during the Cold War, this camera was the Soviet Union’s equivalent to the Minox subminature camera. Both have similar dimensions. Used by the KGB in the 1960s and 1970s for surveillance purposes, the camera could be used alone or in a body worn configuration. It is regularly shown to have been hidden behind the wearer’s tie, viewing through an adapted tie pin. Several versions exist. The camera shown is a model “A” which uses its own unique film cassettes (unlike the model “B” which can use Minox cassettes). The model “A” also has no viewfinder so that the camera can only be used while hidden. The casing has two clips attached top and bottom to assist with mounting in various concealments.
These concealments are known to have included a fake case for a pair of glasses used by the KGB, while the East German STASI used the camera hidden in a pair of gloves. When fully wound it can shoot about 20 exposures by just pressing the shutter button each time. Speeds: 1/10, 1/50, 1/150 and 1/400 sec. The type “A” has a frame counter on the rear of the casing. Frame size, 8 x 11 mm. Both models of camera use 9.5mm film.This model comes as part of a set in the original wooden box containing cased film cassettes, a film splitter and a winder. It was apparently factory sealed and unopened until 2015.”
75. Inside the Secret World of Human Intelligence Collectors at the ‘Interrogation Olympics’
On October 1st the Coffee or Die published this article reporting from the US Army’s 525th Expeditionary Military Intelligence Brigade about the, so called, “Interrogation Olympics.” As per the article, “for a week, human intelligence collectors — or “HUMINTers,” as they call themselves, members of the Army’s military occupational specialty 35M — interrogated notional detainees, compiled intelligence clues, and submitted reports in a first-of-its-kind competition dubbed the Interrogation Olympics. The interrogators came from as far away as San Diego and Boston to participate. Once at Bragg, the HUMINTers stuck to their five-person teams, mostly soldiers with the MOS of 35M or 35F, the latter known as all source analysts or intelligence analysts. Competitors ranged from privates just out of the schoolhouse to staff sergeants and warrant officers with hundreds of hours of live interrogation experience. Over the course of three days in August, Coffee or Die Magazine followed along as some of the Army’s most secretive soldiers put their skills to the test in a series of intelligence-collection field exercises, patrols, and interrogations.”
76. Podcast: Koncrete: 25 Year CIA Operative Explains the Future of Nukes & UFO’s — James “Mad Dog” Lawler
The Koncrete published a new over 2-hours long podcast episode. As per its description, “Jim Lawler was CIA officer for 25 years & a member of CIA’s Senior Intelligence Service (SIS-3) from 1998 until his retirement in 2005. He was a specialist in the recruitment of foreign spies, and he spent well over half of his CIA career battling the proliferation of weapons of mass destruction. Jim was chief of the A.Q. Khan Nuclear Takedown Team, which resulted in the disruption of the most dangerous nuclear weapons network in history.”
77. India’s Punjab Police Arrests Pakistani ISI-Backed Terrorist
On Saturday IDRW reported that “the Punjab Police on Saturday said it has arrested another operative of the ISI-backed terror module that was jointly handled by Canada-based gangster Lakhbir Singh alias Landa and Pakistan-based gangster Harvinder Singh Rinda. Director General of Police (DGP), Punjab, Gaurav Yadav said the accused has been identified as Harpeet Singh alias Har Sarpanch of village Jogewal in Forzepur. The arrest came eight days after the Counter Intelligence team led by Assistance Inspector General (Counter Intelligence) Jalandhar Navjot Singh Mahal had busted the module with the arrest of its two operatives — Baljit Singh Malhi and Gurbaksh Singh, both residents of Ferozepur.” And article also notes that “Canada-based Landa is considered to be the close aide of Pakistan-based wanted gangster Harvinder Singh alias Rinda, who had joined hands with Babbar Khalsa International (BKI), and they have close ties with the ISI.”
78. Danish PET: Protect Yourself from Espionage when Travelling
This week the Danish Security and Intelligence Service (PET) published this 2-page flyer in English with recommendations to counter espionage activities when travelling for work.
79. Somalia: Turkey’s Bayraktar TB2 Drones Join Offensive Against Al-Shabab
The Middle East Eye reported on October 1st that “the much-coveted Turkish Bayraktar TB2 drone has joined Somalia’s offensive against the insurgent group al-Shabab, in an escalation seen by Somali analysts as highly significant to the war’s trajectory. Somalia’s federal government last week confirmed reports that the armed drones produced by Turkish company Baykar, which has ties to President Recep Tayyip Erdogan’s family, are now active in Somalia, where US drones have been carrying out strikes against al-Shabab for years. Speaking in a town hall discussion, Somalia’s newly appointed interior minister, Ahmed Malim Fiqi, said Turkey’s drones are providing aerial combat and military reconnaissance to neutralise one of Africa’s deadliest militant groups amid a clan uprising against al-Shabab in central Somalia. “The US government is leading, and we really appreciate that they are providing air support and carrying [out] air strikes against the terror group… but the Turkish government has also joined the offensive and is providing air support. Many other countries are also providing intelligence-gathering support,” Fiqi said.”
80. Catalonia Promotes an International Declaration to Regularize Cyberespionage
On September 29th the Catalonian El Nacional reported that “Catalonia wants to be a pioneer in cybersecurity. The Catalan foreign minister, Victòria Alsina, has travelled to Switzerland to present the Geneva Declaration on Targeted Surveillance and Human Rights, a commitment promoted by the Catalan executive and the digital rights NGO Access Now, which addresses the international regulation of targeted surveillance technologies. As the minister explained in a joint presentation, the Catalan executive wants to declare Catalonia as the second territory in the world free of cyberespionage software, after Costa Rica. It was intended that Alsina would be accompanied this Thursday by Jordi Puigneró, as minister for digital policies, but his dismissal last night by president Pere Aragonès prevented the trip. “We have the task of putting this country on the cutting edge, to help overcome economic and social difficulties and make it free,” he wrote. The foreign minister thanked Puigneró for his work and stated her hope that the “the spirit of unity” of the 1st October would be recovered. Alsina participated this Thursday in the presentation of the so-called Geneva Declaration on Targeted Surveillance and Human Rights, a collective commitment to defend human rights in the digital age and promote the international regulation of targeted surveillance technologies, promoted jointly by the government of Catalonia and the NGO Access Now.”
81. Somalia’s Ex-Spy Chief Fahad Yasin Pays Tribute to Mogadishu Police Boss Farhan Qarole, Who Was Killed Yesterday in An Al-Shabaab-claimed Attack
On Saturday local media reported that “Somalia’s ex-spy chief Fahad Yasin pays tribute to Mogadishu police boss Farhan Qarole, who was killed yesterday in an Al-Shabaab-claimed attack. He sends condolences to his family, loved ones and the Somali public.”
82. Podcast: Spycraft 101: Thwarting Lenin’s Global Communist Plot with Giles Milton
On September 26th the Spycraft 101 published a new podcast episode. As per its description, “this week, Justin sits down with author and historian Giles Milton. A fellow of the Royal Historical Society in London, Giles has written 11 nonfiction books and three novels. Today, they focus on his book Russian Roulette to tell the story of the British MI6 spies who stopped Lenin from spreading the communism on a truly global scale after the Bolshevik Revolution.”
