SPY NEWS: 2022 — Week 50

Summary of the espionage-related news stories for the Week 50 (December 11–17) of 2022.

1. Rise of Open-Source Intelligence Tests U.S. Spies

The Wall Street Journal published this article on December 11th stating that “as Russian troops surged toward Ukraine’s border last fall, a small Western intelligence unit swung into action, tracking signs Moscow was preparing to invade. It drew up escape routes for its people and wrote twice-daily intelligence reports. The unit drafted and sent to its leaders an assessment on Feb. 16, 2022, that would be eerily prescient: Russia, it said, would likely invade Ukraine on Feb. 23, U.S. East Coast time. The intelligence shop had just eight analysts and used only publicly available information, not spy satellites and secret agents. It belonged to multinational chemicals company Dow Inc., not to any government. “I’m leading an intelligence center that accurately predicted the invasion of Ukraine without any access to sensitive sources,” said John Robert, Dow’s director of global intelligence and protection, whose unit helps the company manage business risk and employee safety. Supercharged by the Ukraine war, the rise of open-source intelligence, or OSINT, which comprises everything from commercial satellite imagery to social-media posts and purchasable databases, poses revolutionary challenges for the Central Intelligence Agency and its sister spy agencies, according to former senior officials who spent decades working in those agencies’ classified spaces. Dow is just one of a fast-growing number of companies, nonprofit groups and countries transforming publicly available data into intelligence for strategic and economic advantage. China has the largest, most focused effort, while U.S. spy agencies, with deeply ingrained habits of operating in the shadows, have been slow to adapt to a world in which much of what is important isn’t secret, according to dozens of officials and many studies.”

2. United States: NGA in Huntsville, Alabama — Geospatial Advantage 2022

On December 15th the United States National Geospatial-intelligence Agency (NGA) published this video. As per its description, “ICYMI NGA co-sponsored the first ever GeoAdvantage22 conference with GEOHuntsville! Leaders from the IC, academia, industry, and local community — including the Mayor of #Huntsville Tommy Battle — joined together to discuss “Why Where Matters.”.”

3. Russian SVR Announces Death of Georgy Zakharovich Sannikov

The Russian Foreign Intelligence Service (SVR) announced on December 12th that “he was 93 years old. The colonel of foreign intelligence began his career, which is hard to believe, back in 1944 — as a cadet of the Kyiv special school of the Air Force. But fate turned out in such a way that he did not go into pilots school at all. He entered the Faculty of Law and, after completing his studies, received an invitation to work in the state security. He is probably one of the last living who was chasing Bandera. He fought with them and with weapons in his hands, and in summary, with purely clandestine methods. Participated in operational radio activities. He sought to penetrate foreign centres where bandits were trained for sabotage work in the USSR. And here a special talent of espionage manifested itself. Sannikov not only arrested and punished. It is hard to believe, but it was the young lieutenant who managed to turn hardened enemies into his allies. This is not even called the word “recruitment”. Georgy Zakharovich knew how to find an approach to people. Inspire them with respect, build rapport, if not force them to renounce the past, then make it clear that the struggle against the Soviet regime is doomed to defeat and is fraught only with new bloody victims. He also drove those arrested to the Soviet cities that had risen from the ruins. He made it clear that the new life is wonderful, and serving time in Bandera underground burials is vile. It was he who managed to convert one of the last ideologists of the Bandera movement, Vasily Cook, to his faith. They tried to catch him since 1939, and took Kuka Sannikov in 1954. Georgy Zakharovich was a “German”. Having already come to foreign intelligence, he quickly learned the language and twice went on long business trips to Germany. They passed not without benefit to the cause. Sannikov was well acquainted with many West German politicians, who, as a result of meetings with a Soviet diplomat, sometimes even denied their past Russophobic views. After retiring, Georgy Sannikov took up his pen. Of course, books about the post-war past were the most successful. The best of them is “The Great Hunt”, where Colonel Sannikov shows step by step how the Bandera underground was broken up step by step, with huge sacrifices. He was a very nice and easy to communicate person. He disinterestedly shared his knowledge with those who were interested in the history of intelligence. He did not reproach writers for mistakes, but tactfully corrected them. He came to the presentations not only of his books, as is often the case, but also spoke with pleasure at the premieres of works by other writers. He spoke very figuratively, capaciously, clearly. It was a pleasure to listen to him. Georgy Zakharovich always spent his holidays in the Crimea. He joked that at least this way he could help the ancestral land. This already very middle-aged man was always ready to help in difficult moments, visiting each of us. And he did it sincerely, not for show. We recently spoke on the phone. Sannikov promised to be discharged from the hospital in two weeks. And today is gone forever.”

4. Hungary the Centre of Russian Espionage in the EU?

Politiko reported on December 12th that “in late November 2022, Ukrainian special forces arrested a Russian agent on the border with Hungary. This person had secret information to be sent to Hungary stored on a “USB” and hidden in his anus. It contained stolen personal information about the leaders and personnel of the Ukrainian intelligence service, the SBU and the military service, the GRU, as well as secret information about military bases, weapons and logistics of the Ukrainian army. As it became known later, this spy would deliver this information to the Russian embassy in Budapest. Journalist Szabolcs Panyi reported the arrest for the Balkan Insight portal. He has long researched Russian espionage activities in Hungary, and says he fears that Budapest could turn into a hub for Russian espionage in the EU. Currently, 50 accredited diplomats work in the Hungarian capital, while in Prague, Bratislava and Warsaw together no more than 20 people. “It is known that many agents work disguised as diplomats, as they enjoy immunity and are not allowed to be persecuted by the authorities of the host country,” says the journalist.”

5. CIA Operator’s War Story: Ambush in Pakistan (Part 2)

Following week 32, story #31 on December 11th, a former United States CIA operator from American Kinetix (AX) from the Special Activities Centre (SAC) shared the second part of his war story. As per its description, “the story of when CIA operator “John” and his teammate, US Navy SEAL “Tiny” slipped across the border into Pakistan’s lawless tribal area to do a job…but things didn’t turn out as planned.”

6. U.S. Says Working on ‘Next Steps’ to Secure Release of Whelan from Russia

Reuters reported on December 12th that “Biden administration officials will meet early Monday to discuss next steps in securing the release of former U.S. Marine Paul Whelan, who was jailed in Russia in 2020 on spying charges, President Joe Biden’s top hostage negotiator said on Sunday. Hostage affairs envoy Roger Carstens told MSBNC that the president and Secretary of State Antony Blinken were personally focused on the effort to free Whelan. He told CNN the administration could soon roll out fresh sanctions under a presidential executive order signed last summer. Biden on Thursday announced a prisoner swap involving American basketball star Brittney Griner, but was unable to secure the release of Whelan. Biden said Russia was treating Whelan’s case differently, but vowed never to give up. “We’re working hard. We’re coming up with different ways to do this. We will not fail this mission,” Carstens told MSNBC.”

7. Greece: Evidence for the Surveillance of Kostis Hatzidakis by the EYP Comes to Light

Following the revelations of the spying scandal of the last few weeks, local media reported on December 12th that “under the code name “Target 5046c”, the EYP spied on Minister Kostis Hatzidakis by issuing an intelligence report with whom, when and on what subject he speaks. The new evidence that comes to light “undermines” the Prime Minister’s claims in Parliament. The EYP’s “Surveillance Report” for “Target 5046c, Kostis Hatzidakis” comes to light causing the release of a report for the political scene with ping-pong announcements, but also a report of dangerous phenomena for Democracy and society, which now, and let it be relegated as a fact to the opinion polls, it worries about the issue of surveillance, the functioning of institutions, the protection of rights, but also the prevailing political practices, the morals and intentions of some of those who already have the mandate or claim to represent the people and to work in their interest. The newspaper Documento published evidence that EYP has been spying Minister for Labour and Social Affairs Kostis Hatzidakis since November 2020 and for at least a year. The reason it was decided that the minister should be placed under surveillance, according to the article, is the fact of his frequent and close contacts with businessmen.”

8. Spy Collection: NSA 2010 Christmas Ornament

On December 11th we published this video with its description saying that “every year the United States National Security Agency (NSA) produces a unique ornament. This is the one from 2010, which was also the year that The Washington Post uncovered one of the largest NSA surveillance programmes along with NSA’s newly developed processing centre in Salt Lake City, UT.”

9. Canada: RCMP Foreign Interference Investigators Visit B.C. Friendship Society

The Global News reported on December 11th that “RCMP national security officers investigating China’s foreign interference activities in Canada were at the headquarters of a Richmond, B.C. non-profit group on Saturday. The RCMP’s Integrated National Security Enforcement Team conducted interviews at the Wenzhou Friendship Society and in the surrounding neighbourhood. At least a half-dozen officers canvassed the area. They declined to comment, but residents said police asked them whether they had seen anyone wearing uniforms, or witnessed suspicious activity. The police action was part of a wider probe, also underway in Toronto, into a Chinese government campaign that uses threats and coercion against community members, said a source close to the investigation.”

10. Turkey’s Bounty Offer to Hunt Down Erdoğan Critics Entices Informant Network Abroad

On December 12th the Nordic Monitor published this article concluding that “there are no updated official statistics on how many were informed on by this network. But according to an October 2016 statement issued by the Turkish police, the tips it received on Gülenists had totaled 40,000 in three months, overwhelming the police department. Critics profiled by the government are subject to surveillance by agents of Turkish intelligence agency MIT abroad and are often denied consular services such as power of attorney and birth registry as well as having their passports revoked. Their assets in Turkey are seized and their family members at home risk criminal charges. The Erdoğan government brands all of its critics as terrorists, and more than 100 journalists are currently locked up in Turkish prisons on terrorism charges, making Turkey one of the world’s leading jailers of journalists. Over 30 percent of all Turkish diplomats, 60 percent of all senior police chiefs, half of all military generals and some 30 percent of all judges and prosecutors in Turkey were also declared terrorists overnight in 2016 by the executive decisions of the Erdoğan government without any effective administrative investigations and certainly without any judicial proceedings.”

11. North Korean Cyber Spies Deploy New Tactic: Tricking Foreign Experts into Writing Research for Them

Reuters reported on December 12th that “when Daniel DePetris, a U.S.-based foreign affairs analyst, received an email in October from the director of the 38 North think-tank commissioning an article, it seemed to be business as usual. It wasn’t. The sender was actually a suspected North Korean spy seeking information, according to those involved and three cybersecurity researchers. Instead of infecting his computer and stealing sensitive data, as hackers typically do, the sender appeared to be trying to elicit his thoughts on North Korean security issues by pretending to be 38 North director Jenny Town. “I realized it wasn’t legit once I contacted the person with follow up questions and found out there was, in fact, no request that was made, and that this person was also a target,” DePetris told Reuters, referring to Town. “So I figured out pretty quickly this was a widespread campaign.” The email is part of a new and previously unreported campaign by a suspected North Korean hacking group, according to the cybersecurity experts, five targeted individuals and emails reviewed by Reuters. The cybersecurity experts suspect the hackers are targeting people who are influential in foreign governments to better understand where Western policy is headed on North Korea.”

12. Lockerbie Plane Bombing Suspect Taken into U.S. Custody — Says He Was Ordered by Libyan Intelligence

Reuters reported on December 12th that “a Libyan man accused of making the bomb that killed 270 people after it blew up Pan Am flight 103 over Lockerbie in Scotland in 1988 is in custody in the United States, Scottish and U.S. law enforcement officials said on Sunday. Abu Agila Mohammad Mas’ud Kheir Al-Marimi was taken into custody about two years after former U.S. Attorney General Bill Barr first announced the United States filed charges against him.” The article notes that “court documents described Mas’ud as an expert bombmaker who joined Libya’s External Security Organization intelligence service in the 1970s and took part in a number of operations outside Libya, reaching the rank of colonel” as well as that “Mas’ud also told the interviewer he was involved in other similar plots, and said the bombing was ordered by Libyan intelligence leadership. He also said former Libyan leader Muammar Qadaffi, who was killed by rebels in October 2011, “thanked him and other members of the team for their successful attack on the United States.” The agent who filed the statement said the FBI was able to corroborate Mas’ud’s confession through the course of its investigation.”

13. United Kingdom: Northern Ireland Troubles: Threat to Censor Report into IRA Spy Stakeknife

The Times reported on December 12th that “a censorship clash is looming in Whitehall over the publication of a report into one of the most controversial episodes of the Northern Ireland Troubles. Intelligence agencies are seeking powers to block parts of the report from Operation Kenova, set up to investigate the role of Stakeknife, Britain’s most significant undercover agent in the IRA, before it is published in the new year. But the report’s author, former Chief Constable Jon Boutcher, said he would resist any attempt by government agencies “to amend or suppress unwelcome findings or conclusions”. Stakeknife was the codename for Freddie Scappaticci, 76, former head of the IRA’s internal security unit, the so-called Nutting Squad, and has been implicated in dozens of cases of murder, torture and kidnapping.”

14. Spy Collection: Chinese MSS 2014 Cyber Espionage on Japanese Monju Nuclear Power Plant

On December 12th we published this new video. As per its description, “in January 2014 a cyber espionage operation took place at the Monju Nuclear Power Plant of Japan. Later on, experts attributed it to China’s Ministry of State Security (MSS). The operation used a software supply-chain attack targeting the GOM Player of South Korea to infiltrate the power plant.”

15. The Autocrat in Your iPhone: How Mercenary Spyware Threatens Democracy

On December 12th Foreign Affairs published this article starting by saying that “in the summer of 2020, a Rwandan plot to capture exiled opposition leader Paul Rusesabagina drew international headlines. Rusesabagina is best known as the human rights defender and U.S. Presidential Medal of Freedom recipient who sheltered more than 1,200 Hutus and Tutsis in a hotel during the 1994 Rwandan genocide. But in the decades after the genocide, he also became a prominent U.S.-based critic of Rwandan President Paul Kagame. In August 2020, during a layover in Dubai, Rusesabagina was lured under false pretenses into boarding a plane bound for Kigali, the Rwandan capital, where government authorities immediately arrested him for his affiliation with an opposition group. The following year, a Rwandan court sentenced him to 25 years in prison, drawing the condemnation of international human rights groups, the European Parliament, and the U.S. Congress. Less noted at the time, however, was that this brazen cross-border operation may also have employed highly sophisticated digital surveillance. After Rusesabagina’s sentencing, Amnesty International and the Citizen Lab at the University of Toronto, a digital security research group I founded and direct, discovered that smartphones belonging to several of Rusesabagina’s family members who also lived abroad had been hacked by an advanced spyware program called Pegasus. Produced by the Israel-based NSO Group, Pegasus gives an operator near-total access to a target’s personal data. Forensic analysis revealed that the phone belonging to Rusesabagina’s daughter Carine Kanimba had been infected by the spyware around the time her father was kidnapped and again when she was trying to secure his release and was meeting with high-level officials in Europe and the U.S. State Department, including the U.S. special envoy for hostage affairs. NSO Group does not publicly identify its government clients and the Rwandan government has denied using Pegasus, but strong circumstantial evidence points to the Kagame regime. In fact, the incident is only one of dozens of cases in which Pegasus or other similar spyware technology has been found on the digital devices of prominent political opposition figures, journalists, and human rights activists in many countries. Providing the ability to clandestinely infiltrate even the most up-to-date smartphones — the latest “zero click” version of the spyware can penetrate a device without any action by the user — Pegasus has become the digital surveillance tool of choice for repressive regimes around the world. It has been used against government critics in the United Arab Emirates (UAE) and pro-democracy protesters in Thailand. It has been deployed by Mohammed bin Salman’s Saudi Arabia and Viktor Orban’s Hungary.”

16. Iran: Renewal of the 10-Year Prison Espionage Sentence for Two Bahai Women

This is a follow up from week 31 story #19. On December 12th France24 reported that “representatives of the Bahai community at the United Nations reported Sunday that an Iranian court has again sentenced two prominent Bahai figures to 10 years in prison, as part of a crackdown on the largest non-Muslim religious minority in the Islamic Republic. The court imposed a 10-year prison sentence on Mahvash Thabet, 69, and Fariba Kamalabadi, 60, who had previously served a similar sentence, after an hour-long trial on November 21, according to a statement by the Bahai International Community. The two women were arrested in late July at the start of a new campaign against the Bahais, who are estimated to number 300,000 in Iran. Although the Islamic Republic recognises minorities from religions other than Islam, including Christianity, Judaism, and Zoroastrianism, this recognition does not include the Baha’i faith. “It is very sad to learn that these two Bahai women have been imprisoned again for 10 years on the same ridiculous charges,” said Simin Fahandij, Representative of the Baha’i Community to the United Nations in Geneva. “Words fail to describe this senseless and cruel injustice,” she added. The Bahai community indicated that it was not immediately clear what the charges against the two women were related to national security, but in August the Iranian Ministry of Intelligence announced the arrest of Bahais on suspicion of spying for Israel and working illegally to spread their religion.”

17. Poland: ABW’s Statement on Tomasz L. Espionage Case

Following week 12 story #25, week 13 story #9, and last week’s story #87, on December 12th the Polish Internal Security Agency (ABW) issued this press release saying that “the investigation into this case, conducted jointly by the Internal Security Agency and the National Prosecutor’s Office, is multi-threaded and classified. Intensive investigative activities are continued to clarify and investigate all circumstances surrounding Tomasz L.’s activities and his cooperation with Russian intelligence. The material collected so far indicates that Tomasz L., working in the Archive Department of the Registry of Civil Status in the Registry Office of the capital city of Warsaw, collaborated with Russian intelligence, which is a serious crime. L.’s official duties, under which he had access to the collections of the Registry Office Archives and the collections of the Central Archives of Historical Records and the State Archives of the capital city of Warsaw, made his cooperation with the Russian services a serious threat to the internal and external security of the Republic of Poland. For several days, the case of Tomasz L. has been commented on by the media and participants in the public debate. Due to the nature of the investigation and the fact that the investigation is still ongoing, it is not possible to refer to press publications and theses made as part of journalistic, political or journalistic activity at the moment. The activities of the Internal Security Agency and the Prosecutor’s Office are focused on collecting and analysing evidence and searching for new threads in this case. Giving a political character to the investigation against Tomasz L. is harmful to the ongoing activities and may have negative consequences for the security of the state. The currently formulated expectations regarding access to information and materials of the services and the prosecutor’s office are contrary to the applicable legal regime, the observance of which is crucial for a reliable and full investigation of Tomasz L.’s actions against the security of the Republic of Poland. Public digressions in this matter bear the hallmarks of a political struggle and may have a negative impact on the investigation into the espionage activities carried out by Tomasz L. It should be recalled that his activity is part of Russia’s hostile activity against Poland.”

18. Podcast: Spycraft 101: The Most Dangerous Year on Earth with Brian Morra

On December 12th Spycraft 101 published this podcast episode. As per its description, “this week, Justin chats with author and Air Force intelligence veteran Brian Morra. Brian was an intelligence officer in the US Air Force and Air Force Reserve for 15 years before shifting his focus to the aerospace and defense industry, where he spent many years managing intelligence programs. Brian finally retired as a senior Vice President at the end of 2016 and began writing his debut novel. Today, we focus on a pivotal event that took place 1983, what some historians call the most dangerous year on Earth. This a little-known Soviet fiasco brought the world to the brink of nuclear war. Brian’s book, The Able Archers, covers this event and his real experience as a young intelligence officer dealing with its repercussions in real time.”

19. APT42 Profile: Iranian Cyber Espionage Group

On December 12th the private cyber security firm SOCRadar published this analysis stating that “recently, in July 2022, the Iranian threat actor APT42 conducted a cyber-attack against the Albanian government. In September 2022, Mandiant released a report detailing the APT42 with at least 30 confirmed cyber espionage operations dating back to 2015. APT42 -also known as Crooked Charms and TA453– is a cyber espionage group linked to Iran. The group is allegedly affiliated with the Islamic Revolutionary Guard Corps (IRGC) Intelligence Organization (IRGC-IO) and operates behalf of them. The group seems mainly focused on spearphishing attacks, which is a type of phishing attack targeting individuals or organizations known as high-profile or in a specific role — using impersonation to look like a trusted person during its attacks separates the group from other Iranian APT groups.”

20. Ukrainian SBU Detained 3 Female Russian Agents in Donetsk Region

On December 12th Ukraine’s Security Service (SBU) announced that they “neutralised Russian agents that were adjusting rockets at schools and maternity homes in Donetsk region. The perpetrators gathered intelligence about the deployment and movement of units of the Defence Forces in the territory of Bakhmut and Toretsk. In addition, the locations of electrical substations and social facilities, including schools, maternity homes and student dormitories, were handed over to the enemy. The occupiers planned to use the received information to prepare and carry out targeted missile strikes on Ukrainian cities. However, the SBU officers worked ahead of time — promptly exposed and documented the criminal activity and detained the members of the Russian intelligence network. Among those detained are three local women who were recruited by the Russian-controlled MDB DNR after the start of a full-scale invasion. They received Russian passports, which they planned to use to travel to the aggressor country in the event of successful completion of enemy missions. To collect intelligence, the agents personally went around the territory of populated areas and marked them on digital maps. Then the received information was passed on to their “liaison”, who is in the temporarily captured Horlivka. And he “reported” that to the handler of the spy network. He turned out to be the deputy head of the local “MDB “DNR” controlled by the Russian Federation. For communication, they used an anonymous internet communication channel that had been developed in advance. It was through him that the agents sent the coordinates of Ukrainian sites with photo and video recording materials and a detailed description. During searches of the locations of the perpetrators, law enforcement officers discovered: 1) ️computer equipment and mobile phones with evidence of conspiratorial correspondence with the enemy; 2) ️passports of the Russian Federation”

21. Podcast: Spycraft 101: The Life of a Cuban-Born CIA Shadow Warrior with Ric Prado

Spycraft 101 published a new podcast episode on December 12th. As per its description, “Enrique “Ric” Prado joined the Central Intelligence Agency in 1980 after serving in the Air Force. His first posting was as a paramilitary officer to Honduras, where he helped train and prepare the Nicaraguan Contras to take back their country from the Sandinista government which had overthrown the previous regime in 1979. There, he formed a team of combat divers and saboteurs, drawn from the ranks of the indigenous Miskito lobster divers who lived and worked on the Pacific coastline. He also worked closely with Luis Moreno, aka Commander Mike Lima, my guest for episode 34 of the podcast. For the next 24 years, Prado was stationed all over the world, moving from one hot spot to the next. But his close proximity to chaos and revolution began even earlier, when he was a young boy in Cuba. There, the revolution came literally to his doorstep when a firefight broke out on the street outside his home. His family was able to escape Cuba after Fidel Castro seized power, leaving behind everything they owned in the process and starting over from scratch in South Florida. Prado rose from a paramilitary officer all the way to the CIA’s Counter Terrorism Center. He retired in 2004 after one final posting to a still-unnamed foreign country. For episode 49 of the Spycraft 101 podcast, I spoke with Ric about his experiences in Central America, Asia, Africa, and elsewhere, both as a paramilitary officer and later as a case officer, and the lessons he learned along the way.”

22. In a Wary Arctic, Norway Starts to See Russian Spies Everywhere

DNYUZ reported on December 12th that “in hindsight, some things just didn’t add up about Jose Giammaria. For one, the visiting researcher at the University of Tromsø, in Norway’s Arctic Circle, was ostensibly Brazilian. But he couldn’t speak Portuguese. Then there was the fact that he self-funded his visit, an oddity in academia, and even planned to extend it — yet he never talked about his research. But he was always helpful, even offering to redesign the home page for the Center for Peace Studies, where he worked. That was until Oct. 24, 2022, when Norway’s security police, the PST, arrived with a warrant to search his office. Days later, they announced his arrest as a Russian spy, named Mikhail Mikushin. The revelation sent a chill through campus, said Marcela Douglas, who heads the Center for Peace Studies, which researches security and conflict. “I started to see spies everywhere.” So is Norway, and much of the rest of Europe, too. As the war in Ukraine bogs down and Moscow’s isolation increases, European nations have grown wary that a desperate Kremlin is exploiting their open societies to deepen attempts at spying, sabotage and infiltration — possibly to send a message, or to probe how far it could go if needed in a broader conflict with the West. Mr. Mikushin is one of three Russians recently arrested in Europe on suspicion of being “illegals” — spies who embed in a local society for long-term espionage or recruitment. In June, an intern at the International Criminal Court, also with a Brazilian passport, was arrested in The Hague and charged with spying for Russia. In late November, a Swedish raid caught a Russian couple accused of espionage.”

23. UK: Cambridge University’s Course for Spooks

Declassified UK published this article on December 13th saying that “a former MI6 chief and an ex-CIA officer are offering a programme for budding intelligence practitioners at Magdalene College, Cambridge — one of several UK universities with links to British intelligence. The Cambridge Security Initiative (CSI), an organisation founded and chaired by Sir Richard Dearlove — the former chief of the Secret Intelligence Service, known as MI6 — is advertising a course on spycraft run at Magdalene College, Cambridge. The four-week course, to be held next summer and called the International Security and Intelligence Programme, addresses “various mechanisms of intelligence collection, analysis and dissemination, counter-intelligence and covert operations” as well as “cyber and information operations”. It is co-convened by Professor David Gioe, who is the CSI’s director of studies and also an associate professor at West Point — the US military academy — and a fellow at the US Army Cyber Institute. Gioe spent over two decades working in the US intelligence community, including roles in the FBI, CIA, Defence Intelligence Agency (DIA), and the Office of Naval Intelligence. He worked as a CIA officer for nearly 10 years from 2001 to 2011, and was involved in “political and terrorism analysis as well as counterintelligence, overseas clandestine operations, and covert action”.”

24. Ukraine’s Secret Weapon Is Ordinary People Spying on Russian Forces

The Wall Street Journal published this article on December 14th stating that “locals helped Ukraine target troops occupying Kherson, highlighting one of Kyiv’s advantages in the war. During Russia’s occupation of the southern Ukrainian city of Kherson, a large electronics store served Russian forces as a field hospital, barracks and storehouse for food. One morning last summer, Ukrainian forces struck the store, completely destroying it. It was one of numerous attacks that day on Russian-controlled territory deep inside the Kherson region.”

25. Podcast: Team House: US Army Intel Case Officer & Editor of SpyTalk — Jeff Stein

The Team House published a new podcast episode on December 17th. As per its description, “Jeff Stein is the editor-in-chief of SpyTalk, a newsletter covering U.S. intelligence, defense and foreign policy, on the Substack platform. Previously, he was the SpyTalk columnist (and national security correspondent) at Newsweek, and before that, the SpyTalk blogger at The Washington Post. From 2002 to 2009, he was the founding editor of CQ/Homeland Security, and later national security editor at Congressional Quarterly, where he first launched his SpyTalk column. He had already covered the spy agencies and national policy topics for decades. He has also written three books and hundreds of news articles, opinion pieces and book reviews for a wide array of magazines and newspapers. He has also made numerous television and radio appearances.”

26. Switzerland: No License for Hunting Cyber Spies: The Intelligence Service Has Been Working Illegally for Years

The Swiss NZZ reported on December 12th that “an investigative report shows how the intelligence service processed technical data for years without authorisation. The leadership has failed. Now the whole intelligence service is being reorganised. When intelligence officers hunt down cyber spies on the internet, they need to share information. The Federal Intelligence Service (FIS) has also evaluated such technical data for years in order to discover and ward off foreign espionage. The FIS would actually have had to obtain a special permit for this each time, which it did not do. The FIS has thus violated the statutory provisions. This is the conclusion of former federal judge Niklaus Oberholzer, who presented the results of his investigation on Monday. According to the summary, the Cyber ​​Department of the FIS had “illegally procured and processed data” for years. The Defence Department classified the ninety-page investigation report itself as secret and did not publish it. At the same time, Oberholzer puts the misconduct of FIS into perspective. The information was not personal data that was particularly worthy of protection, but peripheral data of telecommunications traffic. The data were also analysed purely technically. It was not about surveillance of individuals. This corresponds to the logic of technical indicators that are exchanged worldwide between IT security companies, intelligence services or internet providers. These are often IP addresses or domain names of the servers that spies or criminals use for their cyber attacks. These servers can then be monitored, for example, to obtain more information about the actions of the perpetrators or to identify the victims.” Here you can find the official report.

27. France: New DGSI Technical Director Philippe Chose Thrown Headfirst into French Cyber Rivalries

Intelligence Online reported on December 16th that “the French domestic intelligence agency’s new technical director will need to navigate the assorted cyber ambitions within France’s intelligence apparatus, including those of his former employer, the French administration’s interceptions service.”

28. Google TAG Bulletin Q4 2022

On December 16th Google’s Threat Analysis Group (TAG) published their Q4 2022 bulletin. It covers coordinated online influence operations Google terminated in October and November 2022. Those were linked to Brazil, Russia, China, Iran, Azerbaijan, Colombia, and Argentina.

29. United States: Time to Revive the 1995 Act that Called for Abolishing the CIA

Former CIA Analyst and Case Officer John Kiriakou published this article on the Covert Action Magazine on December 16th. It concludes that “the CIA endures by making the nation feel safer because tens of billions of dollars are expended thrashing around to outfox the future. Secret intelligence activities, simpliciter, have a placebo effect. The intellectual fraud persists shielded by layers of secrecy. And those on the inside who know have a conflict of interest in exposing the pointlessness of their well-paid handiwork. If this weren’t true, how and why did the CIA get wrong the analysis throughout such notable events as the Berlin crisis, the Mossadegh government in Iran, again, the Suez Crisis, the Vietnam War (with the notable exception of Sam Adams), the fall of the Shah of Iran and the ensuing hostage crisis, the Contra war, the fall of the Soviet Union, and even the threat of al-Qaeda’s terrorism right here on American soil? For those who argue that the abolishment of the CIA would create an unacceptable intelligence gap and security risk, one only needs to point out that the U.S. government has another 18 intelligence agencies spanning the State Department and Pentagon to the uniformed services, to the Energy, Commerce, and Treasury Departments, and even the Coast Guard. We can have a separate conversation about abolishing some or all of those, too. But in the meantime, abolishing the CIA and its functions would strengthen the national security, not weaken it. But who on Capitol Hill has the courage to say it? Who will blurt out like the child, “the Emperor has no clothes”?”

30. Indian Cyber Espionage Operation Targeting Pakistani Ministry of Defence

On December 14th cyber threat intelligence researcher Jazi discovered and disclosed technical indicators of an active cyber espionage operation attributed to an actor dubbed as SIDEWINDER, previously associated with the government of India. The operation involved a lure document titled “Notification No. MoDP 4346.zip” impersonating the Ministry of Defence Production of Pakistan, which, if opened, was covertly installing a custom cyber espionage software implant.

31. Ukrainian SBU Detained Russian Agent in Odessa

On December 13th Ukraine’s Security Service (SBU) announced that they “detained another agent of the Russian intelligence services as a result of counter-subversive measures in the south of Ukraine. Digital maps with the “targets” of enemy airstrikes on the Black Sea coast of Ukraine were found on his phone. The agent had contacts with the headquarters of the Russian private military company “Wagner” and the Moscow riot police (a special unit of the Russian Guard, which takes an active part in the war against Ukraine) were also exposed. It was established that an enemy henchman was gathering intelligence about the combat positions of the Armed Forces of Ukraine on the territory of Odessa. First of all, he was interested in the places of deployment and features of camouflage of Ukrainian coastal defence units. In addition, he tried to establish the estimated number of personnel, weapons and military equipment involved in the protection of the coastal zone of the regional centre. Intelligence was needed by the aggressor to plan, prepare and carry out targeted missile strikes on the city infrastructure. However, the SBU thwarted the plans of the occupiers. Officers of the Ukrainian intelligence service timely exposed the enemy agent, documented his criminal actions and detained him while trying to transfer classified information to Russia. According to the investigation, the traitor turned out to be a local resident who was recruited by the Russian intelligence services after the start of the full-scale invasion. He came to the attention of the occupiers due to his destructive activity in social networks, where he called for support for armed aggression against Ukraine and justified the war crimes of the Rashists. In order to gather intelligence, the agent personally went to the “locality”, surreptitiously observed Ukrainian sites and photographed them. The received data was sent to the enemy in the form of labels on digital maps with a detailed description of the surrounding territory.”

32. Greek Police Raid Israeli Spy Offices

On December 15th El Balad reported that the “Greek police raided the Athens offices of the Israeli company Intellexa, which owns the Predator spyware, and the homes of the company’s executives in the country. This follows the wiretapping scandal that has engulfed the country’s intelligence services in the past several months. The company “Intellexa” operates in Greece, and its owner is “Tal Dilian”, the former head of the secret Israeli intelligence agency known as Unit 81, where “Intellexa” operates in dozens of countries, and sells spyware to the highest bidder. Last October, the first lawsuit was filed against Intellexa in Greece, demanding a criminal investigation into the company. An investigation by the European Parliament this year said that “Israeli-made spyware” was widely used in Greece against the country’s political class, describing it as “a major problem for democracy and the rule of law”.”

33. Podcast: You Only Live Twice — Ex-KGB Agent Talks

On December 12th the “Detox Show with Lee Dawson” published a new interview/podcast episode. As per its description, “Lee grabbed half an hour with Robert De Casares, ex KGB and MI6 double agent. Robert shares some insight to the real world of espionage and his extremely well informed views on the current state of geo politics, the war in Ukraine, science and global agendas. In his opinion WW3 is already in full flow. Now retired, Robert is a successful author of four books.”

34. Turkey Arrests 7 on Charges of Espionage on the Palestinians for the Mossad

On December 15th Zaman Arabic reported that “a Turkish court has charged seven of the 44 people arrested on suspicion of spying on Palestinians in Turkey for Israel’s Mossad intelligence agency, the pro-government newspaper Sabah reported. The suspects, who were employees of a consulting firm operating in Istanbul, were arrested this week as part of an investigation by the Istanbul Public Prosecutor’s Office. The National Intelligence Service (MİT) and the Istanbul Police Department also participated in the operation. Sabah newspaper said the defendants were spying on Palestinian citizens, institutions and NGOs in Turkey, and were allegedly helping the Mossad discredit and threaten Palestinians. Interrogation of the other detainees continues in the Anti-Terrorism Unit of the Istanbul Police, and thirteen other suspects are not being held.”

35. Unmasking MirrorFace: Operation LiberalFace Targeting Japanese Political Entities

ESET cyber security and intelligence firm published this research on December 14th. The article notes that “the campaign, which we have named Operation LiberalFace, targeted Japanese political entities; our investigation revealed that the members of a specific political party were of particular focus in this campaign” and that “MirrorFace is a Chinese-speaking threat actor targeting companies and organizations based in Japan.”

36. Italy: Meloni Draws on Intelligence Services to Find New Balance with China

Intelligence Online reported on December 15th that “to leave an opening for China without upsetting the United States, Italy’s minister of economic development Adolfo Urso has been consulting with the intelligence services to explore new methods that could grant Italy greater autonomy in its security and strategic choices.”

37. Podcast: World of Intelligence: Use of OSINT to Support Special Operational Forces

Janes World of Intelligence published a new podcast episode on December 16th. As per its description, “in this episode we speak to Gwyn Armfield, Brigadier General, USAF (retired) to discuss how OSINT supports Special Operational Forces in their operations.”

38. Crypto Museum: EE-2 French Clandestine Plug-in Transmitter

The Crypto Museum published a new entry this week. As per its description, EE-2 is a miniature clandestine short-wave plug-in transmitter that ‘steals’ its power from a valve (tube) socket of a contemporary broadcast receiver, developed around 1954 by or for the French intelligence service in Berlin (Germany) — the DR/SR. It was the successor to the EE-1 and was used into the 1960s for agent-to-centre communication across the Iron Curtain in Cold War East-Germany. It comprises a single valve oscillator, of which two versions are known.”

39. United States: Invictus Wins Contract to Update DIA’s Top-Secret Intranet

On December 15th C4ISRNet reported that “the Defense Intelligence Agency disclosed the winner of a “significant” IT modernization contract it announced this week: Washington, D.C.-based cybersecurity firm Invictus. The contract is to modernize the top-secret Joint Worldwide Intelligence Collection System, or JWICS. DIA announced the deal Wednesday, but did not initially reveal the winning company. It’s the largest investment ever made in the network used by the intelligence community and the Department of Defense to transmit sensitive information, agency officials said. The DIA, which provides the U.S. Department of Defense with information about foreign countries’ military capabilities, manages it. Program manager Katie Lipps told reporters during a briefing at the DoD Intelligence Information Systems Worldwide conference in San Antonio, Texas, Thursday that Invictus is the lead on the eight-year contract and will have a diverse team of subcontractors. JWICS was designed in the 1990s to provide secure video teleconferencing between DoD and DIA headquarters, but its scope and user base has grown significantly since then. The network now includes data and email services and has more than 200,000 users, according to DIA Chief Information Officer Doug Cossa. That increased demand, a need for greater security and a desire to incorporate new technology are the drivers behind the JWICS modernization initiative, he said during a Dec. 15 briefing. “It has become the connective tissue that brings everything together — whether that’s collection or analysis that supports strategic competition,” Cossa said.”

40. Ukrainian SBU Announces 12.5 Years Imprisonment of Russian Agent in Kramatorsk

This is a follow up from week 21 story #1. On December 13th Ukraine’s SBU announced that “the Russian agent who “surrendered” the positions of the Ukrainian Armed Forces in Kramatorsk will spend 14 years behind bars. Among his main tasks was the identification of combat positions of the Armed Forces of Ukraine and the National Guard in the Kramatorsk area. In addition, he transmitted the locations and routes of movement of Ukrainian law enforcement officers in the region. The perpetrator was detained as a result of a special counter-intelligence operation of the SBU in Donetsk region in May of this year. A mobile phone with evidence of conspiratorial correspondence with the enemy was seized from him. The court sentenced him to 14 years in prison. According to the investigation, the accomplice of the occupiers is a local resident who was recruited by a representative of the Russian intelligence services after the start of the full-scale invasion. He came into the aggressor’s field of vision because of his pro-Kremlin views, which he repeatedly expressed among those around him. The attacker talked about the “quick” capture of the Ukrainian city and the establishment of the Moscow regime there. On the instructions of the invaders, he went around the territory of the district centre and recorded the movement of Ukrainian troops. The agent transmitted the received information to his Russian handler in the form of geolocation marks on digital maps. Anonymous messengers were used for communication. For this, the attacker received money from the aggressor country. The amount depended on the relevance and importance of the intelligence. As a result of investigative and operative actions, SBU officers timely exposed the Russian agent and documented his criminal actions. Thus, the enemy’s plans to use intelligence to prepare and carry out targeted missile strikes on Kramatorsk were thwarted.”

41. Ex-Twitter Worker Gets 3–1/2-Year U.S. Prison Term for Spying for Saudi Arabia

Reuters reported on December 14th that “a former Twitter Inc manager convicted of spying for Saudi Arabia by sharing user data several years ago and potentially exposing users to persecution was sentenced to 3–1/2 years in prison on Wednesday, U.S. prosecutors said. Ahmad Abouammo had been found guilty by a jury in August following a trial in federal court in San Francisco. Prosecutors had sought a prison term of just over seven years, saying they wanted a “sentence strong enough to deter others in the technology and social media industry from selling out the data of vulnerable users.” Abouammo faced a maximum penalty of decades in prison. Abouammo’s attorneys had asked U.S. District Judge Edward Chen for a probationary sentence at his home in Seattle with no prison time. They cited Abouammo’s ongoing health problems, lack of other convictions and family issues that had affected him during his time at Twitter, which spanned 2013 to 2015. The case focused on Abouammo’s efforts to look up information on two Twitter users, a $42,000 watch he received from a Saudi official and a pair of $100,000 wire transfers. Prosecutors said Abouammo, who oversaw Twitter’s relationships with journalists and celebrities in the Middle East and North Africa, conveyed sensitive information from the company’s systems to help Saudi officials identify and locate Twitter users of interest, potentially exposing them to persecution.” Here is the US Department of Justice press release.

42. Podcast: Spy Museum: The CIA at 75: Looking Back, Looking Ahead

On December 16th the International Spy Museum published this recording of a virtual event. As per its description, “join us to mark the CIA’s 75th anniversary with an evening focusing on the Agency’s history, followed by discussion of operational, analytic, technological, and other challenges that illustrate CIA’s mission and unique role as a national intelligence agency, and a look ahead to the challenges for the future. David Robarge, CIA Chief Historian, will set the stage with a brief look at CIA’s history, agility at adapting to the world around it, and the challenges it has faced. Following the historic background, Mark Lowenthal, former Assistant Director of Central Intelligence for Analysis and Production, will moderate a panel of CIA experts sharing their diverse firsthand experiences to illustrate how CIA and generations of its intelligence professionals have met some of the challenges and risks they faced around the globe. The panel includes: James Lawler, former Directorate of Operations Officer and counterproliferation expert; Andrew Makridis, Former CIA Chief Operating Officer, analyst and presidential briefer; Dawn Meyerriecks, former Deputy Director for Science and Technology; and William D. Murray, former Directorate of Operations Officer Chief of Station. To conclude the program, John McLaughlin, former Deputy and Acting Director of Central Intelligence, will discuss some of the challenges CIA faces and the role it will play in continuing to provide all-source intelligence analysis and operational support to enable policymakers to anticipate and address traditional and emerging threats to US and global security. Co-sponsored by the Council on Intelligence Issues and the Central Intelligence Retirees’ Association with thanks to the Central Intelligence Agency for its assistance.”

43. India: Surat Man Held for ‘spying’ for Pakistani ISI

India Express reported on December 13th that “the Gujarat Police on Tuesday apprehended a 33-year-old man from Surat on charges of spying and allegedly working for Pakistani intelligence agency ISI, official sources said. Deepak Kishor Bhai Salunkhe was arrested by crime branch sleuths from the diamond city, acting on inputs provided by the Military Intelligence from the Pune-based southern army command, they said. The man, a resident of Bhuvneswari Nagar in Surat, used to run a shop, identified by the sources as Sai Fashions. “The ISI agent is being handed over to the special operations group (SOG) of Gujarat Police for further proceedings,” a source said. The sources said Salunkhe was “operating as a financial module which was receiving/transferring money to serving officials as well as civilians (in India) in lieu of crucial information. “He was in touch with two Pakistan-based handlers, Hamid and Kashif, and was in the process of compromising sensitive information with them,” the source said.”

44. Cyber Espionage Operation Targeting Houthi in Yemen

Cyber threat intelligence researcher Souiten discovered and disclosed technical indicators of an active cyber espionage operation on December 15th. The operation involved a lure document titled “Important leaked documents of the Houthi group” and was seen targeting individuals located in Yemen. If opened, the document was covertly installing a cyber espionage software implant known as njRAT. It is currently unknown who was conducting the operation.

45. US Trial of Venezuela’s Alex Saab Exposes Diplomatic Espionage

On December 12th The Grayzone reported that “reporting from inside the federal courtroom where the US is prosecuting Venezuelan diplomat Alex Saab, The Grayzone learns of disturbing acts of diplomatic espionage. Saab’s advocates insist he is imprisoned for violating Washington’s economic blockade. Authorities in Cape Verde, opened official government communications which Venezuela intended for Iran, including a sealed letter sent by Venezuelan President Nicolás Maduro to Iran’s Supreme Leader Ayatollah Ali Khamenei, following the arrest of Venezuelan diplomat Alex Saab in June of 2020. The revelations came to light during a December 12 evidentiary hearing in Saab’s federal trial in Miami, Florida, focused on determining whether or not his claims to diplomatic immunity are legitimate. The Grayzone is attending Saab’s trial in the Wilke Ferguson federal courthouse in downtown Miami. The US Department of Justice has accused the Venezuelan diplomat of conspiracy to commit money laundering, painting him as a corrupt business asset of a socialist government Washington aims to topple. But Saab and his advocates insist his only crime was violating sanctions to provide affordable food and medicine for a population suffering under a crushing US economic blockade. Saab’s trial is therefore a critical test of the legitimacy of the US sanctions regime targeting nations from Venezuela to Iran. On Monday, Cape Verdean lawyer Dr. Florian Mandl testified that when he obtained Saab’s belongings in July of 2020, he discovered that three separate communications his client had been tasked with delivering to Iranian government officials on behalf of the Venezuelan President’s and Vice President’s offices had been opened by an unknown culprit. The documents consisted of a letter from President Maduro addressed to Ayatollah Khamenei as well as two letters from Venezuela’s Vice President Delcy Rodríguez: one addressed to an advisor to her Iranian counterpart, and another addressed to Iran’s then-Minister of Agriculture Kazem Khavazi.”

46. Podcast: Former CIA Operations Chief Andrew Makridis Reflects on CIA Career — “Intelligence Matters”

On December 14th CBS News published this podcast saying that “this week on “Intelligence Matters,” Michael Morell speaks with former CIA chief operations officer Andrew Makridis about his 37-year career at the CIA. Makridis reflects on his front row seat to history as a presidential briefer to President George H.W. Bush. He offers his analysis on how the CIA has changed and improved since the Iraq WMD intelligence failure and Wikileaks breach.” The three higlihts mentioned are: 1) The PDB, 2) What went wrong at CIA with Iraq weapons of mass destruction?, and 3) Cybersecurity at CIA post-WikiLeaks.

47. Netherlands: After ‘Srebrenica’, the Netherlands Never Wanted to Rely on Foreign Intelligence Again. It Failed to Do That

The Dutch NRC reported on December 15th that “intelligence services Historian Bob de Graaff wrote a book about the history of the military intelligence service MIVD based on extensive archival research. The common thread is the cooperation with sister services, which has led to traumas and successes. “Srebrenica proved that dependence on friendly intelligence services did not work in practice.”.” The four highlights of the article are: 1) The heavy Dutch dependence on American intelligence during the war against IS in Iraq played an important role in the bloody bombing of the northern Iraqi city of Hawija in 2015 . This is what historian Bob de Graaff says in his book about the history of the Military Intelligence and Security Service (MIVD), which was published on Friday. 2) The Netherlands had bad experiences with its dependence on foreign intelligence services at the fall of Srebrenica . After that, the intention was to gather and assess intelligence during military missions. 3) This did not happen in the fight against IS, according to De Graaff because of cutbacks in the MIVD, difficulty recruiting informants and the attention to threats from Venezuela. 4) The American intelligence about IS sometimes turned out to be incorrect, including about the risk of the attack on a weapons factory in Hawija, which killed at least seventy people.

48. Russia: Khabarovsk Resident Sentenced to 12.5 Years in Prison in the Case of Transferring Information About Bridges to Ukrainian Intelligence Services

This is a follow up from week 12 story #79. The Russian Mediazone reported on December 15th that “the Khabarovsk Regional Court sentenced local resident Vyacheslav Mamukov to 12.5 years in prison in a case of high treason (Article 275 of the Criminal Code). This was reported by the press service of the FSB. The security forces specify that the decision came into force after an appeal to the Fifth Court of Appeal of General Jurisdiction. When it was issued is unknown. According to the FSB, the man contacted representatives of the Ukrainian intelligence services and, “pursuing mercenary intent,” wanted to pass on information containing state secrets to them. He had access to them at work. In a video of the arrest and interrogation, published by RIA Novosti, Mamukov talks about rebar and concrete, allegedly used in the construction and repair of 30 bridges. Where exactly the sites/targets are located is not reported. According to security officials, this data could be used “to commit sabotage.” The detention of the Khabarovsk resident became known at the end of March.”

49. United States: Russian Spies of San Diego

Zach Dorfman of The Bruss Pass published a new article on December 15th. As per its introduction, “it’s the early 1990s. The cold war has ended, and U.S. counterintelligence agents, though savoring their victory against the Soviets, are skeptical that the Russians were going to stop spying on the U.S. The old Eastern Bloc–Poland, Czechoslovakia, Hungary, and others–had turned decisively toward the West, but the situation in Russia was a lot hazier. U.S. intelligence officials believed, correctly, that Moscow’s spy agencies were more likely to hedge their bets: the U.S. had been their “main enemy” for decades, and even the collapse of the Soviet Union wasn’t going to change that. Around this time, Wayne Barnes, a veteran FBI spyhunter, was stationed in San Diego. Barnes was puzzling over a mystery. Recently, while driving through Balboa Park–a top tourist attraction in the city, most famous for being home to the San Diego Zoo–he had spotted small pieces of duct tape placed horizontally on the poles of street lights. At first, Barnes thought the tape was a coincidence. Then he spotted another, and another–in all, upwards of twenty tape marks, all within the park. Most people wouldn’t give these tiny pieces of tape a second glance. But in the world of espionage, this is a classic communications technique used by intelligence officers and their agents to signal that a package has been dropped, or picked up, somewhere known to the other party; they’re also used to request, or confirm, a clandestine meeting or handoff. “I was astonished,” said Barnes. “It really sets the bee in the bonnet of U.S. intelligence when you see things like that.” Was there a spy in San Diego?, Barnes wondered.”

50. United States: NSA Publishes 2022 Cybersecurity Year in Review

On December 15th the NSA issued a press release stating that “the National Security Agency published its 2022 Cybersecurity Year in Review today to share its mission focuses and demonstrate how it is producing cybersecurity outcomes for the nation. This year’s report highlights NSA’s ability to scale cybersecurity solutions through strong partnerships, resulting in speed and agility. “By protecting the U.S. Government’s most sensitive networks, we cascade solutions that help secure critical infrastructure, U.S. allies, and businesses and consumers around the world,” said Rob Joyce, NSA Cybersecurity Director. “Our efforts to protect those networks help protect yours.” The Year in Review highlights NSA’s efforts, including: 1) Collaborating with industry to harden billions of endpoints against active and ongoing nation-state threats. 2) Disclosing dozens of zero-day vulnerabilities to vendors to remediate before nation-state actors exploit them. 3) Publicly releasing cybersecurity guidance to protect against active adversary and cybercriminal threats and to harden systems. 4) Securing standards for emerging technology through NSA’s Center for Cybersecurity Standards. 5) Researching and delivering tools and technology advancements that protect the nation’s cyber ecosystem.”

51. ‘Litvinenko’ Review: David Tennant Plays the Poisoned Former Russian Spy in a Plodding Procedural

The Hollywood Reported published this story on December 15th saying that “the four-episode Litvinenko, written by George Kay (Lupin) and directed by Jim Field Smith (Truth Seekers), focuses on the saga around Alexander Litvinenko, a former Russian intelligence officer poisoned and killed in London in 2006. It isn’t a story that lacks for juicy dramatic beats — there’s the public ingestion of a radioactive isotope at a chain sushi restaurant, a murder victim issuing declarations while he was still dying and varying levels of international skullduggery. Plus the accused villain is none other than Vladimir Putin. At the same time, though, the aftermath of Litvinenko’s death stretched across a decade. Whatever detective work or spycraft was involved, the case really hinged on variations in jurisdiction and diplomacy, with more false starts and dead-ends than breakthroughs. Each 46-minute episode of Litvinenko begins with multiple title cards announcing this as a true story, emphasizing the degree of research, even while acknowledging minor cosmetic alterations to characters and events. Still, the series wants you to know, or at least believe, that this is how things actually went down, and if that means that Litvinenko is dry, choppy and only limitedly satisfying? That, I guess, is the price of fidelity.”

52. Spyware and Surveillance-for-Hire Industry ‘Growing Globally’

The Record published this article on December 15th saying that “the spyware and surveillance-for-hire industry is “indiscriminately” targeting journalists, activists and political opposition, and growing on a global scale, the social media company Meta warned. In a new report published Thursday, the company said it has “continued to investigate and take actions against spyware vendors around the world, including in China, Russia, Israel, the United States and India, who targeted people in about 200 countries and territories.” Meta was one of the first to publicly challenge the spyware industry back in 2019, when it began legal proceedings against Israeli firm NSO Group for hacking into approximately 1,400 WhatsApp users’ mobile devices. The report details the tactics being used by spyware and hacking companies, in particular an Indian business called CyberRoot previously exposed by a Reuters investigation into Indian mercenary hackers.”

53. United States: FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs On Security reported on December 13th that “InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.”

54. Former CIA Officer Jason Hanson Releases 3 New Videos

Throughout this week former United States Central Intelligence Agency (CIA) Officer, Jason Hanson, released the following videos: 1) Spy Secret — Why You Should Avoid First Floors, 2) Spy Secret — How to Protect Your Identity, and 3) Ohio Shooting Incident: Ring Doorbell Shows A Man Shooting Daughter’s Ex-Boyfriend.

55. Unassuming N.H. Craft Shop Owner Helped Run Sprawling Russian Spy Ring: Feds

On December 13th The Daily Beast reported this article saying that “Alexey Brayman is one of seven people accused of working with the “Serniya” network to smuggle classified military information and technology to Russia. A quiet New Hampshire home out of which a married couple ran their online craft business covertly doubled as a clearinghouse for “millions of dollars in military and sensitive dual-use technologies from U.S. manufacturers and vendors,” which an alleged smuggling ring shipped to Russia over the course of at least five years, according to a sprawling 16-count federal indictment unsealed Tuesday. Alexey Brayman, one of seven people charged in the case, surrendered to authorities on Tuesday morning, according to The Boston Globe. Prosecutors have asked that he surrender his passport and be held on $250,000 bail.” Here is the US Department of Justice press release.

56. Spy Way of Life: The Thon Hotel in Kirkenes, Norway

This week’s selection for Intelligence Online’s Spy Way of Life was the Thon Hotel in Kirkenes, Norway, described as “where spies come in from the cold.” As per the article, “this week, Intelligence Online explores a small hotel close to the Norway-Russia border, where gatherings of Arctic experts are closely followed by the intelligence services.”

57. Cyber Espionage Operation from India Targeting Pakistani Navy

On December 13th cyber security researcher Hido Cohen discovered and disclosed technical indicators of an active cyber espionage operation attributed to an actor dubbed as SIDEWINDER, previously associated with the government of India. The operation involved a lure document titled “United States of America Amendment 1 to Letter of Offer and Acceptance PK-P-GAA” and it was targeting Pakistani Navy officials. If opened, it was exploiting a Microsoft Office vulnerability and covertly installing a custom cyber espionage software implant.

58. Podcast: SpyCast: “Spying and Start-Ups” — with former Assistant Director of the CIA John Mullen

On December 13th the International Spy Museum’s SpyCast published a new episode. As per its description, “the Pacific Theater of WWII was imprinted on John Mullen as a young boy. He grew up in Seattle on the West Coast and had family members who remembered Boeing factories under camouflaged nets. He had two family members who were killed in that theater in the 1940s. John went on to have a stellar CIA career — but one that always had an eye to the East. He went on the become the Assistant Director for Asia and the Pacific, leading all clandestine activity across this huge region, and spent time as a CIA Station Chief in the Far East. He has since co-founded his own firm and is currently engaged in protecting innovation at Strider Technologies as an Executive Vice President. Ever wondered what it’d be like to join the CIA or to leave it to work in corporate America? I have a feeling John might be able to help… And… Business intelligence, competitive intelligence, product intelligence, workforce intelligence: in case you haven’t noticed — intel is everywhere these days!”

59. Ukrainian SBU Announces 12.5 Years Imprisonment of Russian Agent in Donetsk

This is a follow up from week 34 story #10. On December 16th Ukraine’s Security Service (SBU) announced that “according to the SBU evidence, an informant who “hunted” for HIMARS combat positions will spend more than 12 years behind bars. The Security Service has gathered indisputable evidence of the guilt of another enemy accomplice who conducted reconnaissance and subversive activities for the benefit of the aggressor country. The agent was gathering intelligence about the deployment and movement of units of the Armed Forces in the Donetsk direction. First of all, he tried to identify the possible combat positions of the HIMARS artillery systems. In addition, he gave the occupiers the exact coordinates of critical infrastructure facilities in the region. It was on his “tip” that the invaders hit the water intake system in the city of Selydove. SBU officers detained the perpetrator during a special operation in August of this year. According to the materials of the Security Service, the court sentenced him to 12 years and 6 months in prison. He was found guilty under Part 7 of Art. 111–1 and Part 2 of Art. 28 (collaborative activity) of the Criminal Code of Ukraine. According to the investigation, the collaborator turned out to be a local resident who, after the start of the full-scale invasion, maintained contact with the occupiers and sought to help in the war against Ukraine. He transmitted the collected information through a “proxy”. He was a member of the terrorist organisation “People’s Militia of the DNR” controlled by the Russian Federation. He transmitted the coordinates through the banned social networks “vKontakte” and “Odnoklassniki” in the form of photographs with sites marked on digital maps. During the search of the perpetrator’s place of residence, the law enforcement officers found: ️computer equipment; ️flash drives; ️mobile phones with evidence of criminal activity.”

60. Two Ukrainians Convicted of Espionage in Belarus

On December 15th the BigmirNet reported that “in Belarus, two citizens of Ukraine were sentenced to prison terms on charges of espionage. This was reported by the human rights center “Viasna”. It is reported that on November 24, the Brest Regional Court sent two Ukrainians to prison for 5 and 6 years, respectively, for “agent activity” in Belarus in favour of Ukraine. “Ukrainians Mikhail Stolyarchuk and Dmitry Gudik were tried for collecting data on military equipment and facilities in Belarus on the instructions of the SBU,” human rights activists say with reference to the indictment. The case file claims that Ukrainians have been spying in Belarus since 2018. In early 2022, they were detained while crossing the border on a regular bus. Recall that the General Staff assessed the risks of a new offensive from Belarus. The General Staff believes that the likelihood of offensive actions by Belarus is low.”

61. United Kingdom: Spy Chiefs Warned About Tweets and TV Appearances

BBC reported on December 13th that “concern about the growing media presence of British spies has been raised by MPs on the parliamentary Intelligence and Security Committee. A report by the ISC refers to newspaper interviews by MI5 and GCHQ bosses, and the head of MI6’s Twitter account. Spy chiefs have also appeared on the BBC, and the head of GCHQ is set to guest edit Radio 4’s Today programme. Agencies have used social media and interviews to explain their work and increase recruitment and diversity. In its annual report, the committee said it recognised the “important role public outreach can play in attracting employees by opening up about the culture and working practices in such secret organisations” — but it said such activity “must be undertaken in a strategic and considered manner”. It added: “The committee is concerned that, if media engagement strategies go too far, they risk trivialising the important work of the agencies and diverting their focus from national security priorities. Social media is also known to be a battleground for covert hostile state action, so any enhanced media engagement should not undermine the agencies’ ability to act covertly and keep the UK safe.” It pointed to a number of recent interviews by spy chiefs — and the head of MI6’s Twitter account. Richard Moore, also known as ‘C’, tweets far more than any other head past or present of an agency.”

62. Podcast: Grey Dynamics: Covert Action, The Royals, Coups & Espionage with Rory Cormac

On December 16th Grey Dynamics published a new podcast episode. As per its description, “today I spoke with Rory Cormac, an international relations lecturer at the University of Nottingham. He specializes in UK covert action and has written six books on the matter. Including his latest “How To Stage A Coup and ten other lessons from the world of secret statecraft”.” The topics covered were: 1) Thoughts on the recent German coup attempt. 2) Do coups work? 3) The difference between UK & US intelligence culture. 4) Staying away from conspiratorial mindsets. 5) Foreign espionage in UK academia. 6) The royal family and their relationship to UK intelligence. 7) Intended consequences of covert action. 8) Learning from failures.

63. Dropping Charges Against French Company that Sold Spyware to Egypt

Al Jazeera reported on December 15th that “a Paris court on Wednesday dismissed charges against a French company and its directors of complicity in torture, after selling advanced spyware to the Egyptian government. Nexa Technology and four of its managers were accused in 2021 of selling to Cairo the Cerebro software, which enabled the Egyptian government to spy on political opponents, and this may have helped torture and enforced disappearance, according to the lawsuit. But the Paris Court of Appeal dropped the charges against Chairman Olivier Pohbeau, CEO Stephane Sales, and two other company officials, but did not order the case closed, meaning the judges will continue their investigations. Lawyers for the International Federation for Human Rights described the decision as a “great disappointment,” but said that “the story is not over yet,” stressing that they will continue to work to shed light on the “consequences” of selling the company the Cerebro system to Egypt. Nexa is run by former officials of Amesys, another French IT company accused in a separate investigation of selling Eagle spyware to the late Libyan leader Muammar Gaddafi’s regime. Accusations of complicity in torture against Amesys were confirmed last November, but charges against former employees of the company were dropped.”

64. Ukraine: Switchblade 300 Drone Takes Down FSB Surveillance Tower

On December 12th Twitter user Igor Sushko shared this video with the comment that “Ukrainian forces used a Switchblade 300 drone to take out communications at a border surveillance tower operated by the FSB.”

65. Italy: Robert Gorelick (CIA): “A New Method of Conducting Intelligence in the 21st Century”

The Italian Il Giornale D’Italia reported on December 16th that ““Intelligence in the world: an American gaze” is the theme of the lecture held by the head of the Central Intelligence Agency (CIA) in Italy from 2003 to 2008 Robert Gorelick at the Masters in Intelligence of the University of Calabria, directed by Mario Caligiuri. The speaker introduced by saying that in the last twenty years there has been a vast change in the field of intelligence operators. Once upon a time, the way agents operated was with operations carried out in the field, using Humint intelligence. For example, during the American Civil War, the alignments of armies were identified by hoisting themselves on hot air balloons, or classified information was gathered by intercepting telegrams. More recently, the activity carried out in the field began by sending the secret agent to the towns, who managed to operate in a secure manner by means of disguise and with false documents, even changing his identity several times a day. Houses could be rented out as bases of operations using false identities. Gorelick pointed out that today none of this is possible. Indeed, through biometric recognition and fingerprints, it is difficult to change identity. Therefore, the false identity of the agent today must be built over time, even through digital means of communication such as instagram and facebook, in order to create a cover identity that is valid for the entire service activity. The speaker went on to say that HUMINT has always been the main way to search for information. Gorelick then recalled the methods used by intelligence to gather information: SIGINT (signals), OSINT (open sources), IMINT (images), MASINT (instrumental traces), but HUMINT is still widely used. Gorelick said that there were two phenomena that significantly contributed to this “epochal change”: September 11, 2001, which has a more limited influence, and the digital revolution, which brought about a much more profound change in intelligence operations, with the use of research methodologies supported by artificial intelligence.”

66. Podcast: Spycraft 101: Espionage in Nazi-Occupied Czechoslovakia with George Bearfield

On December 15th Spycraft 101 published a new podcast episode. As per its description, “Czechoslovakian members of the British Special Operations Executive pose in liberated Paris before their final mission, parachuting back into their occupied homeland, tasked with the assassinations of senior German military leaders. Czechoslovakia was isolated and vulnerable when World War II began. The nation’s leaders had known for years that Adolph Hitler had set his sights on retaking the Sudetenland, historically German areas that were now inside the Czech borders. In a forlorn effort to placate German aggression, the French and British governments signed an agreement with Germany and Italy that they could have the Sudetenland. The Czechoslovakian government wasn’t a part of this discussion. When German tanks rolled into the country, President Benes ordered the military not to fight back as it would be tantamount to suicide without allied support. But many of the citizens were unwilling to give in. Resistance networks formed throughout the country, and volunteers joined a free Czech army fighting against the Germans in France. Others found their way into working with the SOE, who trained them, armed them, and sent them back home. Dozens of these brave men went to their deaths. German counterespionage and counterinsurgency units were top-notch, and quickly intercepted many of the parachutists. A few gave in and were turned, but many more fought to the death or took suicide pills rather than be captured alive. Others evaded the Germans long enough to strike back, such as with the successful assassination of Reinhard Heydrich in Operation ANTHROPOID in 1942. For episode 50 of the Spycraft 101 podcast, I spoke with Dr. George Bearfield, author of the book FOURSQUARE: The Last Parachutist, which tells the story of his grandfather, Jaroslav Bublik, one of these SOE parachutists. We discussed the war’s impact on Czechoslovakia and how the people fought back any way they could against nearly insurmountable odds.”

67. EU Supplying Georgia with Cyber Tools via UN and Distributor SAT

Intelligence Online reported on December 16th that “the European Union (EU) has decided to supply cyber arms to EU membership applicant Georgia. It is supplying systems from Emirati forensics and cyber intelligence systems distributor Scientific Analytical Tools (SAT) via the United Nations Office for Project Services.”

68. United States: ESF Members NSA and CISA Provide Threat Assessment, Best Practices for 5G Network Slicing

The NSA issued this press release on December 13th saying that “today, Enduring Security Framework (ESF) partners, along with experts from the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA), published their assessment of potential threats associated with 5G network slicing and strategies to help keep this emerging tech secure. 5G is the fifth-generation technology standard for broadband cellular networks. 5G technology can provide increased data download and upload speeds, lower latency, and allow more devices to connect to the internet at the same time. Network slicing is a 5G network architecture which allows mobile service providers to divide their network up into several independent “slices” in order to create specific virtual networks that cater to different clients and use cases. Today’s report specifically identifies management strategies to ensure the confidentiality, integrity, and availability of each network slice. “The Department of Defense is transitioning 5G into its enterprise. Being able to do network slicing across the entire 5G system is a critical new capability that 5G provides over LTE. As important, the ability to use network slicing in a secure way is foundational if the Department is to take advantage of the feature at all,” said Andrew Thiessen, Chief Technologist, DOD 5G Cross Functional Team. The threat and security considerations discussed in this assessment are intended for mobile service providers, hardware manufacturers, software developers, and system integrators that design, deploy, operate, or maintain 5G networks.”

69. Israel: Mossad Reveals How Syrian Intelligence Tracked Down Israeli Spy Eli Cohen

On December 14th Israel Hayom reported that “Israel sought to lay to rest on Monday a decades-old debate about one of its most famous spies, Eli Cohen, saying his capture and execution in Syria was due to successful counter-intelligence rather than unprofessionalism. Cohen, a Jewish immigrant to Israel from Egypt, was recruited by Mossad and dispatched undercover to Damascus, where he operated from 1961 to 1965. Before his arrest, he managed to pass on information that Israel says proved vital to the defeat of Syrian forces in the 1967 Middle East war. His story was the subject of a 2019 Netflix dramatization. Inaugurating a museum to Cohen’s memory in the coastal city of Herzliya, Mossad director David Barnea said a recent investigation had concluded that the spy was caught “only because his transmissions were intercepted by the enemy. Simply intercepted and traced”. “This is now an intelligence fact,” Barnea said, according to a transcript of the event, dismissing theories that Cohen had tipped off the Syrians by sending too many messages, perhaps under pressure from his handlers, or strayed from instructions. Among the exhibits in the new museum is Cohen’s last cable — sent on the day of his capture in January 1965 — reporting a meeting of the Syrian high command. Convicted of espionage, Cohen was hanged in Damascus later that year. Syria, still at war with Israel, has refused to repatriate Cohen’s body.”

70. Spy Agencies to Report on Chinese Leader Corruption

On December 14th the Washington Times reported that “U.S. intelligence agencies will soon be required to submit reports to Congress on the wealth and “corrupt activities” of the senior leadership of the Chinese Communist Party, according to provisions of the fiscal 2023 intelligence authorization bill now in the final stages in Congress. A section of the intelligence bill, expected to be signed by President Biden next week as part of an omnibus spending bill, “requires reporting on the wealth and corrupt activities of the leadership of the Chinese Communist Party (CCP),” according to the Senate report on the legislation. Analysts say corruption among senior Chinese leaders is endemic, despite a multi-year anti-corruption campaign by President Xi Jinping.”

71. Covert Belgian Intelligence Operation Triggered European Parliament Probe

On December 14th VRT News reported that “three people suspected in connection with alleged attempts by a Gulf state to influence decisions of the European parliament with cash and presents appeared in a Belgian court today: Francesco Giorgi, a parliamentary advisor and partner of fellow suspect Eva Kaili, Brussels-Italian lobbyist Nicolo Figa-Talamanca and Pier Antonio Panzeri, a former Euro MP and seen by many as a central figure in this corruption case. Eva Kaili, the European parliament’s vice president, who has been stripped of her office, will appear in court on 22 December. Belgian federal prosecutors have been on the case for several months now. The suspicion is that a Gulf state, reportedly identified as Qatar, tried to influence political and economic decisions of the European parliament by offering large sums of money and presents. The Belgian judicial investigation started following an intelligence investigation conducted by the Belgian secret service. The service has the job of collecting information about activities that could pose a threat to state security. Its investigation into interference by a foreign power started in 2021. Media outlets Le Soir and Knack report that on this case Belgian intelligence is co-operating with its counterparts in five other countries. Secret service officers earlier conducted a secret search of the home of the former Italian Euro MP Pier Antonio Panzeri, where they reportedly encountered 700,000 euros in cash. According to Knack this provided sufficient evidence for suspicions that crimes had been committed and the secret intelligence was then passed on to prosecutors. Six people were detained during raids on 16 premises in Brussels and Kraainem (Flemish Brabant) last Friday. 600,000 euros in cash were recovered from Panzeri’s home. Eva Kaili’s father, who was staying at a hotel in Brussels, was stopped with a suitcase reportedly containing 600,000 euros. Eva Kaili’s home was also searched. Here 150,000 euros is said to have been found. In all police seized 1.5 million euros.”

72. Russian GRU-linked Cyber Espionage Operation Targeting Ukrainian Government

Private cyber threat intelligence firm Mandiant published a technical analysis on December 15th stating that “Mandiant identified an operation focused on the Ukrainian government via trojanized Windows 10 Operating System installers. These were distributed via torrent sites in a supply chain attack. Threat activity tracked as UNC4166 likely trojanized and distributed malicious Windows Operating system installers which drop malware that conducts reconnaissance and deploys additional capability on some victims to conduct data theft. The trojanized files use the Ukrainian language pack and are designed to target Ukrainian users. Following compromise targets selected for follow on activity included multiple Ukrainian government organizations. At this time, Mandiant does not have enough information to attribute UNC4166 to a sponsor or previously tracked group. However, UNC4166’s targets overlap with organizations targeted by GRU related clusters with wipers at the outset of the war.”

73. Spies Who Exposed EU Corruption Were Investigating Foreign Meddling

Following this week’s story #71, on December 15th The Telegraph reported that “Belgian spies were investigating widespread foreign interference in EU decision-making when they uncovered the corruption and bribery scandal that has engulfed the European Parliament. The country’s secret service broke into the house of one of the key suspects, a former Italian MEP, where they discovered €700,000 in cash, revealing an alleged plot linked to world cup host Qatar that has tarnished EU institutions. Belgium’s State Security Service is believed to have launched a far-reaching investigation into foreign meddling in the EU in 2021. “It was a game-changer that state security has been working on for more than a year, together with foreign intelligence services, to map suspected bribery of MEPs by various countries,” Vincent Van Quickenborne, the Belgian justice minister, told Belgian daily Le Soir. Police have now conducted more than 20 raids, mostly in Belgium but also in Italy, with MEPs being warned immunity rules could be revisited to stop future scandals emerging in the future. So-called friendship groups, formed by MEPs as forums to discuss ties with non-EU countries and seen as vulnerable to external influence, are also likely to be banned. Details of the covert operation emerged as Francesco Giorgi, the partner of Eva Kaili, the former European Parliament vice-president, was said to have confessed to his role in a bribery network. The network, believed to have been established by Moroccan intelligence, was allegedly working to further Qatar’s influence ahead of several key EU decisions on visa liberalisation and an aviation pact in 2021. Morocco and Qatar have long shared close ties and it is believed Doha could have enlisted Rabat’s services in Brussels because of its allegedly pre-established intelligence network in the Belgian capital. Ms Kaili, a serving Greek socialist MEP, and Mr Giorgi are being held by Belgian authorities after they were arrested on Dec 9 on suspicion of corruption. Investigators found €900,000 in cash during raids on their home and a hotel room occupied by Ms Kaili’s father, Alexandros Kailis. Since being arrested, Ms Kaili has pleaded her innocence. However Mr Giorgi confessed that it was his role in the corruption scandal to handle cash payments to MEPs, naming an Italian and Belgian who he said took bribes, according to Belgian newspaper Le Soir.”

74. Podcast: WSJ: Open-Source Intel: Are U.S. Spy Agencies Falling Behind?

On December 13th the Wall Street Journal published this podcast episode saying that “U.S. intelligence agencies’ use of publicly available data is outpaced by adversaries such as China and even some large companies, officials say. WSJ reporter Warren P. Strobel joins host Zoe Thomas to discuss how this shift took place and the culture change the CIA is having to embrace to keep up.”

75. France: Chosen by DGSI, ChapsVision Develops its Sensors

On December 14th Intelligence Online reported that “the French big data analysis company is looking to get a foothold in the investigation of encrypted messaging as well as facial recognition.”

76. Russian Wagner PMC’s Intelligence Service, the “Myod”

On December 15th Igor Sushko published a Twitter thread saying that “according to Russian convict Andrei Medvedev sent to the front in Ukraine by Wagner PMC terrorists, Wagner’s own security service is called “Myod,” translates to “Honey,” and is comprised of former and current FSB officers. It is Wagner PMC’s security service Myod that hunts down and executes convicts who manage to miraculously survive the war and escape back to Russia. Myod is also the entity that is primarily tasked with executing convicts on the front who refuse to follow orders. Medvedev’s contract with Wagner PMC started on July 6th for 4 months. However, when he survived the term and intended to return to Russia as a free man, he was told his term will be extended by 6 months, then 8 months. When he refused, he was thrown in the ‘hole’ at his own unit. With the help of the convicts in his own unit which he commanded, he escaped to Russia from the hole. After futile attempts to contact journalists, he found Osechkin’s Gulagu.net. Medvedev is currently a wanted man by Russian law enforcement, and if caught, will be turned over to Wagner PMC’s security service Myod for torture and execution.”

77. Greece: Surveillance and Shadow Government of PM Mitsotakis — Protection of Prosecutor Dogiakos from the EYP Bugs

The Greek Documento News reported on December 17th that the investigation into COSMOTE was hindered by a telephone “opinion” of the Prosecutor of the Supreme Court Dogiakos, and that surveillance evidence was found for Greek investigative journalist Tasos Telloglou and Greek MEP Giorgos Kyrtsos.

78. More Details on the Sweden-Turkey Deal Emerge

On December 17th ANF News reported that “according to the document, the Swedish intelligence service Säpo has “intensified” its cooperation with the Turkish intelligence service MIT. The document mentions a meeting between Säpo and MIT in September. There, they discussed “long-term” cooperation.”

79. Webinar: Patrolling the Ether in WW2 — Radio Intelligence for the War Effort

The Antique Wireless Museum published a new webinar on December 13th. As per its description, “Signals intelligence (SIGINT) is almost as old as radio itself, but during World War 2 it took on even greater importance. The United States Federal Communications Commission had two divisions devoted to SIGINT, the Foreign Broadcast Monitoring Service (FBMS) and the Radio Intelligence Division (RID). The mandate of the FBMS was to record, translate, transcribe and analyze shortwave propaganda radio programs that were being beamed at the United States by the Axis powers. Additionally, between 1940–1947, the FCC’s Radio Intelligence Division (RID) monitored clandestine radio transmissions in the United States. The RID was the FCC’s “largest single activity” during the war years and helped military and government agencies locate the Axis enemy’s clandestine radio transmissions. Radio Historian Brian Harrison explores the fascinating history of these two organizations, the equipment that they used, and their contributions toward winning World War 2.”

80. Catherine Perez-Shakdam: The “Israeli Spy” who “Infiltrated” Mintpress

Mintpress News reported on December 14th that “a storm of controversy erupted earlier this year in Iran, after local media outlets announced that a “Mossad spy” and “Israeli infiltrator” had gained the trust of the country’s senior leadership, penetrated into the highest halls of power, and had even been employed as a writer for Ayatollah Khamenei himself. Although the stories did not disclose the name of the infiltrator, it was clear that the individual in question was Catherine Perez-Shakdam. Almost immediately, Iranian media such as Press TV and The Tehran Times began silently but furiously removing all her content from their pages. Perhaps most worrying from an Iranian government perspective, Khamenei.ir, Ayatollah Khamenei’s own website, had to delete her articles and disavow her. Catherine Perez-Shakdam is a French-born journalist and analyst who had married a Yemeni man, converted to Shia Islam and wore a hijab. In her professional life, she penned articles denouncing Israeli and Saudi crimes, lionized armed Palestinian resistance, and supported the Iranian government. She had earlier also been a frequent contributor to MintPress News — a fact that likely bolstered her anti-imperialist credibility. Perez-Shakdam “came out,” so to speak, in a series of articles published in The Times of Israel, detailing how she was able to “walk right into the belly of the Beast” — i.e. Tehran. “Keen to be let in, I neither argued nor revealed my true motivations. I realized pretty early on that if I was to witness first-hand what it is that the region is really about I’d better blend in and listen,” she wrote. Her choice of language did nothing to douse suspicions that she was a spy in the vein of the Mista’arvim — the notorious intelligence units who spend their lives deep undercover in Arab society, gathering intelligence for Israel. The articles come off as celebratory; the casting off of a previous identity and the embracing of a new one. “For years I peddled Iran’s propaganda,” she wrote, comparing the country to 1930s Nazi Germany. The Islamic Republic’s “regional expansionism and its obvious hunger for military supremacy”, its “imperial nihilism” and its “contempt for international law,” she noted (without irony), were contributing factors to why she now embraced Israel and had become a committed Zionist. For her professional life, she had hidden her Jewish origins (she wrote under her husband’s surname, “Shakdam”), but now sings Israel’s praises, even revealing that her child wished to join the Israeli Defense Forces (IDF).”

81. Ana Montes: American Super Spy Who Worked for Cuba, By Owei Lakemfa

On December 17th Premium Times published this article saying that “the United States, had during the Banana War, occupied Nicaragua in 1912. This gave rise to the Somoza political family, which ruled the country from that period until its overthrow by Nicaraguan youths under the banner of the Sandinista Movement in 1979. The popular Nicaraguan Revolution threw many youths across the world into a frenzy. One of them was a 22-year-old American, Ana Belen Montes. Additionally, Montes, whose Puerto Rico homeland has been occupied by the US since 1894, also felt that the tiny island state of Cuba, whose youths had, in 1959, overthrown the Batista dictatorship, should have the right to self-governance without interference from the US, its giant neighbour which had already seized its Guantánamo Bay. The US also orchestrated the failed Bay of Pigs invasion of Cuba in April 1961, imposed an embargo on Cuba in February 1962 that is still in effect today, and carried out hundreds of assassination attempts on the then Cuban leader, Fidel Castro. Montes, out of conviction, decided to work for free for Cuba’s survival, while America picked up the bills. In 1984 while working as a clerk in the Department of Justice, she applied for a job in the Defence Intelligence Agency (DIA). The agency is responsible for foreign military intelligence, briefing the Secretary of Defence, the Joint Chiefs of Staff, and providing military intelligence to war fighters, and overall national intelligence. The DIA employed her in 1985, and she soon became one of its stars. She became a specialist on Latin American military affairs, was the principal analyst for El Salvador and Nicaragua, and later the top political and military analyst for Cuba. She became known in American intelligence circles as the ‘Queen of Cuba’.”

82. Podcast: Council on Foreign Relations: Spying 101

On December 14th the Council on Foreign Relations published a new podcast episode. As per its description, “in 2020, the United States appropriated more than $85 billion for the National Intelligence Program. However, most people misunderstand the day-to-day activities of the intelligence community. Behind the glamourous Hollywood depictions, is an entire ecosystem of agencies staffed with analysts who work around the clock to gather information. Without them, U.S. security and national defense would be in the dark. But espionage must adapt to meet twenty-first-century developments. With the advent of the internet, social media, facial-recognition software, and digital surveillance, being a spy has become nearly impossible. The world continues to change, and spycraft must innovate to meet the mark.”

83. China’s Attempt To ‘Steal’ US Naval Aircraft Fails; Here Is What Makes The T-2 Buckeye Important For PLA Navy

The EurAsian Times reported on December 15th that “a former US Marine Corp AV-88 Harrier II “jump jet” pilot was involved in an illegal procurement of at least one T-2 Buckeye naval jet trainer for training the Chinese naval aviators to operate from an aircraft carrier, according to an indictment dated 2017, that was unsealed on December 9 by a US federal court in Washington, DC. The indictment from US prosecutors alleges that the Marine pilot, Daniel Edmund Duggan, who was arrested in Australia earlier this year amid accusations of having trained Chinese military pilots to land on aircraft carriers, had breached US arms control laws and was involved in a conspiracy. Daniel Edmund Duggan, 54, served with the US Marines for more than ten years, from 1989 to 2002, rising to the rank of Major, according to a LinkedIn profile that matches his description. He is believed to have flown the AV-8B Harrier II jump jet and participated as a Marine Corps exchange pilot with the Spanish Navy. Also, Duggan moved to China in 2014. Three years later, he began working in Qingdao in 2017 as the managing director of AVIBIZ Limited, a “comprehensive aviation consultancy company” with its headquarters in the eastern Chinese port city of Qingdao. The company was registered in Hong Kong in 2017 but disbanded in 2020.”

84. United States: CISA Researchers: Russia’s Military Intelligence (GRU) Infiltrated US Satellite Network

On December 16th CyberScoop published this story saying that “researchers at the Cybersecurity and Infrastructure Security Agency recently discovered suspected Russian hackers lurking inside a U.S. satellite network, raising fresh concerns about Moscow’s intentions to infiltrate and disrupt the rapidly expanding space economy. While details of the attack are scant, researchers blamed the incident on the Russian military group known as Fancy Bear, or APT28. It involved a satellite communications provider with customers in U.S. critical infrastructure sectors. Responding to a tip about suspicious network behavior, CISA researchers found hackers inside the satellite network earlier this year. MJ Emanuel, a CISA incident response analyst who discussed the incident at the CYBERWARCON cybersecurity conference last month, said it appeared that Fancy Bear was in the victim’s networks for months. Space security is a growing global concern, especially as key industries and militaries around the world increasingly rely on satellites for vital communications, GPS and internet access. A cyberattack against the U.S. telecom company Viasat, which provides internet service in Europe, disrupted internet service in Ukraine just before the Russian invasion in February. That attack, which officials blamed on Russia, is one of the most significant digital assaults of the war and lead to a warning from the FBI and CISA about other potential Russian infiltration of satellite systems. Gregory Falco, a professor at Johns Hopkins University who focuses on space cybersecurity, described the state of satellite security as “the most critical and vulnerable than any other point in history.” Satellite systems, he argued, can no longer operate through security by obscurity as vulnerabilities and attack patterns that used to be limited to classified environments are increasingly public.”

85. Webinar: Tone Academy: Intelligence Agencies of India

On December 17th the Tone Academy published this webinar. As per its description, “this video briefly covers topics related to the Intelligence Agencies of India. It briefly explains about all the Intelligence Agencies In India.”

86. United Kingdom: London’s Eyes (And Ears) in Cyprus

The Italian InsideOver published this article on December 17th stating that “in Cyprus time seems to have stopped at a time when, in Europe, there was a “wall” dividing two opposing blocks: the Soviet one and the western one headed by the United States. The island, located in the Eastern Mediterranean , is in fact divided by the Green Line, a border represented by a demilitarised zone established by the UN in 1974 along the ceasefire line which was established after the military intervention on the island by the Turkish Army. The area extends for 180 kilometers and divides Cyprus into a southern part with a Greek Cypriot majority and a northern part with a Turkish Cypriot majority, crossing the capital Nicosia itself. The British administration of the island ended in 1960 but the island became part of the Commonwealth in 1961 and still today London has important portions of territory in which it has established a constant military presence. In fact, the United Kingdom has an air-naval base in Akrotiri, where the 903rd Expeditionary Air Wing (operating with various types of helicopters and transport aircraft) and the 84th Squadron (with the Bell 412) of the Royal Air Force (RAF) are based, but the The British Air Force detaches its Typhoon fighter-bombers on a rotational basis for operations in the Middle East. From Akrotiri, sometimes, also operate the RC-135 — electronic intelligence aircraft or ELINT — which carry out missions in the Black Sea and occasionally the US U-2/TR-1 spy planes have also been observed landing, also engaged in surveillance of NATO’s eastern border and in patrols on the Black Sea. The U-2s, departing from Akrotiri, were also used by the United States to carry out missions on Hezbollah positions in Lebanon (code name Cedar Sweep ), to gather information to be passed (also) to Lebanese intelligence in order to help Beirut track down Hezbollah militants. Similarly, U-2s gathered intelligence by flying over Turkey and northern Iraq, and the intelligence they gathered was covertly provided to Turkish authorities in an operation dubbed the Highland Warrior.”

87. Podcast: Out of the Blank: Phil Zwerling — The CIA on Campus

The Out of the Blank published a new podcast episode. As per its description, “Phil Zwerling an Associate Professor of Creative Writing and Director of the Creative Writing Program at the University of Texas Rio Grande Valley. He is the author of three books (Nicaragua: A New Kind of Revolution, 1985, After School Theatre Programs for At Risk Teenagers and The Theatre of Lee Blessing: A Critical Study of 44 Plays. Phil joins me to talk about his edited book, The CIA on Campus: Academic Freedom and the National Security State. The CIA on Campus details how Central Intelligence Agency has poured tens of millions of dollars into universities to influence research and enlist students and faculty members into its ranks.”

88. MI6 Senior Spy Reveals Surprising Way She Managed to Gain Information on Missions

The Sun published this article on December 16th saying that “a senior MI6 spy has told how being clearly pregnant helped on her toughest missions. The real-life Jane Bond, referred to as Ada, said her baby bump encouraged agents to open up to her. Ada: MI6’s gadget lab chief “Q” to colleagues — spoke out for the first time to encourage more women to join the Secret Intelligence Service. She said: “Being visibly pregnant can stimulate unusual conversations. “Some of the hardest negotiators have softened, talking about their hopes for their children or the next generation.” Ada, in her 40s, was also the first woman in the SIS to ask for special iso-fixings in her armoured car for her baby’s child seat. She said: “It turns out it’s very difficult to do.” The mum, whose role in recent 007 films was played by Ben Whishaw, added that she tells male agents she thinks of them “like fathers or brothers” to stop them hitting on her. She said: “It changes things. You can literally see it change in an agent’s eye. “I will do it very openly . . . you literally bring that terminology in.”.”

89. Pakistan: Former DG ISI Faiz Hameed Breaks Silence Over News of Joining Politics

Times of Islamabad reported on December 17th that “former chief of the Inter-Services Intelligence (ISI) Lt Gen (r) Faiz Hameed link has said that he will never join politics. The former top spymaster said that all speculations about him joining politics or becoming part of PTI were totally false, reported The News. He said that he would not join politics after two-year bar nor afterwards. A day earlier, a video had gone viral where the former three-star officer of the Pakistan Army was invited by the local PTI leadership in Chakwal to join the Imran Khan-led PTI. The video showed Hamid attending a gathering in his native village in Chakwal. In it, an unidentified person, addressing the gathering, praised the former spy chief for his services in the military and the development of the area. Faiz Hameed link had retired from service after General Asim Munir link took command of the Pakistan Army as the chief of army staff. The former DG ISI had requested early retirement after the prime minister had approved Gen Asim Munir link and Gen Sahir Shamshad Mirza link elevation to the four-star rank. His application for early retirement was approved on December 2 after the Defence Ministry forwarded his request to the premier.”

90. Canada: CSE Recruitment Video — The Most Important Organisation You’ve Never Heard Of

On December 16th Canada’s Communications Security Establishment (CSE), the country’s primary SIGINT agency, published a new recruitment video with the message “the most important organization you’ve never heard of.”

91. Britain’s Foreign Intelligence Chief Visits Armenia

Asbarez reported on December 16th that “the chief of Britain’s foreign intelligence agency, Richard Moore, met with Prime Minister Nikol Pashinyan on Friday during a surprise visit to Armenia. In a short statement on the meeting, the Armenian government’s press office said Pashinyan and Moore discussed “processes taking place in the South Caucasus.” “Topics relating to regional and international security were also addressed,” added the statement. No other details were reported. Photographs of the meeting released by the office showed that Armen Abazyan, the head of Armenia’s National Security Service, was also in attendance. Moore, who runs the Secret Intelligence Service, also known as MI6, arrived in Armenia just four days after meeting with Armen Grigoryan, the secretary of Armenia’s Security Council, in London. According to Grigoryan’s office, they discussed “prospects for bilateral security cooperation.” It was not clear whether the British spy chief is also scheduled to travel to neighboring Azerbaijan or Georgia. U.S. Central Intelligence Agency Director William Burns visited Armenia and met with Pashinyan in July. Few details of those talks were made public.”

92. A Guided Audio Tour of the C.I.A. Museum

On December 17th The New Yorker published this article which is documenting the CIA audiot tour. It starts with “welcome to the C.I.A. Museum’s guided audio tour. I’m Ken Kelvin, a former C.I.A. agent, current museum guide, full-time expert on C.I.A. history, and a case study in what happens when a surgical lobotomy goes wrong. I was demoted after I wouldn’t stop telling first dates (and WikiLeaks) that I was an undercover spy. Let’s go!”

93. Greece: Three Ministers Were Under Surveillance by the EYP During Past Administration

According to the Greek newspaper Vima from December 17th, ““EYP spied on three ministers of SYRIZA” is the title of the main article on the front page of the newspaper. As for the names, “Kotzias-Kammenos-Pichiorlas” are already specified on the cover. And he also writes on the front page of “To Vima tis Kyriaki” about the subject of EYP’s surveillance of SYRIZA: “The dance of wiretapping in the period 2015–2019”. “List of 19 Names in Intelligence Service’s Surveillance System”. “Why was the then government partner targeted”.”

94. Iran-Linked Charming Kitten Espionage Gang Bares Claws to Pollies, Power Oranisations

The Register reported on December 15th that “an Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets — including politicians, government officials, critical infrastructure and medical researchers — according to email security vendor Proofpoint. Over the past two years, the threat actor group that Proofpoint’s researchers track as TA453 (other intel teams call this state-backed gang Charming Kitten, Phosphorus, and APT42) has branched out from its usual victims — academics, researchers, diplomats, dissidents, journalists and human rights workers — and adopted new means of attack. While the group’s past email campaigns often deployed web beacons tucked inside messages that ultimately led to stolen credentials, Proofpoint has observed “outlier” campaigns over the past couple of years that used “new-to-TA453 phishing techniques including compromised accounts, malware, and confrontational lures.” “Proofpoint judges with moderate confidence that this atypical activity reflects TA453’s dynamic support to ad hoc Islamic Revolutionary Guard Corps (IRGC) intelligence requirements,” Joshua Miller and Crista Giering wrote. The gang’s new targets and tactics also provide better insight into “TA453’s potential support of IRGC surveillance and attempted kinetic operations,” including murder for hire and kidnapping plots, according to Proofpoint.”