Open in app

Sign in

Write

Sign in

SPY NEWS: 2022 — Week 6

Summary of the espionage-related news stories for the Week 6 (7–13 February) of 2022.

The Spy Collection
28 min readFeb 13, 2022

1. How CIA Uses In-Q-Tel to Fund Foreign Businesses

On February 7th, Raphaël Bloch published a news story on the French L’Express about the U.S. Central Intelligence Agency’s (CIA) venture capital firm, In-Q-Tel (IQT), that started in 1999 and is investing in technology businesses, including many in the European Union (EU). The report states that EU officials are concerned since, as R. Bloch mentioned, “When we talk about sensitive projects, there are no allies.” The article goes through potential uses of IQT by the CIA to obtain sensitive information or influence decisions to support United States’ foreign policy and economy.

2. Israeli Police Used NSO Group’s Pegasus to Spy on Public Figures

After Tomer Ganon’s story on the Calcalist Israeli newspaper, several local media outlets and newspapers started reporting on Israel’s police abusing their covert surveillance software implant (called Pegasus, developed and sold by NSO Group) to illegally spy on a wide variety of people in Israel including journalists, activists, politicians and their families, government officials, business leaders, and other public figures.

3. Dutch AIVD Warns Over Successful Russian and Chinese Recruitment Campaigns via Social Media

On Monday, February 7th, the Dutch newspaper FD and other popular Dutch media shared a warning issued by the General Intelligence and Security Service (AIVD) of the Netherlands. The warning was the increasingly successful use of social media such as LinkedIn and Instagram by Russian and Chinese intelligence agencies to recruit agents. According to AIVD the initial contact is in the form of simple help (e.g. translation of a technical concept, support in a technology research, etc.) followed by relationship development and even on-site (such as conferences) meetings with the end goal to recruit foreign technology experts to work as agents. Common methods used afterwards is blackmail or bribery. AIVD officials stated they are “amazed” at the success ratio of this recruitment methodology.

4. Hydroacoustics Expert Viktor Korolev Sentenced to 12 Years in Prison in Russia for Naval Espionage on Behalf of China

On Monday, the Primorsky Regional Court of Russia announced the verdict of 12 years in prison for espionage to 71-year old Viktor Korolev. In December 2019 he was arrested by the Federal Security Service (FSB) in Vladivostok, his home town, and later sent to Moscow. The court announcement states that he was “collecting, in order to transfer to a representative of a foreign state, information constituting a state secret in relation to modern sonar systems for detecting submarines.” According to his lawyer, Artur Katansky, for 15 years V. Korolev has been supporting Russia’s counter-intelligence special operations. Based on his social media, V. Korolev was regularly visiting China, including public photos such as one from 2016 in Beijing for a business trip at Sinopec Corp. He is also the owner of the wholesale trading “Ekipazh LLC” based in Vladivostok since 2007, and the CEO of “Marina Co. Ltd” a naval technology company based in the city of Harbin, China, dedicated to providing high-tech services to Chinese customers.

5. Nigerian Defence Intelligence Agency Hunts Fake Online Recruiters

Davies Ngere Ify of the “Within Nigeria News” reported that Nigeria’s Defence Intelligence Agency (DIA) announced that they have no active online recruitment activity going on, and if anyone is approached by a recruiter pretending to be from Nigeria’s DIA they should report it. Nigerian DIA also stated in that announcement that “efforts are being made to apprehend those behind false recruitment alerts for prosecution.”

6. German NGO Submits UN Letter on Turkish MİT Intimidation Against Critics and Political Opposition in Wales and Germany

On February 7th, Abdullah Bozkurt of the “Nordic Monitor” published a story, including the original document, from the German Non-Governmental Organisation (NGO) Society for Threatened Peoples (Gesellschaft für bedrohte Völker) who sent a formal letter to the United Nations Human Rights Council (UNHRC) in Geneva, Switzerland indicating various covert operations of the Turkish National Intelligence Organisation (MİT) to threaten and intimidate opposition members and Turkish government critics living abroad. The document provides several examples of “kill lists”, beatings, verbal attacks, close surveillance, threats/intimidation, smear campaigns, propaganda, false criminal accusations via Turkish law enforcement, and others targeting individuals living in Germany and Wales.

7. Former U.S. DIA Director Lt. Gen. Robert Ashley, Jr. Joins NextgenID Board of Advisors

In 2020 Lieutenant General Robert Ashley, Jr. retired from the United States Defence Intelligence Agency (DIA), and as it was officially announced recently, he joined the Virginia-based NextgenID technology company’s Board of Advisors. This company provides end-to-end trusted identity solutions to government and commercial sectors. Among the customers of NextgenID there are several U.S. Federal Agencies, Armed Forces, and other U.S. government organisations.

8. Former Bolivian President Evo Morales Denounces Being Under Constant Surveillance by U.S. Intelligence Operatives

Last Sunday, Former Bolivian President Evo Morales shared via his Twitter that he is being “spied on and subjected to constant surveillance. We are investigating if these illegal actions come from the right or the US embassy. Our government must control these groups and guarantee the safety of the people.” On Monday, February 7th, Bolivia‘s Minister of Government, Eduardo del Castillo announced the launch of a law enforcement investigation and a protection program for the former President.

9. Russian SIGINT Ship “Ivan Khurs” Spotted Near Odessa, Ukraine

On February 8th, open-source reports indicated that the Russian Navy “Ivan Khurs” Signals Intelligence (SIGINT) gathering ship was around 20 miles outside the coast of Odessa, Ukraine. The Russian SIGINT ship was part of Project 18280, designed after the Yury Ivanov-class intelligence ship, and was commissioned in the Black Sea fleet on June 25th, 2018.

10. U.S. COMINT Indicates Concerns Among Russian Officials on the Cost of a Large-Scale Operation in Ukraine

According to CNN, Communications Intelligence (COMINT) obtained by the United States government indicates concerns among Russian military officials on the potential cost and complexity of a large scale operation in Ukraine, despite what Russian President Vladimir Putin and other Kremlin leaders assume. Two other U.S. intelligence sources told CNN, in relation to the COMINT collection, that Russian military officials have concerns about “their plans being discovered and exposed publicly by western nations.”

11. U.S. Government Uses Uzbekistan for ISR Collection on Taliban

Based on recent reporting, the U.S. government is providing around 38 small UAS (Unmanned Aircraft Systems) developed by AeroVironment to Uzbekistan. The UAS are the RQ-20B Puma 3 AE with the Mantis i45 AE Gimbal, two 15MP EO cameras with 50x zoom, IR capabilities, and high-power illumination, designed for intelligence and targeting data collection. According to the reports, the U.S. government is supplying those so that Uzbekistan can provide the United States with Intelligence, Surveillance, and Reconnaissance (ISR) collection on Taliban forces operating in the region.

12. Interview with Former CIA Clandestine Service Officer Darrell M. Blocker

SpyScape published an interview with 28-year veteran Central Intelligence Agency (CIA) operations officer Darrell M. Blocker, who was also considered as a Director of the CIA (DCI) by President Joe Biden’s Administration. The interview was mainly focused around his current career as a Hollywood creative consultant on espionage-related films and series.

13. Ukrainian SBU Arrests Female Russian Spy in Donetsk Region

An official announcement along with a supporting video were published by the counter-intelligence department of Ukraine’s Security Service (SBU). The suspect was working for the “Ministry of State Security of DNR” and was resident of Volnovakha, Donetsk Oblast. In 2020 she was recruited by the Deputy Chief of the militants’ counter-intelligence unit which, according to SBU, is controlled by Russia’s special intelligence services. She had topography experience from the mining industry and was tasked to “gather information on the location of units of a separate mechanized brigade of Ukrainian Armed Forces near the contact line in the vicinity of Granitne” and communicate that via electronic communication channels to her handler.

14. US ODNI Report Indicates Russian Indirect Support to Western Neo-fascist Groups

Zach Dorfman and Jana Winter of Yahoo News published a story based on a July 2017 United States Office of the Director of National Intelligence (ODNI) report, with input from U.S. FBI and CIA. Although such groups pose a threat to Western societies, the report concludes that Russian government takes a passive but not direct support role of those groups. For instance, tolerating their existence and actions, but not actively providing them with logistical or other support.

15. Podcast with Retired Danish chef Ulrich Larsen Who Infiltrated North Korea and Exposed Illegal Arms and Narcotics Programs

On February 8th, SpyScape released a new podcast episode of the series “True Spies” featuring retired Danish chef Ulrich Larsen, who infiltrated the Korean Friendship Association (KFA), and after 11 years (2010–2021) of undercover espionage activities was able to expose North Korea’s weapons and narcotics programs, as well as methods used to circumvent international sanctions.

16. Military Cyber-Espionage Campaign Allegedly Originating from Pakistan

The “Shadow Chaser Group” of the GcowSec team announced the discovery of cyber-espionage infrastructure likely related to an active intelligence collection operation targeting military-related targets. The authors attributed it to an actor dubbed as “SideCopy” which has been previously associated with the Pakistani intelligence services.

17. Concerns Over NIS Covert Surveillance on Greek Journalists

The Hellenic League for Human Rights (HLHR) announced concerns over prosecutions and covert surveillance of journalists in Greece. The public statement highlights a few recent past cases of the Greek National Intelligence Service (NIS) conducting Human Intelligence (HUMINT) and Signals Intelligence (SIGINT) to target Greek journalists. According to Eliza Triantafyllou, journalist at the “Inside Story”, the covert surveillance software “Predator” (developed and sold by the Israeli Cytrox; later succeeded by Balinese Ltd.) has been confirmed to have been used in Greece by two independent investigations.

18. In 2015 NYPD Received Demo from WestBridge (US Branch of the Israeli NSO Group) for Covert Surveillance Software Pegasus

Joseph Cox of the Motherboard published a news story, including raw media from 2015, showing the efforts of the Israeli NSO Group company to sell their covert surveillance software, called “Pegasus” to United States Law Enforcement Agencies, including the Intelligence Bureau of the New York Police Department (NYPD). The story includes the brochure which shows that NSO Group’s North American branch is a firm called “WestBridge” and was established in 2014 in Bethesda, Maryland. The brochure’s motto was: “Turn Your Target’s Smartphone into an Intelligence Gold Mine.”

19. Bellingcat Publishes Article on OSINT Methods Used to Track Russian Vehicles

A new article published by Bellingcat’s Director of Training & Research, Aric Toler. The article has a guide format demonstrating how to conduct Open-Source Intelligence (OSINT) analysis of Russian vehicles, military and others, using licence plates databases, format understanding, specialised platforms, and other OSINT sources for Russian vehicles identification and tracking.

20. Cyber-Espionage Campaign Targeting Pakistan’s Navy, Allegedly from India

The “Shadow Chaser Group” of the GcowSec team published their discovery of an active cyber-espionage operation pretending to be originating from the Ministry of Defence of Pakistan, and specifically, the Pakistani Navy, which is likely its target. According to the researchers, this is attributed to an actor dubbed as “SideWinder” which has been previously associated with a private company offering cyber-espionage services to India’s intelligence agencies.

21. Internal CSIS Documents Indicate Intelligence Bias that Led to the Ottawa Trucker Blockage in Canada

Based on reporting by Tom Spears, previously classified briefing notes of the Canadian Security Intelligence Service (CSIS) indicate that blocking of streets by truckers was never assessed as a threat. Stephanie Carvin, who teaches political science says this is “hindsight bias.” The briefing identified Canada’s threat focus areas in actors like “ISIS and al-Qaida, and the neo-Nazi Atomwaffen Brigade, Blood & Honour and the Base” but not civil unrest, protests, and similar developments. According to the report, this was the root cause on why CSIS failed to inform the Canadian government of the city streets blockages by truckers in Ottawa.

22. Issues with Politicisation In South Africa’s Intelligence Agencies

Jayashree Govender, legal adviser for 17 years at the Office of the Inspector-General of Intelligence (IGI) for South Africa gave an interview which highlights the heavy politicisation in S. African’s intelligence agencies. Currently, IGI is conducting an investigation on the subject which, according to J. Govender, includes things like executive outreach with Ministers getting involved with intelligence operations, people appointed to certain positions against the reporting lines, etc.

23. Middle East Cyber-Espionage Campaign by Palestinian Operators

Cyber-security firm Proofpoint published a threat research, performed by Konstantin Klinger, Joshua Miller, and Georgi Mladenov analysing a recent (December 2021) cyber-espionage campaign against several countries of the Middle Eastern region. According to the report, the main target was government entities, foreign policy think tanks, as well as a state-affiliated airline. The analysts conclude that the operator behind it was likely a “Palestinian-aligned” actor.

24. News Report that 14 of 15 U.S. Cabinet Departments Bought Israeli Cellebrite Products

Mara Hvistendahl and Sam Biddle of The Intercept published a news story indicating that in the United States government sector the agencies that do not use Israeli Cellebrite products are becoming the exception, and raises questions on the actual need of this, and its association with cyber-espionage issues. Cellebrite is an Israeli company, found in 2007, specialising on mobile phone data acquisitions and digital forensics. As such the company has been in the headlines before for cases such as using 0day exploits to unlock phones, develop interception/hacking technologies to bypass mobile vendors’ security measures, and other controversial subjects.

25. Turkish Government Charges 16 Members of the “Mossad Spy Ring” with Espionage, Trial Begins

In October 2021 Turkey’s National Intelligence Organisation (MİT) conducted a counter-intelligence operation which led to the disruption of an, alleged, Mossad espionage human network. 16 members of this Mossad spy ring are now charged with espionage (political and economic) on behalf of Israel. The trial begun in Istanbul, Turkey and they are facing up to 20 years in prison. The news reports state that the suspects “allegedly spied on Palestinian and Turkish students and other people on behalf of Israel, operating in five separate groups.” Some had meetings with their Mossad handlers in Switzerland, Croatia, Romania and Kenya. MİT was conducting covert surveillance for a year prior to the disruption operation.

26. Polish Army Announced New Cyber Operations Branch

Polish Brigadier General Karol Molenda announced the creation of the new Cyberspace Defense Forces (Wojska Obrony Cyberprzestrzeni) under the Army’s command. The new branch has the authority, by Poland’s Ministry of Defence, to conduct cyber operations for reconnaissance, defensive, and offensive effects, including cyber-espionage.

27. ASIO Director-General’s 2022 Annual Threat Assessment

On February 9, Director-General of Security Mike Burgess from the Australian Security Intelligence Organisation (ASIO) gave his Annual Threat Assessment. The assessment covered various topics including how working from home increased the risk of cyber-enabled espionage, COVID-19 and national security, foreign interference, espionage cases, and more.

28. UK’s Foreign Office Responding to Serious Cyber Incident

The Stack released a news story, followed by one from BBC, reporting that United Kingdom’s Foreign, Commonwealth and Development Office (FCDO) is responding to a “serious cyber incident” and called in BAE Systems Applied Intelligence firm with “extreme urgency” to help them with the incident response and investigation. No further information are known, but the reporting indicates potential foreign cyber-espionage activity.

29. ESET Threat Report T3 2021 — Oct.-Nov. 2021 Cyber-Espionage Operations Summary

Private cyber-security firm ESET released their T3 2021 threat report which, among others, includes a featured story on “strategic web compromises in the Middle East” using cyber-espionage solutions of the Israeli Candiru firm, analysis of cyber-espionage operations by Iranian nation-state actors targeting Israel, Tunisia, and the United Arab Emirates, Russian cyber-espionage activity from October-November 2021 targeting European diplomatic missions and Ministries of Foreign Affairs, and a few others under the “APT Group Activity” section.

30. Journalist Reveals Details of Russian GRU Officers Expelled from Poland in November 2008

Jarek Jakimczyk, an independent investigative journalist, started a series of tweets revealing details of the Russian military intelligence (GRU) officers that were operating under diplomatic cover in Poland until they were uncovered by Poland’s Military Counterintelligence Service (SKW) and expelled as persona non grata. The new details are handwritten notes indicating their diplomatic cover was pretending to be Deputy Defence Attachés in Russia’s Warsaw embassy, and a brief bio: The first being Alexey Karasayev who was later (2010–2013) assigned as Military Attaché & Air Attaché in Russia’s Skopje embassy, and then (Feb. 2016– Feb. 2020) Defense Attaché in Russia’s Kiev embassy in Ukraine. The second one, Colonel Sergey Peresunko was later (2013) Military Attaché in the Russian embassy in Dushanbe, Tajikistan and currently is representative of the Russian Federal Service for Military-Technical Cooperation (FSVTS) in Bishkek, Kyrgyzstan.

31. US CENTCOM Needs to Improve HUMINT in Afghanistan

United States Army Lt. Gen. Michael “Erik” Kurilla during his confirmation hearing at the Senate Armed Services Committee on February 8, named Iran the “number one destabilising factor in the Middle East right now” and that due to the lack of Human Intelligence (HUMINT) assets in Afghanistan being able to monitor terrorist groups such as Al Qaeda and ISIS-K would be “extremely difficult, but not impossible” indicating the lack of HUMINT. That is likely related to the August 2021 withdrawal of forces which led to the execution of several U.S. HUMINT assets by the Taliban, as well as many switching to spy for China’s MSS to ensure their safety from the Taliban.

32. New Cyber-Espionage Activity in India, Linked with Government’s Internal Security Objectives

Cyber-security firm Sentinel Labs published a cyber threat intelligence report of a previously unknown cyber-espionage actor that they dubbed as “ModifiedElephant.” Based on their analysis, this cyber operator has been conducting cyber-espionage at least since 2012 with the intention of long-term surveillance to provide incriminating evidence that result in coordinated arrests by law enforcement agencies in India. Targets of this actor include “activists, human rights defenders, journalists, academics, and law professionals in India.” That includes those associated with the 2018 Bhima Koregaon case. The report concludes that it’s not clear if this is a commercial law enforcement covert surveillance product or an in-house developed capability, but there are strong indications that it is in alignment with the law enforcement objectives of the government of India.

33. Armenian NSS Disrupts Military Spy Network and Arrests 19

On February 10th Armenia Sputnik reported that the National Security Service (NSS) of Armenia completed a successful counter-intelligence operation against a foreign intelligence agency which resulted in the arrest of 19 Armenian military officers and 30 searches. The foreign intelligence agency used virtual honey traps by attracting Armenian officers on social media through fake profiles of attractive Armenian women. They were then recruited as part of a larger espionage network to provide classified military information in return of payments. During the searches numerous documents and items were identified and seized for the criminal case, including foreign currency money transfers, and some of the 19 detained servicemen have, reportedly, confessed of the espionage activity.

34. Ukrainian SBU Arrests Belarusian Agent for Subversion Actions in Kiev

The Ukrainian Security Service (SBU) published a video of the arrest of a male Ukrainian national who was recruited by Belarusian intelligence agencies and was, reportedly, tasked with subversive actions in Ukraine. At the time of his arrest, he was preparing to set a car on fire in Kiev, Ukraine. SBU stated he was involved in intimidation of media representatives and foreign citizens, organising illegal protests near foreign diplomatic missions in Ukraine, with the end goal to influence the internal political situation in Ukraine. SBU says he was recruited via a Telegram group and used a banned [in Ukraine] Russian email service to communicate with his Belarusian handlers. His payments were sent on his bank account from a foreign account.

35. Russia’s SVR Publishes 1958 Rudolf Abel’s Letter for the 60th Anniversary of the Fisher-Powers Spy Exchange

The Russian Foreign Intelligence Service (SVR) published a never seen before handwritten letter by KGB Colonel William August Fisher, better known as Rudolf Abel. This was to celebrate the 60th anniversary of the Abel’s exchange for the captured American CIA pilot Francis Powers in 1962. R. Abel’s KGB cryptonym was “Marka” and the released letter was from 1958, after he was arrested by the FBI. This, along with the following letters, helped in arranging the 1962 spy exchange in West Berlin. The Director of the SVR, Sergey Naryshkin, said that “the intelligence network led by Fischer was tasked with obtaining the most important military-strategic, military-political information about the aggressive plans and intentions of the United States against the USSR , including plans for atomic bombing of cities in the Soviet Union. And Fischer and his colleagues coped with this task brilliantly.”

36. Western Intelligence Turn a Blind Eye on Somalia’s Intelligence Community Activities

On Wednesday, February 9th, Dr Mohamud M. Uluso of the “Hiiraan Online” published an article describing several issues in Somalia’s intelligence community and how its Western allies appear to tolerate them, or even support them. Some of the mentioned issues include heavy politicisation, human rights abuses such as the “notorious” National Security Services (NSS) prison in Mogadishu, dubbed “Godka Jili’o” (Dungeon, Hole), or the paramilitary operations of National Intelligence Service Agency (NISA), such as the recruitment of 7500 Somalis who were then sent to Eritrea. According to the report “US, Qatar, and Eritrea supported NISA in the last five years in which NISA committed the most egregious crimes against opposition, journalists, and innocent civilians, unlawfully recruited young Somalis whose fate is unknown for almost 3 years, and assassinated female intelligence officer Ikram Tahlil Farah and many other officials without accountability.”

37. DGI 2022 Geospatial Intelligence Conference in London

On 7–9 February 2022 the DGI 2022 Geospatial Intelligence for National Security conference took place at Twickenham Stadium in London, UK. The event included several talks by GEOINT and national security experts, as well as an exhibit with some of the latest geospatial technologies and spy gadgets.

38. FBI CD Uncovered Economic Espionage of Hytera on Motorola

The Counter-Intelligence Division (CD) of the U.S. Federal Bureau of Investigation (FBI) uncovered an economic espionage case of the Chinese Hytera Communications Corp. which, for the period of 2007–2020, was recruiting employees of Motorola Solutions and “directed them to take proprietary and trade secret information from Motorola without authorization” specifically related to Digital Mobile Radio (DMR) technology. The 21-pages long indictment provides insights into the espionage case and the FBI CD operation that led to its discovery.

39. Declassified Documents Reveal New CIA Bulk Collection Program

U.S. Senator Ron Wyden released a report by the Privacy and Civil Liberties Oversight Board (PCLOB) including declassified CIA documents, demonstrating how the CIA conducted its own secret bulk collection (commonly referred as “mass surveillance”) program and the challenges it faced including legal and privacy issues. The program also included handling and searching information of American citizens.

40. German Intelligence Services Warn of EU Extremists Travelling to Afghanistan to Train and Support AQ

The intelligence community of Germany issued warnings of European extremists travelling to Afghanistan to fight with Al Qaeda (AQ). According to the news, AQ could establish new training camps in Afghanistan and intelligence sources indicate a risk of European citizens getting recruited and travelling to Afghanistan to train and fight with AQ.

41. Interview of Former Mossad Chief Shavit on Cypriot Newspaper

Shabtai Shavit who served as the General Director of the Israeli Mossad from 1989 to 1996 gave a short interview to the Cypriot “Kathimerini” newspaper. He stated Mossad wasn’t aware of the Turkish invasion to Cyprus in July 1974 beforehand, that Greek and Israeli intelligence sharing existed and still exists today, and that a military conflict between Greece-Turkey or Cyprus and Turkey cannot be ruled out, although Turkey is more likely focused on Middle East expansion with the support of Iran.

42. Bulgarian NBKRS Investigation on Illegal Use of NSO Group’s Pegasus Covert Surveillance Solution

Based on local news, Bulgaria’s National Bureau for the Control of Special Intelligence Means (NBKRS) opened an investigation with the Prosecutor’s Office on whether Bulgarian intelligence agencies used their purchased “Pegasus” covert surveillance solution in illegal ways, such as surveillance of state officials or citizens that did not meet the legal requirements for such invasive covert surveillance methods.

43. Update on Dubai Arrested Russian Citizen for Espionage

According to Russian media, in November 2021 Russian citizen Artem Ershov was arrested in Dubai after he was observed, by security guards monitoring surveillance cameras, taking photos in restricted areas [by United Arab Emirate (UAE) laws]. The suspect stated he was a tourist, and after 17 hours of interrogation, they confiscated his smartphone and other electronic devices, and refused him access to a lawyer or the Russian embassy. His trial will take place at the end of February 2022. He currently faces charges of up to 5 years in prison for espionage.

44. MİT/Mossad Disruption of Iranian Spy Cell Planning Israeli Businessman’s Assassination in Turkey

On February 11th news reports announced the arrest of 8 people in a spy ring of 9, in Istanbul, Turkey. The arrest was a collaboration of Turkey’s (MİT) and Israel’s (Mossad) intelligence agencies. Reportedly, the Iranian spies were planning to assassinate Israeli-Turkish Yair Geller, a businessman living in Istanbul who owns an engineering company specialising in aerospace technology. The report states that this was in retaliation of the assassination of Iranian nuclear chief Mohsen Fakhrizadeh in 2020, which is attributed by most to Mossad. This comes after the disruption of a similar Iranian spy ring in Cyprus in Nov. 2021 where the detained spies had plans to assassinate Israeli billionaire Teddy Sagi while he was staying in Cyprus.

45. India’s CID Arrested a Man in Sri Ganganagar for Espionage Activities on Behalf of Pakistan

The counter-intelligence division of India’s Criminal Investigation Department (CID) announced the arrest of a young male in the city of Sri Ganganagar, near the borders with Pakistan. After lengthy covert surveillance of Shakti Pal (the suspect), he was arrested and transferred to the city of Jaipur for interrogation. He was, reportedly, creating fake Facebook and WhatsApp accounts impersonating Army personnel and using them to pass sensitive military information to his Pakistani handlers. CID discovered “photographs of Indian Army vehicles” and “units and soldiers at various places have also been reportedly found from his mobile phone.”

46. Release of the Bellingcat Radar Interference Tracker (RIT)

Ollie Ballinger, Lecturer in Geo-computation at University College London’s Centre for Advanced Spatial Analysis, released a new free tool and a tutorial for locating active military radars based on their radio emissions which are partially visible by Synthetic Aperture Radar (SAR) satellite sensors such as ESA’s freely available Sentinel-1 satellite constellation. This is a technique that is frequently used by both open-source and closed-source GEOINT military analysts, but Bellingcat Radar Interference Tracker (RIT) is the first free publicly available tool for this kind of analysis. By identifying the radar emissions, analysts can locate the radars as well as other details.

47. Launch of U.S. DIA Museum Brochure

The official website of the United States Defense Intelligence Agency (DIA) announced the publication of the DIA Museum Brochure. A declassified, 20-pages long brochure demonstrating some of the highlights of DIA’s history from 1961 to this day. The DIA Museum opened in 2018.

48. Uganda’s IGG Integrates with the Domestic Intel Community

The Inspector General of Government (IGG) in Uganda announced the plans to integrate with the information systems of the country’s Financial Intelligence Authority (FIA), National Social Security Fund (NSSF), and other domestic intelligence agencies to enable efficient investigations, mainly related to illicit financial transactions including, but not limited, to government corruption, money laundering, and others.

49. US CIA Expects Russian Military Attack in Ukraine Next Week

Several reputable media outlets stated on February 12th that the United States intelligence community, and namely the Central Intelligence Agency (CIA), assesses that Russia will proceed with a military attack in Ukraine in the upcoming days (next week), close to the end of the planned Russian military exercises. U.S. National Security Adviser Jake Sullivan gave a press conference stating that Russia is in a position to “mount a major military action.” Several countries issued warnings to their citizens and officials to leave Ukraine after this development.

50. Podcast: Spies, Lies, and Algorithms with Amy B. Zegart

The International Spy Museum published an 1-hour long video interview with U.S. intelligence expert and Professor at Stanford University, Amy B. Zegart related to her latest book titled “Spies, Lies, and Algorithms.” Her book was published on February 2022 and takes an academic view on the past, present, and future of the U.S. intelligence apparatus.

51. NSA Museum Presents Rare AFSAM 4A Cipher Machine

On February 10th, the National Cryptologic Museum of the National Security Agency (NSA) of the U.S. published a video demonstrating a rare artefact from its predecessor, the Armed Forces Security Agency (AFSA). The machine was a successor of the older SIGABA and it was named “AFSAM 4A.”

52. Plea Hearing for Espionage Case Starts for Nuclear Engineer J. Toebbe and His Wife

The plea hearing for U.S. Navy Nuclear Engineer Jonathan Toebbe and his wife, Diana Toebbe, has been scheduled. Both of them were arrested in West Virginia on October 2021 with an FBI counter-intelligence operation for the attempt to sell classified nuclear information to a foreign nation-state. In October 2021, they both pleaded not guilty and they are now facing charges of up to life in prison.

53. Mossad Used NSO Group’s Pegasus Covert Surveillance Software

Based on news reports from February 13th, Israel’s main intelligence agency (Mossad) used “Pegasus” covert surveillance solution (developed and sold by NSO Group) to “unofficially hack cellphones” when Yossi Cohen was the head of the Agency. The same news report, states that Mossad and NSO Group have close ties with Mossad having facilitated the market expansion of NSO Group’s sales in the Africa and Middle East regions. The article also states that “employees who spoke to haaretz claimed that Cohen has never been seen in NSO’s offices, but his subordinates have shown great interest in the company’s hacking capabilities.”

54. New Episode of “Spies & Ties” for the MI6 Operations in WWII

The YouTube channel “World War Two” released a new 18-minute video dedicated to Britain’s MI6 clandestine operations during World War II. The video is the 13th episode of the series “Spies & Ties.”

55. Podcast: 34-year CIA Veteran Douglas London Presents His Book

Douglas London, a 34-year CIA’s Clandestine Service veteran, published a podcast on The San Francisco Experience, talking about his experience recruiting and handling spies in Middle East, Africa, South and Central Asia, as well as his book titled “The Recruiter: Spying and the Lost Art of American Intelligence.” D. London is a CIA Subject Matter Expert (SME) on Iran, Counter-terrorism, and Weapons of Mass Destruction (WMD) issues.

56. OSINT-Discovered ELINT/SIGINT Flights

This is a brief summary of ELINT/SIGINT flights identified by aviation enthusiasts during this week:

  • 07FEB2022: U.S. Navy Lockheed EP-3E ARIES II (156528, callsign BATMN30) flight across the North/South Korea border. Source
  • 07FEB2022: U.S. Air Force WC-135W Constant Phoenix (61–2667, callsign JAKE21) nuclear explosions identification aircraft took off from RAF Mildenhall, UK heading South. Source
  • 07FEB2022: U.S. Air Force RC-135W Rivet Joint (62–4134, callsign JAKE11) flight from RAF Mildenhall, UK to Ukraine-Russia border. Source
  • 07FEB2022: U.S. Army Challenger 650 ARTEMIS (N488CR, callsign: CL60) from Mihail Kogălniceanu International Airport, Romania to the border of Belarus. Source
  • 07FEB2022: (reportedly covert Mossad) Gulfstream III (N467AM, callsign GLF3) landed in Doha, Qatar. Source1 Source2
  • 07FEB2022: U.S. Air Force RQ-4A Global Hawk (04–2015, callsign FORTE12) flight from Naval Air Station Sigonella to the borders of Belarus and Ukraine-Russia. Source
  • 07FEB2022: Turkish Air Force Boeing 737–7ES/E-7A AEW&C Peace Eagle (4B9297, TC-DTW) flight South of Cyprus. Source
  • 07FEB2022: 2 Excel Aviation (allegedly covert MI5) Beechcraft Super King Air 200 (G-CIFE, callsign N/A) flight from Jersey Airport, UK to Dancaster Sheffield Airport, UK. Source
  • 07FEB2022: U.S. Air Force ISR Beech MC-12W Liberty (09–0661, callsign N/A) flight towards the Syrian border. Source
  • 07FEB2022: Swedish Air Force Gulfstream IV SP S102B Korpen (102003, callsign SVF623) flight from Malmen Airbase to over the Gulf of Gdansk and Kaliningrad. Source
  • 07FEB2022: U.S. Army Beech RC-12X Guardrail (88–00325, callsign YANK01) and (91–00516, callsign YANK02) flight from Šiauliai Air Base in Lithuania, to the borders with Kaliningrad. Source
  • 07FEB2022: Israeli Air Force Gulfstream V G550 CAEW Nachshon-Aitam (537, callsign N/A) flight over the West Bank as part of the 122nd Squadron (Nahshon Squadron). Source
  • 07FEB2022: Israeli Air Force Gulfstream V G550 SIGINT Nachshon-Shavit (684, callsign N/A) flight over the West Bank as part of the 122nd Squadron (Nahshon Squadron). Source
  • 07FEB2022: Israeli Air Force Gulfstream V G550 SIGINT Nachshon-Aitam (569, callsign N/A) flight over the West Bank as part of the 122nd Squadron (Nahshon Squadron). Source
  • 07FEB2022: Israeli Air Force Boeing 707–3W6C Re’em (290, callsign N/A) flight over the West Bank as part of the 122nd Squadron (Nahshon Squadron). Source
  • 07FEB2022: U.S. Air Force Boeing E-3B Sentry AEW&C (75–0556, callsign WSLR51) flight off the coast of UAE. Source
  • 07FEB2022: Israeli Air Force Gulfstream V G550 CAEW Nachshon-Oron (452, callsign N/A) of the 122nd Squadron (Nahshon Squadron) on 8-hour ISR flight over the Lebanese border and the Golan Heights. Source
  • 07FEB2022: Royal Danish Air Force C-168 Bombardier Challenger 604 (45F424, callsign BULLT01) flight from Hans Christian Andersen Airport, Odense, Denmark to Bornholm island, North Denmark, and back. Source
  • 07FEB2022: U.S. Air Force Boeing RC-135W River Joint (62–4139. callsign PYTHN52) flight from Al Udeid Air Base, Qatar towards the Iraq-Syria borders. Source
  • 08FEB2022: Summary of at least 14 ISR flights from U.S., Sweden, and Turkey over the Ukraine-Russia border. Source
  • 08FEB2022: RAF Boeing RC-135W River Joint (ZZ665, callsign RRR7211) flight from RAF Waddington to Black Sea at the Russian border. Source1 Source2
  • 08FEB2022: U.S. Air Force Boeing RC-135V River Joint (63–9792, callsign HOMER21) flight from Crete, Greece to Black Sea around the Russian border. Source1 Source2
  • 08FEB2022: (allegedly covert Mossad) Gulfstream III (N467AM, callsign N/A) flight from Abu Dhabi Airport, UAE to Indira Gandhi Airport, New Dehli, India. Source
  • 08FEB2022: U.S. Navy P8 Poseidon (AE6829, callsign N/A) flight from Crete, Greece to the South of Crete. Source
  • 08FEB2022: Irish Air Corps Pilatus PC-12 Spectre (281, callsign IRL281) flight from Casement Aerodrome in Dublin, Ireland to Edinburgh Airport, Scotland and London Luton Airport, UK. Source
  • 08FEB2022: U.S. Navy P8 Poseidon (AE6898, callsign N/A) flight in the Black Sea, near Sevastopol. Source
  • 08FEB2022: Spanish Air Force Lockheed P-3M Orion (P.3M-08, callsign CISNE31) flight from Morón Air Base, Spain to the Strait of Gibraltar. Source
  • 08FEB2022: Gama Aviation Special Mission Beechcraft Super King Air 200 (G-SASC, callsign GMA01) flight from Glasgow Airport, Scotland to London Luton Airport, UK. Source
  • 08FEB2022: Gama Aviation Special Mission Beechcraft Super King Air 200 (G-PCOP, callsign GMA103) flight from Fairoaks Airport Chobham, UK to Glasgow Airport, Scotland. Source
  • 08FEB2022: U.S. Army Beech RC-12X Guardrail (88–00325, callsign YANK01) and (91–00516, callsign YANK02) flight from Šiauliai Air Base in Lithuania, to the borders with Kaliningrad. Source
  • 08FEB2022: Swedish Air Force Gulfstream IV SP S102B Korpen (102003, callsign SVF623) flight from Malmen Airbase to over the Gulf of Gdansk and Kaliningrad. Source
  • 08FEB2022: U.S. Navy P8 Poseidon (AE688B, callsign N/A) flight from Keflavik Airpot, Iceland heading North-East. Source
  • 08FEB2022: Russian Air Force ELINT Ilyushin Il-20M (90924, callsign 11708) flight from Zhukovsky International Airport near Moscow, Russia. Source
  • 08FEB2022: 2 Excel Aviation (allegedly covert MI5) Piper PA-31 Navajo C (G-SCIR, callsign N/A) flight from Bristol Channel to Sheffield and Isle of Man. Source
  • 08FEB2022: Skyborne Aviation Diamond Surveillance DA42 MPP (G-SADB, callsign GSADB) take off from Gloucestershire Airport, Cheltenham, UK and and ISR flight in the general region, to Oxford Airport and and Coverty Airport, UK. Source
  • 09FEB2022: U.S. Air Force RC-135W Rivet Joint (62–4134, callsign JAKE11) flight from RAF Mildenhall, UK to Ukraine-Russia border. Source
  • 09FEB2022: U.S. Air Force Boeing RC-135W Rivet Joint (62–4135, callsign SNOOP45) flight near Japan. Source
  • 09FEB2022: U.S. Air Force Boeing RC-135V River Joint (63–9792, callsign HOMER31) flight from Crete, Greece to Black Sea around the Russian border. Source
  • 09FEB2022: French Air Force SIGINT Transall C-160G Gabriel (3B7740, callsign F216) flight near Abidjan, Côte d’Ivoire in West Africa. Source
  • 09FEB2022: Qatar Armed Forces Bayraktar TB2 (QA601, callsign N/A) flight from UAV base in Al Shamal, Qatar to the Western region of Al-Shamal. Source
  • 09FEB2022: U.S. Air Force NATO AGS RQ-4D Phoenix (MM-AV-SA0018, call sign UAVGH000) flight from Sigonella, Italy to Ukraine. Source
  • 09FEB2022: U.S. Army Challenger 650 ARTEMIS (N488CR, callsign: CL60) from Mihail Kogălniceanu International Airport, Romania to the border of Belarus. Source
  • 09FEB2022: 2 Excel Aviation (allegedly covert MI5) Beechcraft Super King Air 200 (G-FSEU, callsign EEL99A) flight from Glasgow Airport, Scotland to London Luton Airport, UK. Source
  • 09FEB2022: U.S. Air Force Boeing E-8C JSTARS (95–0121, callsign REDEYE6) flight from Ramstein Air Base, Germany to the Black Sea, near Sevastopol. Source
  • 09FEB2022: RAF Boeing RC-135W River Joint (ZZ665, callsign RRR7219) flight from RAF Waddington to Black Sea at the Russian border. Source
  • 09FEB2022: U.S. government General Atomics MQ-20 Avenger (N901PC, callsign UAV12) took off from U.S. Government El Mirage Field Airport, California and flew nearby. Source
  • 09FEB2022: Two U.S. Air Force RQ-4 Global Hawks (AE2C37 and AE5411, callsign UAVGH000) flight near Fort Irwin, California; potentially participating in Red Flag 22–1. Source1 Source2
  • 09FEB2022: NATO AEW&C Boeing E-3A Sentry (LX-N90448, callsign E3TF) flight over North Germany and Netherlands. Source
  • 10FEB2022: Summary of at least 21 ISR flights from U.S., Sweden, and Turkey over the Ukraine-Russia border. Source
  • 10FEB2022: Swedish Air Force Gulfstream IV SP S102B Korpen (102003, callsign SVF623) flight from Malmen Airbase to over the Gulf of Gdansk and Kaliningrad. Source
  • 10FEB2022: U.S. Army Beech RC-12X Guardrail (88–00325, callsign YANK01) and (91–00516, callsign YANK02) flight from Šiauliai Air Base in Lithuania, to the borders with Kaliningrad. Source
  • 10FEB2022: U.S. Army Challenger 650 ARTEMIS (N488CR, callsign: BRIO68) from Mihail Kogălniceanu International Airport, Romania to the border of Belarus. Source1 Source2
  • 10FEB2022: Russian Air Force ELINT Ilyushin Il-20M (90924, callsign 11708) flight from Zhukovsky International Airport near Moscow, Russia. Source
  • 10FEB2022: U.S. Air Force Boeing RC-135V Rivet Joint (64–14845, callsign N/A) flight over the South/North Korea border. Source
  • 10FEB2022: U.S. Air Force RQ-4A Global Hawk (04–2015, callsign FORTE12) flight from Naval Air Station Sigonella to the borders of Belarus and Ukraine-Russia. Source
  • 10FEB2022: RAF Boeing RC-135W River Joint (ZZ665, callsign RRR7212) flight from RAF Waddington to Black Sea at the Russian border. Source
  • 10FEB2022: U.S. Navy P8 Poseidon (AE67DE, callsign N/A) flight from Keflavik Airpot, Iceland heading North-East. Source
  • 10FEB2022: U.S. Navy P8 Poseidon (AE67FE, callsign N/A) patrol near the coast of Syria. Source
  • 10FEB2022: Gama Aviation Special Mission Beechcraft Super King Air 200 (G-GMAF, callsign GMA059) flight from Southampton Airport, to Jersey Airport and London Southend Airport, UK. Source
  • 10FEB2022: U.S. Air Force Boeing RC-135U Combat Sent (64–14849, callsign OLIVE49) flight from Lincoln Airport, Nebraska heading to overseas trip. Source
  • 10FEB2022: Qatar Armed Forces Bayraktar TB2 (QA601 or QA605, callsign N/A) flight from Al Shamal, Qatar on racetrack pattern over the region. Source
  • 11FEB2022: Summary of at least 22 ISR flights from U.S., Sweden, and U.K. over the Ukraine-Russia border. Source
  • 11FEB2022: Swedish Air Force Gulfstream IV SP S102B Korpen (102003, callsign SVF623) flight from Malmen Airbase to over the Gulf of Gdansk and Kaliningrad. Source
  • 11FEB2022: U.S. Air Force Boeing RC-135W Rivet Joint (62–4130, callsign MONTY44) flight from Lincoln Airport, Nebraska on SIGINT mission at the coast of Mexico. Source
  • 11FEB2022: U.S. Navy Lockheed P-3 Orion (161410, callsign MN806) flight over the Persian Gulf. Source
  • 11FEB2022: U.S. Army Beech RC-12X Guardrail (93–00698, callsign F) flight from Camp Humphreys airfield to the border of South/North Korea. Source
  • 11FEB2022: U.S. Air Force RC-135V Rivet Joint (64–14844, callsign JAKE12) flight from RAF Mildenhall, UK to Ukraine-Russia border. Source
  • 11FEB2022: Skyborne Aviation Diamond Surveillance DA42 MPP (G-SADB, callsign GSADB) take off from Gloucestershire Airport, Cheltenham, UK and and ISR flight in the general region. Source
  • 11FEB2022: Irish Air Corps Pilatus PC-12 Spectre (282, callsign IRL282) flight from Casement Aerodrome Baldonnel, Ireland to London Biggin Hill Airport, UK and back. Source
  • 12FEB2022: Summary of at least 16 ISR flights from U.S., Sweden, and U.K. over the Ukraine-Russia border. Source
  • 12FEB2022: U.S. Air Force Boeing RC-135V Rivet Joint (64–14845, callsign N/A) flight over the South China Sea, near Taiwan. Source
  • 12FEB2022: U.S. Air Force Boeing RC-135W River Joint (62–4139. callsign PYTHN56) flight from Al Udeid Air Base. Source
  • 12FEB2022: U.S. Air Force RQ-4A Global Hawk (04–2015, callsign FORTE12) flight from Naval Air Station Sigonella to the borders of Belarus and Ukraine-Russia. Source
  • 12FEB2022: U.S. Army Challenger 650 ARTEMIS (N488CR, callsign: BRIO68) from Mihail Kogălniceanu International Airport, Romania to the border of Belarus. Source
  • 12FEB2022: U.S. Air Force RC-135W Rivet Joint (62–4134, callsign JAKE11) flight from RAF Mildenhall, UK to North Europe (Netherlands, Germany, Poland) and back. Source
  • 12FEB2022: U.S. Navy P8 Poseidon (AE67A5, callsing N/A) flight near the coast of Istanbul, Turkey. Source
  • 12FEB2022: Hellenic Air Force IAI Heron (0055D8, callsign N/A) flight on East Mediterranean sea. Source
  • 12FEB2022: Five Turkish Air Force UAVs, likely Bayraktar TB2, spotted on ISR flights West of Aleppo, Syria. Source
  • 12FEB2022: Two Turkish Air Force UAVs, likely Bayraktar TB2, spotted on ISR flights across the Turkish-Greek Aegean Sea border. Source
  • 12FEB2022: Vanilla Unmanned ultra-long endurance UAS (N250VU, callsign N/A) flight from NAS Patuxent River’s Webster airfield. Source
  • 13FEB2022: Summary of at least 11 ISR flights from U.S. and Ukraine over the Ukraine-Russia border. Source
  • 13FEB2022: Two Phoenix Air (previously associated with the CIA) Gulfstream III (N163PA, callsign PH71 and N197PA, callsign PH72) flights from Chania, Crete, Greece to Kiev, Ukraine, and back. Source
  • 13FEB2022: U.S. Air Force Boeing RC-135U Combat Sent (64–14849, callsign OLIVE49) flight from Bangor International Airport, Maine to Europe. Source1 Source2
  • 13FEB2022: U.S. Army Challenger 650 ARTEMIS (N488CR, callsign: BRIO68) from Mihail Kogălniceanu International Airport, Romania to the border of Belarus. Source
  • 13FEB2022: U.S. Air Force RC-135V Rivet Joint (62–14844, callsign JAKE12) flight from RAF Mildenhall, UK to Ukraine-Russia border. Source
Elint
Sigint
Espionage
Spy
Humint

--

--

The Spy Collection

Written by The Spy Collection

1.1K Followers

Weekly summaries of all published espionage-related news stories. For inquiries please use: info@spycollection.org

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams