SPY NEWS: 2023 — Week 19

Summary of the espionage-related news stories for the Week 19 (May 7–13) of 2023.

1. U.S. Says It Dismantled Russia’s ‘Most Sophisticated’ Malware Network

The New York Times reported on May 9th that “the United States and its allies have dismantled a major cyberespionage system that it said Russia’s intelligence service had used for years to spy on computers around the world, the Justice Department announced on Tuesday. In a separate report, the Cybersecurity and Infrastructure Security Agency portrayed the system, known as the “Snake” malware network, as “the most sophisticated cyberespionage tool” in the Federal Security Service’s arsenal, which it has used to surveil sensitive targets, including government networks, research facilities and journalists. The Federal Security Service, or F.S.B., had used Snake to gain access to and steal international relations documents and other diplomatic communications from a NATO country, according to CISA, which added that the Russian agency had used the tool to infect computers across more than 50 countries and inside a range of American institutions. Those included “education, small businesses and media organizations, as well as critical infrastructure sectors including government facilities, financial services, critical manufacturing and communications.” Top Justice Department officials hailed the apparent demise of the malware. “Through a high-tech operation that turned Russian malware against itself, U.S. law enforcement has neutralized one of Russia’s most sophisticated cyberespionage tools, used for two decades to advance Russia’s authoritarian objectives,” Lisa O. Monaco, the deputy attorney general, said in a statement. In a newly unsealed 33-page court filing from a federal judge in Brooklyn, a cybersecurity agent, Taylor Forry, laid out how the effort, called Operation Medusa, would take place. The Snake system, the court documents said, operated as a “peer to peer” network that linked together infected computers around the world. Leveraging that, the F.B.I. planned to infiltrate the system using an infected computer in the United States, overriding the code on every infected computer to “permanently disable” the network. The American government had been scrutinizing Snake-related malware for nearly two decades, according to the court filings, which said that a unit of the F.S.B. known as Turla had operated the network from Ryazan, Russia. Even though cybersecurity experts identified and described the Snake network over the years, Turla kept it operational through upgrades and revisions. The malware was difficult to remove from infected computer systems, officials said, and the covert peer-to-peer network sliced and encrypted stolen data while stealthily routing it through “numerous relay nodes scattered around the world back to Turla operators in Russia” in a way that was hard to detect. The CISA report said Snake was designed in a way that allowed its operators to easily incorporate new or upgraded components, and worked on computers running the Windows, Macintosh and Linux operating systems.”

2. China Raids Another Global Business Consultancy, Cites Spying Concerns

The Washington Post published on May 9th that “Chinese authorities have conducted raids on the offices of Capvision, an international consultancy, to investigate alleged national security risks, intensifying fears that China’s foreign business community is being caught up in an espionage crackdown. The Chinese spy agency and market regulators “recently” launched a joint investigation into the actions of Capvision, conducting simultaneous raids in Shanghai, Beijing, Suzhou and Shenzhen, state media reported. The firm, which is headquartered in New York and Shanghai, conducts market intelligence research and connects clients to experts. The first government confirmation of a national-security-linked probe comes after a string of law enforcement investigations targeting foreign consultancies and research firms that have spooked China’s international business community. Police went to the Beijing offices of the Mintz Group, an American firm that conducts corporate due diligence, in March, arresting five employees. Last month, Bain & Company said Chinese authorities had come to its Shanghai offices. Until now, Chinese officials have uttered only vague and brief statements about the need for foreign businesses to “act in accordance with Chinese law.” But the announcement late Monday about Capvision directly tied the probe to counterespionage and national security campaigns that have intensified and expanded under Xi Jinping, China’s powerful leader. In a 15-minute feature on the Capvision investigation, state broadcaster China Central Television accused the firm of offering kickbacks for providing classified information and failing to go through necessary compliance processes before sharing sensitive information to international clients.”

3. Pakistan: PM Shehbaz Condemns Imran’s Act of Maligning Army, Spy Agency

On May 7th Samaa TV reported that “Prime Minister Shehbaz Sharif Sunday said Imran Niazi’s act of routinely maligning and threatening Pakistan Army and Intelligence Agency for the sake of petty political gains was highly condemnable. In a tweet on social media platform Twitter, he said, “Imran’s leveling of allegations without any proof against Gen Faisal Naseer and officers of our Intelligence Agency cannot be allowed and will not be tolerated.”.”

4. Spy Collection: Leaked document review: Israel | Pathways to Providing Lethal Aid to Ukraine

On May 8th we published this new video. As per its description, “this is our fourth episode of this series where we go through the allegedly leaked US intelligence community documents. Here we review a document titled “Israel | Pathways to Providing Lethal Aid to Ukraine” which was last updated on February 28th, 2023 by analysts of the DIA (Defence Intelligence Agencies) as an Exploratory Analysis product. Disclaimer: We do not know the validity of this document’s contents, if it’s authentic, fabricated or fake. In this video we approach it from the analytic tradecraft perspective as a learning tool since it depicts some good practices for anyone interested in the military intelligence domain. If it turns out to be real, it’s also a nice addition to our collection for historical purposes.”

5. French Intelligence Services’ Spending Surges Before Budget Boost

Intelligence Online reported on May 9th that “the French government has earmarked more funding for intelligence over the next five years, but France’s intelligence services, particularly the DGSE, have already exceeded their 2022 provisional budgets.”

6. Ukrainian SBU Detains 2 Female Russian Agents in Donetsk

On May 8th Ukraine’s Security Service (SBU) announced that they “detained two female enemy informants in Donetsk region: one of them worked for the “Wagnerians” who stormed Bakhmut. Among those detained is a resident of the Bakhmut district, who was collecting intelligence for the enemy about the locations of firing positions and routes of movement of Ukrainian troops near the district centre. According to operational data, she sent the received information to the militants of the “Wagner” PMC through her acquaintances who live in Russia. For communication, she used the Telegram messenger, and sent intelligence in the form of audio messages and labels on electronic maps. Another perpetrator was a resident of Slovyansk, who was in direct “communication” with a machine gunner of the occupation group of the Russian Federation on the eastern front. The woman “met” the racist through the banned Russian social network Odnoklasniki. On his instructions, she transmitted to the invaders data on the movements of units of the Defence Forces near the city. She also provided the aggressor with the coordinates of the local polyclinic and one of the schools. The SBU officers detained both of the defendants while they were carrying out hostile tasks.”

7. United States: Can the Pentagon Use ChatGPT? OpenAI Won’t Answer

The Intercept published this article on May 8th stating that “as automated text generators have rapidly, dazzlingly advanced from fantasy to novelty to genuine tool, they are starting to reach the inevitable next phase: weapon. The Pentagon and intelligence agencies are openly planning to use tools like ChatGPT to advance their mission — but the company behind the mega-popular chatbot is silent. OpenAI, the nearly $30 billion R&D titan behind ChatGPT, provides a public list of ethical lines it will not cross, business it will not pursue no matter how lucrative, on the grounds that it could harm humanity. Among many forbidden use cases, OpenAI says it has preemptively ruled out military and other “high risk” government applications. Like its rivals, Google and Microsoft, OpenAI is eager to declare its lofty values but unwilling to earnestly discuss what these purported values mean in practice, or how — or even if — they’d be enforced. AI policy experts who spoke to The Intercept say the company’s silence reveals the inherent weakness of self-regulation, allowing firms like OpenAI to appear principled to an AI-nervous public as they develop a powerful technology, the magnitude of which is still unclear. “If there’s one thing to take away from what you’re looking at here, it’s the weakness of leaving it to companies to police themselves,” said Sarah Myers West, managing director of the AI Now Institute and former AI adviser to the Federal Trade Commission. The question of whether OpenAI will allow the militarization of its tech is not an academic one. On March 8, the Intelligence and National Security Alliance gathered in northern Virginia for its annual conference on emerging technologies. The confab brought together attendees from both the private sector and government — namely the Pentagon and neighboring spy agencies — eager to hear how the U.S. security apparatus might join corporations around the world in quickly adopting machine-learning techniques.”

8. Canadian Scientists ‘Questioned by Agents Over China Links’

On May 9th Times Higher Education published this article stating that “Trudeau administration hardens line on research ties to China, as academics report unsolicited approaches from intelligence agency.”

9. Podcast: True Spies: Atomic Spies, Part 1/2: The Klaus Fuchs Effect

SpyScape’s True Spies series released a new podcast episode on May 9th. As per its description, “as a World War rages, humanity stands on the precipice of a new era in warfare. The atomic age is dawning — and Earth’s great powers are determined to secure their place in it. In these episodes of True Spies, Sophia Di Martino meets the spies who shared nuclear secrets that still influence global geopolitics today. In Part 1, Professor Emeritus of Theoretical Physics at Oxford University, Frank Close, tells the story of the scientist who helped Soviet Russia build the bomb — Klaus Fuchs.”

10. Corporate Intelligence Firms Gear Up for Exodus from China

Following this week’s story #2 (and previous cases), on May 10th Intelligence Online reported that “after the difficulties experienced by Mintz, corporate intelligence firms in Beijing and Hong Kong are mulling moves to Singapore.”

11. United States: Former CIA Chief Michael Morell, Who Wrote Ex-spy Letter Dismissing The Post’s Hunter Biden Laptop Reports, Told Signers He’d ‘Clear’ It with Agency in Record Time

The New York Post reported on May 7th that “the ex-CIA chief who wrote the letter signed by 51 former intelligence officials falsely claiming that emails from Hunter Biden’s laptop published by The Post before the 2020 election were Russian disinformation, assured his fellow signatories that he would “clear the statement with the Publication Review Board at CIA” in record time the following day. In an October 18, 2020, email obtained by The Post, Michael Morell asks his fellow spooks, including former CIA Directors John Brennan, Leon Panetta and Mike Hayden, to sign the letter, explaining that he and former CIA agent Marc Polymeropoulos had “drafted the attached because we believe the Russians were involved in some way in the Hunter Biden email issue and because we think Trump will attack Biden on the issue at this week’s debate and we want to give the VP a talking point to use in response.” Morell asks the CIA alumni in the group to “highlight your Russia work” in their affiliations when they sign the letter and assures them that he will secure pre-publication clearance from the CIA “tomorrow.”.”

12. China and Canada Expel Diplomats Following Foreign Interference Allegations

Following last week’s story #71, ABC News reported on May 9th that “the Canadian government is expelling a Chinese diplomat whom Canada’s spy agency alleged was involved in a plot to intimidate an opposition lawmaker and his relatives in Hong Kong. A senior government official said Toronto-based diplomat Zhao Wei has five days to leave the country. The official spoke on condition of anonymity as they were not authorized to speak publicly on the matter. It’s wasn’t immediately clear if he’s left yet. Foreign Affairs Minister Mélanie Joly said in a statement that Canada declared Toronto-based diplomat Zhao Wei “persona non grata.” “We will not tolerate any form of foreign interference in our internal affairs,” she wrote. “Diplomats in Canada have been warned that if they engage in this type of behavior, they will be sent home.” Canada’s spy service indicated that in 2021 opposition Conservative lawmaker Michael Chong and his Hong Kong relatives were targeted after Chong criticized Beijing’s human rights record. Canada’s spy agency has not released details publicly. Chong has been critical of Beijing’s treatment of Uyghur Muslims in China’s Xinjiang province. It became public after a Globe and Mail report last week. Chong said he learned about it from that report, and Prime Minister Justin Trudeau denied knowing about it earlier. “This should have happened years ago,” Chong said Monday.” Following that, on May 9th El País reported that “China announced the expulsion of a Canadian diplomat on Tuesday in retaliation for Ottawa ordering a Chinese consular official to leave the country over alleged threats he made against a Canadian lawmaker and his family. The Foreign Ministry said China was deploying a “reciprocal countermeasure to Canada’s unscrupulous move,” which it said it “firmly opposes.” It said Jennnifer Lynn Lalonde, the top Canadian diplomat in the business hub of Shanghai, has been asked to leave by May 13 and that China “reserves the right to take further actions in response.” The Canadian Embassy in Beijing had no immediate comment on the expulsion order.”

13. Former United States CIA Officer Jason Hanson Publishes New Videos

Throughout this week former US Central Intelligence Agency (CIA) officer Jason Hanson published the following videos: 1) Spy Secret: How to Maintain Your Cover Story, 2) How this Slapshot Drill Unlocks Your Inner Fighter, 3) Here’s How You Can Become ‘Spy Dangerous’- (Secrets of the CIA), 4) Protect Your Privacy From The Government & Thieves | CIA Operation Thesaurus.

14. Russian FSB Thwarts Sabotage Operation by Ukrainian GUR at the Ivanovo Severny Military Airfield

On May 7th Russia’s Federal Security Service (FSB) announced that “together with the Ministry of Internal Affairs of the Russian Federation, thwarted an attempt to commit a sabotage and terrorist act, planned by the Main Intelligence Directorate of the Ministry of Defence of Ukraine, at the Severny military airfield in the Ivanovo region using drones filled with explosives. The objects of encroachment were A-50 long-range radar detection and control aircraft. In the course of operational-search activities on the territory of Russia, a sabotage group was identified, the coordination and management of which was carried out by officers of the intelligence services of Ukraine. Improvised explosive devices for committing sabotage were planned to be delivered from the territory of Ukraine on a light aircraft “Aeroprakt-A 32” from the settlement Blistov, Chernihiv region. As a result of organised control over the flight of the aircraft, in order to prevent sabotage, the pilot, as well as members of the DRG, recruited by the Main Intelligence Directorate of the Ministry of Defence, were detained after landing in the Tula region at the time of the transfer of weapons. Measures are being taken to search for all members of the DRG and document their illegal activities.”

15. South Korea Charges Ex-leaders of Labour Unions Over Spying for North Korea

Following week 5 story #5 and week 7 story #94, AA reported on May 10th that “at least four former labor union leaders in South Korea on Wednesday were charged with alleged spying for North Korea. The unnamed leaders, all aged over 45, in the past were associated with the Korean Confederation of Trade Unions (KCTU), the country’s largest umbrella of labor unions. Prosecutors in the Suwon city of the northwestern Gyeonggi province claimed that the former leaders “used labor activities as a cover for espionage at the instruction of North Korea,” the Seoul-based Yonhap News reported. “The four allegedly formed an underground organization with an aim to gain control of the labor union and spearheaded labor protests on key political and social issues all at the instruction of North Korea,” according to the prosecution investigation. The prosecution said they violated South Korea’s National Security Act — a law in effect since 1948 — which criminalizes “praising or propagating activities of anti-state organizations or their members, notably from North Korea.” The Korean War in the 1950s between the North and South ended in an armistice on July 27, 1953, but there has never been a peace treaty between the divided Koreas. The indicted people have been accused of meeting North Korean spy agents in Cambodia, Vietnam, and China since 2017. The prosecutors also claimed that the accused have received “written instructions from North Korea on a total of 102 occasions” since 2018. Information regarding elections for the top KCTU leadership and photo images of the American military base in Pyeongtaek, Air Force facilities in Gyeonggi’s Osan city, and other military equipment were also collected by the accused, the prosecution added.”

16. Strong EU Rules Needed to Protect Espionage Victims, Says Catalan Minister

On May 8th EURACTIV reported that “tough EU rules to protect victims of spyware activities are essential, Catalan foreign and EU affairs Minister Meritxell Serret told EURACTIV in an exclusive interview. Serret also criticised the Spanish government’s lack of collaboration with EU institutions in investigating spy activities which targeted Catalan leading figures between 2017 and 2020. The scandal was revealed in April 2022, when an article in The New Yorker reported on 65 Catalan pro-independence activists being victims of the Israeli spyware Pegasus. A wide range of politicians, activists and lawyers, including current Catalan President Pere Aragonès, his predecessors since 2010, and Meritxell Serret herself, were targeted. In the case of Serret, the espionage against her took place between 2018 and 2021 when she was the Catalonian government’s representative to the EU. According to National Intelligence Centre data, there were at least 80 breaches of security. “How can you rely on the same institutions that have been spying on you?,” asked Serret, who considers the spyware activities to be a “systemic” act with strong “political reasons” covered by national security concerns. “It is the Spanish government who has done all the illegal surveillance and espionage, and it is the same institutions who should be protecting our rights,” she said. “The officials that should have been protecting us, are the ones that have been threatening us. So, in this situation, it is necessary that the EU gives us protection and guarantees,” the Catalan politician argued, adding that there is a lack of collaboration by Spain with the EU institutions.”

17. Russian GRU Agent Arrested in Ukraine Receives 15 Years Prison Sentence

Following 2022 week 46 story #35, on May 8th Ukraine’s SBU announced that “according to SBU materials, the “uncanned” agent of the Russian military intelligence will spend 15 years behind bars. The attacker collected intelligence about the locations of bases and movements of the Defence Forces in the territory of the Vinnytsia region. In addition, he gave the aggressor the locations of local authorities, energy facilities and social institutions, including boarding schools. Under his guidance, the occupiers planned to carry out a series of targeted missile strikes on the region. However, as a result of a special operation, the SBU officers timely exposed and detained an enemy henchman in November of last year. According to the materials of the Security Service, the court sentenced him to 15 years in prison. As the investigation established, the perpetrator was a resident of Vinnytsia, a former Soviet soldier who retired from the army in the early 1990s. Then he was recruited by the Russian military intelligence and transferred to the “waiting mode”. At the beginning of the full-scale invasion, a case officer remotely entered the game and assigned the task of carrying out reconnaissance and subversive activities against Ukraine. In the future, the “uncanned” agent maintained contact with his “handler” through an anonymous Telegram channel, and transmitted intelligence in the form of labels on electronic maps with media files of locations.”

18. Reaper Crash Impairs NATO Black Sea Intelligence Gathering

Following week 11 story #42, Intelligence Online reported on May 8th that “in a context where an offensive from the Ukrainian armed forces looks imminent, NATO’s intelligence gathering missions in the Black Sea have declined since the Reaper drone crash in March. The incident could put sensitive information on the type of technologies used in those missions in Russia’s hands.”

19. Sri Lankans Victim of India Based Cyber Espionage?

The Island Online reported on May 9th that “Sri Lanka is among the south Asian nations where people’s data had been harvested by an India-based threat actor dubbed Patchwork, says the Hacker News. It said that the Meta has uncovered massive social media cyber espionage operations across South Asia, adding that three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. “Each of these advanced persistent threats (APTs) relied heavily on social engineering to trick people into clicking on malicious links, downloading malware or sharing personal information across the internet,” Guy Rosen, chief information security officer at Meta, said. “This investment in social engineering meant that these threat actors did not have to invest as much on the malware side.” The fake accounts, in addition to using traditional lures like women looking for a romantic connection, masqueraded as recruiters, journalists, or military personnel. At least two of the cyber espionage efforts entailed the use of low-sophistication malware with reduced capabilities, likely in an attempt to get past app verification checks established by Apple and Google.”

20. The Mossad: The Uniqueness of Israel’s Spy Agency

Aish published this article on May 7th stating that “Israel’s spy agency, the Mossad, has a reputation for ruthlessness, an ability to strike Israel’s enemies anywhere in the world and the capability to place agents within the deepest strongholds of the enemy. The assassinations of Iranian commanders and nuclear scientists, the placement of agents high up within the Iraqi and Egyptian governments and vengeance against terrorists all add to the agency’s street cred. All of the above fall into the classic operational patterns of most other spy agencies. But the Mossad also engages in operations that are somewhat outside the box of regular intelligence gathering and defensive activities. For example, soon after the establishment of the State of Israel in 1948, the agents of the Mossad were tasked with hunting down and killing Nazi war criminals who had escaped justice. Famously, they tracked Adolf Eichmann, one of the architects of the Holocaust, to Argentina, where they abducted him and brought him to Israel to stand trial for his crimes.1 He was found guilty of all charges and hanged on June 1st 1962. These Nazis no longer posed a danger to the Jewish people or Israel, but bringing them to justice was seen as a duty of the Mossad toward the Jewish nation as a whole.”

21. Ukrainian SBU Detained Russian FSB Agents in Zaporizhzhia

On May 9th Ukraine’s SBU announced that they “detained in Zaporizhzhia Russian agents who were preparing terrorist attacks against the command of the Armed Forces of Ukraine and special forces of the SBU. One of the group members was a former military man, and the other was the personal driver of a local high-ranking official. The perpetrators were engaged in the preparation of terrorist attacks against the command staff of the Defence Forces and SBU officers stationed in the region. To do this, the Russian agency collected “hourly” information about the places of temporary bases and the routes of movement of Ukrainian defenders. The received information was transmitted to the FSB through a closed chat in Telegram. According to the coordinates of enemy agents, the occupiers wanted to carry out targeted missile strikes. In addition, the invaders considered the “option” of physical elimination of the Ukrainian defenders by using explosives. To prepare terrorist attacks, Russian agents received 4 thousand dollars from their “handlers” from the FSB as “advance”. However, counter-intelligence officers of the SBU worked ahead of time — timely exposed the perpetrators and detained them. According to the investigation, the head of the agent group was a resident of Zaporizhzhia, a former military man. After the start of the full-scale invasion, he turned to his brother, who lives in St. Petersburg, with a request to “arrange” for him a “contact” with the Russian intelligence service. Soon, in a private correspondence, he was contacted by an FSB case officer who assigned him the task of intelligence and subversive activities against Ukraine. To fulfill them, the traitor involved an acquaintance of his, who worked as a driver for the head of one of the district administrations of Zaporizhzhia. At the instruction of the FSB, the driver “in the dark” used an official, making hidden audio recordings of his phone conversations in the car. In addition, the traitors “directed” enemy airstrikes on bridges and railway crossings.”

22. Iranian State-sponsored Hackers Exploiting Printer Vulnerability

The Record reported on May 8th that “hackers based in Iran are exploiting a recently-discovered vulnerability affecting a popular printing management software, according to new research. On Friday, Microsoft said two nation-state actors they call Mint Sandstorm and Mango Sandstorm have been attacking companies running unpatched versions of PaperCut software, which is used widely by government agencies, universities, and large companies around the world. The vulnerability — tracked as CVE-2023–27350 — was initially disclosed on March 8, and last month the company published an urgent update to an advisory recommending companies install a patch for the vulnerability. “We have evidence to suggest that unpatched servers are being exploited in the wild,” the company said. Since that advisory, several ransomware groups, including Clop and LockBit, have been seen exploiting the bug, according to Microsoft. Microsoft said once proof of concept (PoC) exploits were released publicly, the Iranian hacking groups added the bug to their arsenal of tools used to gain access to systems. “The PaperCut exploitation activity by Mint Sandstorm appears opportunistic, affecting organizations across sectors and geographies,” Microsoft said.”

23. Podcast: SpyCast: “St. Ermin’s Hotel, London” — The History of a Legendary Spy Site, with Stephen Duffy

On May 9th the International Spy Museum’s SpyCast released this new podcast episode. As per its description, “spy fans and intelligence experts alike — if you ever find yourself looking for a place to stay in London, look no further than St. Ermin’s Hotel in Westminster. Opened in 1899 and situated directly between Buckingham Palace and the Houses of Parliament, the hotel has inevitably been caught in the middle of some of history’s greatest moments during the UK’s tumultuous 20th century. During World War II, the hotel was the birthplace of Sir Winston Churchill’s Special Operations Executive — a crucial element in his initiative to “set Europe ablaze.” Notorious spies Kim Philby and Donald Maclean were known to enjoy a drink at the hotel bar while sharing secrets with their Soviet handlers. And that’s not all — to learn the rest, you’ll have to listen to the episode. And… Sir Winston Churchill wrote down his plan for the SOE on the back of a menu. Weird? Maybe, but John Lennon wrote the original lyrics for “Hard Day’s Night” on a birthday card sent to his son Julian, and playwright Aaron Sorkin wrote the Oscar-nominated film “A Few Good Men” on the back of cocktail napkins. Great ideas don’t wait for a typewriter.”

24. Pakistan’s Ex-PM Imran Khan Arrested, Sparking Violence

The Associated Press reported on May 10th that “Pakistan’s former Prime Minister Imran Khan was arrested and dragged from court Tuesday as he appeared to face charges in multiple graft cases, a dramatic escalation of political tensions that sparked violent demonstrations by his angry supporters across the country. The arrest of Khan, who was ousted in a no-confidence vote in April 2022 but remains the leading opposition figure, represented the latest confrontation to roil Pakistan, which has seen former prime ministers arrested over the years and interventions by its powerful military. At least one person was reported killed in clashes between protesters and the military in Quetta, the capital of Baluchistan province, with another five people wounded there, while about 15 injuries were reported amid similar violence in Karachi, Peshawar, Rawalpindi and Lahore. Police fired tear gas to disperse demonstrations. Amid the violence, officials at Pakistan’s telecommunication authority said regulators blocked social media, including Twitter, and internet service was suspended in the capital of Islamabad and other cities. Classes at some private schools were canceled for Wednesday. Khan was removed from the Islamabad High Court by security agents from the National Accountability Bureau, said Fawad Chaudhry, a senior official with Khan’s Pakistan Tehreek-e-Insaf party, and then shoved into an armored car and whisked away. She said Khan has been arrested on corruption charges and he is accused of taking property in exchange for providing benefits to a property tycoon in the country. She denounced attacks at offices of the military and at public places by Khan supporters, saying it was done “in an orchestrated manner on Imran Khan’s directions.” Chaudhry denounced the arrest of the 71-year-old former cricket star as “an abduction.” Pakistan’s independent GEO TV broadcast video of Khan being hauled away.”

25. Ukraine’s SBU Announces Russian Agent Involved in Downing of Boeing MH-17 Gets 12 Years Prison Sentence

On May 9th Ukraine’s SBU stated that “the informant of the Russian general, who was involved in the downing of Boeing MH-17, will spend 12 years behind bars. SBU officers detained the perpetrator in June of last year as a result of a special operation in Kremenchuk, where she was trying to hide from justice. The court sentenced her to 12 years in prison with confiscation of property. According to the investigation, the accomplice of the aggressor is a personal informant of the case officer of the Russian military intelligence Major General Serhiy Dubinsky (Сергий Дубінський), also known by the nickname “Growy” (Хмурий). It was he who was involved in the downing of the passenger plane “Boeing”, which was carrying out flight MH-17 in July 2014. It was established that the enemy informer, who lived in the village of Blagodatne, Donetsk region, was personally acquainted with the terrorist. After the start of the full-scale invasion, she came out via an anonymous messenger to Khmury and offered her help in the war against Ukraine. On his instructions, the perpetrator collected intelligence on the locations and movements of the Defence Forces in the areas of Vugledar, Pavlivka, and Velika Novosilka. She also provided the Russian military intelligence with information about fortifications and engineering barriers of the Ukrainian troops on the eastern front. In addition, the collaborator conducted video recording of the consequences of Russian air attacks on the territory of the region and sent relevant “reports” to the aggressor. Another of her tasks was to collect and transfer to the enemy personal data of members of the resistance movement in the temporarily occupied territory in the east of Ukraine. During searches at the address of the perpetrator’s temporary residence, a mobile phone with evidence of criminal activity was found.”

26. Video: The Invisible Shortwave Transmissions Of London’s Secret Diplomatic World

On May 10th Ringway Manchester published a new video. This video focuses on embassies based on London, UK that have unusual antennas on their roofs, and how those antennas are being used for classified communications, occasionally to/from intelligence agencies.

27. Army Vigil, Intelligence Networks Foil Pakistan’s Constant efforts to Spy

The Times of India reported on May 11th that “even after 25 years of nuclear tests conducted at Pokhran Field Firing Range on May 11, 1998, Pakistan still tries its best to spy and collect sand from this place to analyse it. ‘Operation Shakti’ — the assigned code for the test — was conducted at the tail-end of the firing range. The spot continues to be under tight security. To reach the spot, one must pass through four guarded gates as the entire area is under Indian Army’s vigil. The firing range of Pokhran is host to army activities and trials throughout the year, making it an exceptionally sensitive area. Targeting Pokhran, ISI has built several sleeper cells that have been trying to gather information. However, strict vigil by police and other Indian security and intelligence agencies has always thwarted ISI’s plans. Over a dozen spies and suspicious people have been caught for providing information about Pokhran range to ISI in the last few years.”

28. Ukraine’s Intelligence Service Accused of Ordering Terrorist Attacks in Belarus

On May 10th BelTA reported that “the Central Intelligence Office of the Ukrainian Defense Ministry has ordered the terrorist attacks in Belarus ahead of 9 May, BelTA learned from a news release of the Belarusian TV channel ONT. According to the source, young people have been arrested and are giving their confessions. They were acquainted with another Belarusian citizen, who is now in Kiev. This individual was given a mission by the Central Intelligence Office of the Ukrainian Defense Ministry and found people to carry out this mission in Belarus. Blurred photos and names of the young citizens accused of preparing to carry out the terrorist attacks before and on 9 May have been published previously. Their silhouettes, clothes, and approximate age can be guessed from the photos: Valery (23 years), Viktoria (29), Anna (24), and Andrei (29). According to the TV channel ONT, all the accused are under 30. “The youngsters were simply used. But they understood what they were signing up for. They didn’t know their probable punishment. If convicted, they can face penalties up to capital punishment,” a post on the ONT’s Telegram channel reads. Parcels full of explosives were delivered to Belarus. They were disguised as household appliances. The explosives would have been sufficient for derailing several trains at once or for staging a terrorist attack in a crowd of people celebrating Victory Day on 9 May. These parcels were supposed to be activated at appropriate time in order to cause casualties and stir up the situation in the country.”

29. Turkish Intelligence “Neutralises” Leader of Kurdistan Workers’ Party in Iraq

Shafaq reported on May 10th that “the leader of the Kurdistan Workers’ Party (PKK), Muslim Orber, has been neutralized by the Turkish intelligence service in an operation conducted in the Kurdistan Region of Iraq. Orber was identified as a supply officer for the PKK’s special forces. Security sources told Anatolia News Agency that the Turkish intelligence service successfully neutralized Orber in the Kara area of the Kurdistan Region. The sources further revealed that Orber had joined the ranks of the PKK in 2013 and had been involved in armed operations in Turkey before moving to Syria, where he played a role in various attacks against Turkey. In 2015, Orber relocated to Iraq. He was subsequently placed on the Turkish wanted list by intelligence agencies after being identified as overseeing the transfer of weapons and ammunition during attacks on Turkish forces. Anatolia said. The PKK, which has been engaged in a long-running armed conflict with Turkey, is designated a terrorist organization by Turkey, the United States, and the European Union. The Turkish Armed Forces have conducted cross-border military operations against the PKK in Northern Iraq since the 1980s. Since 2019, Turkey has initiated operations codenamed Claw, including Claw Eagle and Tiger in 2020 and Claw-Lighting and Thunderbolt in 2021.”

30. India: Alarming Twist In DRDO Espionage Case: Pakistani Female Agent Targets Another Officer

Following last week’s story #73, on May 10th Punekar News reported that “senior DRDO Scientist Pradeep Kurulkar’s custody with the Anti-Terrorism Squad (ATS) came to an end on Tuesday, but new and alarming details have surfaced regarding his role in jeopardizing India’s national security. Shockingly, it has been revealed that Kurulkar disclosed classified information pertaining to BrahMos, Agni, and anti-satellite missiles to Pakistan. The ATS has conducted an extensive investigation into Kurulkar’s espionage case, and the findings will be presented to the court. According to officials privy to the investigation, Kurulkar was targeted in a honey trap operation orchestrated by Pakistani intelligence operatives. He was lured by a woman named Zara Das Gupta, a name provided by Pakistani intelligence. Through explicit conversations, the operative ensnared Kurulkar, who was even planning to meet her in London last year. However, the trip was abruptly canceled, although they continued to stay in contact. The details of Kurulkar’s alleged espionage activities have raised serious concerns regarding national security. The extent of the damage caused by his actions is yet to be fully assessed. The findings of the investigation conducted on scientist Kurulkar at DRDO have been reported to the Prime Minister and the relevant department. Additionally, it has been revealed that the same Pakistani female agent attempted to extract similar information from an intelligence officer. Startling revelations have emerged from Kurulkar’s records, including the presence of the officer’s name in his call list. As a result, the ATS has seized the officer’s mobile phone and is currently investigating whether the officer indeed provided confidential documents. Kurulkar, a resident of Kothrud, was arrested on May 3. After his police custody remand ended, he was produced before the court yesterday. The court has extended his custody till May 15.”

31. Secure Communications Use Cases for Government

On May 10th, BlackBerry private firm published this blog post stating that “government, military, and law enforcement agencies have something in common: Their people and their data are targeted for espionage through intercepted and spoofed communications. Off-the-shelf or consumer-grade communications options can leave your organization, your people, and your compliance status at risk. And so can many mobile security tools that come bundled with other products. I recently spoke about secure communications use cases for government, and I’ll describe three of them in this post.”

32. Podcast: Cold War Five: Intelligence in the Information Age | CIA Executive Carol Rollie Flynn

On May 10th the Cold War Five published a new podcast episode. As per its description, “Carol “Rollie” Flynn is the President of the Foreign Policy Research Institute and a thirty-year veteran of the Central Intelligence Agency (CIA). Director of CIA’s Leadership Academy, Director of the Office of Foreign Intelligence Relationships, Associate Deputy Director of the National Counterterrorism Center, Executive Director of the CIA Counterterrorism Center, and Chief of Station in major posts in Southeast Asia and Latin America. She has extensive experience in overseas intelligence operations, security, and counterintelligence. Ms. Flynn is also an adjunct Professor at Georgetown University’s School of Foreign Service/Security Studies Program where she co-directed the National Security Critical Issue Task Force, which conducted research on Lone Wolf Terrorism, Countering Violent Extremism, and Insider Threat. She has also taught at the Fordham University Graduate School of Business and served as Adjunct Staff at Rand Corporation. Ms. Flynn is also a member of the Council on Foreign Relations.”

33. Ukraine’s SBU Publishes Evidence of Cooperation Between Head of Poltava District Court and the FSB

Following 2022 week 17 story #47, on May 10th Ukraine’s Security Service (SBU) announced that they “published evidence of the cooperation of the head of the Poltava District Court with the FSB of the Russian Federation. The official was recruited by the FSB and “leaked” the occupiers with information about Ukrainian defenders in the south of our country. In addition, she recommended to her Russian handler the “candidacy” of Gauleiter Berdyansk and the heads of one of the captured local hospitals. SBU officers exposed the perpetrator as a result of comprehensive measures in April this year. According to the materials of the Security Service, the Supreme Council of Justice made a decision to remove the accused from her position. The court chose a preventive measure for her in the form of detention without bail. We will remind that the official went to the Russian intelligence service on her own initiative at the beginning of the full-scale invasion of the Russian Federation. At that time, she was in Berdyansk, where she worked as a judge in the city-district court. It was established that at the end of March of last year, she passed on information to the occupiers about the transfer of three fighters of the separate special forces unit “Azov” from Mariupol to the Mangush district. The traitor also called on other employees of the court to support the Russian occupiers and cooperate with them.”

34. Russia: FSB Declassifies Documents from Stalin’s Trial of Nazi Criminals in 1947

On May 7th Russia’s FSB announced this declassification with the article starting by stating that “in October 1946, the International Military Tribunal in Nuremberg sentenced to death the main Nazi criminals who were part of the leadership of Nazi Germany for crimes against peace and humanity. Four years before the decision of the Nuremberg Tribunal, on November 2, 1942, an Extraordinary State Commission was formed in the Soviet Union to establish and investigate the atrocities of the Nazi invaders and their accomplices and the damage they caused to citizens, collective farms, public organisations, state enterprises and institutions of the USSR, which was entrusted with “collecting documentary data, verifying them and preparing all materials about the atrocities of Nazi criminals and material damage caused to Soviet citizens, collective farms and the state as a result of the occupation of Soviet territories by the armies of Nazi Germany and its accomplices.” Active assistance to the Commission in collecting the evidence base on the crimes of the occupiers against the civilian population of our country was provided by the state security agencies. On April 19, 1943, on the day of the creation of the Smersh counter-intelligence organs, the Decree of the Presidium of the Supreme Soviet of the USSR “On the penalties for the Nazi villains guilty of killing and torturing the Soviet civilian population and captured Red Army soldiers, for spies, traitors to the motherland from among the Soviet citizens and for their accomplices”, in accordance with which in 1943–1949 open trials were held in the Soviet Union: Krasnodar, Krasnodon, Kharkov, Smolensk, Bryansk, Leningrad, Nikolaev, Minsk, Kiev, Velikoluksky, Riga, Stalin (Donetsk ), Bobruisk, Sevastopol, Chernigov, Poltava, Vitebsk, Kishinev, Novgorod, Gomel, Khabarovsk. The Stalin region (from 1961 — Donetsk region) was under Nazi occupation from October 1941 to September 1943. During this time, the Nazis killed at least 174,000 civilians and 149,000 prisoners of war, drove away more than 252,000 Soviet citizens for hard labor in Germany. In October 1947, in the city of Stalino, in the building of the current Opera and Ballet Theater, an open trial of Nazi criminals K. Repke, G. Wilhelm, G. Lucas, G. Zander, R. Yagov, V. Lesner, O. Zechendorff, V. Rotter, G. Rehm, V. Regitchnig, L. Krach and V. Gaargaus, who were directly involved in the destruction and burning of settlements, as well as the extermination of civilians.”

35. Ethiopia Displays UAVs

On May 10th Janes reported that “ the Ethiopian Air Force is operating at least four Bayraktar TB2 unmanned aerial vehicles (UAVs), a television documentary has confirmed. Released on the Ethiopian Broadcasting Corporation (EBC) YouTube channel on 2 May, the documentary showed four TB2s inside a building that could be identified as one of the hangars at the air force’s main Harar Meda base, south of Addis Ababa. Another two TB2s were shown at Bahir Dar Air Base, 370 km to the north. The UAVs were seen carrying Roketsan MAM-L laser-guided bombs and appeared to be fitted with the Aselsan Common Aperture Targeting System (CATS) electro-optical systems. A larger unarmed UAV that appeared to be a Wing Loong was also briefly seen flying, according to the documentary. Both UAV types have been seen in satellite imagery of the two airbases since late 2021, when Ethiopia appears to have acquired them to help counter rebel forces in the Tigray region. The Iranian UAVs that were also acquired during the two-year Tigray War were not shown in the documentary.”

36. Greece: Foreign Ministry Undercover Investigation Reveals Spyware Export Licenses to Sudan, Madagascar, and Ukraine

Following 2022 week 48 story #52 and 2022 week 49 story #14, the Inside Story published this article on May 6th stating that “so far, the main protagonists in the so-called surveillance scandal, also known as Predatorgate, is the EYP, under the responsibility of Prime Minister Kyriakos Mitsotakis, two companies and three entrepreneurs. The first of the two companies in the spotlight is Intellexa, owned by Tal Dilian, an Israeli-born businessman and former commander of an elite Israeli military technology unit. Intellexa markets Predator spy software — which proved to have shared targets in Greece with the EYP, i.e. people who were also under state surveillance for “national security” reasons. The second company is Krikel, owned by businessman Yannis Lavranos. Since 2018, Krikel has signed seven contracts with the Ministry of Citizen Protection, six of which were marked as classified. Krikel also participated in the supply of the lawful interception system that EYP bought in 2020 from the Italian company RCS Labs. Krikel and Intellexa — as revealed by the Inside Story — have been connected through banking transactions since 2020. The third entrepreneur who has been in the spotlight, apart from Dilian and Lavrano, is Felix Bigzios, Intellexa shareholder with 35 %, who maintains relations with Yiannis Lavranos. To date, the lines drawn by Inside Story reporting connect individual stakeholders in various ways. Today we reveal the point where everyone meets: Intellexa, Krikel, Felix Bitzios and of course the government, through the trusted partner of the Prime Minister, Yiannis Smyrlis, former Secretary General of International Economic Relations and Outreach at the Ministry of Foreign Affairs and current Deputy Director-General of New Democracy. The “meeting” point for everyone is the Ministry of Foreign Affairs and more specifically Directorate B6, which has approved — signed by Smyrlis — the applications of Intellexa and Krikel for the export of spyware products, submitted (some jointly) by a joint employee of G. Lavranos and F. Biggiou. The inside story reveals today: The licensing of spyware exports to the authoritarian regimes of Sudan and Madagascar, as well as Ukraine, with exporters Krikel and Intellexa; The fact that the investigation started at the Ministry of Foreign Affairs in November 2022 on the export of spyware to third countries has already been completed since the beginning of the year, and that the government is not telling the truth to the Commission when it replies that it is still in progress; The shortcomings of the internal investigation of the Ministry of Foreign Affairs, since the then responsible for the relevant export licensing in countries with a fairly poor score in the protection of human rights (Madagascar, Sudan), Yannis Smyrlis, was not examined, for unknown reasons; The close cooperation of individuals and companies central to the Predator spyware scandal, which has targeted journalists, politicians, business executives and others.”

37. Global Surveillance: The Secretive Swiss Dealer Enabling Israeli Spy Firms

Haaretz reported on May 10th that “a day before he was shot dead getting into his car outside his home in Chilpancingo, the capital of the southern Mexican state of Guerrero, journalist Fredid Román Román’s phone number was silently pinged in what confidential data seen by Lighthouse Reports, Haaretz and partners seems to suggest was an attempt to geolocate the reporter using a loophole in the mobile phone system. His murder this August was not just a reminder of the dangers facing journalists: it also offers a chilling insight into the nature and use of technologies whose goal is to exploit the global cellular system — tapping into the very infrastructure of mobile communication — to provide surveillance services of different types. This is a world of surveillance contractors, telecom access brokers and an industry of grey actors with seemingly legitimate businesses. Some are regulated, some are procured by state clients — and some are sold to private actors, providing hackers and criminals alike state-like capabilities. The exploitation of this technology spans continents. It leads from the Americas to Africa to South-East Asia, but also to Basel, a mediaeval town on the banks of the Rhine and the unassuming home of Andreas Fink, a Swiss telecom expert whose unusual skills have placed him at the centre of this industry. His journey, from outspoken privacy advocate and ally of Julian Assange to snoop for hire, is also the journey from Edward Snowden’s NSA leaks to a globalised surveillance marketplace. Where Snowden’s revelations focused on a few government-run mass surveillance hubs like the American NSA and Britain’s GCHQ, the emerging picture a decade later is of an increasingly diverse, outsourced private industry — a globalised start-up economy of location trackers, password crackers and data extractors. Among its clients — and their victims — are Israelis and Israeli linked firms. A maverick computer and telecommunications engineer, Fink is a former payment processor for Wikileaks, an entrepreneur who supports the libertarian Pirate Party but masterminds a global surveillance infrastructure that he has placed at the disposal of governments and companies, including top Israeli commercial spy firms. It allows his customers to pinpoint the location of mobile phones the world over to the level of the cell tower. It has also facilitated interception of messages and takeover of internet accounts.” The article continues that “for example, one of Fink’s systems was seen in the system used by the Israeli hacker-for-hire and disinformation group Team Jorge as part of their operations, which required access to the global cellular network. An international investigation led by Haaretz and published three months ago revealed that Team Jorge offered mass-social-media manipulation, election interference and even hijacking email, Telegram and web accounts. In the past, over 20 members of the Israeli crypto community had their Telegram accounts hacked in a similar manner by someone using Fink’s infrastructure. When contacted by this investigation, Fink admitted to working with companies and “legally entitled government agencies” as a provider of surveillance services. He denied knowledge of some incidents detailed in this investigation, in which data shows that his systems had been used to breach people’s internet accounts, saying that he found no records of them. And he denied that his systems could have participated in the surveillance of Fredid Román in Mexico. The Swiss said he offers his customers the ability to use a highly customisable interface, called Venotex, to send tracking requests via a roster of phone network access points that he maintains, and gave details of a surveillance operation that he had conducted in the Democratic Republic of the Congo at the behest of government officials. Venotex was the system seemingly linked to the software used by Team Jorge. Fink denied working with Team Jorge, but confirmed a “customer” had once wanted to pay him through a company owned by them.”

38. Turkey: Former Intelligence Officer, Russia Expert was Asked to Smear Germany to Regain His Freedom

The Nordic Monitor reported on May 8th that “a retired veteran intelligence officer and a leading Russia expert revealed that the the government of President Recep Tayyip Erdogan asked him to level baseless accusations against Germany and opposition politicians in Turkey in exchange for his release from jail, where he was wrongfully imprisoned. Testifying at a hearing at the Ankara 28th High Criminal Court in February, Enver Altaylı, who had worked for Turkey’s National Intelligence Organization (MIT) in the ’60s and ’70s, said his captors asked him to level accusations against Germany and say Berlin was behind the 2013 anti-government protests in Turkey. “In 2017, they unlawfully questioned me in detention and offered me my freedom in exchange for making statements against the German state. I have a witnesses [to this]. They said, ‘Mr. Enver, you are a hero. We know that. Germany instigated the Gezi events [2013 anti-government protests]. It’s going to provoke incidents like this again,” Altaylı told the panel of judges. He listed the first names of the police who had been in the room when the offer was made as Aydemir, Mahmut and their chief Abdülkadir. “[They said] ‘Sir, you are an intelligence officer. You know Germany and Germans well. Tell us how the Germans will stir up trouble in Turkey again, and we will declare you a hero. … You will be set free.’ I said, ‘How can you expect me to lie? I couldn’t slander either a person or a country,” Altaylı said in recalling the conversation that took place in the room.”

39. Russia Evaluates Ukraine’s Plastun-RP3000 Signals Intelligence System

The Mil.in.ua reported on May 10th that “the Russian military gave an assessment of the Plastun-RP3000 signals intelligence system, which was developed by the Ukrainian company Infozahyst. The video was published by Russian propaganda media. In the published material, the Russian military regrets that the signals intelligence station is bearing the location of their communication equipment, which leads to losses of their personnel and command of units. Experts state that the Ukrainian Plastun SIGINT system is finding all the signals from their radio, and they cannot do anything about it at the moment. They also criticized Chinese civilian radio systems that are already common in the Russian army, as well as Azart specialized military radios, for their high observability in the radio frequency spectrum and for their inability to conduct covert communications. Nevertheless, according to a Russian specialist, such a SIGINT system can allegedly be bypassed with the help of Russian radio stations applying the new communication standard “Wave Network.” The latter provides a decentralized principle of transferring data not directly from source to receiver but through several of the closest links. Yaroslav Kalinin, Director of Infozahyst, made a comment at Militarnyi’s request about the “Wave Network” standards, which the Russians are actively discussing on the video. “The electromagnetic signal used in the “Wave Network” system is very weak, and it is really not easy to capture. But the question of location depends not only on its output power and type. Russian propaganda previously stated our direction finder was worthless, and that signals from a wide-striped FHSS would be a problem for it. But time puts everything in place,” Kalinin said.”

40. New Indian Cyber Espionage Operation

On May 11 cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as DONOT, previously associated with the government of India. The operation involved a weaponised Microsoft Word document titled “Cyber Security Threats.pdf” which, if opened, was covertly installing a custom cyber espionage software implant.

41. Ukrainian SBU Announces Case Against 2 FSB Case Officers in Kherson Region

On May 10th Ukraine’s SBU announced that “in the ranks of the Russian punitive body, they fulfilled the Kremlin’s tasks regarding the spread of the occupation regime and the suppression of the resistance movement in the temporarily captured part of the region. The attackers had a clear hierarchical vertical, headed by two “handlers” from the FSB and the Ministry of Internal Affairs of the Russian Federation, who were directly involved in the formation of the leadership of the pseudo-organisation and controlled its activities. In particular, these are citizens of the Russian Federation Sinitsyn Serhiy Viktorovich (Сініцин Сергій Вікторович) and Toptygin Oleksandr Serhiyovych (Топтигін Олександр Сергійович). They involved two case officers of the Russian law enforcement in the illegal activity and appointed them as “Deputies” of the Head of the fake department. At the same time, the former Head of the Ministry of Internal Affairs in the Cherkasy region became the Head of this institution, Volodymyr Vitaliyovych Lipandin (Ліпандін Володимир Віталійович). The other 30 active members of the criminal organisation are former local law enforcement officers who supported the invaders after the capture of part of the Kherson region. According to the investigation, the perpetrators abducted people to Russian torture camps, where they subjected them to numerous tortures. In this way, the Rashists tried to intimidate local residents and force them to work for the occupation administration. Also, they regularly conducted illegal searches in the homes of citizens, under the guise of which they looted the property of the victims, in particular, they also took away registered hunting weapons. In addition, during the temporary occupation of the regional centre, intruders robbed the city pharmacy — they took away all the cash, medical preparations, and the premises themselves were “confiscated” for the needs of the invaders. Members of the penal body were also involved in holding a pseudo-referendum on the territory of the region. Then they guarded “voters” and ensured the transportation of fake “ballots”. On the basis of the collected evidence, the investigators of the Security Service informed all the participants of the suspicion under Art. 255 of the Criminal Code of Ukraine (creation, management of a criminal community or criminal organisation, as well as participation in it). The suspects are currently hiding in the temporarily occupied territory in southern Ukraine. The SBU has already detained four other “officials” of this Russian punitive body. As for the rest of the members of the criminal group, comprehensive measures are being taken to bring them to justice. Each of them will be punished!”

42. Podcast: Team House: From Minnesota to Vietnam with MACV-SOG | Dale Hanson

On May 13th the Team House released this new podcast episode. As per its description, “Dale Hanson is an accomplished sculptor who has led a life of adventure and enjoyed numerous accomplishments. He is a black belt martial artist, an author, a pilot of fixed wing and glider airplanes, has flown aerobatics and is a Special Forces underwater diver. He is a disabled veteran and a member of MENSA. During the Vietnam War, Dale was a highly decorated Green Beret who served three years as a commando in the famous SOG program, whose mission involved extremely dangerous raids far behind enemy lines. This unit received more decorations and suffered higher rates of casualties than any American unit since the American Civil War. On one of these raids, Dale earned the first of several purple hearts as his right hand was mangled by a burst of machine gun fire. It is ironic that he became a sculptor, a field in which one’s hands are so critical.”

43. BLER Pushes for Singapore Venture with Cyberio Despite Shareholder Spat

Intelligence Online reported on May 9th that “the Israeli open source intelligence specialist BLER Systems is expanding its presence in Asia with help from Ukrainian OSINT expert Alina Sobko.”

44. Canadian CSIS Publishes 2022 Public Report

Here you can find the CSIS Public Report 2022. It’s a 59-pages long report separated into the following sections: 1) Highlights; 2) Message from the Director of CSIS; 3) Missing Focussed: Addressing the Threat Environment; 4) People First: Investing in our Workforce to Deliver our Mandate; 5) Digital and Data-Driven: Advancing Operations for a Digital Era; 6) Accountable to Canadians.

45. Turkish Intelligence Operation Eliminates Senior PKK/YPG Terrorist

The Morning Express reported on May 13th that “a Turkish intelligence operation in northern Syria resulted in the elimination of a high-ranking PKK/YPG terrorist, security sources said on Saturday. Türkiye’s National Intelligence Organization (MIT) “neutralized” Haydar Demirel, code-named Bager Türk and the terror group’s so-called general manager of the Hol province in northern Syria, according to security sources who requested anonymity due to restrictions on speaking to the media. The terrorist, who had been followed by MIT since 2020, was “neutralized” while training PKK/YPG members in the northern town of Tal Hamis in Syria. According to the sources, Demirel joined the terror group in 1993, received training from its convicted ringleader Abdullah Öcalan between 1993 and 1994, and then took part in various terrorist activities.”

46. Latvia: Belarusian Citizen Sentenced to 8 Years in Prison for Espionage, Appealed the Court Decision

Delfi reported on May 13th that “a citizen of Belarus, sentenced to eight years in prison for spying for his country, has filed a cassation appeal against the decision of the Riga District Court, writes LETA. Now the Supreme Court must decide whether the cassation proceedings will be initiated. It has already been reported that the criminal prosecution was initiated by the State Security Service (SSS). The mentioned citizen of Belarus was detained on suspicion of espionage by the State Security Service in close cooperation with the Military Intelligence and Security Service on 15 February. The specified person secretly photographed and filmed the objects of the Latvian defense system, critical power supply infrastructure, as well as important civilian infrastructure on behalf of the Belarusian military intelligence. Information was received for at least 17 sites. According to the State Security Service, information of this nature may be useful to Belarus and its ally Russia in the event of a possible military conflict with NATO, including with Latvia, for planning sabotage or attacks. During the investigation, it was established that for secret cooperation the man was recruited and trained on the territory of Belarus.”

47. Russian FSB Detained Resident of Crimea for Spying for Ukraine

On May 12th Sevkor reported that “the FSB detained a resident of the Crimea, who passed information to the Ukrainian intelligence services about the movements of Russian military equipment. He is charged with treason and espionage. According to the FSB, the detainee “sent to the chat bot of one of the Ukrainian Telegram channels used by the Ukrainian intelligence services to gather intelligence, a video recording of the movement of the military echelon of military equipment of the Ministry of Defence of the Russian Federation in the direction of the zone of the special military operation.” The department said that this information was transferred to the Ukrainian military and used for launching missile strikes. The Investigation Department of the FSB of Russia opened a criminal case against the suspect for “high treason in the form of espionage”. A measure of restraint in the form of detention was chosen. The suspect faces a sentence of up to life in prison.”

48. New Pakistani Cyber Espionage Operation Targeting India

On May 9th cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as TRANSPARENT TRIBE, previously associated with the government of Pakistan. The operation involved a lure document titled “Review Paper.docm” which, if opened, was covertly installing a covert cyber espionage software known as CrimsonRAT.

49. Iran: Former IRGC Intelligence Chief Keen to Put Rouhani on Trial

Iran International reported on May 13th that “Hossein Ta’eb, a senior adviser to the IRGC says former President “Hassan Rouhani will be tried if not today, maybe another day for his decision’s during his presidency.” However, while according to Etemad Online Ta’eb insisted that Rouhani should be tried, he commented that his trial is not the establishment’s immediate priority. Several social media users commenting on the report said that Ta’eb himself should be tried for security breaches during his tenure as the head of IRGC’s Intelligence Organization. He was removed from his post last year after a series of serious sabotage acts in Iran attributed to Israel and a major case of infiltration by Israel was revealed. A top security official, Alireza Akbari was subsequently hanged on charges of espionage for foreign countries. This was not the first time Iran’s hardliners call for Rouhani’s trial or accuse him of pursuing accommodation with the West and for concluding a nuclear agreement in 2015. Rouhani recently said that he would file a complaint against a hardliner member of the Supreme Council of Cultural Revolution who has accused him and his aides of espionage. Attacks on Rouhani by hardliners escalated when he was quoted last week as having said that an agreement with the United States was at hand before he handed over the presidency to Ebrahim Raisi in 2021.”

50. United States: Man Accused of Helping Chinese Government Spy on Dissidents in Boston Area Pleads Not Guilty

On May 12th the NBC Boston reported that “a Boston man appeared in federal court Thursday, pleading not guilty to charges related to helping the Chinese government spy on local community advocates and organizations it opposes. Li Tan Liang of Brighton is charged with conspiracy to act as an agent of a foreign government and acting as an agent of a foreign government without notice to the attorney general. After entering his plea of not guilty, Liang was set to be released on $25,000 secure bond, to be paid in cash, on the condition that his travel is restricted to Massachusetts. He will be monitored by GPS. Federal prosecutors allege Liang has been acting as an agent of the Chinese government since 2018, handing over lists of names, organizations and even sending photographs of people at events and rallies in the Boston area. “It’s definitely nerve-wracking to just learn all about what he has done in the past years, and especially to the people that participated in the rally that I organized in August of 2019,” said Frances Hui, policy and advocacy coordinator for the Committee for Freedom in Hong Kong Foundation. Hui organized the 2019 “Boston Stands With Hong Kong” march.”

51. Finland: Police to Probe Ex-intelligence Official Over Side Employment

Yle reported on May 12th that “the Finnish Security and Intelligence Service (Supo) has asked the National Bureau of Investigation (NBI) to investigate a possible criminal suspicion related to the side activities of an ex-employee, Matti Saarelainen. Supo director Antti Pelttari confirmed the request to Yle on Friday. Saarelainen was involved in the controversial decision to fast-track citizenship for Russian oligarch Gennady Timchenko and his family members in the late 1990s. Saarelainen, who retired from Supo last year, worked half-time at the University of Vaasa on Finland’s west coast beginning in the autumn of 2021. At the same time, he was still being paid for a full-time job at Supo in Helsinki. According to Pelttari, Saarelainen filed a secondary activity report with Supo in 2021, but the investigation request concerns whether Saarelainen used Supo working hours to manage his part-time job, contrary to the terms of that report. Saarelainen told Supo that he was doing his university work in his spare time. “We’ve asked the NBI to investigate whether Saarelainen acted in accordance with the law,” Pelttari told Yle.”

52. Canada: She Was a Muslim Spy at the Forefront of CSIS’s Fight Against Terrorism. Then, She Turned Whistleblower

The Toronto Star published this article on May 12th stating that “months after two passenger planes flew into the World Trade Center and another crashed into the Pentagon on 9/11, Huda Mukbil joined Canada’s spy agency as an intelligence officer. Months after a white supremacist gunned down six Quebecers praying in a Quebec City mosque in 2017, Mukbil turned whistleblower. Those 15 intervening years are captured in a recently released book that tells the story of how Canada’s first Black Arab-Canadian Muslim spy was treated at the Canadian Security Intelligence Service. It depicts an agency dragging its heels on recognizing the relevance of diverse staff and describes how biases including misogyny, racism and homophobia obstruct the agency from doing the job with which it’s tasked: national security. In the memoir, Mukbil chalks out her service in terms of fulfilment and purpose but also glass ceilings and dashed dreams, with a pit stop at Britain’s MI5 along the way. Her story of being a rarity — an Arab (Yemeni) and African (Ethiopian) who grew up in Egypt and Canada and who could speak English, French, Harari and Arabic — along with possessing intelligence and drive meant she quickly became an expert at the forefront of the fight against terrorism. “The way I was made to feel was that I have a certain skill set that they need and so they will tolerate having me there,” she writes. The book states — and this is no spoiler — that the spy agency, which until 1984 was a branch of the RCMP and continues to recruit people from there, operated with the same prejudices as the police force and with the same impunity.”

53. Turkish Intelligence Eliminates PKK ‘Drone-maker’ in Northern Iraq

The Daily Sabah reported on May 9th that “Turkish security forces eliminated a PKK/KCK terrorist, who was designing and building drones for the terrorist group, during a cross-border operation in northern Iraq’s Gara region. The National Intelligence Organization (MIT) on Tuesday said it eliminated a top member of the PKK/KCK terrorist group in northern Iraq’s Gara region in a cross-border intelligence operation. Tekin Okan, code-named “Deniz Bahri,” served as the so-called chief of the terrorist group’s special air forces unit and was working to develop aircraft to be used against Türkiye, the agency said. After joining the PKK/KCK’s rural cadres in 2010, the terrorist moved into northern Iraq where he began designing and manufacturing drones. He oversaw a drone attack on a city center in Şırnak province in 2018, and two others on Diyarbakır and Batman Airport in early 2021. The MIT had reportedly been closely monitoring Okan in recent years since he launched the said attacks against Turkish security forces from Syria and Iraq. Field agents placed him under close surveillance once his route between Iraq and Syria was mapped out for his drone production. In line with the up-to-date information, the MIT launched the operation in Gara, the agency said.”

54. Iran Releases 2 French Nationals Jailed for ‘Spying, Propaganda’

Following 2022 week 3 story #14, 2022 week 4 story #6, and 2022 week 41 story #59, on May 12th the AA reported that “Iran has released two French nationals jailed in separate cases of espionage and anti-government propaganda, one of them also holding Irish citizenship, Iranian Foreign Ministry said Friday. The release of Benjamin Briere and Bernard Phelan was confirmed in separate phone calls Iran’s Foreign Minister Hossein Amir-Abdollahian held with his French and Irish counterparts on Friday. While Briere is a French citizen, Phelan holds dual French-Irish citizenship. Briere was held in May 2020 for “espionage” and the latter in October 2022 on “national security” charges. Iran’s Foreign Ministry spokesman Nasser Kanaani in a statement said the two Frenchmen were released “at the requests of the French side at various levels” as well as “negotiations between the foreign ministers of the two countries.” He said the Iranian judiciary decided to free the two men “in good faith and as a humanitarian action” and in line with the country’s laws. French Foreign Minister Catherine Colonna in a statement said the duo was “on their way to France.” French President Emmanuel Macron was also quoted as saying the two men were “finally free.” In a phone call with her Iranian counterpart earlier on Friday, Colonna thanked Tehran for releasing the two Frenchmen on “humanitarian” grounds and termed it a “confidence-building measure,” according to a statement by Iran’s Foreign Ministry. Amir-Abdollahian, for his part, said France’s “realistic approach” towards Iran was a “positive step.” In a separate phone call with the top Iranian diplomat on Friday, Irish Foreign Minister Micheal Martin also “appreciated the humanitarian decision” to release the Irish citizen, the ministry said. Briere, 37, was arrested in May 2020 and sentenced to eight years and eight months in prison for espionage. His family said he denied the charges. Phelan, a 64-year-old travel consultant, was arrested during the protests in October last year from northeastern Iran’s Mashhad city on national security charges and sentenced to six and a half years. According to reports, he was arrested while taking pictures of a mosque in Mashhad, a major pilgrimage site in Iran, at a time when protests had gripped the country. There were also reports recently of the two men holding a hunger strike inside the jail. In a Twitter post on Friday, Iran’s Embassy in Dublin said that “constructive diplomatic engagement” between the two countries led to the pardoning and release of Phelan. The embassy hastened to add that he had been freed “on consular and humanitarian grounds.” Many foreign nationals have been held in Iran in recent years for spying and security-related charges, many of them French nationals. In October last year, Iranian authorities released a video that showed two French nationals — Cecile Kohler and Chuck Paris — arrested for alleged spying. They are unionists in France. In January, Iran executed Alireza Akbari, a British-Iranian dual national, for being an MI6 spy.”

55. Confronting Hamas as a Cyber Espionage Power House

This article was published on May 12th with its introduction stating that “politically motivated cyberterrorism presents an imminent challenge for global governments, businesses, and U.S. leaders. This is particularly relevant for the U.S. as cyberterrorism now ranks highest in critical threats to U.S. vital interests, according to the newest Gallup poll. Hackers play a large role in today’s activism by targeting oil companies, media corporations, and Russia all in the name of righting the world’s wrongs. Extremist groups in the Middle East are no strangers to weaponizing these digital tools, and now the Palestinian militant Islamist group Hamas has been dubbed the “newest cyber espionage powerhouse” as it expands its cyberespionage and information capabilities. With the inherent asymmetricality of the cyber domain, relatively weak actors are now able to inflict significant damage on adversaries through cyber offensives. Beyond simply organizing an attack online or distributing disinformation, groups can steal classified information from government entities directly. The specificity of Hamas’ target against Israel and its allies is one reason why Hamas is a perfect case study for cyber threat analysts to understand how to tackle these rising threats, and for any internet user to understand the motivations of those using the internet nefariously. As with most emerging threats, now is the time for cybersecurity teams to implement probabilistic models to predict the next move of these threat groups. For those outside of the cybersecurity sector, understanding the power and presence of these extremist groups online will empower the public to help create a safer and more secure online environment.”

56. Chinese-American Chip Designer Loses Bid to Have Trade-secret Conviction Tossed Over Racism Claim

The SCMP reported on May 13th that “Haoyang Yu, a 44-year-old Chinese-American semiconductor designer, has spent five nights in prison, 15 months wearing surveillance anklets and four years fighting to clear his name since the US Department of Justice labelled him an industrial spy in 2018. In large part he has succeeded. Last June, a federal jury acquitted Yu, of Lexington, Massachusetts, of 20 counts ranging from possession of stolen trade secrets, wire fraud, immigration fraud, and illegal export of controlled technology, saying prosecutors had failed to make their case. And a wire fraud charge against his wife, Yanzhi Chen, was dropped. But Yu was convicted of a single remaining charge — possessing and copying the prototype design of a microchip owned and developed by a former employer, Analog Devices Inc of Wilmington, Massachusetts. And on Thursday, the hope to have that conviction thrown out was shattered after Federal District Judge William G. Young, who had presided over the trial, dismissed Yu’s motion contending that he had been unfairly singled out because of his race. After working for two American semiconductor firms for over a decade, Yu, a physics major from China’s prestigious Tsinghua University, started his own chip design business in 2017. Acting on a tip from the owner of a competing chip firm about something “a bit fishy”, federal agencies investigated Yu, and the Justice Department eventually brought those 21 counts. The ADI design Yu was found to possess illegally is for a chip used in aerospace and military applications. Yu’s defence has maintained that once a chip is in the market anyone can look at it with a microscope and discern its features, meaning the design is not a secret. Yu’s lawyer, William Fick, argued on Thursday that similar disputes between employers and employees were usually handled in the civil courts. The criminal case, Fick contended, was pursued against Yu “based on implicit or conscious bias” because he was Chinese. The FBI had contended that Yu had a “strong nexus to the People’s Republic of China”, but, Fick said, that nexus was negligible: China is Yu’s country of origin; he earned a degree 18 years ago in Beijing; and he visited his parents and in-laws in China.”

57. Sky History: 6 Seductive Sex Spies from History

On May 13th the Sky History published this article. The six cases mentioned are: 1) Princess Stephanie Julianne von Hohenlohe; 2) Mata Hari; 3) Roald Dahl; 4) Anna Wolkoff; 5) Gustave Beekman; 6) Salon Kitty.

58. US in Talks with Other Countries to Find Russian Convicts to Swap for Paul Whelan, Evan Gershkovich

Novaya Gazeta reported on May 12th that “the White House is engaged in talks with other countries in hopes to find “high-value Russians” that the Kremlin will want to swap for Evan Gershkovich and Paul Whelan, US citizens imprisoned in Russia, CNN reports , citing three sources familiar with the situation. According to CNN, the US currently has no high-profile Russian spies in custody which would entice Russia to conduct any potential swap. Therefore, Washington is forced to seek help from its allies. The US offers the countries that have incarcerated Russians to strike a deal as a part of a larger prisoner swap package agreement. The White House has appealed to Brazil, Norway, and Germany as well as post-Soviet states. The candidate list includes Russian national Vadim Krasikov who is currently serving a life sentence in Germany for murdering Chechen commander Zelimkhan Khangosvili who fled to reis European country. Washington is also engaged in negotiations with countries that do not have any Russians in custody to discuss what else Moscow can be offered in exchange for the imprisoned Americans. For instance, the White House is considering lifting unspecified sanctions. The White House plan envisions bringing back Gershkovich and Whelan as part of the same deal.”

59. New Indian Cyber Espionage Operation Targeting Pakistani Navy

On May 11th cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators associated with a new cyber espionage operation attributed to an actor dubbed as SIDEWINDER, previously associated with India. The operation involved a document titled “DMP (Navy) Visit.docx”, impersonating the Directorate General Munitions Productions of the Pakistani Navy. If opened, the document covertly installed a custom cyber espionage software implant.

60. United States: CIA Chief Announces New Steps to Address Sexual Assault, Harassment Allegations

Saltwire reported on May 11th that “CIA Director William Burns on Thursday announced the appointment of the former head of the U.S. Navy’s sexual assault prevention program as part of a new effort to improve how the premier U.S. spy agency deals with sexual assault and harassment allegations. The moves follow a U.S. Senate intelligence committee letter in April requesting that the CIA inspector general investigate charges by some CIA female officers that the agency “grossly mishandled” allegations of sexual assault and harassment. “We have no higher priority than taking care of our people,” Burns said in a statement. “We will continue to act quickly and systematically to address concerns, and to improve our approach to these critical issues. More reforms will be coming.” Burns announced the appointment of Taleeta Jackson, a psychologist with 18 years of experience in victim advocacy and sexual assault response and prevention, as the new head of the agency’s Sexual Assault and Response Office. She formally oversaw the U.S. Navy’s sexual assault and prevention program at more than 70 installations. “I am pleased that Dr. Jackson has joined our team and will bring her extensive experience to this crucial new role,” Burns said. “I have personally met with several affected officers to hear their concerns and solicit their feedback on ways we can improve as an agency. I have heard these concerns loud and clear.” The CIA also is moving to streamline procedures for addressing incidents of sexual assault and workplace harassment, including establishing an internal task force that will be advised by outside experts, the statement said. By the end of the month, the agency will issue “new, clear guidance” on how personnel report incidents of sexual assault and harassment, it said.”

61. Ukrainian SBU Detained 2 Russian Informants in Kramatorsk

On May 12th Ukraine’s Security Service (SBU) announced that they “detained two enemy informers who pointed Russian missiles at the locations of the Defence Forces in Kramatorsk. The perpetrators were two residents of Kramatorsk, who handed over the locations of the Defence Forces in the region to the occupiers. They paid special attention to the bases and routes of movement of units of the Armed Forces of Ukraine and the State Border Service in the Bakhmut direction. SBU officers detained both attackers while they were carrying out a hostile mission. According to the investigation, one of them collected intelligence and passed it on to his accomplice, who administered a pro-Russian group in Telegram and was “in touch” with a militant of the occupation group of the Russian Federation on the eastern front. The invaders needed the intelligence to prepare targeted missile strikes on the Kramatorsk district. During searches of the residences of the accused, mobile phones were found, which they used to communicate with the aggressor via messenger.”

62. United States: Former DEA Agent Details How the CIA Concealed Identity of Two 9/11 Hijackers Granted Visas to the U.S. From the FBI

The Covert Action Magazine published this story on May 13th saying that “Dan Christensen, an investigative reporter and editor of the Florida Bulldog, has written an important article on the CIA’s concealment of the identities of two alleged hijackers, Nawaf al-Hazmi and Khalid al-Mihdhar, from the FBI. Unfortunately, the mainstream media and alternative media have mostly ignored this story to date. Christensen cites a sworn declaration, dated July 20, 2021, by Donald Canestraro, a former DEA agent and investigator for the Office of Military Commissions, Military Commissions Defense Organization of the Department of Defense. He is also part of the defense team for Ammar al-Baluchi who is a nephew of and co-defendant with Khalid Sheikh Mohammed (KSM), the alleged “mastermind” behind the 9/11 attacks. Per Christensen, government documents allege that al-Baluchi transferred tens of thousands of dollars from banks in Dubai to a SunTrust Bank account in Florida jointly owned by 9/11 hijackers Marwan al-Shehhi and Mohamed Atta. In 2016, Canestraro stated that he investigated the possible involvement that Saudi Arabia and the CIA had in the events leading up to 9/11. Christensen writes Canestraro’s initial review of discovery documents provided by the government to the defense focused on Omar al-Bayoumi and Fahad al-Thumairy. Bayoumi was an alleged Saudi intelligence officer who had numerous contacts with Nawaf al-Hazmi and Khalid al-Mihdhar and helped them obtain an apartment in San Diego. Thumairy was a Saudi consular official in Los Angeles and a local religious leader who was allegedly sympathetic to al-Qaeda. Christensen states that Bayoumi, Thumairy, and Musaed al-Jarrah, who was the deputy head of Islamic Affairs at the Saudi Embassy in Washington, are named as “principal subjects” of the FBI’s Operation Encore, which was an FBI investigation into the Saudi Arabian government’s involvement with the hijackers. In 2016, the Florida Bulldog obtained an October 2012 FBI report through Freedom of Information Act litigation. Christensen writes that “the report says Jarrah ‘tasked’ Bayoumi and Thumairy with helping the hijackers.” Operation Encore examines the financial and logical support that Saudi officials gave to Hazmi and Mihdhar.”

63. New FSB Cyber Espionage Operations Targeting Ukraine

Throughout this week cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of cyber espionage operations targeting Ukraine, associated with an actor dubbed as GAMAREDON, previously associated with Russia’s FSB. Here’s the first, second, and third ones. If the recepient opened the lure document, a covert cyber espionage software implant was installed.

64. Greece: The Covert Surveillance of Albanian Politician Freddy Beleris in Athens

On May 13th the Edolio5 reported that “the court of Avlona in Albania decided the pre-trial detention of the candidate for the Mayor of Heimarra Freddy Beleris. In particular, the request for interim measures of the expatriate candidate for Mayor of Heimarra, Freddy Beleris, was rejected by the court of Avlona, ​​Albania, and thus he will remain in custody. The lawyers of Freddy Beleris complained that this is a political decision, which unfortunately reminds of the old communist regime. From the Avlona court, it was ordered that Beleris be transferred to Tirana. At the same time, the judiciary will announce the decision for the second arrested Pantelis Kokavesis, in the Tirana hospital, where he was transferred due to health problems. Today, a third arrest of an expatriate in Albania became known. This is Vladimir Koumis, former Mayor of Lukovë, who is also accused of buying votes. According to information, this arrest is also attributed to Edi Rama’s attempt to influence the elections and lead to the election of people of his influence so as to implement his plans for the region. According to Edolio5’s information, when Freddy Beleri was in Athens, he was under 24-hour surveillance by the Greek Police and his meetings were being photographed! Some time ago, in a coffee shop in the Southern Suburbs, where he met and talked with a well-known journalist about issues in his area that needed to be publicised, the lens flashed again! A few days after the meeting, a police officer who works at the EYP and was a “source” of the journalist met with him and showed him photos from this meeting. Why was the EYP surveilling Beleris? Did they know about the arrest by the Albanian police?”

65. United Kingdom: David Lammy: Washington’s Man in Labour

On May 12th the DeclassifiedUK published this article stating that “the likely future foreign secretary has been attending elite gatherings in the US while courting MI6 and displaying his establishment credentials on Labour’s foreign and military policy, which is likely to be near-identical to the current government. “If I become foreign secretary I will not hide my trans-Atlanticism”, David Lammy told an audience at Chatham House in London in January. “The relationships I formed as the first Black Briton to study at Harvard Law school have matured into deep bonds with many who work in Washington DC”, he added. Labour’s shadow foreign secretary is unlikely to be misleading people on this score. Since assuming the position in November 2021, Lammy has been a regular visitor to a string of elite, establishment fora in the US. Lammy has been highlighting his credentials as Keir Starmer’s man and distancing himself from the brief period when Jeremy Corbyn’s Labour party challenged the establishment consensus on foreign policy. At a speech to the Centre for American for American Progress in March, Lammy said “my greatest political friendship is with former president Barack Obama” whose “period in government is, I think, exemplary”. Lammy did not, however, mention Obama’s policies of attacking Libya in 2011 and funding a $1bn covert operation in Syria which propelled the country’s civil war. Lammy then spelled out his belief in the Anglo-American alliance, saying: “There is an opportunity for a progressive moment if Labour are able to govern in my country with an ideal partner in Joe Biden”. “We must take the opportunity to seize this potential for a progressive moment with our shared outlook on foreign and domestic policy having merged,” he continued. “Not just repeating the familiar rhetoric about a special relationship but forming a renewed partnership for progressive change on the world stage.” Lammy added: “The United Kingdom’s future has always been brighter when the United States succeeds”, echoing the traditional alliance, and junior UK role, that all Labour and Tory foreign secretaries have promoted since 1945.”

66. Report: Latin America’s Second “Pink Tide” Opens Avenues for Iranian Influence

Private intelligence firm Recorded Future published this report on May 11th. As per its introduction, “Latin America is currently experiencing a resurgence of the political left and far left, as left-leaning and far-left leaders now govern the majority of countries in the region. We define the start of this resurgence, sometimes termed a second “Pink Tide” — (the first having occurred in the early 2000s) — as December 2018, when Mexican president Andrés Manuel López Obrador entered office; his election was the first in a wave of notable left-wing electoral victories in Latin America. As Latin America trends left, it also increasingly rejects United States (US) influence, which formerly played an outsized role in regional affairs, thereby opening avenues for China, Russia, and Iran to expand their activities in the region. While Chinese and Russian diplomacy and investments in Latin America have been examined extensively, less has been made of Iran’s efforts to deepen its ties to the region. Iran’s activities in Latin America deserve close analysis in light of the Iranian government’s persistently malign and destabilizing activities and its government’s sponsorship of terrorism. In light of changing leadership in Latin America, Iran has found new opportunities to increase its political and economic footprint — especially in Brazil, Colombia, Argentina, and Chile. At the same time, Iran has strengthened ties with its steadfast allies, Venezuela, Cuba, and Nicaragua. Most notably, Iran and Venezuela have significantly increased their energy trade to circumvent and mitigate sanctions. In Latin America, Tehran seeks to expand trade relationships to mitigate the effects of US sanctions and ensure food security, and develop political partnerships to widen its sphere of influence. Iran will almost certainly seek to increase trade relationships, cooperation agreements, and diplomatic engagements with its steadfast allies in the region, and continue to make inroads with powerful democracies led by left-wing governments, especially Brazil, Argentina, Colombia, and Chile. Iran will very likely continue to capitalize on opportunities presented by left-wing and anti-American leaders in Latin America to further expand its presence in the region, with a focus on energy deals and other economic partnerships. Outside of government-to-government channels, Iran gains influence in the region using online media, including covert state-sponsored information operations on social media and influences Latin American audiences through Iran-backed cultural and religious centers. In June 2022, Iran also applied for membership to the BRICS Union of countries, comprising Brazil, Russia, India, China, and South Africa. If Iran is able to gain membership, it will likely use this status, along with other multilateral bodies, to legitimize its presence in Latin America and appear as a responsible and influential power broker.”

67. Russia: St. Petersburg Will Consider the Case of 76-year-old Novosibirsk Physicist on Treason

Following 2022 week 31 story #57, Mediazone reported on May 12th that “the St. Petersburg City Court received materials from the treason case against 76-year-old physicist Anatoly Maslov (Анатолий Маслов). Information about this “Mediazona” found in the file of the court. The meetings have not yet been scheduled. Maslov was a chief researcher at the Institute of Theoretical and Applied Mechanics of the Siberian Branch of the Russian Academy of Sciences, located in Novosibirsk. His main area of ​​work was aerogasdynamics. The scientist was detained in July 2022. According to the publication Academ.info about the life of the Novosibirsk Academgorodok, he was accused of transferring data related to hypersound to China. Maslov was soon transferred to the Lefortovo remand prison in Moscow, the last time his arrest was extended in Moscow in February 2023. The scientist’s son talked about his father’s heart problems and the lack of “proper medical care” in custody.”

68. Italy: New Issue of Gnossis Journal (1/2023)

On May 11th the latest issue of the Italian intelligence community’s journal, called GNOSIS, was published. As per its introduction, “for the opening of the new editorial year, GNOSIS proposes an issue tinged with blue: the blue of the sea, an element once again at the centre of our research in continuation of a line of study introduced in 2022 which, due to the variety and complexity of the aspects related to the theme, appears worthy of further discussion; the blue identity colour of the Air Force, to which the magazine dedicates some interventions on the occasion of the centenary of its establishment as an autonomous armed force.”

69. Declassified Documents Describe China-Taliban Relations and Fears About Uighur Guerillas

On May 8th the Unredacted published this story stating that “Recent allegations that the Uighurs, a Turkic ethnic group native to the Xinjiang Uygur Autonomous Region in the Northwest region of China, are an “attractive constituency” for terrorist groups like Islamic State — Khorasan Province, warrant careful scrutiny, particularly at a time of increased U.S.-Chinese tension. The Chinese government strongly opposes the political movement that seeks an independent Uighur nation-state, in part due to purported concerns about political violence, and Beijing has been accused of violating Uighur human rights. The U.S., however, has indicated its support of the Uighur community in recent years. In January 2023, President Biden stated that ethnic minority communities, such as the Uighurs, continue to face “intimidation, violence, and unequal protection under the law,” a sentiment previously reflected in U.S. press briefings and other statements since at least March 2019. The U.S. stance on the Uighur issue has evolved across recent presidential administrations, and the assessments found in the declassified documents featured in today’s post, which were all released under the Freedom of Information Act (FOIA), reflect those of the first George W. Bush administration. These documents are a selection from the new Digital National Security Archive collection, Afghanistan War and the United States, 1998–2017, which was published in December of last year. The five documents examined in this post primarily detail: friendly Chinese relations with the Taliban in the early 2000s in an attempt to secure assurances about Uighur guerrillas in Afghanistan; a U.S. assessment of threat posed by said guerrillas; and U.S. complicity in allowing Chinese officials to interrogate Uighur detainees held at Camp X-Ray, which was housed at Guantanamo.”

70. Switzerland: Federal Council Report on the Assessment of the Threat Situation in Accordance with Article 70 of the Intelligence Service Act (NDG)

On May 12th the Swiss Federal Intelligence Service (NDB) published this report with its summary saying that “at its meeting on May 10, 2023, the Federal Council approved the annual report on the assessment of the threat situation in accordance with Art. 70 NDG. The report was created by the Federal Intelligence Service (NDB) and refers to the threats mentioned in the NDG and to events abroad that are significant in terms of security policy.” It’s a 12-pages long report separated into the sections: 1) Introduction; 2) Overview; 3) Events Abroad that are Significant in Terms of Security Policy; 4) The Threats in Detail; 5) Effects on Switzerland.

71. United States: Captain James D. Stallings to be Honoured on National Cryptologic Memorial Wall

On May 12th the NSA announced that “the name of Captain James D. Stallings, U.S. Army, will be added to the National Security Agency’s Cryptologic Wall at a ceremony on May 25, 2023. General Paul Nakasone, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, will host the family of Captain Stallings at the ceremony. Captain Stallings, a native of Carthage, Tennessee, joined the Army ROTC while studying engineering at the Tennessee Polytechnic Institute. Upon graduation in 1954, he was commissioned into the Army. While working to become an electronic warfare cryptologic officer, Captain Stallings married the love of his life, Ann Parkinson. Captain Stallings was subsequently named commanding Officer of the 337th Company, whose mission was to collect critical enemy communications to gain foreknowledge of enemy plans and intentions on the battlefield. In the spring of 1966, Captain Stallings and his company were deployed to South Vietnam in support of the U.S. Army’s 1st Division. On September 25, 1966, Captain Stallings left the company area with several soldiers to inspect the forward-deployed intercept sites. Near the village of Bien Hoa, Captain Stallings’ vehicle hit an anti-tank mine and came under enemy fire. Captain Stallings was killed in the attack. NSA honors and remembers the sacrifice that Captain James D. Stallings made in service of his country.”

72. Sweden: Person Prosecuted for Gross Unauthorised Position with Secret Information

The Security Service of Sweden (SÄPO) announced, together with the Prosecutor’s Office on May 11th that “a 50-year-old man has today been charged on suspicion of gross unauthorised position with secret information. According to the indictment, the man has possessed and disseminated secret and sensitive information about a large number of defence facilities. The prosecutor is available by phone to the media this morning. The prosecutor believes that the objects are highly protective and a disclosure to a foreign power could cause great damage to the Swedish defence and reduce our ability to defend the country in war. The preliminary investigation has been conducted by the Security Service under the direction of prosecutors at the National Security Unit. I consider the crime to be serious because the information has touched conditions of great importance for the defence of the kingdom. The man is suspected of having promoted, cleared, procured and taken charge of this secret information. He was behind and administered the database that was the basis for the exchange of secret information, says senior prosecutor Lars Hedvall at the National Security Unit.”

73. China’s Growing 5G Presence in South America Poses Potential Security Threats to the Region

On May 8th the United States NGA’s Project TEARLINE published this analysis. As per its overview, “in 2017, a Chinese national security law mandated citizens and business entities comply with requests for information by Chinese intelligence agencies. With this law, the presence of Chinese telecommunications companies in South America poses potential security threats. As of 2022, multiple Chinese telecommunications companies had established a presence in South America. Since then, these companies have spread further throughout the region, proliferating 5G technology. As Chinese prominence in the region grows and 5G technology becomes more integrated into people’s lives, concerns over data autonomy, corporate espionage, and communications grid vulnerabilities will become more central in the debate over how 5G development should progress. A recent Chinese national security law presents potential security implications for the expanding presence of Chinese telecommunications companies in South American 5G networks, specifically Brazil, Argentina, and Venezuela. The geolocated data throughout this study documenting China’s telecommunications presence in South America helps one understand and manage risk.”

74. New North Korean Cyber Espionage Operation Targeting South Korea

On May 11th cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as APT37, previously associated with North Korea. The operation involved a lure document titled “워싱턴선언, 북핵 위협 대응에 얼마나 도움이 될까.LNK” (How helpful will the Washington Declaration be in responding to the North Korean nuclear threat? LNK) which, if opened, was covertly installing a cyber espionage software implant.