SPY NEWS: 2023 — Week 21

Summary of the espionage-related news stories for the Week 21 (May 21–27) of 2023.

1. Spy Collection: Leaked document review: “CIA Operations Center Intelligence Update (2 March 2023)”

On Monday we published this video. As per its description, “following our series of going through the allegedly leaked US intelligence community documents from mid-2023, in this episode we review a document originating from the Central Intelligence Agency (CIA) titled “CIA Operations Center Intelligence Update (2 March 2023).” Disclaimer: We do not know the validity of this document’s contents, if it’s authentic, fabricated or fake. In this video we approach it from the analytic tradecraft perspective as a learning tool since it depicts some good practices for anyone interested in the military intelligence domain. If it turns out to be real, it’s also a nice addition to our collection for historical purposes.” The document includes cases from Russia, Haiti, Hungary, and Iran.

2. Clandestine Russian Intelligence Ring in Europe Uncovered, OSINT Group Claims

Kyiv Post reported on May 21st that “Ukrainian opensource intelligence (OSINT) agency Molfar, has released the data of 167 persons whom they say are employees of the Russian Federation’s foreign intelligence service. The data indicates that most of the spy networks in Western countries were using diplomatic cover, known in spy parlance as “official cover.” To avoid suspicions, the Russian spooks took day jobs at embassies, worked as journalists, and gained employment in cultural organizations to act as cover for their real goal: to infiltrate organizations to spread disinformation about Ukraine before the full-scale invasion. According to Artem Starosiek, the CEO of the Molfar OSINT agency, uncovering the identities of Russia’s top spies started with a tip: Someone turned over a database of likely employees of the Russian Foreign Intelligence Service. Starosiek explained that even though the spies operated under the cloak of secrecy, “some things cannot be hidden even by spies. Especially, when they must conduct at least some public activities while acting as diplomats.” Suspicions turned to confirmations as Molfar was able to locate the phone numbers of the alleged spies and to check them, using bots, in Telegram. Therein, the sleuths quickly acted to locate other databases, both public and private, that would allow for further confirmation of the story.”

3. Israel-linked Terror Outfit Disbanded in Western Iran

Mehr News Agency reported on May 21st that “Khatib said at a ceremony in Tehran on Sunday that the terrorists had sneaked across the border into western Iran from Iraq’s semi-autonomous Kurdistan region. “Given the cooperation of the new Iraqi administration [led by Prime Minister Mohammed Shia’ al-Sudani] and the assurances offered, we wish to see our western borders secure and clear of any security incident,” Press TV quoted Khatib as saying. “We remind the Kurdistan Regional Government (KRG) of its responsibilities in this regard,” he added. Khatib made clear that Iranian military and security forces will not hesitate to deliver a powerful and crushing response to any destabilizing act against the country’s border regions. Elsewhere in his remarks, Khatib said more than 200 anti-Iran media outlets, 35 think tanks, and dozens of intelligence services were actively involved in foreign-sponsored riots that broke out in some parts of the country. Foreign-backed riots erupted in Iran in mid-September after the death of 22-year-old Iranian woman Mahsa Amini, who fainted at a police station in the capital Tehran and was pronounced dead three days later at the hospital. Iran’s intelligence community has said several countries, including the United States and the United Kingdom, have used their spy and propaganda apparatuses to provoke violent riots in the country.”

4. Interview: Cipher Brief: Thinking Like a CIA Analyst

On May 22nd The Cipher Brief published this video recording. As per its description, “in a wide-ranging conversation, former CIA Deputy Director for Analysis Linda Weissgold offers up fascinating insights into what makes for good analysis, how artificial intelligence factors-in, and the very nature of how the agency itself is (and should be) changing.”

5. The CAR Allowed the Evacuation of a Frenchman Accused of Espionage

Following 2022 week 10 story #12, on May 21st Mediapool reported that “a former French soldier accused of espionage in the Central African Republic has been allowed to return to France on health grounds but still faces trial in Bangui, his family said on Sunday. Juan Remy Quignolot, 57, spent 16 months in prison after his arrest in May 2021 before being released on bail in September when prosecutors also cited health problems. His arrest was denounced as “manipulation” by France, whose relations with its former colony have soured since 2018 with Russia’s growing influence in the chronically volatile country, including the alleged arrival of paramilitaries from the Wagner group. “We met him this morning at Charles de Gaulle airport outside Paris,” his sister Carolyn Quignolot told AFP by phone. “He left Bangui on May 18 and traveled through Gabon,” whose president, Ali Bongo Ondimba, is an “intermediary” between Paris and Bangui, she said. “He is very weak and needs to rest,” she added. After Quignolot’s arrest, pictures began circulating in the press and social media purporting to show him with military weapons confiscated from his home in Bangui. The man is accused of “espionage, illegal possession of military and hunting weapons, criminal association, harming internal state security and conspiracy”. According to aid workers, Quignolot worked occasionally as a security guard for several organisations. In a June 17 ruling by appeals court president Laurent Wambita seen by AFP, doctors confirmed that his “rapid deterioration” put his life at risk, without elaborating. But Quignolot “will have to appear before the criminal court … as soon as his health condition improves”. If convicted, he faces life in prison at hard labor.”

6. Switzerland: A Spy Story in Bern, or Why Did Prosecutor Dubois Shoot Himself?

On May 20th SwissInfo published this article stating that “a recently published graphic novel follows the tragic fate of Swiss federal prosecutor René Dubois, who committed suicide in 1957. Almost forgotten today, then this spy scandal, which took place in Bern, in the heart of the Confederation, caused a huge resonance both in Switzerland itself and beyond its borders. Created by screenwriter Eric Burnand and artist Matthieu Berthod, the black-and-white graphic novel Berne nid d’espions / L’affaire Dubois 1955–1957 (“Bern is a Nest of Spies: The Dubois Scam 1955–1957”) tells the story of the rise and fall of a powerful official, focusing on the time from his assumption of office as a federal prosecutor until his suicide two years later. For the first time we meet the hero a few moments before his suicide, the story is in the present tense. René Dubois himself tells us his story. He recalls the main stages of his bureaucratic career in the civil service in Switzerland, which ultimately led him to the decision to voluntarily end his life. The novel has everything that a Le Carré-style spy thriller should have: the appointment of the head of the Swiss Federal Prosecutor’s Office (Bundesanwaltschaft — BA), rapprochement with French intelligence, the thunderous echo of the Algerian war that reached Switzerland, and, finally, the revelations in the press that and led René Dubois to his death.”

7. Interview: AFIO: Nigel West, Historian and Former MP, on Hitler’s Trojan Horse: The Fall of The Abwehr

On May 21st the United States Association of Former Intelligence Officers (AFIO) published this video recording. As per its description, “Topic: Nigel West and Jim Hughes discuss Nigel’s recent book, “Hitler’s Trojan Horse: The Fall of The Abwehr.” Topics include: Topics include: Impact of Abwehr defections; Richard Wurmann; Erich Vermehren; SIS Officer Nicholas Elliott; Paul (Willi) Hamburger; SIGINT; Adm. Wilhelm Canaris; Operation Valkyrie; 20 July Plot; Sicherheitsdienst; Otto John — code name WHISKY; Claus von Stauffenburg; Prince Frederick III, Solms-Baruth, tortured for his attempt to assassinate Hitler on 20 July 1944, SIS officer and professor H.L.A. Hart.” and it also states that “NIGEL WEST was born in Lambeth, south London, educated at a Roman Catholic monastery, London University and Grenoble University. While still a student he worked as a researcher for the authors Ronald Seth and Richard Deacon, who both specialised in security and intelligence issues. Between 1987 and 1997 he was a Member of Parliament representing a constituency in south Devon and contributed to Official Secrets legislation and the Intelligence Services Act.”

8. Ukrainian SBU Detains Russian Agent in Mykolaiv

On May 22nd Ukraine’s Security Service (SBU) announced that they “detained a traitor who was correcting strikes on the Mykolaiv region with Shaheds and phosphorous shells of the Russian Federation. At the instruction of the aggressor, the perpetrator traveled around the front-line territories of the region and secretly recorded the locations of personnel and equipment of the Ukrainian defenders. He also tried to identify warehouses with weapons and ammunition of the Armed Forces, including those of foreign production. In addition, the attacker transmitted information to the occupiers about the consequences of their air attacks using phosphorous munitions, Grad rocket launchers and Iranian Shahed drones. The received intelligence was used by the invaders to prepare new and repeated attacks on the region, primarily on Ochakov. Counter-intelligence officers of the SBU detained a Russian agent while he was carrying out an enemy intelligence mission. As the investigation established, the detainee is a local resident whom the aggressor remotely involved in tacit cooperation. He transmitted intelligence to the Russian intelligence services through a messenger in the form of text messages. During the search, a mobile phone was found in the attacker’s possession, which he used to communicate with the occupiers.”

9. U.S. Charges Greek Businessman with Smuggling Military and Dual-use Goods to Russia

Following last week’s story #33, IntelNews reported that “the United States Department of Justice has charged a Greek national with wire fraud and smuggling sensitive military-grade and dual-use goods from the United States to Russia. The suspect, Dr. Nikolaos “Nikos” Bogonikolos, 59, was arrested in Paris, France, on May 9, at the request of the United States, and is currently in custody pending extradition proceedings. Bogonikolos is a mathematician and self-described “serial entrepreneur”, with business activities dating back to 1987. He has authored and co-authored academic articles, holds a number of patents, and has published a book entitled Total Process Security Reengineering. Following the ECHELON revelations in the late 1990’s, he authored a report (.pdf) entitled “The Perception of Economic Risks Arising from the Potential Vulnerability of Electronic Commercial Media to Interception” as part of a study for the European Parliament. In 2005, Bogonikolos received his PhD from the Kharkov National Economic University in Ukraine, focusing on applications of artificial intelligence in the field of economics. According to his own claims, he has been active as an entrepreneur or researcher in some 40 countries, including Russia. Bogonikolos is the founder of a Greek-based company called Aratos Group. In 2016, Aratos Systems BV was registered as legal entity in The Netherlands. Since 2020, the company has been located in the town of Rijen, which is also home to the main operational military helicopter base of the Royal Netherlands Air Force. Aratos Systems BV describes itself on its website (currently offline) as an “independent and leading member of the Greek Aratos Group”. Its activities, as declared to the Netherlands chamber of commerce, are “the collection, processing, protecting, and selling of earth observation data to public and private parties”. Aratos Systems also “owns and runs a fully equipped Satellite Ground Station constantly connected with EUMETSAT” — the latter being the European operational satellite agency for monitoring weather, climate and the environment from space. Last week, the Netherlands Public Prosecution Service and the Fiscal Information and Investigation Service raided the Aratos Systems offices in Rijen. According to the unsealed complaint (.pdf) it is believed that Bogonikolos was contacted in October 2017 by representatives of an illicit Russian procurement network that acquires sensitive military-grade and dual-use technologies, under the direction of Russia’s Foreign Intelligence Service (SVR). Elements of that network are often referred to by Western government officials as “the Serniya Network” or “Sertal”, among other names. In December 2017, Bogonikolos allegedly accepted an invitation to travel to Moscow alone for a meeting. The complaint cites an email exchange between senior members of Sertal and Serniya Network, including Yevgeniy Grinin and Aleksey Ippolitov, who are both wanted by the FBI. In the email exchange, it is suggested that Bogonikolos is a “supporter of the Orthodoxy” and that he sees it as “the basis of friendship with Russia”.”

10. Podcast: CIA’s Deadliest Black-Ops Commando Breaks Down America’s Shadow Wars | Ric Prado

On May 22nd KONCRETE published a new podcast episode. As per its description, “Ric Prado is a Cuban born clandestine CIA paramilitary operations specialist who worked in the Central Intelligence Agency for nearly 3 decades. His service included 36 months in Central American jungles of Honduras as the first CIA officer living in the anti-Sandinista “Contra” camps.”

10. Chinese State-backed Hacking Group Compromised US Critical Infrastructure Organisations

The Record reported on May 24th that “a Chinese state-sponsored hacking group gained access to critical infrastructure organizations in Guam and other parts of the U.S., Microsoft warned on Wednesday. The group, which the company calls Volt Typhoon, has attempted to access organizations in “communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.” In one case reported on by the New York Times, the state-backed hackers breached telecommunications networks on the island of Guam, a sensitive U.S. military outpost in the Pacific, and installed a malicious script. The Microsoft report, which was accompanied by a joint advisory from the Cybersecurity and Infrastructure Security Agency, the NSA and the FBI, as well as cybersecurity agencies in Australia, Canada, New Zealand, and the United Kingdom, did not give specifics of the breach in Guam but described a far-reaching effort by Volt Typhoon to gain access to sensitive industries and hide within the organizations’ networks. “Observed behavior suggests that the threat actor intends to perform espionage and maintain access without being detected for as long as possible,” Microsoft wrote. The hackers gained access via internet-facing Fortinet FortiGuard devices, then attempted to extract credentials to get access to other devices on the networks. Once they gained access, hackers attempted to “live off the land,” the joint advisory said, meaning that they avoided malware that would arouse suspicions. The group instead focused on exfiltrating data and surveying networks.”

11. Ukrainian SBU Detained Russian Agent in Bakhmut

On May 22nd Ukraine’s SBU stated that they “detained an enemy informer who was “hunting” for Ukrainian air defence in the Bakhmut region. The Security Service exposed another enemy accomplice during counter-subversive measures in the front-line areas of Donetsk region. The attacker collected intelligence for the occupiers about the bases and movements of the Defence Forces in the Bakhmut direction. First of all, she tried to establish the coordinates of firing positions, fortifications and air defence systems of the Ukrainian defenders. SBU officers detained the suspect while she was carrying out an enemy mission. A mobile phone was found in her possession, which the woman used to transmit classified information to the aggressor. According to the investigation, the enemy informant is a resident of Oleksiivo-Druzhkivka. She was an active user of the banned Odnoklassniki social network, where she shared anti-Ukrainian posts. There, she was approached by a “liaison” of the Russian intelligence service, who in January of this year offered to join intelligence and subversive activities against Ukraine. In order to collect intelligence, the perpetrator went to the area and secretly observed units of the Ukrainian troops. She also “in the dark” used her neighbours and acquaintances, asking them for information about the movement of convoys of military equipment of the Defence Forces. She sent the received information to the occupiers via messenger in the form of text messages indicating the geolocations of Ukrainian sites.”

12. New Videos Published by Former CIA Officer Jason Hanson

Throughout this week former United States Central Intelligence Agency (CIA) officer Jason Hanson published the following videos: 1) How to Avoid Being Poisoned or Drugged, 2) Here’s How to Make Cash Off the Grid…, 3) How to Avoid Prison When Using a Gun in Self-defence, 4) Is It Safe to Carry a Gun Around Children?

13. US State Department’s Intelligence Service Bolsters Recruitment Strategy to Attract Specialists

Intelligence Online reported on May 25th that “faced with an increasingly diverse range of threats and growing competition for expertise inside the intelligence community, the US State Department’s intelligence service is aiming to enhance its curb appeal to potential recruits.”

14. United States: Former NGA Director Robert Cardillo Appointed to Synthetaic’s Board of Directors

Business Wire reported on May 22nd that “today Synthetaic welcomed Robert Cardillo to its Board of Directors. Robert brings unparalleled experience in geospatial intelligence, with nearly 40 years of service to the U.S. Intelligence Community, including serving as Director of the National Geospatial-Intelligence Agency from 2014 to 2019. In his role on the Synthetaic board, Robert will advise and guide the company as it adds differential value to the defense and intelligence communities and experiences the associated period of significant growth. Robert started his career as an imagery analyst at the Defense Intelligence Agency and has experienced firsthand how geospatial intelligence technology grew from an exclusive and limited capability of the U.S. government to a vibrant ecosystem of industry, academia, and think thanks. This is a strong and growing commercial market, estimated to reach $50 billion by 2032, according to a study by Global Market Insights, Inc.”

15. Russian FSB Detained SBU Saboteur in Novotroitsk

On May 22nd Russia’s Federal Security Service (FSB) announced that “in cooperation with the Ministry of Internal Affairs of the Russian Federation, prevented a terrorist act in the city of Novotroitsk, Orenburg Region. As a result of the measures taken in the city of Novotroitsk, a Russian citizen, born in 1997, was detained, who, on the instructions of the Ukrainian intelligence services, was preparing arsons: a relay protection cabinet and automation of the Novotroitskaya railway station of the South Ural Railway, the military commissariat of the city of Orsk, Orenburg region and the FSB department Russia. Subsequently, the suspect planned to go over to the side of the Armed Forces of Ukraine to participate in hostilities against the Armed Forces of the Russian Federation. Components for the manufacture of an improvised explosive device were seized from a cache he had equipped on the outskirts of Novotroitsk. Internet instructions for making explosives and explosive devices were found in the means of communication, as well as correspondence in the Telegram messenger with the Ukrainian intelligence services.”

16. Mysterious Malware Designed to Cripple Industrial Systems Linked to Russia

CyberScoop published this article on May 25th saying that “a rare form of malicious software designed to infiltrate and disrupt critical systems that run industrial facilities such as power plants has been uncovered and linked to a Russian telecom firm, according to a report released Thursday from the cybersecurity firm Mandiant. The discovery of the malware dubbed “CosmicEnergy” is somewhat unusual since it was uploaded to VirusTotal — a service that Google owns that scans URLs and files for malware — in December 2021 by a user with a Russian IP address and was found through threat hunting and not following an attack on a critical infrastructure system. Whatever the motivation for developing it and uploading the code to VirusTotal, CosmicEnegy joins an highly specialized group of malware such as Stuxnet, Industroyer and Trisis that are purpose built for industrial systems. Furthermore, the discovery adds another layer of concern for critical infrastructure operators and organizations that are increasingly targeted by criminal and nation-backed hackers. Researchers at Mandiant, which is part of Google Cloud, noted that its highly unusual for this type of code to be discovered or even disclosed to the public. Yet, it’s not clear if the malware was intended for use in a cyberattack or it could have been developed for internal red-teaming exercises before the code was released into the wild.”

17. Podcast: DIA Connections: The Last Monday in May”

On May 23rd the US Defence Intelligence Agency (DIA) published a new podcast episode. As per its description, “Memorial Day, celebrated on the last Monday in May, honors service members who died while serving in the military. On this episode of DIA Connections, a discussion on the traditional sound of remembrance — Taps. Jari Villanueva, the country’s foremost expert on America’s most familiar bugle call, joins us in a conversation about the 24 notes that must be sounded to perfection — and talk about one of the times it wasn’t … when the whole world was listening. *Nothing in this podcast should be construed to be an endorsement by the DIA or the US Government of any particular company, product, or service.”

18. Russia’s Small “New Space” Industry Enlisted to Bolster Offensive in Ukraine

On May 24th Intelligence Online reported that “in the context of the upcoming launch of the SAR Kondor FKA-1 satellite, Russia’s New Space industry is mobilising to fill the GEOINT data gaps of Moscow’s armed forces engaged in the war in Ukraine.”

19. Ukraine Sentences GRU Saboteur to Life Imprisonment

On May 22nd Ukraine’s SBU announced that “according to SBU materials, a saboteur of the Russian GRU, who was preparing explosions on the Odesa railway, was sentenced to life imprisonment. Counter-intelligence officers of the SBU detained him in October of last year as a result of a multi-stage special operation in Odesa. More than 3 kg of TNT, an anti-tank mine and detonators were seized from the enemy saboteur. According to the materials of the Ukrainian intelligence service, the court sentenced him to the highest degree of punishment — life imprisonment with confiscation of property. According to the investigation, the enemy accomplice turned out to be a former official of criminal investigation of the line division of the disbanded militia on the Odesa railway. After the start of the full-scale invasion, he was recruited by a representative of the GRU to carry out reconnaissance and subversive activities in the region. At the instruction of the aggressor, he collected information about the transportation of military equipment, weapons, ammunition and fuel and lubricants on certain sections of the Odesa railway. He planned to transfer the information obtained to the Russian military intelligence for the preparation of explosions on the key logistics routes of the Defence Forces in the southern direction. In order to carry out the enemy’s task, the attacker set up two remote camera traps near the railway track in the suburbs of Odessa. These special devices allowed him to monitor the movement of rolling stock in real time and receive the corresponding photos through a mobile application. For the conspiracy, the Russian agent constantly changed his appearance and communication channels with his Russian “handler”. He also used documents drawn up on fake persons, in particular, a passport of a citizen of Ukraine. Officers of the SBU timely exposed the intruder, documented the criminal actions and detained him while setting up the device for remote monitoring of the railway transport route. Based on the evidence collected by the Security Service, the court found him guilty under two articles of the Criminal Code of Ukraine.”

20. New North Korean Cyber Espionage Operation Targeting South Korea

Cyber threat intelligence researcher Kimberly discovered and reported on May 24th that an APT37, previously associated with North Korea, was using a lure document titled “정책연구브리핑 22–15 미ㆍ중 갈등시대 중국의 통상전략 변화와 시사점.pdf” (Policy Research Briefing 22–15 Changes in China’s Trade Strategy and Implications in Era of US-China Conflict.pdf) to target entities South Korea. If opened, the document was covertly installing a cyber espionage softwate implant.

21. Russia: Ukrainian Citizen Sentenced to 16 Years in Prison for Espionage

On May 23rd Russia’s FSB announced that “the verdict of the Tula Regional Court against the citizen of Ukraine Andrey Vyacheslavovich Petkevich (Петкевич Андре́й Вячеславович), who was found guilty of committing a crime under Art. 276 of the Criminal Code of Russia (“Espionage”). By a court decision, he was sentenced to 16 years in prison to be served in a strict regime correctional colony. As a result of the measures taken by the FSB of Russia, it was established that the foreigner, on the instructions of the intelligence services of Ukraine, searched for employees of Russian defence enterprises from among the secret carriers. Its goals were the recruitment development of Russians and obtaining from them legally protected information about promising developments in the field of small arms. The spying activity of Petkevich A. V. was stopped in a timely manner.”

22. Airbus Offers SIGINT Add-on for German Heron TP UAS

Janes reported on May 22nd that “Airbus Defence and Space (DS) has outlined a signals intelligence (SIGINT) capability option for the Israel Aerospace Industries (IAI) Heron TP unmanned aircraft systems (UASs) provided to the German armed forces (Bundeswehr) under a service-level agreement. Addressing the Association of Old Crows (AOC) Europe 2023 conference in Bonn on 16 May, Stefan Loebel, responsible for sales and business development in Airbus DS Airborne Solutions, said that the company was pitching an off-the-shelf IAI Elta SIGINT solution as a potential extension to its existing scope of delivery. Such a capability could fill a SIGINT gap prior to the arrival of the new Persistent German Airborne Surveillance System (Pegasus) capability in 2027. Airbus and Germany’s Federal Office of Bundeswehr Equipment, Information Technology and In-Service Support (BAAINBw) signed an operator agreement for the Heron TP UAS service provision in June 2018. Intended to bridge the gap between the retirement of the earlier Heron 1 UAS service and the introduction of the European Medium-Altitude Long-Endurance (EuroMALE) UAS, the contract includes the provision of five IAI Heron TP air vehicles, four ground segments, training, and operations/support services out to 2027. The Heron TP was awarded a type certificate by the German Military Aviation Authority in late 2022. The certification confirms compliance with the STANAG 4671 military airworthiness standard, and makes the Heron TP the first UAS in service with the Bundeswehr to fully comply with an internationally agreed airworthiness code. “We see a signals intelligence capability gap,” Loebel told AOC Europe. “What we are proposing is a market-available SIGINT/electronic surveillance (ES) package for Heron TP already at Technology Readiness Level 9.”.”

23. Turkey Says dismantled Anti-Iran Mossad Spy Network

Mehr News reported on May 23rd that “Turkish intelligence discovered a cell of 15 people who probably work for the Mossad, Israel’s secret service, against Iranian targets in the country, “Daily Sabah” reported. Turkish intelligence (MIT) discovered the cell of spies during an operation that lasted 18 months. Eleven of the 15 alleged spies have been arrested and at least one of them is said to have received training in Israeli regime. The head of the cell is called Selcuk Kucukkaya, a Turkish businessman, who had alleged links with Fethullah Gulen movement according to Ankara media. Also, last year, the Turkish authorities announced that they had dismantled a Mossad network and tried 15 people on charges of spying for a foreign regime.”

24. Ukrainian SBU Detained GRU Agent in Cherkasy

On May 23rd Ukraine’s SBU announced that they “detained a Russian agent in Cherkasy while he was correcting an enemy attack on the city. He collected intelligence on the locations and movements of the Ukrainian military and air defence systems on the territory of Ukraine. The attacker turned out to be a resident of the temporarily occupied part of the Kherson region, who at the beginning of the full-scale invasion supported the invaders and offered them his help in the war against Ukraine. Later, a case officer of the Russian military intelligence contacted him via messenger with an “offer” of secret cooperation. On the instructions of a representative of the GRU, the agent arrived in Cherkasy to carry out reconnaissance and subversive activities as a displaced person. In the territory of the region, the traitor collected information about the locations of the Defence Forces and critical infrastructure facilities. He was especially interested in the locations of air defence systems, Ukrainian military hospitals, as well as factories, bridges and dams. The Russian agent transmitted the received information to the occupiers in the form of electronic geolocations with confirming photos. Intelligence was needed by the invaders to adjust repeated airstrikes on the territory of the region. Counter-intelligence officers of the SBU detained the traitor in the regional centre during the photo-fixation of the Ukrainian site of critical infrastructure and the transfer of the corresponding “report” to the Russian military intelligence. During the detention, a mobile phone was found in the suspect’s possession, which he used to carry out enemy intelligence.”

25. Podcast: True Spies: Extracting Eichmann, Part 1/2: The Ratline | Mossad

On May 23rd SpyScape’s True Spies published a new episode. As per its description, “Sophia Di Martino tells the story of the audacious Mossad operation to capture a notorious Nazi. In the aftermath of WW2, war criminals scatter to the four winds. Using international escape routes known as ‘Ratlines’, scores of Nazis begin new lives in South America. Among them is one of the Holocaust’s chief architects — Adolf Eichmann. In Part One of this two-part story, Sophia Di Martino explores the origins of an audacious Mossad operation in 1960s Argentina. Told by a cast of experts and descendants of central figures inside the mission, this is the story of how Eichmann was finally brought to justice.”

26. Iranian AGRIUS Deploys MONEYBIRD in Targeted Attacks Against Israeli Organisations

Check Point Research published this research on May 24th. The key points are: “Iranian threat actor Agrius continues to operate against Israeli targets, masking destructive influence operations as ransomware attacks. In recent attacks the group deployed Moneybird, a previously unseen ransomware written in C++. Despite presenting themselves as a new group with the name– Moneybird, this is yet another Agrius alias. The data was eventually leaked through one of Agrius previous aliases. As demonstrated in the Moneybird attacks, Agrius’s techniques, tactics and procedures (TTP) remain largely unchanged.”

27. Netherlands: AIVD is Very Concerned About ‘Anti-elite Extremism’: ‘Government, Regain Confidence in Society’

The Dutch Telegraaf reported on May 25th that “the service presented an investigation into the phenomenon on Thursday. The most important conclusion — one hundred thousand people believe that our country is ruled by an ‘evil elite’ — was recently shared by the AIVD during the presentation of its annual report. The research report that has now been made public provides more information about the extremists, who mainly manifest themselves online. As the AIVD emphasises repeatedly, these are not people who express themselves critically about the government. Not even if they do so with unproven or grotesque theories. This almost always falls under freedom of speech or freedom of the press. It is people who dehumanise and demonise the government, but also politicians, scientists, judges and journalists, creating a climate in which they are at risk in the short term and which seriously undermines trust in these institutions in the longer term. Which then threatens our democratic constitutional state.” The report is available in AIVD’s website here.

28. Hacking in a War Zone: Pegasus Spyware in the Azerbaijan-Armenia Conflict

This research was published by Access Now on May 25th. As per its summary, “a joint investigation between Access Now, CyberHUB-AM, the Citizen Lab at the Munk School of Global Affairs at the University of Toronto (the Citizen Lab), Amnesty International’s Security Lab, and an independent mobile security researcher Ruben Muradyan, has uncovered hacking of civil society victims in Armenia with NSO Group’s Pegasus spyware. The Armenia spyware victims include a former Human Rights Defender of the Republic of Armenia (the Ombudsperson), two Radio Free Europe/Radio Liberty (RFE/RL) Armenian Service journalists, a United Nations official, a former spokesperson of Armenia’s Foreign Ministry (now an NGO worker), and seven other representatives of Armenian civil society. Circumstantial evidence suggests that the targeting is related to the military conflict in Nagorno-Karabakh (also referred to as the Republic of Artsakh in Armenia) between Armenia and Azerbaijan. This is the first documented evidence of the use of Pegasus spyware in an international war context.”

29. Russian FSB Detained GUR Agent in Rostov-on-Don

On May 24th Russia’s FSB announced that they “documented and suppressed the illegal activities of a design engineer at one of the enterprises of the military-industrial complex in the city of Rostov-on-Don. According to the data received, in the period from February to April 2023, this Russian citizen, in the course of correspondence in internet messengers with an officer of the Main Intelligence Directorate of the Ministry of Defence of Ukraine, performing his tasks, and also proactively transmitted information about the location of defence industry enterprises, as well as air defence systems and personnel of the Russian Armed Forces located on the territory of Rostov-on-Don. The Investigation Department of the FSB of Russia initiated a criminal case under Art. 275 of the Criminal Code of the Russian Federation “Treason” in the form of espionage.”

30. Ukrainian SBU Detained FSB Saboteur in Avdiivka

On May 25th Ukraine’s SBU announced that they “detained an FSB saboteur who was preparing to blow up a railway track near Avdiivka. During a multi-stage special operation, an FSB agent was detained, who was preparing to blow up a section of the railway track in the Avdiyiv direction. In this way, the occupiers planned to disrupt the logistics of the Defence Forces, including the provision of fuel and ammunition to the Ukrainian defenders. To carry out the sabotage, the Russian agent had to take explosives from a previously prepared cache and covertly install them near the line of the rolling stock. However, SBU officers promptly exposed the perpetrator, documented the criminal activity and detained him. According to the investigation, the accomplice of the aggressor is a railway station employee from the city of Ukrainy, whom the FSB remotely involved in secret cooperation in March of this year. He came to the attention of the Russian intelligence services as an active user of banned social networks, where he left comments in support of the Rashists. For recruitment via the internet, the FSB used its informant from the temporarily captured territory of Donetsk region. She turned out to be a medical worker of the Russian occupation group “Sparta”. In the future, it was she who was “in touch” with the person involved. As “test tasks”, he handed over the locations of the Defence Forces in the Avdiyiv direction to the invaders. In addition, the enemy was interested in the coordinates of the location of the units of the Armed Forces on the territory of the Pokrovsky district. Then a Russian agent was tasked with carrying out sabotage at a railway transport facility. A mobile phone with evidence of intelligence and subversive activities against Ukraine was seized from the detainee.”

31. A Technical Analysis of Intellexa’s PREDATOR Spyware

On May 25th Cisco Talos published this technical analysis. The key highlights are: “Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox). Our research specifically looks at two components of this mobile spyware suite known as “ALIEN” and “PREDATOR,” which compose the backbone of the spyware implant. Our findings include an in-depth walkthrough of the infection chain, including the implants’ various information-stealing capabilities. A deep dive into both spyware components indicates that ALIEN is more than just a loader for PREDATOR and actively sets up the low-level capabilities needed for PREDATOR to spy on its victims. We assess with high confidence that the spyware has two additional components — tcore (main component) and kmem (privilege escalation mechanic) — but we were unable to obtain and analyze these modules. If readers suspect their system(s) may have been compromised by commercial spyware, please consider notifying Talos’ research team at talos-mercenary-spyware-help@external.cisco.com to assist in furthering the community’s knowledge of these threats.”

32. Iran is Using Its Cyber Capabilities to Kidnap Its Foes in the Real World

On May 24th the Atlantic Council reported that “in November 2020, as results for the closely watched and hotly contested United States presidential and congressional elections began to emerge, hackers gained access to at least one website announcing results. They were thwarted, but it took the resources of the US military and the Department of Homeland Security to block what could have turned into another attempt to spread doubts and confusion about a vote that would eventually threaten to undermine US democracy some weeks later. The culprit in the attack, according to US officials and tech professionals cited by The Washington Post, was a hacking group operating out of or at the direction of Iran — an increasingly powerful state actor in the world of cyber warfare. The Islamic Republic has been steadily improving and sharpening its cyber warfare, cyber espionage, and electronic sabotage abilities, staging complex operations that, while not always successful, show what experts in the field describe as devious inventiveness. In addition to its nuclear ambitions, its refining of missile technologies, and cultivation of armed ideologically motivated proxy paramilitary groups, Iran’s electronic warfare and intelligence operations are emerging as yet another worry about the country’s international posture. The cyber realm fits snugly into Iran’s security arsenal. It is characterized by the asymmetricity, clandestinity, and plausible deniability that complement the proxy and shadow operations that have long been Islamic Republic’s favored tools for decades.”

33. Russian Spy Chief Tells ‘Meddling West’ to Go to the Devil, Forecasts Its Demise

Reuters published this story on May 24th saying that “one of Russia’s top spy chiefs on Wednesday said the West had sown the seeds of its own destruction by turning away from what he called its core traditions and told it to “go to the devil” and stop interfering in global affairs. In remarks at a security forum outside Moscow attended by foreign security officials, Sergei Naryshkin, head of Russia’s SVR foreign intelligence service, made some of his most anti-Western comments yet, underlining the depth of enmity Moscow harbours towards the West over its support for Ukraine. “The Anglo-Saxons might be advised to attend to their own internal civil conflicts. Better still, to clear off to their acquaintance, the devil,” said Naryshkin, who like other Russian officials refers to Britain, the United States and other English-speaking countries in the West as “the Anglo-Saxons”. “It is pertinent to remember the biblical truth: the end of them will be according to their deeds. And that means that their end will be a sad one,” he said, saying the West was riven by serious internal and external problems.”

34. Germany Charges Executives for Selling Spyware to Turkey

DW reported on May 22nd that “German authorities have filed charges against four suspects from a firm over allegations that they sold surveillance software to Turkey’s intelligence services, Munich prosecutors said on Monday. Prosecutors say the suspects intentionally violated licensing requirements for dual-use goods by selling surveillance software to non-EU countries. The accused — from the Bavarian-based FinFisher — have been charged with commercial violations of the German trade and payments act in three separate cases. According to the prosecutors in southern Germany, the firm struck a deal worth in excess of €5 million ($5.4 million) in 2015 to sell monitoring software to Ankara intelligence, along with training and support. The spyware allows those who deploy it to acquire control of computers and smartphones, as well as follow communications. Prosecutors said the Finspy software was provided to a Turkish opposition movement in 2017 to download from a fraudulent website “under false pretenses, in order to spy on them.” The probe was sparked after four non-governmental organizations — the Society for Civil Liberties, Reporters Without Borders, the European Center for Constitutional and Human Rights (ECCHR) and Netzpolitik.org. — all filed complaints.”

35. Video: The Secret Numbers Station That Got Scared

Ringway Manchester published this new video on May 24th. The video covers the case of the 1970s number station “G01” known as the “Tyrolean Music Station” which was operated by the French SDECE to covertly communicate with operatives.

36. Russian FSB Prevented SZRU Sabotage of Nuclear Power Plants

On May 25th Russia’s FSB announced that they “prevented a terrorist attack on nuclear power facilities planned by the intelligence services of Ukraine. On the eve of the celebration of the 78th anniversary of the Victory in the Great Patriotic War, a sabotage-terrorist group of the Foreign Intelligence Service of Ukraine attempted to undermine more than 30 high-voltage power lines of the Leningrad and Kalinin nuclear power plants, which, according to the plan of the Ukrainian intelligence services, would lead to a shutdown of nuclear reactors, a violation of the normal regime operation of the nuclear power plant and caused serious economic and reputational damage to the Russian Federation. The terrorists managed to blow up one and mine 4 pillars of power lines of the Leningrad NPP and lay IEDs under 7 pillars of the Kalinin NPP. As a result of the measures taken by the Federal Security Service, members of the DTG, citizen of Ukraine Maistruk Oleksandr (Майструк Александр), born in 1978, was detained (pseudonym “Mechanic” — Механик), and Usatenko Eduard (Усатенко Эдуард), born in 1974. (pseudonym “Max” — Макс), a citizen of Ukraine and Russia, Yuriy Kishchak (Кищак Юрий), born in 1963, was put on the wanted list (pseudonym “South Coast” — ЮБК), currently located in Belgium. These individuals were recruited in September 2022 by Lieutenant Colonel Gorbatyuk Vitaliy (Горбатюк Витали), born in 1975, an officer of the SVRU, who underwent special training in camps located in the Kyiv and Nikolaev regions of Ukraine. In order to commit sabotage, they illegally crossed the Russian-Belarusian border in the Pskov region, where they arrived from the territory of Ukraine in transit through Poland and Belarus. In addition, two accomplices of saboteurs from among Russian citizens were identified and detained, who assisted them in providing them with means of communication and vehicles with fake state registration plates. For the smuggling of explosives, the Ukrainian intelligence services used an international freight traffic channel along the route: Chelm (Poland) — Shalchininkai (Lithuania), then through the territory of Belarus with the arrival in the Rzhevsky district of the Tver region of Russia. A cargo trailer was used as camouflage, in which hiding places were equipped for the hidden transportation of weapons and firearms. In the course of the measures taken, the following items were seized from caches organised by saboteurs: 36.5 kg of C-4 plastic explosive, 61 foreign-made electric detonators, 38 electronic timers and 2 PM pistols with ammunition. A criminal case was initiated against members of the DTG under Part 1 of Art. 281 (sabotage) and part 1 of Art. 222.1 (illegal acquisition, transfer, sale, storage, transportation, transfer or carrying of explosives or explosive devices) of the Criminal Code of Russia. A measure of restraint in the form of detention was chosen. The defendants gave confessions about cooperation with the SVRU, carried out in order to prepare and commit sabotage on the territory of Russia. Measures to document criminal activity and search for organisers, saboteurs and their accomplices continue.”

37. Turkish Intelligence Eliminates PKK’s ‘Comms’ Man in Iraq

On May 22nd the Daily Sabah announced that “Emre Şahin, a member of the terrorist PKK group, also known by his codename “Rodi,” was “neutralized” in Northern Iraq by the National Intelligence Organization (MIT), security sources said on Monday. Şahin was a so-called “communications official” for the terrorist group. “Neutralized” is a term used by Turkish officials to describe a terrorist target either killed or captured alive. MIT’s operation took place in Gara, a mountainous region in Iraq’s north run by the Kurdistan Regional Government (KRG). The terrorist group has hideouts in the region, particularly in the Qandil mountains where its senior cadres are based. Security sources say Emre Şahin was behind the development of encrypted programs the terrorist group used for communication and was on MIT’s primary “target list.” Intelligence officers lured Şahin to an area where they damaged the PKK’s “communications infrastructure” and neutralized him and his bodyguard, sources told Turkish media outlets.”

38. Spy Chief Warns Authoritarian States Stoking Anti-government Mood in Germany

The Associated Press reported on May 22nd that “the head of Germany’s domestic intelligence agency warned Monday of a rise in anti-government extremism — fueled by authoritarian states such as Russia — that seeks to divide society and topple the government. German security agencies have disrupted several plots in recent years by small groups linked to the Reich Citizens movement accused of planning attacks on critical infrastructure, government officials and even the national parliament. While it is unclear how far advanced such plans were, authorities have expressed alarm that the alleged plotters had acquired weapons and included people who aren’t usually on the radar of security agencies, such as judges and police officers. Thomas Haldenwang, who heads the Federal Office for the Protection of the Constitution, or BfV, said the mixing of previously separate groups — from far-right extremists to QAnon conspiracy theorists — and their willingness to use violence was particularly worrying. “What links all of these groups is that they despise our state and our democracy, reject it and want to abolish it,” he told The Associated Press in an interview in Berlin. Haldenwang said anti-government extremists consciously use wedge issues to stoke fear and gain new followers. These include migration — where far-right actors have perpetuated the myth of a “great replacement” — but also government measures to curb the coronavirus pandemic and combat climate change. “All of these issues can be used to spread a particular narrative and give the impression that the state isn’t in control of certain situations and therefore it needs to be toppled,” he said.”

39. Ukrainians Were Likely Behind Kremlin Drone Attack, U.S. Officials Say

The New York Times published this article on May 24th stating that “U.S. officials said the drone attack on the Kremlin earlier this month was likely orchestrated by one of Ukraine’s special military or intelligence units, the latest in a series of covert actions against Russian targets that have unnerved the Biden administration. U.S. intelligence agencies do not know which unit carried out the attack and it was unclear whether President Volodymyr Zelensky of Ukraine or his top officials were aware of the operation, though some officials believe Mr. Zelensky was not. The agencies reached their preliminary assessment in part through intercepted communications in which Russian officials blamed Ukraine and other communications in which Ukrainian officials said they believed their country was responsible for the attack, in which two drones were flown on May 3 toward the Kremlin, causing little damage. U.S. officials say their level of confidence that the Ukrainian government directly authorized the Kremlin drone attack is “low” but that is because intelligence agencies do not yet have specific evidence identifying which government officials, Ukrainian units or operatives were involved. The attack appeared to be part of a series of operations that have made officials in the United States — Ukraine’s biggest supplier of military equipment — uncomfortable. The Biden administration is concerned about the risk that Russia will blame U.S. officials and retaliate by expanding the war beyond Ukraine. American spy agencies see an emerging picture of a loose confederation of Ukrainian units able to conduct limited operations inside and outside Russia, either by using their own personnel or partners working under their direction. Some of these missions could have been conducted with little, if any, oversight from Mr. Zelensky, officials said. In addition to the drone attack, U.S. officials say they believe the Ukrainians were responsible for the assassination of the daughter of a prominent Russian nationalist, the killing of a pro-Russian blogger and a number of attacks in Russian towns near the border with Ukraine, the most recent of which occurred Monday.”

40. The Spy Who Read Me: Authors Under Surveillance

The Economist published this article on May 24th saying that “Ernest Hemingway thought his phone was tapped. Doris Lessing reckoned that British spies were following her every move. Claude McKay suspected that the FBI was monitoring his travel in Europe. Their instincts were right. During the 20th century intelligence agencies in Britain and America spent countless hours investigating “dangerous” authors. This was in part an alternative to censoring or banning the work of troublesome writers, which dictatorships do more readily than democracies. The literary snooping eased up, though did not cease, after America won the cold war. Writing by novelists and essayists came to seem less dangerous and files on them became thinner. Most snoops are not very good readers. They sometimes get basic facts wrong. In one file MI5, Britain’s domestic-intelligence agency, adds an extra “e” to “Orwell” (spelling it “Orewell”) and mistitles his book “Down and Out in Paris and London” as “A Down and Out in London and Paris”. The FBI’s assessment of McKay, a important figure in the Harlem renaissance, is true but unenlightening: he “is apparently a poet, or at least he has written considerable verse”. One FBI agent describes James Baldwin, an American writer, as “white… 6’, neat”. (He was black and five foot six.) Some investigations last a few dull days. Others take decades. Here are six of the best books by and about authors under surveillance. They show how the security state watched, read and sometimes influenced writers whose approaches to literature ranged from modernist to postmodernist and whose ideologies stretched from libertarianism to communism.”

41. Head of Australia’s Spy Agency Warns of Neo-Nazi Recruitment

On May 24th the Israel National News reported that “the head of Australia’s national intelligence agency ASIO (Australian Security Intelligence Organization) warned on Wednesday that neo-Nazi groups in the country are increasing their efforts to find new recruits. ASIO Director-General Mike Burgess explained to a Senate hearing that demonstrations by the far-right groups, meant to aid recruitment, are also becoming more common, 1News reported. “It’s a sign that those groups are more emboldened to come out publicly, to push what they believe in and recruit to their cause,” Burgess said. He testified that approximately 30 percent of ASIO’s counter-terorrism work involves right-wing security threats. “Does that mean there’s been an increase in the numbers of them? I don’t see that correlation, I think they’re just more emboldened,” he added. This year there have been multiple public demonstrations by neo-Nazi groups in the country, including a violent Melbourne demonstration earlier in the month involving 20 extremists. But Burgess played down the threat of terrorist attacks coming from the extremist groups, insisting that the greatest likelihood of terrorism still comes from lone individuals who give little to no warning before attacking, Australian broadcaster ABC reported. He described these lone attackers are frustrated that far-right groups, of which they may be members, are not taking group action. “In the case of the Neo-Nazi groups, what we worry about the most is people who join a group, or get drawn into that ideology, and are not satisfied there is no action and go off and do it themselves,” he said.”

42. Swedish Appeals Court Upholds Life Sentence in Russia Espionage Case

Following 2022 week 45 story #7 and 2023 week 3 story #85, the Associated Press reported on May 25th that “Sweden’s highest court on Thursday upheld the life sentence for the eldest of two Iranian-born Swedish brothers for spying for Russia and its military intelligence service GRU for a decade. Peyman Kia, a naturalized Swede, was sentenced to life in January in one of the Scandinavian country’s biggest espionage case in decades. His brother, Payam Kia, was given nine years and 10 months. They were found guilty for having worked jointly to pass information to Russia between Sept. 28, 2011, and Sept. 20, 2021. At first, both brothers appealed the Jan. 19 sentences by the Stockholm District Court. But Payam Kia retracted his appeal last week, hours before the appeals verdict was scheduled to be announced. His lawyer, Björn Sandin, explained to Swedish broadcaster SVT that his client feared getting a higher sentence. Thursday’s verdict by the Supreme Court was postponed a week because of that. As before, proceedings were held behind closed doors most of the time because of the sensitivity of the information. The Supreme Court said “it has been proven that the older brother procured, promoted and disclosed (information) to the Russian intelligence service GRU.” Between 2014 and 2015, Peyman Kia worked for Sweden’s domestic intelligence agency as well as for the country’s armed forces. Swedish prosecutors alleged that the data the brothers gave the Russians originated from several authorities within the Swedish security and intelligence service, known by its acronym SAPO. Peyman Kia, who was arrested in September 2021, reportedly also worked for the armed forces’ defense intelligence agency. He was involved with a top secret unit within the agency that dealt with Swedish spies abroad, according to media in Sweden. His brother was arrested in November 2021.”

43. The Top-secret Leak that Led to a Spying Scandal, Infuriating Indonesia — and Tony Abbott

The Guardian reported on May 25th that “Lenore Taylor remembers the pressure she felt carrying a USB stick from Sydney to Canberra with the contents of a top-secret leak implicating the Australian government in a spying scandal that reached the then president of Indonesia’s personal mobile phone. It was 2013 — the same year that David Miranda, the late partner of former Guardian journalist Glenn Greenwald, was detained in Heathrow airport for nine hours after a series of stories revealed mass surveillance programs by the US National Security Agency. Guardian Australia’s now editor was “relieved” when she reached the capital safely. “When I was first handed the documents we had to make sure we didn’t have phones with us,” she says. “We were very, very cautious. I was somewhat astonished when it became apparent to me that the security agencies were aware that we were going to publish a story before I’d ever contacted them or talked to them about it.” The leaked slide presentation obtained from the US whistleblower Edward Snowden revealed that Australian spy agencies had tried to listen in on the personal phone calls of the then Indonesian president, Susilo Bambang Yudhoyono, and his associates. Dated November 2009, it named his wife, Kristiani Herawati — better known as Ani Yudhoyono — as being among nine of his inner circle targeted by surveillance.”

44. United States: NRO Director Says Commercial Space Industry Helps Fuel the Spy Satellite Agency’s Ambitious Goals

CNBC News reported on May 25th that “the U.S. National Reconnaissance Office plans to quadruple the number of satellites on orbit over the next decade. It will need commercial space companies to help do it. The spy agency’s success toward that goal will involve “a combination of our partnerships with industry, the advancement of technology, and the coincident reduction in cost of all of those [launch and satellite] systems,” said NRO Director Chris Scolese, in a rare interview for CNBC’s “Manifest Space” podcast. “It’s helped us improve our reliability so that we can achieve more with more capability at a lower cost,” he said. The ambitious game plan speaks to the growing role of commercial space companies in national security work. As startups multiply and spearhead technological advancements, government agencies are attempting to reduce some of the red tape around government contracting and are getting more creative in the ways they partner with industry. The NRO is no exception.”

45. Kenya: Inside the National Intelligence Service: A Closer Look at Kenya’s Security Apparatus

This paper was published by SSRN on May 24th with its abstract stating that “espionage, the act of obtaining confidential or sensitive information without permission, has been part of human history for centuries. From ancient spies to modern-day intelligence agencies, espionage has been used for a variety of purposes, including national security and political gain. In this article, I delve into the national intelligence service, exploring its history, techniques, and impacts on individuals and society. Whether you are a history buff or simply interested in the world of intelligence gathering this article will provide a comprehensive overview of the fascinating and often controversial world of espionage. I must however warn you that whatever you are about to read is not classified information!”

46. Ukrainian SBU Announces 10 Years Sentence for Russian Informant

On May 25th Ukraine’s Security Service (SBU) announced that “an enemy informant who “leaked” the positions of the defenders of Mariupol will spend 10 years behind bars. The attacker turned out to be a pro-Russian resident of Poltava Oblast. In communication with his acquaintances from Mariupol, he gathered information “in the dark” about the locations and movements of the defenders of the city at the beginning of a full-scale invasion. He passed the received information via Facebook to the so-called “human rights commissioner of the DNR”, which is part of the occupation administration in the captured part of Donetsk region. In the future, the fake “ombudsman” forwarded intelligence to the command of the Russian troops on the eastern front. SBU officers detained an enemy informer in March of last year during counter-subversive measures in Poltava Oblast. According to the results of the investigation, posts with symbols of the communist totalitarian regime, which he distributed through the social network, were also discovered.”

47. United States: Man Who Said He Was Headed to CIA Arrested at Nearby Preschool with AK-47 Rifle in Car

CTV News reported on May 24th that “a Florida man who police say had an AK-47 rifle in his car was arrested outside a northern Virginia preschool after he told officers he was headed to CIA headquarters, police said Wednesday. Fairfax County Police said the man was charged with possessing a firearm at a school, a felony, after his arrest on Tuesday. Police say officers were called to Dolley Madison Preschool in McLean, which is less than a kilometre from CIA headquarters, where they took the man into custody. According to the preschool, the man asked to use the bathroom around 11 a.m. Tuesday but was denied access to the building. The man was unarmed when police responded, but officers searched his vehicle and found the AK-47 as well as a handgun and extensive ammunition, police said. He was arraigned Wednesday at Fairfax County General District Court and is being held pending a preliminary hearing scheduled for July. Online court records do not list an attorney.”

48. Podcast: Jack Barsky | The Spy Who Didn’t Come Home

On May 25th the Blenheim Partners published a new podcast episode. As per its description, “in the latest episode of the No Limitations podcast The Spy Who Didn’t Come Home, Blenheim Partners’ Gregory Robinson speaks with Jack Barsky, a former agent of the KGB, the foreign intelligence and domestic security agency of the Soviet Union. In a fascinating and revealing discussion, Jack shows us both sides of the Iron Curtain as we delve into the world of espionage. We uncover his story from his beginnings as a high-achieving student recruited by the KGB through the East German Stasi, trained in Moscow and eventually inserted into the United States. We hear of his missions, the near misses that risked blowing his cover and the lead up to his fateful encounter with the FBI. Originally from East Germany, Jack was recruited by the KGB as a university student and later infiltrated the United States where he spent ten years spying for the Soviet Union. He severed his relationship with the KGB in 1988 and pursued a corporate career in information technology. He was eventually discovered by the FBI. Today, Jack is an American citizen who is taking advantage of one last chance to live a normal life. In 2017, Jack released a book about his experiences Deep Undercover: My Secret Life and Tangled Allegiances as a KGB Spy in America. He is also the subject of a 12-part podcast series The Agent which was released in 2021. Please note: this episode was recorded on 14 April 2023.”

49. Spy Way of Life: Grace Café, Where European Intelligence Officers Like to Take Tea in Paris

This week’s selection for Intelligence Online’s Spy Way of Life was the Grace Café, in Paris, France. As per the article, “this week, Intelligence Online explores the Grace Café in Paris, where official and semi-official representatives of the intelligence services from the surrounding embassies are often to be found.”

50. Russia: SVR Announces Bust of Fitin at Karasulsky School

On May 22nd Russia’s Foreign Intelligence Servive (SVR) issued this announcement stating that “on May 14, veterans of the Russian Foreign Intelligence Service from the club “101” visited the Karasulsky rural settlement of the Ishimsky district of the Tyumen region and presented a gift from the Moscow sister school named after P. M. Fitin On November 12, 2022, within the framework of the federal project “Support for Rural Schools by Schools in the City of Moscow”, with the direct participation of the Foundation for Supporting Youth Initiatives and Healthy Lifestyle “Our Choice is the Little Motherland”, the Department of Vocational Guidance and prior to university training, TIU signed an agreement on cooperation between the Moscow school 1694 “Yasenevo” named after Pavel Mikhailovich Fitin and Karasul secondary school of the Ishim district. Pavel Mikhailovich Fitin is the legendary head of the Soviet foreign intelligence during the Great Patriotic War, whose fate is closely connected with the Tyumen region. All members of the delegation noted the importance of the event and its significance in the development of the Karasul school. According to the head of the rural school, Alexander Mikhailovich Kuchera, such visits contribute to the exchange of experience in patriotic education. The Moscow guests visited the school museum,S talked to the cadets from the children’s creativity circle “Cricket” at the October rural library.”

51. LA Confidential: What’s a Hollywood Producer Doing on the Board of NSO’s Parent Company?

On May 24th CTech published this article saying that “Robert Simonds, a Hollywood producer with ties to China, recently began serving as a director in the holding company that owns all the shares of the Israeli spyware developer NSO, Calcalist has learned. Simonds is one of the only two directors in the holding company, Dufresne Holding, alongside Omri Lavie, the founder of NSO who also owns all the shares of the holding company. As far as is known, Simonds has no practical or business experience related to NSO’s fields of activity, but in addition to his production company, he has served as a director in several companies and entities in different fields of activity. Until the beginning of 2023, NSO was owned by a group of investors, who acquired control of the company from the Francisco Partners fund in 2019 in a joint transaction with the founders, Shalev Hulio and Omri Lavie. The controlling owners were represented by an American company called BRG Novalpina. Another interested party in NSO is a syndicate of lenders (which includes Credit Suisse, Senator Investment Group, and Birch Grove Capital), which loaned the company half a billion dollars as part of the procedures to buy back shares from the Francisco Partners fund. This debt created a significant financial burden on NSO, especially after it was blacklisted by the US Department of Commerce in 2021.”

52. Moscow Has Extended the Detention of Journalist Evan Gershkovich Accused of Espionage by 3 Months

24 Chasa reported on May 23rd that “the court in the Lefortovsky district of the Russian capital extended by three months the detention period of Evan Gershkovich, the correspondent of the American newspaper “Wall Street Journal”, who was arrested on suspicion of espionage, TASS reported, referring to the press service of the court. “By decree of the Lefortovsky District Court in the city of Moscow dated May 23, 2023, the term of detention in relation to Evan Gershkovich, accused of committing a crime under Article 276 of the Criminal Code of the Russian Federation (espionage — note ed.), has been extended by three months and one day, i.e. until August 30, 2023,” said a representative of the court’s press service. Earlier, investigators from the Federal Security Service (FSS) of the Russian Federation asked the court in Moscow’s Lefortovsky district to extend the remand “in custody” of Gershkovich, who was detained in Yekaterinburg in March on an espionage case.”

53. Ukrainian SBU Detained Russian Agent in Toretsk

On May 24th Ukraine’s SBU announced that they “detained a Russian agent who “leaked” the positions of the Defence Forces near Bakhmut and Avdiivka. The perpetrator collected intelligence on the deployment and movement of the Defence Forces in the Bakhmut, Avdiivka and Toretsk districts. SBU officers detained three of his accomplices last December. It has been established that this suspect traveled around the territory of the frontline cities and covertly photographed the positions of the Ukrainian troops, as well as marked their coordinates on electronic maps. The Russian agent passed the received information to his “handler” from the controlled aggressor “MDB DNR” in the temporarily occupied Horlivka. The invaders planned to use the received information to launch rocket and artillery attacks on the positions of the units of the Defence Forces. However, the counter-intelligence officers of the Security Service promptly exposed the enemy henchman, documented his criminal activities and detained him. During the detention, the person involved was in a hiding place, which he arranged in advance on the territory of his own home to hide from the law enforcement officers. According to the investigation, the accomplice of the Russian Federation is a 32-year-old resident of Toretsk, who is in the close circle of one of the leaders of the “MDB DNR” in occupied Horlivka. To communicate with the “handler”, the enemy agent used a well-established anonymous electronic communication channel, and transmitted intelligence in the form of photographs with a detailed description of the sites. During the search of the suspect’s place of residence, a mobile phone with evidence of conspiratorial correspondence with the enemy was found hidden in the wall.”

54. Russian Intelligence Ship Seemingly Hit by Ukrainian USV

The Naval News reported on May 26th that “the Russian Ministry of Defence (MoD) claimed an attempted attack on one of its intelligence vessel by Ukraine was thwarted, releasing a video as proof. A day later, Ukraine leaked its own video which seems to tell a whole different story. Here is what we know. On May 24, 2023, the Russian MoD released a video showing an unmanned surface vehicle (USV) attacking the Russian intelligence ship Ivan Khurs in the Black Sea, approximately 140 kilometers north-east of the Istanbul Strait. Ivan Khurs is a Yuriy Ivanov class (Project 18280) SIGINT intelligence collection ship (also known as AGI). In the video, the attack of a maneuvering USV can be clearly seen. The Russian ship attacked the surface drone with a machine gun (probably a 14.5 mm gun), causing the USV to explode. Given the power of the explosion, one can assume that it was fully loaded with explosives.”

55. Syria: 2 Agents of MIT at Grip SDF

Hawar News Agency reported on May 25th that “on Thursday, SDF’s Media Center issued a statement revealing the arrest of two agents of the Turkish occupation state, stating: “Within the framework of its military and security tasks to pursue cells of the terrorist organization ISIS and dismantle the agents’ cells of the Turkish occupation in NE, Syria, the special units of the Syrian Democratic Forces arrested two agents recruited by the Turkish occupation intelligence to obtain information about the locations of the security and military forces and centers of the Autonomous Administration institutions in addition to Identifying the commanders of the forces, as they received money in exchange for involvement in that information. During the investigations with the two collaborating mercenaries, they admitted to transferring information and coordinates to military sites belonging to the military councils of the Syrian Democratic Forces in Tal Tamr, Zergan, Amuda, and Darbasiyah, which were recently bombed by the Turkish occupation, during which a number of fighters were martyred, and they also admitted to transmitting information about the movements of leaders. Our forces and their identification, including Rezan Gilo, the co-chair of the Martyrs’ Families Foundation, who was subjected to an assassination attempt by a Turkish occupation drone last year. The mercenary agent, Elias Muhammad al-Rahil, born in Darbasiyah in 1998, who was arrested by our forces and involved in many espionage activities, confessed, during interrogations with him, to transferring pictures and coordinates of dozens of military and service sites in Zergan, Amuda, and Darbasiyah to the Turkish occupation, and upon checking the information and coordinates that presented by the agent Elias, showing that many of them were exposed to air and artillery bombardment during the last period, and the client also admitted to identifying the leaders of the Syrian Democratic Forces and providing information about their movements to the Turkish occupation, including the co-chair of the Martyrs’ Families Foundation, Rezan Gilo, who survived an assassination attempt as a result of being targeted by a Turkish occupation drone. over the past year. The mercenary agent, Elias al-Rahil, admitted to going to Turkey and meeting with members of the Turkish intelligence services, where he offered them cooperation in return for money. As for the mercenary agent, Hamid Khalil Al-Ahmad, born in Kharaz Amouda in 1998, he admitted during his interrogation that he had direct contact with a member of the Turkish intelligence, and he transferred information related to more than twenty military, security and service sites in Zergan, Amuda and Darbasiyah, where one of those points in the village of Kharazah was attacked. Turkish air strikes, during which two fighters of the Self-Defense were killed. As soon as the investigations with the two clients were completed, they were handed over to the justice institutions.”.”

56. US Senator Hopes Serbia Adopts Russia Sanctions as Serb Spy Chief Travels to Moscow

On May 25th the ABC News reported that “a U.S. senator on Thursday said he hopes Serbia would adopt Western sanctions against Russia over its invasion of Ukraine, telling the Balkan country that “there is no future” in an alliance with Moscow. “Russia’s invasion has been an absolute disaster and my belief is that Russia is ultimately going to lose this conflict,” Sen. Chris Murphy (D-Conn) told reporters in the Serbian capital Belgrade. Serbia is the only country in Europe that has not imposed any sanctions on Russia. “The future for Serbia is with the European Union and with the United States not with Russia,” Murphy said. “There is no future with Russia. They (Russia) are going to be devastated, a permanent pariah internationally after this invasion.” Though Serbia is formally seeking EU membership and has condemned the invasion at the United Nations, Belgrade has maintained its historically friendly relations with Moscow. Murphy’s visit to Belgrade came as Serbia’s staunchly pro-Russian intelligence chief Aleksandar Vulin travelled to Moscow for a security conference. Serbia is also one of few countries with direct air links to Russian cities and is almost completely reliant on Russia for energy supplies. Asked about Vulin’s visit to Russia, Murphy replied that “obviously Russia is searching for friends these days,” but that it is not ”constructive” for any nation to stand by Russian President Vladimir Putin.”

57. The Remarkable Story of the Greek Spy Who Helped Defeat the Nazis

Greek Reporter published this story on May 25th saying that “the story of Helias Doundoulakis is like a great war movie. It is the story of the Greek spy who helped Greece and the United States win the war against the Nazis. A true hero, the Greek American worked as a spy during World War II and helped in the liberation of Crete and the eventual victory of the United States against Germany’s Nazi regime. Furthermore, the story of Helias Doundoulakis is also the fascinating story of America’s first national intelligence agency, the Office of Strategic Services (OSS).”

58. New Pakistani Cyber Espionage Operation Targeting India’s DRDO

On May 26th cyber security researcher Yogesh Londhe discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as SIDECOPY, previously associated with Pakistan. The operation involved a lure document titled “Performa’s feedback\Performa’s feedback.docx.lnk” and targeting India’s Defence Research and Development Organisation (DRDO). If opened, the document was covertly installing a cyber espionage software implant.

59. Kazakhstan Has Become a Pathway for the Supply of Russia’s War Machine. Here’s How It Works

The OCCRP published this investigation stating that “Western sanctions are meant to prevent Russia from supplying its military from abroad, but sensitive electronics are still getting through. Reporters traced several of these supply chains through Kazakhstan — and found that they run through companies newly established by Russians.” The key takeaways are: “Trade statistics show large increases of drone and microelectronics imports to Kazakhstan since Russia’s full-scale invasion of Ukraine in early 2022. Kazakhstan’s exports of drones and microelectronics to Russia have also grown enormously. Kazakh companies registered by Russians after the war are being used as intermediaries for these imports. One company called Aspan Arba, meaning “Sky Chariot,” imported drones and sent them to a Russian company called “Sky Mechanics,” which sold them to pro-war organizations. The two companies have the same owner. A German company owned by a Russian couple sent microchips to a Kazakh company, established shortly after the invasion, owned by their son. It then sent the chips to Russia.”

60. Turkey Detains 30 People Over Alleged Gülen Links

The Stockholm Centre for Freedom reported on May 25th that “thirty people, including active duty and dismissed military officers, have been detained on warrants issued by Turkish prosecutors for alleged links to the Gülen movement, a faith-based group accused by the government of “terrorist” activities, according to local media reports. As part of an investigation launched by the İstanbul Chief Public Prosecutor’s Office, detention warrants were issued on Thursday for 33 individuals over alleged Gülen links. Turkish police conducted operations in nine provinces and detained 30 of the suspects. The accusations against the suspects include secretly communicating with their contacts within the movement via payphones. The detention warrants were issued based on lists drafted by the country’s National Intelligence Organization (MİT) detailing people who used payphones.”

61. Albania Releases Russian, Ukrainian Citizens Held on Spying Charges

Following 2022 week 33 story #71, 2022 week 34 stories #16 and #88, 2023 week 8 story #1, 2023 week 9 story #86, and 2023 week 18 story #78, AA reported on May 26th that “an Albanian court has decided to release the citizens of Russia and Ukraine arrested last August on spying charges. Svetlana Timofeeva, a blogger, was arrested on Aug. 20 along with another Russian and a Ukrainian, while trying to enter a military facility in Albania. She is also facing spying charges back in Russia for “illegally obtaining information constituting a state secret.” The Elbasan Court of First Instance said in a statement on Thursday night that a decision was made to drop the detention order of Mikhail Zorin, Fedir Alpatov, and Svetlana Timofeeva, who are under investigation. The investigations against them would continue freely, the statement added. Meanwhile, another Russian citizen, Mikhail Zorin, was placed under house arrest. Russian authorities asked for Timofeeva’s extradition in January, but the request was turned down by the court. A court statement said Timofeeva did not consent to the extradition and asked to remain in Albania. In Albania, Timofeeva and the other two suspects are accused of “attacking an officer on duty” and “obtaining confidential information.”.”

62. Canada: Spy Agency-instigated Anti-China Furor Within Canada’s Political Establishment Intensifies After Rapporteur’s Report

On May 26th WSWS reported that “much of Canada’s corporate media and political establishment have reacted with anger and frustration to the interim report that the Independent Special Rapporteur on Foreign Interference, David Johnston, issued Tuesday. Dozens of indignant editorials and op-ed columns have trashed Johnston’s report, as have the Conservative Official Opposition and the Bloc Québécois. They are incensed that Johnston has opposed their months-long demand for a public inquiry into the intelligence agencies’ claims that China is interfering in Canadian politics, grooming candidates and seeking to manipulate election outcomes. This envenomed response is bound up with Washington’s Canadian-backed, ever-accelerating preparations for war with China. In military and other elite circles there is open discussion of the inevitability of a clash with nuclear-armed China, starting as early as 2025.”

63. Russian FSB Preventing Bombing by Ukrainian Agent in Gelendzhik

On May 26th Russia’s FSB announced that they “prevented a terrorist act in the municipal district of the resort city of Gelendzhik, Krasnodar Territory. As a result of the measures taken, a local resident, a supporter of Ukrainian neo-Nazism, a Russian citizen, born in 1981, was detained, who planned to detonate an improvised explosive device on the territory of one of the locations of law enforcement structures in the region. From a cache equipped by the radical in a wooded area on the outskirts of the settlement, a ready-to-use improvised explosive device was seized, and components for the manufacture of IEDs were found at the address of residence. Instructions for assembling explosive devices and their use were found in the means of communication, obtained from internet communities administered by militants of Ukrainian nationalist formations. A criminal case has been initiated under part 1 of article 30, part 1 of article 205 (preparation for a terrorist act) of the Criminal Code of Russia. The terrorist was taken into custody.”

64. Ukrainian SBU Detains Russian Agent in Mykolaiv

On May 26th Ukraine’s SBU announced that they “detained a Russian informant who was spying on the positions of the Defence Forces in the south of Ukraine. The attacker turned out to be a resident of the regional centre, whom the Russian intelligence service engaged in secret cooperation at the beginning of this year. On the instructions of the aggressor, he independently went around the territory of the city and the surrounding areas and secretly recorded the sites of the Defence Forces on his phone camera. First of all, the enemy was interested in the locations of the Ukrainian defenders, the number of personnel and available weapons. In addition, the person involved determined the coordinates of key transport communications, their “congestion” and the possible movement of convoys with ammunition. Intelligence was needed by the invaders to adjust airstrikes on Ukrainian locations. SBU officers detained the intruder while he was carrying out an enemy mission. According to the investigation, he came to the attention of the Russian intelligence services due to his destructive activity in one of the pro-Kremlin Telegram channels, where he wrote anti-Ukrainian comments. During the search, computer equipment and electronic media that he used to store and transmit intelligence to the aggressor were found. Investigators of the Security Service informed the detainee about the suspicion. He is currently in custody. The perpetrator faces up to 12 years in prison. Counter-subversion measures were carried out by SBU officers in the Mykolaiv region under the procedural guidance of the regional prosecutor’s office.”

65. Israeli Spies Targeting People with Ties to Iran is a ‘Well-crafted Story’

Following this week’s story #23, the Jerusalem Post published this article on May 26th stating that “an alleged Israeli spy ring targeting people with ties to Iran is Turkey’s latest espionage accusation against its renewed ally. The pro-government Daily Sabah newspaper reported on Tuesday that Turkish authorities caught 11 people working for the Mossad, Israel’s intelligence agency. The report comes less than a year after the two countries restored diplomatic relations. The outlet cited a statement from MIT, Turkey’s intelligence agency, that alleged that the agents were spying on people with trade ties to Iran. The communications office of Turkish President Recep Tayyip Erdoğan did not respond to a request from The Media Line to see the MIT statement.”

66. United States: Defence Rests in Espionage Case Against Two Maryland Doctors

Following 2022 week 39 story #11, WBAL reported on May 27th that “week one of the federal conspiracy trial is in the books for the married Maryland doctors accused of trying to be Russian assets. Their defense team rested its case Friday. Dr. Anna Gabrielian and her husband, Dr. Jamie Lee Henry, are charged with conspiracy to try and help Russia by leaking private medical records of patients at Johns Hopkins and U.S. Army hospitals.”

67. How Foreign Businesses Can Avoid China’s Espionage Trap

The Hill reported on May 26th that “China’s leaders have pledged “unswerving” support for foreign investment, but authorities there are aggressively investigating consulting firms that facilitate those investments. How should the foreign business community react — and how can honest companies stay out of trouble? The career intelligence officers reportedly leading the investigations are employing the classic Chinese tactic of “killing the chickens to scare the monkey.” They are making public examples of Bain, Capvision Partners and Mintz Group by detaining employees and closing local offices based on broad, unsubstantiated claims of espionage and threats to national security. The Chinese refusal to define relevant offenses clearly, or to specify alleged wrongful acts, reflects the longstanding Chinese practice of issuing vague, broadly worded regulations that could have a catastrophic impact on business operations. In the absence of official clarification, businesses must guess at implications as they hope to avoid worst outcomes. A wide variety of possible explanations have surfaced in the press in recent weeks. Some speculate that the crackdown is part of a wider effort to control publicly available information in China. Others assert that information shared through privately organized export networks sparked concern. Still others believe that Chinese authorities are determined to prevent information exchanges facilitating enforcement of foreign sanctions in China. There is even the suggestion that Maoist ideology explains the current harassment.”

68. Greece: EYP Team Leader from the Surveillance Scandal Transferred to Mykonos Island

On May 26th the Greek Edolio5 reported that “the picturesque windmills that are the hallmark of the island of the winds are also laughing! An “unfavourable” transfer to the Police Directorate of Mykonos was received by an Hellenic Police Sergeant who belonged to the group of officers who were allegedly involved in the management of the illegal software “Predator” in EYP and had proceeded with a relevant statement before the judicial authorities which of course as he said all the surveillances were done legally without himself knowing which persons were the target but only the cell phones. So, according to data presented during the judicial investigation into the wiretapping case, the management of the illegal software “Predator” through which data was stolen from more than 100 phones of politicians, government officials, businessmen, journalists with the mission of illegal software through the anagram of edolio5.blogospot[.]com as blogspot.edolio5[.]com (among which, as already revealed, Aris Spinos) etc. existed from the EYP facilities in Agia Paraskevi. Police officers who had been transferred to the EYP, mainly from the Organised Crime Prosecution Sub-Directorate of Athens, but also from other police services, were present at the specific area. This group was allegedly headed by a police officer, (the well-known Vangelitsa) who we have mentioned in a related report, who had many years of presence in the above-mentioned police sub-directorate but also in other services of the security services. This particular officer allegedly co-signed the request to monitor the leader of PASOK/Movement for Change political party, Nikos Androulakis. The names of all the police officers, such as Christos H., Ilias K., Panagiotis T., Ioannis Gr., Kostas P. (some with the rank of sergeant, officer, etc.), are said to have been filed with the judicial authorities and many of them were called to testify in the said case. According to some information they denied that they performed any suspicious actions. After the disclosure of the wiretapping case through “Predator” and the reported involvement of the police officers in question, there was an order for their immediate withdrawal from the EYP and their “dispersion” in various police stations of Athens (mainly in the centre of the capital, in the western suburbs, etc.). However, several of them subsequently moved to General Police Directorate’s central services on Alexandras Avenue. Among them the aforementioned Sergeant, who immediately after his return to the police headquarters (despite the hints for his involvement in the wiretapping case) moved on to the beautiful Aegean island possibly taking with him some audio mementos for the cool summer evenings.”

69. Belgian FM Comments on Release of Country’s Spy from Iran

Following 2023 week 1 story #36 and 2023 week 9 story #77, Mehr News reported on May 26th that “in a tweet on Friday, Lahbib wrote that Olivier Vandecasteele was freed after 455 of imprisonment. “He is scheduled to arrive in Belgium tonight, following 15 months of intense and discreet diplomacy,” she added. “We extend our heartfelt gratitude to all those who worked tirelessly for his release,” the top Belgian diplomat continued. Earlier on Friday, the Omani foreign ministry announced in a statement that the country’s mediation between Iran and Belgium was successful in resolving the issue of the detained citizens of the two countries. Following the agreement, Asadollah Asadi, the Iranian diplomat detained in Brussels, was exchanged with Vandecasteele.”

70. United States: Bill Gates’ Alleged Former Lover Mila Antonova Linked to Notorious Russian Spy Anna Chapman

RADAR Online published this story on May 26th saying that “Bill Gates’ alleged former lover, Mila Antonova, was recently linked to a notorious Russian spy, RadarOnline.com has learned. In a startling development to come just a few days after Gates was accused of carrying out an affair with Antonova while still married to his then-wife Melinda French Gates in 2010, a bombshell photo surfaced of Antonova and Moscow spy Anna Chapman together in New York City. The photo surfaced during an investigation carried out by Daily Mail this week, and it appears to show the pair together less than one year before Chapman was arrested by the FBI in connection to “long-term” and “deep-cover” assignments she allegedly carried out across the United States. According to Daily Mail, Chapman, 41, was arrested in June 2010 alongside a network of other Russian spies placed across the U.S. Chapman reportedly moved to New York City in 2009 shortly after procuring a United Kingdom passport by marrying an English gentleman. The photo of Antonova and Chapman together in New York was reportedly snapped just a few months before the spy’s arrest and, although it is unclear whether Antonova was aware of Chapman’s undercover proclivities, the link indirectly connects Gates to Chapman as well.”

71. Podcast: CIA Agent’s Personal Tour of Washington DC’s Espionage Hot Spots with Rosanna Minchew

The Vogel Twins published this video on May 22nd. As per its description, “today, we’re thrilled to be joined by Rosanna Minchew, a spy guide and expert on the history and culture of espionage in Washington DC. As a guide for Spytours, Rosanna has led countless visitors on an immersive journey through the secret world of spies, sharing fascinating stories and little-known facts along the way. Today, she’s here to give us a glimpse into that world and share some of her own experiences and insights.”

72. Ukraine’s SBU Uncovers How They Blew up the Crimean Bridge Last October and the Sevastopol Russian Ship Attack

On May 27th Ukraine’s SBU announced that “Head of the SBU Malyuk revealed the details of the blowing up of the Crimean bridge and the October attack on the Russian ship in Sevastopol. The successful attack by naval drones on the ship of the Black Sea Fleet of the Russian Federation in the Sevastopol Bay in October last year was a planned special operation of the SBU. And the Crimean bridge, as a logistical route for Russian troops, is a legitimate target for Ukraine. The Head of the Security Service of Ukraine, Vasyl Malyuk, told Dmytro Komarov about this in the film “Year. Behind the scenes”. He disclosed the details of some high-profile special operations conducted by the SBU during the war. “Regarding the situation with the Crimean fleet, namely the attack by water combat drones, the SBU was the author of that operational plan and implemented it,” said Vasyl Malyuk. According to him, the SBU conducted a unique special operation that damaged Russian ships together with the Ukrainian Navy. Regarding the blowing up of the Crimean bridge, Vasyl Malyuk believes that it is still too early to release information about the details of the special operation to the general public, so as not to provide additional data to the enemy. “According to the norms of our current legislation and international, customs and traditions of warfare, and taking into account the fact that it was a logistical route that we were obliged to cut to the enemy, certain such measures were carried out. In their own way, they (the Russians — note) describe it as a terrorist attack. They imprisoned more than 20 of their fellow citizens, they incriminate each of them with certain complicity,” the Head of the SBU noted. Vasyl Malyuk also added that representatives of Western intelligence services note the high professionalism of the Security Service of Ukraine and in many respects adopt our experience. In addition, in his interview with Dmytro Komarov, Vasyl Malyuk talked about the SBU’s contribution to the defense of Ukraine and the future victory, the de-occupation of Ukrainian territories, the work of counter-intelligence and the exposure of traitors, opposition to Russian special services and much more.”

73. Former Serb Prime Minister Zoran Djindjic’s 2003 Murder Remains Unsolved

The Covert Action Magazine published this article on May 27th stating that “suspicion lingers that he was killed with the assistance of the CIA or other Western intelligence services when he began to question U.S. regional designs in the aftermath of the 1990s Balkan Wars. On March 12, 2003, Serbian Prime Minister Zoran Djindjic was fatally wounded by a gunshot while entering the Serbian government building where he was supposed to meet the foreign minister of Sweden. According to the official verdict, a member of Serbia’s Special Operations Unit (JSO), Zvezdan Jovanović, fatally shot Djindjic from the window of a building approximately 180 meters away. However, according to Milan Veruović, Djindjic’s bodyguard who was also wounded in the attack, the shots had to have come from the opposite direction; that there were three shots instead of two; and that there were two snipers. In September 2014, Veruović and journalist Nikola Vrzić published a book, The Third Bullet: The Political Background of the Assassination of Zoran Đinđić, which concluded that “the expertise on which the official version is largely based, is completely untenable, contrary to the laws of physics and the physical evidence and the testimony of witnesses. Many material proofs were not analysed.” To discover the political background, the authors analyzed Djindjic’s political activities over a period of several months before his death, finding that “he had become a threat to the Pax Americana,” which could be seen in his relationship with The Hague Tribunal on Yugoslavia to which he “didn’t want to hand over war archives and generals.” Djindjic further mentioned the revision of the Dayton Agreement questioning the independence of Republika Srpska if the issue of Kosovo and Metohija is not discussed (via UN Resolution 1244). In the last interview he gave on March 6, 2003, Djindjic expressed concern that his Western allies “are not honest friends of Serbia and are not willing to discuss the Kosovo issue, but rather,” he suspected, “under wraps working on its independence.” After his death, his “self-proclaimed successors” completely turned his policy in favor of Western interests; and all the threats to the Pax Americana were gone.”

74. CIA Special Activities Center: The Third Option

Grey Dynamics published this article on May 27th saying that “the Special Activities Center (SAC) is covert action and paramilitary operations division of the CIA, also known as the “Third Option”. The first option being diplomacy and second option military action.”

75. UK Weighing Up Options for Prometheus 2 Satellite Successor

On May 26th Janes reported that “the UK is investigating several options to replace the Prometheus 2 satellites destroyed during the failed Virgin Orbit launch in January 2023. Speaking with Janes on the Prometheus 2 successor, Head of Space Capability at UK Space Command Commodore Dave Moody said one possible option would be to repeat the project as before. The other option would involve developing satellites with more advanced instruments. Developing a successor would depend on whether the project receives additional funding as well as all the necessary approvals and support from international partners. If this is achieved, he expects the new satellites will be more advanced versions of their predecessors, considering technology has progressed.”

76. Spymaster: Lee Yi-Jin, Singapore’s Digital Intelligence Chief, Defines Scope of Defence Cyber Influence

On May 26th Intelligence Online published this article stating that “six months after the official creation of Singapore’s Digital and Intelligence Service (DIS), General Lee Yi-Jin is defining the defence ministry’s role in the information wars while also heading military intelligence.”

77. Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption

On May 22nd WIRED reported that “Spain has advocated banning encryption for hundreds of millions of people within the European Union, according to a leaked document obtained by WIRED that reveals strong support among EU member states for proposals to scan private messages for illegal content. The document, a European Council survey of member countries’ views on encryption regulation, offered officials’ behind-the-scenes opinions on how to craft a highly controversial law to stop the spread of child sexual abuse material (CSAM) in Europe. The proposed law would require tech companies to scan their platforms, including users’ private messages, to find illegal material. However, the proposal from Ylva Johansson, the EU commissioner in charge of home affairs, has drawn ire from cryptographers, technologists, and privacy advocates for its potential impact on end-to-end encryption. For years, EU states have debated whether end-to-end encrypted communication platforms, such as WhatsApp and Signal, should be protected as a way for Europeans to exercise a fundamental right to privacy — or weakened to keep criminals from being able to communicate outside the reach of law enforcement. Experts who reviewed the document at WIRED’s request say it provides important insight into which EU countries plan to support a proposal that threatens to reshape encryption and the future of online privacy. Of the 20 EU countries represented in the document leaked to WIRED, the majority said they are in favor of some form of scanning of encrypted messages, with Spain’s position emerging as the most extreme. “Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption,” Spanish representatives said in the document.”

78. Germany: Wanted Spies: No Remote Work and Must Leave Cell Phone at Home

Reuters reported on May 22nd that “intelligence services are finding it harder to recruit staff since the pandemic as prospects want to work from home and would rather not part with their personal cell phones, the head of Germany’s foreign intelligence service BND said on Monday. “We cannot offer certain conditions that are taken for granted today,” said Bruno Kahl, who described finding enough and the right staff as a great challenge as baby boomers are heading into retirement. “Remote work is barely possible at the BND for security reasons, and not being able to take your cell phone to work is asking much from young people looking for a job,” he added. Some 6,500 people work for the BND, according to its homepage.”

79. UK: After Clearing MI5 of Torture, Keir Starmer Attended Its Chief’s Leaving Party

DeclassifiedUK reported on May 25th that “the year after Starmer protected Sir Jonathan Evans from possible prosecution over MI5’s role in CIA torture, the then senior public prosecutor went to the spymaster’s farewell drinks, paid for by MI5. Starmer refused to prosecute MI5 for its role in the torture of Binyam Mohamed, which “delighted” the agency’s chief Jonathan Evans; Evans tells Declassified Starmer attended his MI5 leaving party the following year, but “does not now recall” if he spoke to Starmer; Evans could have been criminally liable if Starmer had decided to prosecute MI5; Declassified could find no record of any other Director of Public Prosecutions socialising with the head of MI5; But Starmer does not respond to Declassified’s questions about his attendance at the MI5 party; Starmer also attended “networking reception” for Foreign Office ministers three months before he announced his decision not to prosecute MI6, an agency overseen by those ministers”

80. United States: ISA: Soldier Spies of the Intelligence Support Activity

On May 27th Grey Dynamics published this article. As per its introduction, “The Intelligence Support Activity (ISA), the 1st Capabilities Integration Group (Airborne), or simply The Activity is a component of the US Army and acts as a dedicated intelligence group for JSOC. ISA has gone by many names over the years but its current one is not public knowledge.”

81. CIA Officers Admitted the Agency Ran Drug Traffic During Indochina Wars

The Covert Action Magazine published this story on May 25th saying that “in new memoir, CIA expert shares interviews he conducted with CIA paramilitary officers who spilled the beans about CIA drug trafficking along with other major crimes. In 1991, during the 1st Persian Gulf War, investigative journalist Douglas Valentine traveled to Thailand and interviewed a group of legendary CIA officers who had helped run the secret war in Laos and other clandestine operations in the Indochina Wars. Among them was Anthony Poshepny (aka Tony Poe), the prototype for Colonel Kurtz in Francis Ford Coppola’s epic 1979 film Apocalypse Now — a covert warrior who went off the deep end and established a secret jungle enclave where enemy body parts were displayed. Now 66, Poshepny lived at the time in a big, beautiful home in a fancy neighborhood in Udon Thani, Thailand, home of a major U.S. air base during the Indochina Wars used for carrying out secret bombing missions over Laos.”

82. Ukrainian Hackers Obtained a Unique Photo of the Commander of Military Unit 26165 Wanted by the FBI for Meddling in US Elections

The Inform Napalm published this investigation on May 23rd. As per its introduction, “Ukrainian hackers of the “ Cyber ​​Resistance” team, together with volunteers from the international intelligence community InformNapalm, carried out a unique special operation, during which they managed to hack the email of the wife of the commander of the 85th Main Centre of the GRU intelligence service (military unit 26165), who is one of 12 Russian intelligence officers, wanted by the FBI for meddling in the 2016 US election. The sensationalism of this hack is that the hackers managed to get the only unique photo and some other personal documents of Colonel Viktor Borisovich Netyksho, who headed military unit 26165 until 2018 and oversaw the actions of Russian hackers in uniform, guilty of cybercrimes committed against a number of countries. Netyksho was the immediate superior of another Russian hacker, Lieutenant Colonel Sergey Alexandrovich Morgachev, who had been hacked by Ukrainian hackers earlier and it became a sensation in the Western media.”

83. Leaked Report: “CIA Does Not Know” If Israel Plans to Bomb Iran

On May 24th The Intercept published this article saying that “whether Israel’s escalating threats of war with Iran over its nuclear program are saber-rattling or something more serious is a mystery even to the CIA, according to a portion of a top-secret intelligence report leaked on the platform Discord earlier this year. The uncertainty about the intentions of one of the U.S.’s closest allies calls into question the basis of the “ironclad” support for Israel publicly espoused by the Biden administration. The report — which was first covered by the Israeli channel i24 News and subsequently posted by DDoSecrets, a group that publishes leaked documents — reveals an undisclosed military exercise conducted by Israel. “On 20 February, Israel conducted a large-scale air exercise,” the intelligence report, produced by the Office of the Director of National Intelligence on February 23, states. The exercise, it says, was “probably to simulate a strike on Iran’s nuclear program and possibly to demonstrate Jerusalem’s resolve to act against Tehran.” There have been several joint U.S.-Israeli military exercises in recent months, including one proudly billed by the Pentagon as the largest “in history.” “CIA does not know Israel’s near term plans and intentions,” the report adds, speculating that “Netanyahu probably calculates Israel will need to strike Iran to deter its nuclear program and faces a declining military capability to set back Iran’s enrichment program.”.”

84. IDET 2023: Inflatable Leopard 2A4 Decoys ent to Ukraine

Janes reported on May 26th that “inflatable Leopard 2A4 tank decoys are being supplied to Ukraine, Janes learnt at the International Defence and Security Technology Fair (IDET) 2023 held in Brno, Czech Republic, from 24 to 26 May. At the show, Czech-based company Inflatech displayed Leopard 2A4 and Czech STARKOM communication jammer inflatable decoys. The decoys are designed to deceive and mislead an enemy by simulating objects and for use in electronic warfare training. The Leopard 2A4 decoy weighs 44 kg and the STARKOM decoy 35.2 kg. Their optical granularity is 0.2 m, thermal granularity is 0.6 m, and electronic granularity is 4 m, according to Inflatech. The company claims that they appear to an RQ-20 unmanned aerial vehicle as a real object from approximately 1,500 m. The decoys can be inflated by a 150 ccm four-stroke petrol or diesel engine and take two people 10 minutes to deploy or pack. It is stable in winds up to 15 m/s, according to Inflatech.”

85. CIA Front Company Extends Intrusive Surveillance Operations in Lithuania Under Pretext of New Cold War

Covert Action Magazine reported on May 22nd that “creation of Orwellian surveillance apparatus belies claim that the U.S. is upholding democracy in the face of Russian authoritarianism. On April 26, Palantir, a data analytics company founded with CIA seed money, announced an expansion of its operations in Lithuania after entering into a strategic partnership with Lithuania’s Ministry of Defense. This announcement exemplifies how the new Cold War is being used to justify CIA collaboration with a foreign government in advancing intrusive surveillance operations targeting Russia and pro-Russian political elements. It also exemplifies how central the CIA is to the war in Ukraine, as Palantir is playing a key role in the war by tracking Russian military movements and helping Ukraine to coordinate battlefield maneuvers. The U.S. claims to be supporting democracy against Russian and Chinese authoritarianism; however, Palantir’s methods are right out of George Orwell’s 1984. While Western media consistently highlight the alleged human rights atrocities of Belarus’s socialist, pro-Russian government led by Alexander Lukashenko, it is silent on the intense political repression targeting socialists and anti-fascists in Lithuania, which will only be enhanced by Palantir’s growing presence.”

86. SIGINT Historian: Who was ‘Jumbo’ Travis?

On May 23rd former GCHQ departmental historian Tony Comer published this article. As per its introduction, “I’ve had a couple of questions recently about ‘Jumbo’ Travis, Sir Edward Travis. He was Deputy Head of GC&CS from 1919–1942, then Deputy Director (Services) 1942–44, then Director GCHQ until he retired in 1952. Apart from three cryptanalysts (Alexander, Tiltman and Turing) he was the only person to have a room named after him in the Doughnut when GCHQ moved there in 2001. He was obviously a key figure, but he really isn’t well known. He passed for Paymaster in 1909 and might have had a normal Paymaster career, but found himself posted as Secretary’s Clerk to Admiral Jellicoe, the Commander in Chief on 4 August 1914. By 1916 he had been loaned to the Admiralty by Jellicoe for the compilation of cryptosystems to be used by the Fleet, Jellicoe having being astounded at Travis’s breaking the codes used by the C in C himself. When GC&CS was formed in November 1919 Travis became its number two, responsible for GC&CS’s over mission, cipher security. He had a public persona as the UK’s representative at international naval communications conferences, and was also responsible for acquiring the UK’s first Enigma machine (now in the possession of GCHQ).”