SPY NEWS: 2023 — Week 6

Summary of the espionage-related news stories for the Week 6 (February 5–11) of 2023.

1. US Continues Efforts to Recover Debris from Downed Chinese Balloon

Following last week’s story #55, on February 5th it was reported that “the US military is continuing efforts to recover debris from a Chinese balloon to figure out what kind of intelligence China may be trying to collect. The US Department of Defense announced that an F22 fighter jet on Saturday downed the balloon over waters about 11 kilometers off the coast of South Carolina in US airspace. China says it was a civilian-use balloon released for meteorological research. The United States says it was flown to conduct reconnaissance. Senior US military officials said the debris spread out over an area of about 11 kilometers and at a depth of around 15 meters in the sea. The military sent navy divers and vessels to the scene, reportedly with FBI and other counterintelligence officials aboard. The balloon flew over the western state of Montana. A high-ranking Pentagon official said it even flew past sensitive sites. Montana is home to Malmstrom Air Force Base, which has intercontinental ballistic missile silos.”

2. Spycamerasaurus: The Soviet Kiev 30 Subminiature Concealed Camera

On February 5th Spycamerasaurus published this video. As per its description, “the Kiev 30 was manufactured by the Kiev Arsenal between 1974 and 1983. It is a subminature camera which takes 16mm film with a frame size of 13x17mm. There are three shutter speeds. It is suggested by some that modified cameras such as this were used by the KGB and the STASI, and there is anecdotal evidence to support this, however, other agencies behind the Iron Curtain such as the police could have ordered or carried out the modifications these cameras in order to use them for covert purposes. The most famous example of this type of camera is the John Player Special type, which is now acknowledged to have been faked extensively in Poland. This type, however, has more in common with the ‘Hertzegovina Flor’ version manufactured in 1976 which exhibits extensive signs of use and was probably used for covert purposes. The origin of this pack is unknown, but the brand name translates as ‘Standard’ in Tajik.” As well as that “the Kiev 303 was the successor to the Kiev 30 and was manufactured in the 1990s. The camera features the same lens, but now with 1/30 to 1/250 shutter speed. It can focus from 0.5m to infinity with stops marked at 1 and 2m. This camera is concealed within a leather bound notebook. The majority of the pages of the ‘book’ are actually the metal frame of the concealment, with only the top few pages actually made of paper. The camera views out of a hole in the spine of the book. The film is advanced and the shutter cocked by racking the attached pen holder on the side of the book. As with the Kiev 30, there is some suggestion that the camera was manufactured for and used by members of the KGB for covert photography, but given the wide range of specialist cameras produced to order that were available to that organisation, this seems perhaps unlikely. This does not preclude that the camera was used by some other group for this purpose, such as local police units, or perhaps for foreign operations by the Soviet PGU, where possession of a commercially available camera would have been easier to explain away. It is of note that only seven such cameras are known. The Kiev John Player Special camera, now known to have been produced mostly in Poland by entrepreneurs for sale to Western collectors, exists in great numbers. The low numbers of these notebook cameras suggest that perhaps indeed they were produced to order for some special purpose, but by whom is unknown.”

3. Europe’s Decade of the Spy

Politico published this article on February 5th starting by saying that “last month, two Swedish brothers were convicted of spying for Russia’s military intelligence service, the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). But their conviction is just the latest in a fast-growing list of espionage cases across Europe — and while Russia’s been behind most of the spying, Chinese espionage is on the rise too. Increasingly, it’s starting looking like the 2020s may well turn into Europe’s “decade of the spy” — much like the 1980s was America’s. In the 1980s, there were, on average, seven to eight espionage convictions every year in the United States, including high-impact spies like Jonathan Pollard who spied for Israel, Anna Montes for Cuba and John Walker for the Soviet Union. And though the most infamous U.S. moles, Aldrich Ames in the CIA and Robert Hanssen in the FBI, both began their betrayals that same decade, they were eventually unmasked many years later. Similarly, in a preliminary review of court cases in Europe that a colleague and I undertook for the Swedish Defence Research Agency (Sw. FOI), we identified 42 different individuals convicted of espionage in Europe between 2010 to 2021, with another 13 still awaiting trial — 37 of those convicted were spying for Russia. And the number has been accelerating dramatically. From 2014 and 2018, espionage convictions more than tripled compared to those between 2010 and 2013, reaching almost six per year. And since Russia’s war of aggression against Ukraine began, those numbers have been surging: In 2022 alone, at least seven individuals were convicted of spying for Russia, and three for China. Given that a decade ago there were only one to two convictions per year in Europe, this represents a clear step change.”

4. Ukraine’s Defence Minister to Be Replaced with Spy Agency’s Chief, Confirms Zelenskyy’s Close Aide

On February 6th WIONews reported that “Ukrainian President Volodymyr Zelenskyy’s close ally on Sunday said that the country’s Defence Minister Oleksii Reznikov is set to be replaced with the military spy agency’s chief in a wartime reshuffle. Chief of Servant of the People parliamentary bloc and senior lawmaker David Arakhamia said that Reznikov would be given another ministerial position and his position will be filled by the GUR military intelligence agency’s head Kyrylo Budanov. “War dictates changes in personnel policy,” said Arakhamia, using the Telegram messaging app. Replacing of the country’s defence minister would be the highest profile reshuffle in the government amid a slew of sackings and resignations after a corruption scandal took place last month and the president pledged that the nation would meet standards of the West in the aspect of clean governance. Arakhamia said that politicians should not head the “force” agencies of Ukraine, like the defence ministry, in wartime, instead, they should be led by people who have a background in security or defence. He added that the position of minister of strategic industries will be offered to Reznikov. Reznikov, who had earlier stated that it was up to Zelenskyy to decide on the reshuffle, later while speaking to the Ukrainian Fakty ICTV online media said that his reshuffle to the new ministry was news to him. “If I suddenly received such an offer from the president of Ukraine or the prime minister, I would refuse it, because I do not have the expertise,” said Reznikov.”

5. Spy Collection: RACAL Datacom MA-4014B Encryption Unit

On February 6th we published this video. As per its description, “in around 1975 the British RACAL-Datacom produced this cipher device to provide tactical secure communications. It was using a time-division scrambling algorithm resulting in over 40 billion different combinations. Even to this day, most of its history remains unknown.”

6. Germany: Who Spies on Spies?

Following 2022 week 51 story #31, 2022 week 52 story #4, 2023 week 1 stories #32 and #40, 2023 week 2 story #52, and 2023 week 5 story #69, on February 5th Tagesschau published this article starting by saying that “the global surveillance operations of the Federal Intelligence Service (BND) have been monitored by a new authority for a year. How does the Independent Control Council work? A Prussian barracks used to be located on the extensive site in the Berlin district of Lichterfelde-West. The Wehrmacht moved in later, followed by the US military after World War II. Today, behind a brick wall, there is a branch of the Federal Intelligence Service (BND). But the spies now have lodgers. A group of six men and women meet regularly in a small clinker brick building that used to be a horse stable. What they discuss there is one of the best-kept secrets in the country. The former judges of the Independent Control Council (UK-Rat), a new supreme federal authority, have been reviewing the technical surveillance capabilities of the BND since the beginning of 2022, i.e. how the foreign secret service searches worldwide telephone, internet and satellite communications.”

7. France: All Eyes on DGSE’s Move Into Indo-Pacific

Intelligence Online reported on February 6th that “the former head of French external intelligence agency, the DGSE, is opening an office in Singapore to help it expand its presence in the region. China is keeping a close watch, as are France’s European and US allies.”

8. Ukrainian SBU Detains Two Russian FSB Agents in Kherson and Odessa

On February 6th Ukraine’s Security Service (SBU) announced that they “detained two Russian agents who were preparing missile strikes on railway nodes and energy facilities in Odessa and Kherson. Cyber ​​specialists of the SBU exposed two more FSB agents in the course of large-scale counter-subversive measures in the front-line areas of southern Ukraine. At the direction of the enemy, they collected intelligence on the basing and movement of units of the Armed Forces in the Tavria direction. In addition, critical infrastructure locations in Odessa and Kherson were handed over to the occupiers. First of all, the aggressor was interested in the exact coordinates of local facilities of Ukrainian Railways and energy-generating enterprises. If the intelligence was received, the occupiers planned to use it to prepare and carry out a series of targeted missile strikes on Ukrainian cities. However, the SBU officers worked ahead of time — timely exposed, established the location and detained both intruders while trying to pass intelligence to the invaders. One of the Russian agents was detained near the central railway station in Kherson, the other in Odessa after covertly photographing one of the military facilities. The accomplices of the aggressor turned out to be two local residents who were recruited by the Russian intelligence service after the start of the full-scale invasion. Both criminals were in constant intelligence contact with a staff member of the FSB administration in the Rostov region with the pseudonym “Buba Kastorskyi” (Буба Касторський). It was from him that Russian agents received tasks to carry out reconnaissance and subversive activities in the southern region of Ukraine. A specially created anonymous Telegram channel was used for communication. During searches, smartphones with evidence of conspiratorial correspondence with an FSB representative were found in the detainees’ possession.”

9. Interview: AFIO: Geoff O’Connell, former CIA Operations Officer, COS Tel Aviv, on the Church of the Nativity Crisis

On February 5th the United States Association of Former Intelligence Officers (AFIO) published this video recording. As per its description, “Geoff O’Connell and Jim Hughes discuss the 2002 siege by the Israel Defense Forces (IDF) at the Church of the Nativity — the purported birthplace of Jesus Christ — in Bethlehem in the West Bank, targeting 220 men and teenagers, among them dozens of armed Palestinian terrorists, who had taken shelter in the church. The Church of the Nativity’s ’s Manger Square was used by Hamas and Fatah terrorists a number of times during previous raids to stage operations against Israelis on the outskirts of Bethlehem and Jerusalem. The Palestinians believed that Israeli forces would not enter the square. The siege took place toward the beginning of Israel’s Operation Defensive Shield, a counter-terrorism operation to retake many Palestinian cities in the West Bank following a wave of deadly suicide bombings and terrorist attacks. A stalemate ensued. The Palestinians refused to budge on their refusal to accept either surrender or exile for the fighters in the church. As violent incidents continued in and around the church, international pressure to end it mounted and CIA was brought into the negotiations. John Geoffrey O’Connell is a former Senior CIA Operations Officer, a Near East Division Arabist, served as DCOS and COS multiple times, and was Director of the CTC from 1997 to 1999. He was the first CIA Officer to hold a senior position at the FBI where he served as the Deputy Chief of the International Terrorism Operations Section (ITOS). He was Chief of Station Tel Aviv, Israel, 1999–2002.”

10. Russian Orthodox Church Patriarch Kirill Spied on Switzerland

SWI reported on February 5th that “Russian Orthodox Church Patriarch Kirill, a strong supporter of Moscow’s decision to invade Ukraine, spied on Switzerland for the Soviet Union in the 1970s, according to media reports. French-language Le Matin Dimanche and the German-language SonntagsZeitung newspapers cited declassified archives as evidence the religious leader had worked for the KGB, the Soviet Union’s main security and intelligence agency. Kirill reportedly carried out espionage activities while living in Geneva as the official representative of the Moscow Patriarchate at the World Council of Churches (WCC). The mission of Kirill, whose code name was “Mikhailov”, was also to influence this council, which had been infiltrated by the KGB in the 1970s and 1980s. The Russian Orthodox Church has refused to comment on Kirill’s alleged espionage activities in Geneva, according to the reports, while the WCC says it has “no information” on the subject.”

11. The US Housewife Trained by British Intelligence Who Helped Shape the CIA: Spy Who Went Behind Enemy Lines in WWII Helped Track Down Nazi Gold Before Dying in a Plane Crash in 1948

On February 5th DailyMail published this article stating that “Jane Burrell worked for the OSS — the wartime forerunner to the CIA; She was one of a cast of women who helped shape the intelligence agency; Burrell became first CIA officer to die in service but did not get recognition.” The article continues that “she began the Second World War as a housewife, but by the end of the conflict, Jane Burrell had served behind enemy lines after being trained by British Intelligence. Burrell was one of a cast of female spies who helped shape America’s Central Intelligence Agency (CIA) and its wartime predecessor organisations. Their stories are told in a new book, whose author is now campaigning for Burrell to added to the 113 stars that adorn the walls of the CIAs headquarters, and commemorate officers who were killed in action. Burrell was killed in a plane crash near Paris while on duty in 1948 — becoming the first CIA officer to die on active service — but she is yet to receive any official recognition for her exploits and bravery. Also featured in Wise Gals: the Spies Who Built the CIA and Changed the Future of Espionage — by bestselling author Nathalia Holt — are single mother Adelaide Hawkins, Southern debutante Adelaide Hawkins and academic Mary Hutchison.”

12. France/Iraq: Intelligence Central to Strategic Partnership Between Paris and Baghdad

On February 6th Intelligence Online reported that “all aspects of intelligence, from military and strategic intelligence to counterterrorism, are included in an ambitious Franco-Iraqi partnership signed on 26 January during Iraqi Prime Minister Mohammed Shia Al Sudani’s visit to Paris.”

13. New Cyber Espionage Operation Attributed to India

On February 8th cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as BITTER, previously associated with the government of India. The operation involved a lure file titled “K2K3 Schedule.chm” which was, if opened, installing a custom cyber espionage software implant. The targets of the operation could not be identified.

14. U.S. Army SIGINT and EW Systems Nab $482 Million Contract for General Dynamics

Military Embedded Systems reported on February 6th that “General Dynamics Mission Systems has signed a contract worth $481.6 million to help the U.S. Army maintain a signals-intelligence (SIGINT) and electronic-warfare (EW) system for military ground vehicles. The installed AN/MLQ-44 Prophet-Enhanced SIGINT vetronics systems are used by Army ground troops to perform 24-hour, all-weather, near-real-time tactical SIGINT/EW for use by brigade combat teams and battlefield surveillance brigades. According to information from General Dynamics, the Prophet Enhanced system is interoperable on the global SIGINT front, delivers collected data to common databases for access by the intelligence community, and can reposition its collection capability on the battlefield to support evolving situations. General Dynamics expects the work on this contract to be complete by January 2028.”

15. Video: The Secret Numbers Stations Controlled By Windows XP

On February 7th Ringway Manchester published a new video on number stations operated by intelligence agencies from the UK, Germany, and Cuba. This time the video was focused on number stations that have, historically, used sounds from the popular operating system Microsoft Windows during their broadcasts. Those include: 1) E06 “The English Man” from 15 Oct. 2018 at 20:30 UTC, 2) G06 “The German Lady” at 4519KHz from 10 Nov. 2016 at 18:29 UTC, 3) G06 “The German Lady” at 4463KHz from 19 Jan. 2017 at 13:00 UTC, 4) G06 “The German Lady” at 7320KHz from 21 May 2018 at 07:59 UTC, and 5) HM01 “De La Chica” at 8097KHz from 11 Jan. 2018 at 14:03 UTC.

16. Turkey: MİT Archive to Be Opened to Researchers

The Hurriyet Daily News reported that “the National Intelligence Organization (MİT) will open some documents from its archive containing classified information since its establishment in 1913 to the access of researchers. A commission to be formed at the MİT has paved the way for the sharing of information and documents under the control of the organization and its use in academic studies, all kinds of publications and literary works, stated Nationalist Movement Party (MHP) deputy chair Mevlüt Karakaya during the negotiations of the law in the parliament. “These studies will be essential developments in terms of witnessing history,” he said. In addition, the parliament also approved the establishment of the National Intelligence Academy within the structure of MİT. The academy will have the status of higher education institution, provide postgraduate education in the field of intelligence and national security, and conduct scientific research and publications.”

17. Hungary: Viktor Orban’s Intelligence Corps Keeps Watch in Brussels

On February 6th Intelligence Online reported that “Hungary’s two-year battle for access to EU funding has had a profound effect on its external intelligence missions. The Informacios Hivatal’s priority is now to carefully observe EU policymakers in Brussels.”

18. Extraordinary Moment Ukraine’s Security Service Hacks Into Zoom Call Between Moscow and its Ukrainian Supporters to Tell Them They Are Now Charged with Treason

DailyMail reported that “Ukraine’s security services have hacked into a video call between Moscow and their Ukrainian supporters to tell them they have all been charged with treason — before blasting them with a rendition of the Ukrainian national anthem. A video posted online appears to show a Ukrainian official interrupting a call attended by various representatives for the self-proclaimed Donetsk People’s Republic, an area of the Donetsk region currently led by supporters Russian rule. Although not officially verified by government figures, those on the video certainly seemed convinced it was real as they rushed to turn off their cameras and leave the conference call.”

19. New South Korean ‘Anti-Communism Unit’ to Probe North Korean Espionage

NK News reported on February 7th that “South Korea is introducing a new “anti-communism unit” that will lead investigations into North Korean espionage, a development that follows controversy over an investigation into several alleged DPRK spy rings. The National Intelligence Service (NIS) will co-head the unit with the national police through the end of 2023 before handing it off fully to police next year, the agency said in a press release on Monday. The NIS has long been the primary investigative body for North Korea spy cases, spearheading enforcement of the Cold War-era National Security Act (NSA) that stipulates punishments for activity deemed pro-Pyongyang. But in Dec. 2020, South Korea’s parliament passed a bill to transfer these responsibilities to the Korean National Police Agency (KNPA). Then-President Moon Jae-in and his Democratic Party argued the NIS was too powerful and politically linked and passed the reform law as part of a broader effort to reign in prosecutorial power. After the planned reforms, the KNPA will take on domestic counter-espionage investigations while the NIS will remain the main agency handling overseas investigations, in a division of responsibilities somewhat comparable to that between the U.S. Federal Bureau of Investigations and Central Intelligence Agency. The intelligence body and the KNPA had already begun working together on recent cases of alleged North Korean espionage prior to the NIS announcement on Monday.”

20. Podcast: Spycraft 101: A CIA Traitor’s Last Asset with Bryan Denson

On February 7th Spycraft 101 published a new podcast episode. As per its description, “CIA case officer Jim Nicholson joined the CIA in 1980 after service in the US Army as an intelligence officer. He proved himself a capable case officer, rising steadily through the ranks and serving all over the world, particularly in Asia. But as his career moved onward and upward, his marriage to his wife Laurie gradually broke down. Jim was a serial philanderer and his multiple affairs drove a wedge between them. After they began divorce proceedings in 1992, Jim realized he would not be able to pay alimony, pay a divorce lawyer, care for his children, or live the lifestyle he was accustomed to on just his CIA salary alone. That eventually led him to betray his organization, and his country. During a scheduled meeting with the SVR at the Russian embassy in Malaysia in June 1994, Jim asked for $25,000 to cover his mounting expenses. A relationship began which would continue for the next two years; Jim providing classified information to the SVR in exchange for hundreds of thousands of dollars. Eventually his activities were uncovered with the help of a Russian defector, and he was arrested at Dulles Airport outside of Washington DC, and sentenced to a lengthy prison term. That should have been the end of his crimes; but it wasn’t. From inside the federal prison at Sheridan OR, Jim recruited his own son Nathan to make contact with the Russian government and provide them with information in exchange for much-needed funds. Nathan acted as a courier for his father, traveling all over the world to meet with an SVR representative, taking messages back and forth between them. Nathan acted out of love for his father; for all of his other faults, Jim had always cared for his children to the best of his ability. But his own espionage caught up with him and Nathan was forced to face the reality that his own father had manipulated him into selling out his country. For episode 68 of the Spycraft 101 podcast, I spoke with Bryan Denson, author of The Spy’s Son, about the Nicholson case and it’s shocking second act.”

21. Ukrainian SBU Uncovers Former Kherson Department of Internal Affairs Head Acting as Russian FSB Agent

On February 7th the Security Service (SBU) of Ukraine announced that they “identified another accomplice of the aggressor in the temporarily captured part of southern Ukraine. The perpetrator turned out to be the former head of the Department of Internal Affairs in the Kherson region, who in 2014 resigned from the ranks of law enforcement agencies with the rank of Police Major General. Later, he became a Deputy of the Regional Council from the banned “Volodymyr Saldo Bloc”. After the start of the full-scale invasion, he came into the field of view of an officer of the 3rd Section of the 9th Department of the Operational Information Directorate of the 5th Service of the FSB Serhii Sinitsyn (Сергій Сініцин) with the codename “Sabir” (сабір). In March last year, in temporarily occupied Kherson, he had a meeting with a former Ukrainian law enforcement officer to involve him in activities against the foundations of national security. On the instructions of “Sabir”, he was supposed to look for “like-minded people” to form the so-called “power block” of the occupation authorities and use it during the suppression of the resistance movement in the region. For this, he used his connections among former law enforcement officers. On the basis of the evidence collected by the investigators, the police general was notified of the suspicion under Part 5 of Art. 27 and Part 3 of Art. 110 of the Criminal Code of Ukraine (encroachment on the territorial integrity and inviolability of Ukraine). He is currently hiding from justice in the temporarily occupied Crimea.”

22. Surveillance in the Stacks: How the FBI Spied on Library Users in the Cold War

On February 7th SpyScape published this article saying that “back in 1971, FBI agents visited the home of Zoia Horn, chief reference librarian at Pennsylvania’s Bucknell University, to ask about an alleged plot to detonate tunnels beneath Washington, D.C., and kidnap national security adviser Henry Kissinger until the US stopped bombing Southeast Asia. The FBI learned about this alleged plot from a federal prison inmate who had a work-release job at the library. The agents — operating under the FBI’s ‘Library Awareness Program’ — were interested in what Horn might have overheard or seen. Were any of the library users suspicious? It was a difficult question for Horn to answer. She knew library patrons had a right to privacy under the American Library Association Bill of Rights. Horn refused to testify and was jailed for 20 days, becoming the first US librarian imprisoned for refusing to share information as a matter of conscience. While the FBI is believed to have abandoned the Library Awareness Program in the ’80s, the details are a bit murky. Some accuse the government of bringing it back under another guise, the USA Patriot Act that allows FBI agents to get a warrant from a secret court for library or bookstore records of anyone connected to an investigation of terrorism or spying.”

23. Atheeb Intergraph Remains Top Saudi Air Force Imagery Processing Provider

On February 7th Intelligence Online reported that “the Royal Saudi Air Force once again chose Atheeb Intergraph, a joint venture between Saudi Arabia’s Atheeb Group and Integraph, the US subsidiary of Hexagon, to provide its intelligence analytics systems. But other Saudi projects, on which Atheeb Group hopes to bid, are late in getting off the ground.”

24. Podcast: Everyday Espionage: How to Drive Like A Spy

On February 7th former CIA officer Andrew Bustamante published a new episode in his series Everyday Espionage. As per its description, “one thing spy movies get right is that every covert field officer is trained to drive like a badass! Elite operators use advanced driving skills (aka: vehicle dynamics) to escape capture, crash through barriers, drive at high speeds and even survive hostile attack. In this episode, Andrew lays out the rules for advanced driving and gives you the core skills you need to practice and perfect the same vehicle dynamics elite operators use to keep themselves and their familes safe.” He also covers his experiences at the CIA OPSC (Overseas Personal Security Course) in relation to defensive and offensive driving techniques, and its three fundamentals: 1) Momentum is everything; 2) Brake-to-steer; and 3) Aim for the rear.

25. Ukrainian SBU Detains Russian GRU Agent in Kharkiv

On February 8th Ukraine’s SBU announced that they “detained a Russian agent who was involved in the missile attacks on Kharkiv on February 5, 2023. As a result of enemy “arrivals”, civilians were killed and the civil infrastructure of the city was destroyed. According to the investigation, the adjuster turned out to be a local resident who cooperated with Russian military intelligence. The traitor covertly recorded the locations of military servicemen, roadblocks and critical infrastructure facilities in the Kharkiv region and handed them over to enemy representatives. The Russians used the specified locations as potential targets for missile attacks. What’s more, after the “arrivals” they tasked the same agent with recording and transmitting the results of the hits to them. The SBU officers documented the facts of the enemy agent’s intelligence and subversive activities, his involvement in the recent rocket attacks on a residential building and a higher educational institution in Kharkiv, and also identified his Russian supervisors. As the investigation found out, the enemy agent communicated with the handler through electronic communication channels with strict observance of all conspiracy measures. The traitor went on the “task” without mobile phones, trying, as he thought, to avoid being tracked. However, this did not prevent him from being detected by SBU counterintelligence officers. Officers of the intelligence service detained the agent of the Russian Federation directly during the execution of another task of the enemy — gathering information about the results of a rocket attack on one of the higher educational institutions of the city.”

26. Spy Way of Life: InterContinental Kyiv Hotel, Ukraine

This week’s selection of Intelligence Online for the Spy Way of Life was the InterContinental Hotel located in Kyiv, Ukraine and described as “a haven for Western support in the heart of the Ukrainian capital.” As per the article, “Intelligence Online visits the InterContinental Kyiv, where business leaders, foreign correspondents and delegations of all kinds cross paths.”

27. Former CIA Officer Jason Hanson Published New Videos

This week former United States CIA officer Jason Hanson published the following videos: 1) Home Invasion Caught on Cam, 2) Here’s Why You Should Learn “The Four Rules of Firearm Safety”, 3) 2 Home Defense Mistakes That You Should Stop Doing.

28. U.S. Citizen Sentenced to 30 Months in Prison for Conspiring to Provide Electronic Equipment and Technology to the Government of Iran

This week the FBI together with the US Department of Justice issued this press release on Feb. 9th saying that “earlier today, in federal court in Brooklyn, Kambiz Attar Kashani, a dual citizen of the United States and Iran, was sentenced by United States District Judge Eric R. Komitee to 30 months’ imprisonment for conspiring to illegally export U.S. goods, technology, and services to end users in Iran, including the Government of Iran, in violation of the International Emergency Economic Powers Act (IEEPA). The defendant has agreed to pay a $50,000 fine. Kashani pleaded guilty to the charge in June 2022. Breon Peace, United States Attorney for the Eastern District of New York, Matthew G. Olsen, Assistant Attorney General for the Justice Department’s National Security Division, and Joseph R. Bonavolanta, Special Agent-in-Charge, Federal Bureau of Investigation, Boston Division (FBI), announced the sentence. “Kashani defied export restrictions and sanctions against Iran, a country that sponsors international terrorism,” stated United States Attorney Peace. “His scheme undermined U.S. foreign policy and national security interests, and warranted a substantial sentence of incarceration to deter others.” “Kashani conspired to illegally export U.S. goods and technology for the benefit of the Central Bank of Iran, a designated entity that materially supports known terrorist organizations,” said Assistant Attorney General Olsen. “The Department remains vigilant against any efforts to circumvent our export control laws, which exist to protect the security of the United States and its people.” “Kambiz Attar Kashani will now head to prison for strengthening the economy of one of the world’s most infamous state sponsors of terrorism to line his own pockets, while circumventing U.S. laws in place to protect our national security interests. He used two United Arab Emirates companies to procure items from multiple American technology companies, including one located right here in Massachusetts,” said Special Agent in Charge of the FBI Boston Division Bonavolonta. “Today’s sentencing should send a strong message that the FBI and its law enforcement partners will continue to pursue and hold accountable those individuals who illegally export our country’s sensitive information and technology to hostile nations such as the Government of Iran.” Between February 2019 and June 2021, Kashani conspired to illegally export goods and technology to end users in Iran, including the Central Bank of Iran (CBI). The U.S. government recognizes CBI as an agency of the Government of Iran and the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has classified it as a Specially Designated National (SDN) acting for or on behalf of a terrorist organization. According to the U.S. government, CBI has materially assisted, sponsored and provided financial, material or technological support, goods or services to Lebanese Hizballah, a terrorist organization, and to the Qods Force of Iran’s Islamic Revolutionary Guards Corps (IRGC), which is a branch of the Iranian armed forces and represents the primary means of the Government of Iran to direct and implement its global terrorism campaign. Kashani and his co-conspirators perpetrated the illegal transshipping scheme through two separate United Arab Emirates (UAE) companies. They used the UAE companies to procure electronic goods and technology from multiple U.S. technology companies, including one located in Brooklyn, for end users in Iran, including CBI, without obtaining required OFAC export licenses. Certain of the goods and technology Kashani and his co-conspirators transshipped were classified by the U.S. Department of Commerce’s Bureau of Industry and Security as information security items subject to national security and anti-terrorism controls. Kashani and his co-conspirators intentionally concealed from the U.S. companies that they intended to send the items to Iran, falsely claiming that the UAE companies would be the ultimate end users.”

29. Sisterhood Regarding Spies — Honouring Ladies in Espionage

On February 10th Pen Face Solutions published this blog post. As per its introduction, “discuss brand new shadowy arena of espionage and you may discover the magic record from women spies whoever courageous victory, bravery and energy surpass James Thread. These types of exceptional women completed a few of the most daring missions from inside the background, playing with everything in their capability to obtain guidance, and you will risking every thing having an underlying cause they considered into the.” The article talks about Mata Hari, Harriet Tubman, Virginia Hallway, Josephine Baker, Marlene Dietrich, Noor Inayat Khan, Julia Guy, Sandy Grimes, Jonna Mendez, and Melissa Boyle Mahle.

30. Russia: Working for the Enemy: Blogger Manukyan Supported the Decision to Give Foreign Agent Status to Zemfira

The Russian RIA FAN reported on February 11th that “the Russian singer Zemfira and a number of other public figures ended up in the register of foreign agents. Blogger, journalist Vadim Manukyan supported this decision of the Ministry of Justice of the Russian Federation, noting in a comment to the FAN that these people “work for the enemy.” Thus, the interlocutor of the FAN recalled that such artists as Maxim Galkin, Ilya Prusikin from the Little Big group, Monetochka (recognized as foreign agents in the Russian Federation) and others chose the “other” side, now Zemfira has joined them. Earlier, the Russian video blogger , writer, host of his own YouTube channel, Nikolai Sobolev, became an individual acting as a foreign agent.”

31. Podcast: Grey Dynamics: Wagner PMC, Spy Balloons & Spearfishing with Marcel Plichta

On February 10th Grey Dynamics published a new podcast episode. As per its description, “this week I caught up with Marcel Plichta. He is a PhD candidate at St. Andrews, Ex-DIA Analyst and a colleague. We discussed the details of the upcoming Grey Dynamics Intelligence course, some recent events, and what we have been into recently.”

32. China Assessing Improved KJ-200 Special Mission Aircraft

Janes reported on February 10th that “a new version of the Shaanxi Aircraft Corporation (SAIC) KJ-200 ‘Moth’ airborne early warning and control (AEW&C) aircraft is undertaking flight trials for potential induction by the Chinese People’s Liberation Army (PLA). In January 2023, images on Chinese social media showed the aircraft in low-observable, light grey operational colours. Janes reported that the prototype was first seen in satellite imagery of the China Flight Test Establishment (CFTE) at Xian-Yanliang Airbase in December 2017. At the time, the aircraft had a yellow primer paint scheme that is commonly seen on aircraft undertaking trials. An image that appeared on Chinese social media in February 2022 suggested that the aircraft (which has been designated as KJ-200B), was being prepared for delivery last year. The most recent image shows the aircraft in flight. However, in the low-resolution photograph, the aircraft does not appear to have the emblem of the PLA. Earlier variants of the KJ-200 have been in service with the PLA since 2007 as AEW&C aircraft.” The new aircraft includes COMINT and IMINT capabilities.

33. New Russian Information Stealing Software Implant Deployed Against Ukraine

On February 8th Symantec Threat Intelligence published this technical analysis. As per its introduction, “Russia-linked Nodaria group has deployed a new threat designed to steal a wide range of information from infected computers. The Nodaria espionage group (aka UAC-0056) is using a new piece of information stealing malware against targets in Ukraine. The malware (Infostealer.Graphiron) is written in Go and is designed to harvest a wide range of information from the infected computer, including system information, credentials, screenshots, and files. The earliest evidence of Graphiron dates from October 2022. It continued to be used until at least mid-January 2023 and it is reasonable to assume that it remains part of the Nodaria toolkit.”

34. Ukrainian SBU Reports that Former Head of Security Service in Kherson was Acting FSB Agent

On February 7th Ukraine’s Security Service (SBU) reported that “the SBU reported suspicion to the ex-head of the Security Service, who headed the punitive bodies of the Russian Federation in the occupied part of Kherson Oblast. At the beginning of the full-scale invasion, he supported the Russian occupiers and offered them his help in the war against Ukraine. For this, he was appointed head of the “State Security Service in the Kherson region” created by Russia. In this “position”, he fulfils Moscow’s task of spreading the Kremlin regime and suppressing the resistance movement in the region. In his criminal activities, the accomplice of the invaders is “accountable” to case officers of the FSB, who coordinate the repressive bodies of the Russian Federation in the occupied areas. During the occupation of Kherson, an “official” gave instructions to seize one of the offices in the city centre. In the basement of this building, the Rashists set up a torture chamber. There, they were “extorted” from them to confess to helping the Defence Forces of Ukraine, and after that they offered to get “amnesty” for money. In this way, the head of the local “branch” of the FSB and his accomplices “earned” from mass repressions, and also made “demonstrations” in front of Russian “handlers”. According to the investigation, its head personally recruited eight more traitors to the ranks of the occupation body, who took a direct part in torturing civilians. After the liberation of Kherson, the “official” together with his accomplices fled to the left bank of the Dnipro river and is currently hiding from justice there.”

35. Podcast: Spycraft 101: A Scottish Civilian Up Against a Nazi Spy Ring with Dr. Andrew Jeffrey

On February 10th Spycraft 101 published a new podcast episode. As per its description “Leon Turrou was a talented and capable special agent when he took on the Rumrich spy ring in the FBI’s first major espionage investigation. The case was predicated on a tip from the British MI5 intelligence agency, which had discovered secret communications originating with an agent codenamed Crown in New York City, which were delivered to a dead letter drop in Dundee, Scotland. After intercepting a letter indicating Agent Crown planned to lure a US Army Colonel to New York in January 1938 in order to overpower him and steal a briefcase of classified documents, MI5 passed the information along to the US military attaché, who alerted the US Army and Federal Bureau of Investigation. A man was soon arrested entering the hotel where the Army Colonel had been summoned under false pretenses. That man proved to be Gunther Rumrich, an especially brazen and foolhardy member of a large German spy ring operating in and around New York City. The investigation of the so-called Rumrich spy ring fell to Turrou, a Polish-born special agent who was a rising star within the Bureau. Turrou spoke seven languages fluently and was hired by the Bureau on the orders of President Herbert Hoover, even though Turrou did not possess a law degree, as required for all other FBI agents. By the end of his investigation, fourteen members of the spy ring were identified, with four of them convicted on espionage charges. Many of the other members of the ring escaped once they realized their arrests were imminent, in a major embarrassment to the FBI. But by then the shrewd Turrou was already planning his next move. Before sentences were even handed down, he’d leveraged his inside information into news articles, a book, and even a movie deal. Turrou became an almost household name after cracking the case and authoring several high-profile articles about it. He was portrayed by Edward G. Robinson in the 1939 film “Confessions of a Nazi Spy”. For episode 69 of the Spycraft 101 podcast, I spoke with author and historian Andrew Jeffrey about Leon Turrou, the Rumrich spy ring, and other instances of espionage in the years leading up to the Second World War.”

36. UN Faulted Azerbaijan in Abduction of Erdoğan Critic by Turkish Intelligence Agency MIT

Nordic Monitor published this article on February 9th starting by saying that “the UN Committee against Torture (CAT) found multiple violations by Azerbaijan in the abduction of a Turkish national who was forcibly taken to Turkey by Turkish intelligence agency MIT. The committee, which communicated its decision on January 10, 2023, concluded that Azerbaijan violated the UN Convention against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment for collaborating with the Turkish spy service. The illegal clandestine operation that violated international law was denied by Baku in its submission to the UN but hailed as a major intelligence operation by Turkey, whose state news service publicly admitted it was conducted by MIT. The case involves the rendition of a man identified as Mehmet Gelen, a schoolteacher who is affiliated with the Gülen movement — a group that is critical of President Recep Tayyip Erdoğan on a range of issues and which has been the subject of a relentless witch-hunt by the Turkish government. Gelen was secretly taken to the airport in Baku on December 28, 2018 without notification to his lawyer or family, handed over to Turkish intelligence agents and put on a plane back to Turkey. He was under international protection by the UN at the time of the abduction. The UN Committee asked Baku for a halt to all proceedings against him, and an Azerbaijani court had ordered his immediate release from temporary detention. Yet Azeri officials not only defied the court ruling but also ignored the UN communications and unlawfully turned him over to Turkish agents.”

37. North Korean Ransomware Attacks on Healthcare Fund Government Operations

Bleeping Computer published this report on February 10th stating that “a new cybersecurity advisory from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) describes recently observed tactics, techniques, and procedures (TTPs) observed with North Korean ransomware operations against public health and other critical infrastructure sectors. The document is a joint report from the NSA, FBI, CISA, U.S. HHS, and the Republic of Korea National Intelligence Service and Defense Security Agency, and notes that the funds extorted this way went to support North Korean government’s national-level priorities and objectives. Apart from privately-developed lockers, CISA says that the hackers also used about a dozen other strains of file-encrypting malware to attack South Korean and U.S. healthcare systems. According to CISA’s advisory, North Korean threat actors acquire the infrastructure needed for an attack using fake personas and accounts and illegally obtained cryptocurrency. To obscure the money trail, they often look for suitable foreign intermediaries. The hackers conceal their origin through VPN services and virtual private servers (VPS) or third-country IP addresses. Breaching the target is done by exploiting various vulnerabilities that allow access and privilege escalation on the target networks. Among the security issues they exploited are Log4Shell (CVE-2021–44228), remote code execution flaws in unpatched SonicWall appliances (CVE-2021–20038), and admin password disclosure flaws in TerraMaster NAS products (CVE-2022–24990) “[The] actors also likely spread malicious code through Trojanized files for ‘X-Popup,’ an open source messenger commonly used by employees of small and medium hospitals in South Korea,” CISA adds in the report. After establishing initial access, the North Korean hackers perform network reconnaissance and lateral movement by executing shell commands and deploying additional payloads that help in gathering information.” The article also notes that “the authoring agencies assess that an unspecified amount of revenue from these cryptocurrency operations supports DPRK national-level priorities and objectives, including cyber operations targeting the United States and South Korea governments — specific targets include Department of Defense Information Networks and Defense Industrial Base member networks.” Here is the official announcement from the NSA.

38. Video: The Cipher Brief: NATO’s Priorities for Intelligence and Security

On February 8th The Cipher Brief published this video recording. As per its description, “in one of his first public interviews as NATO Assistant Secretary General for Intelligence and Security, David Cattler sits down with State Secrets host Suzanne Kelly to talk about one of the most trying times in the alliance’s 74-year history. The Russian invasion of Ukraine is re-shaping the alliance and fueling expansion as NATO keeps a close eye on China’s global rise.”

39. Hiroaki Takizawa Aims to Ensure Japan Plays Key Indo-Pacific Intelligence Role

On February 10th Intelligence Online reported that “Naicho director Hiroaki Takizawa aims to make Japan’s intelligence services more self-sufficient by increasingly involving them in technical and political alliances in the Indo-Pacific region and beyond.”

40. United States FBI: Chinese High-Altitude Balloon Recovery

Following last week’s story #55 and this week’s story #1, on February 9th the FBI published this article about the incident. As per its introduction, “in a news briefing on Thursday, senior FBI officials detailed the Bureau’s role as the lead governing agency for the forensic examination of the Chinese high-altitude balloon identified and shot down February 5 by the U.S. military off the coast of South Carolina. The Operational Technology Division and the Laboratory Division are working closely with subject matter experts from the Department of Defense — including the Naval Criminal Investigative Service — and other government agencies. Additionally, personnel from the FBI’s Washington, Columbia, Charlotte, and Norfolk field offices have deployed personnel, including ERT- and USERT-trained agents, to assist with the logistics of the recovery and analysis of the debris. Michael Paul, assistant director of the Operational and Technology Division (OTD), and Eric Pokorak, assistant director of the Laboratory Division, said it is too early in the investigation to determine the intent and capabilities of the balloon. Pokorak said much of the evidence remains underwater and that the FBI is coordinating further searches with the U.S. Navy and Coast Guard. Dive teams from the FBI and U.S. Navy are working together. “We were on-scene late Sunday, on February 5, and the first evidence that was received was transported to Quantico and received late Monday, February 6,” he explained. Pokorak described the search area as a “large-scale scene” and said weather concerns in the next few days “may impact” evidence collection and the transportation of recovered items.”

41. United Kingdom: Thales and Schiebel to Supply UK Royal Navy with Rotary UAS Solution to Meet Peregrine UCR

On February 10th Janes reported that “the UK Ministry of Defence (MoD) has awarded Thales and Schiebel a GBP20 million (USD24.1 million) contract to supply the Royal Navy (RN) with a rotary-wing unmanned aircraft system (RUAS) to meet an urgent capability requirement (UCR) for enhanced situational awareness, principally in the Gulf region. Under the contract, announced on 10 February, Schiebel, together with Thales as prime contractor and lead systems integrator, will supply a single Camcopter S-100 UAS fitted with a suite of intelligence, surveillance, and reconnaissance (ISR) sensors and systems that will extend the ‘eyes and ears’ of RN ships on operational taskings.”

42. A Previously Unknown Cyber Actor, Targets Pakistan with Advanced Espionage Tool

BlackBerry Research & Intelligence team published this technical analysis on February 8th stating that “a previously unknown threat actor is targeting organizations in Pakistan using a complex payload delivery mechanism. The threat actor abuses the upcoming Pakistan International Maritime Expo & Conference (PIMEC-2023) as a lure to trick their victims. The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an exhibitor manual for PIMEC-23. The document utilizes a remote template injection technique and embedded malicious Visual Basic for Applications (VBA) macro code to deliver the next stage of the attack, which leads to the final payload execution. The final payload is an advanced espionage tool that is XOR encrypted with a “penguin” encryption key. The content-disposition response header name parameter is set to “getlatestnews” during the HTTP response. Because of this unique XOR key and the name parameter “getlatestnews”, we decided to call this threat actor NewsPenguin. In this report, we uncover the entire execution chain. We’ve included indicators of compromise (IoCs) for hunting and incidence response.”

43. Estonian Foreign Intelligence Service Publishes 2023 Annual Report

This week the Estonian Foreign Intelligence Service (EFIS) published theri 2023 annual report. You can find it in English (PDF or online version) and Estonian (PDF or online version). The report has the following six chapters: 1) Russian Armed Forces and the War in Ukraine, 2) Russian Foreign Policy, 3) Russian Domestic Politics and Economy, 4) Russian Special Services, 5) Russian Influence, and 6) China.

44. Russia: In Arkhangelsk, FSB officers Prevented Ukrainian SBU Espionage

On February 7th Region29 reported that “officers of the regional FSB revealed that a citizen of Ukraine, temporarily residing in Arkhangelsk, maintained contact with employees of the Security Service of Ukraine. According to the press service of the regional FSB, on the instructions of the SBU, the man planned to collect intelligence in the region that could harm the security of the Russian Federation and transfer the data abroad. The FSB reported that by his actions the man created the conditions for the commission of a crime under Article 276 of the Criminal Code of the Russian Federation (“Espionage”).” As a result of the use of preventive measures by the officers of the FSB in accordance with Federal Law №40-FZ of April 3, 1995 “On the Federal Security Service”, an official warning was issued to the violator about the inadmissibility of actions that create conditions for the commission of a crime under Art. 276 of the Criminal Code of the Russian Federation, — the press service of the department reported.”

45. New FSB Cyber Operation Targeting Ukrainian Entities

On February 10th cyber threat intelligence researcher Kimberly discovered and disclosed technical indicators of a new cyber espionage operation attributed to an actor dubbed as GAMAREDON, previously associated with Russia’s FSB. The operation involved an email impersonating Ukraine’s Ministry of Defence with a file attachment named “guidance.EXE” which, if opened, was covertly installing a custom cyber espionage software implant.

46. Podcast: SpyCast: “How Artificial Intelligence is Changing the Spy Game” — with Mike Susong

On February 7th the International Spy Museum’s SpyCast published a new podcast episode. As per its description, “Mike Susong joins Andrew to discuss the impact and potential of AI on the intelligence field. Mike is a former CIA case officer who now oversees global intelligence for a risk management company. When the AI Robot “Watson” beat Ken Jennings in a three-day ‘Jeopardy!’ competition, Jennings famously responded, “I, for one, welcome our new computer overlords.” This week on SpyCast, we explore how, intelligence is embracing AI — or “these computer overlords.” What is it, how is AI being used, and how could the Intelligence Community better employ it to enhance national security? Mike Susong, an expert in the growing field of artificial intelligence, joins Andrew to discuss these questions and more. Informed by his years of experience within the Intelligence Community as a case officer and now in the private sector, Mike illuminates where AI came from, and where it can go in the future. Utilizing examples from the war in Ukraine, you’ll be amazed at the capabilities of artificial intelligence combined with the other -”INTs (especially OSINT).” This is an episode you won’t want to miss.”

47. Public Intelligence Releases 3 New US Government Documents

On February 6th Public Intelligence released the following three documents: 1) China EMP Threat: The People’s Republic of China Military Doctrine, Plans, and Capabilities for Electromagnetic Pulse (EMP) Attack, 2) NCTC Guide: Process of Violent Extremist Disengagement, and 3) NCTC Guide: The Structure of Violent Extremist Ideologies.

48. United Kingdom: Contracts Awarded for UK Ground Mission Control System

Janes reported on February 8th that “the UK Ministry of Defence (MoD) has awarded contracts to six separate suppliers as part of Project Beroe, which seeks a ground segment software solution for controlling space-based assets. A total of GBP300,000 (USD360,663) was awarded to UK subsidiaries CGI, Lockheed Martin, Telespazio, and Terma as well as Raytheon Systems and Rheatech, the MoD announced on 2 February. Project Beroe is intended to be a ground segment mission control system (MCS) that will enable the US Space Command to control, monitor, and in-orbit task the UK’s future space-based intelligence, surveillance, and reconnaissance (ISR) constellation. It is expected to be an important component of the UK MoD ground segment, which will act as the primary MCS for the ‘Customer Satellite Operations Centre’, the MoD said. The 36-month project is worth GBP20 million in total and seeks a provider to create a technology road map, and assist with the maturation of system requirements and the development of a software architecture, through demonstration and prototyping.”

49. Virtual Chat: Russian, British & American Spies Talk About the World of Espionage

On February 10th Gavin Stone published this recorded virtual chat. As per its description, “former Russian KGB spy Jack Barsky was recruited by the KGB as a sleeper agent to live in and spy on the United States during the Cold War. He is the real life version of the spy depicted in the hit US TV show The Americans. Gavin Stone is a former civil servant for the British Ministry of Defense (the UK equivalent of the DIA). Having spent around 20 years in the Security & Intelligence industry recruiting assets and gathering HUMINT as well as tackling many other assignments in his career as an intelligence operative. Lena Sisco is former US Naval intelligence and Marine certified interrogator, who served in the global war on terror in Guantaamo Bay. Robin Dreeke is a former US Marine and FBI Special Agent for the Counter Intelligence Section responsible for recruiting Russian spies operating in the United States. A master spy recruiter and head of the FBI’s behavioral analysis department.”

50. U.S. Military Shoots Down High-Altitude Object Over Alaska

On February 10th The Wall Street Journal reported that “the U.S. military downed a “high-altitude object” spotted in the sky over Alaska, the White House said Friday, the second time in less than a week that an Air Force jet fired on a craft that had intruded into U.S. airspace. The object was flying at an altitude of 40,000 feet and posed a “reasonable threat to the safety of civilians,” John Kirby, the National Security Council coordinator for strategic communications, told reporters at the White House.”

51. Colombian Authorities Seek to Question Former CIA Officer in Trade Union Murders

Intelligence Online reported on February 10th that “James Adkins, whose CIA career took him from Laos to Iraq and Cuba, had advised Drummond Co. about its operations in Colombia. The company has been accused of financing a paramilitary unit that assassinated labour leaders at its plant. Yet Adkins is in poor health, making any testimony from him unlikely.”

52. Podcast: State Secrets: China and the Ballooning National Security Threat

On February 10th The Cipher Brief’s State Secrets podcast released a new episode. As per its description, “in this week’s State Secrets Podcast, Host Suzanne Kelly talks with The Hon. Susan M. Gordon, a career Intelligence Officer, former Principal Deputy Director of National Intelligence and current member of the Defense Innovation Board, about Balloons, China, Ukraine, Russia and the new world order as well as the role that AI plays in all of it.”

53. Russia: Ivan Safronov, Convicted of Espionage, Dismissed from the Post of Adviser to the Head of Roscosmos

On February 9th Svoboda reported that “State Corporation Roskosmos dismissed Ivan Safronov from his post as adviser to the head of the former special correspondent of the Kommersant and Vedomosti publishing houses. The reason was the entry into force of the verdict in the case of a journalist convicted of high treason. He was dismissed “in connection with a conviction to a punishment that precludes the continuation of his previous work,” the RIA Novosti news agency quoted the state corporation as saying. In the case of treason, 32-year-old Safronov was sentenced to 22 years in prison. Safronov was fired from Kommersant after the publication of the possible resignation of Valentina Matvienko from the post of chairman of the Federation Council and left Vedomosti along with most of the team, who accused the new editor-in-chief of the newspaper of political censorship. After that, he went to work at Roskosmos, two months later he was detained by the FSB. Safronov denies being guilty of high treason, it follows from the materials of the case that he is being persecuted for his journalistic work, his defense and supporters insist. As a journalist, he wrote about the military-industrial complex, becoming the author of many high-profile publications. The Russian human rights project “Support for Political Prisoners. Memorial” recognised him as a political prisoner.”

54. The Brush Pass: Spyhunter, Traitor

Following week 4 story #1 and #86, on February 7th Zach Dorfman published this article starting by saying that “on Jan 23rd, the Justice Department dropped a bombshell of an indictment. It alleged that the FBI’s former top counterintelligence official in New York City, Charles McGonigal, had cultivated an illicit relationship with a businessman who had once worked for Albanian intelligence. This businessman, an Albanian-American and a former Albanian intelligence official, in turn, introduced McGonigal to other Balkan bigwigs, per the indictment. When McGonigal became entwined with the Albanian businessman, he was still working at the FBI. If true, the McGonigal affair seems like a clear case of corruption, with the unnamed Albanian-American businessman as the key node. McGonigal, who retired in September 2018, and the Albanian businessman, allegedly took off-the-books trips together to Albania. There, the FBI spyhunter met with the Albanian prime minister. He also confabbed with a politician in Kosovo and met with Albanian officials in New York and Washington, D.C. McGonigal appears to have used his position in the Bureau to push an investigation of a political rival of the Albanian prime minister. He was essentially in business with the Albanian operator, while also using him as a “confidential informant” on the case. To put it mildly, this was a clear conflict of interest, one McGonigal hid from other Bureau officials. He also worked with this same Albanian businessman to broker an introduction, for cash, between Bosnian politicos and high-ranking U.S. officials at the UN, according to the indictment. For McGonigal’s troubles, the Albanian businessman allegedly paid him $225,000 during the fall of 2017. (The ex-Bureau spyhunter appears to have been dimed out by his jilted ex-mistress.) McGonigal was also charged in a separate scheme that transpired after he retired from the Bureau. Partnering with an ex-Russian diplomat, Sergey Shestakov, the former Bureau spyhunter illegally circumvented sanctions placed on the Russian oligarch Oleg Deripaska by agreeing to investigate an unnamed rival of the Russian billionaire for him, say prosecutors. The job was brokered by a man employed by Deripaska–a man McGonigal himself suspected was a Russian intelligence officer. Shestakov, the former Russian diplomat, introduced McGonigal to the suspected spook when McGonigal was still the Bureau’s top spyhunter in New York. McGonigal even arranged for the suspected spy’s daughter to get an internship with the NYPD, according to the indictment.”

55. Ukrainian Kostiantyn Shiring, Accused of “Espionage”, Died in a Russian Colony

On February 7th CensorNet reported that “61-year-old Ukrainian Kostiantyn Shiring, who was sentenced to 12 years on charges of “espionage,” died in colony 5 in Novotroitsk, Orenburg region of Russia, where he was serving an illegal sentence. As informs Censor.NЕТ, it was reported by Crimean human rights group, citing its own sources in the colony. According to human rights activists, Kostiantyn Shiring needed heart surgery, he sought medical assistance, but the operation was never performed. There is no official confirmation of the fact of Shiring’s death from CF no. 5, the investigation is still formally pending. “‘Kostiantyn needed medical care due to heart disease, but did not receive it. Failure to provide medical care to our citizens in Russian prisons is not an isolated case, but a systemic practice. The responsibility for his death lies with the colony administration. That is why we need to look for and use all mechanisms to release Ukrainian citizens held by Russia, because the conditions in Russian colonies are a real threat to life,” emphasized the CHRG Head Olha Skrypnyk. On October 14, 2021, the “Supreme Court of Crimea” sentenced Konstantin Shiring to 12 years in prison with a sentence to be served in a strict regime colony. In the debate, the prosecutor asked for 14 years in prison, and the defense asked to acquit Konstantin Shiring. Shiring himself also asked for his acquittal, saying that he had been “slandered and all the blame was thrown on him.” On January 25, 2022, the Third Court of Appeal in Sochi upheld Konstantin Shiring’s conviction. On June 1, 2022, it became known that Konstantin Shiring arrived in a colony in the Orenburg region of Russia, his “stage” lasted more than 2 months. Shiring wrote that the difficult conditions affected his health, “to which no one cares. They took away absolutely all my medicines and my blood pressure monitor”.”

56. Russian FSB: Foreign Intelligence Agencies Use Russian Email Services for Inquiring and Collecting Intelligence

On February 10th Russia’s Federal Security Service (FSB) issued this statement saying that “since August 2022, the Federal Security Service of the Russian Federation has been recording evidence of foreign intelligence agencies using popular Russian email services to find out and collect intelligence regarding the conduct by the Russian Armed Forces of the Special Military Operation for the demilitarisation and denazification of Ukraine, and about the persons directly involved in it. To this end, the attackers use email addresses similar in name to the domain names of the federal executive authorities, from which they massively send emails to institutions and organisations with pseudo-official requests for information about participants in the Special Military Operation, about mobilised citizens and about individuals who entered Russia from the territory of Ukraine, as well as other data of interest to foreign intelligence services. The FSB of Russia calls for vigilance and recommends that in cases of receipt of e-mails on behalf of various departments, contact the official portals of the relevant state bodies on the internet to verify their authenticity and do not reply to these letters and do not open attachments to them until official confirmation is received.”

57. United Kingdom: ViennEast Enlightens UK Parliament on Russian Influence in the Balkans

Intelligence Online reported on February 10th that “Anthony Monckton, who used to head MI6’s operations in the Balkans, is now prospering in corporate intelligence in the region. He recently shared his expertise with the House of Commons Foreign Affairs Committee.”

58. United States: U-2 Spy Planes Snooped On Chinese Surveillance Balloon

The Warzone published this article on February 6th stating that “the U.S. Air Force’s U-2S Dragon Lady spy planes were among the assets tapped to monitor and collect intelligence on a Chinese government surveillance balloon during its recent trip across parts of the continental United States and Canada. An F-22 Raptor stealth fighter finally shot down the balloon with an AIM-9X Sidewinder missile off the coast of South Carolina on Saturday, and efforts are now underway to recover the wreckage from the Atlantic Ocean. Readers of The War Zone can first get up to speed on what we already know about this incident, and its conclusion, in our past reporting here. A U.S. defense official confirmed the use of the U-2S as part of the broader response to the Chinese spy balloon to The War Zone today. It’s not immediately clear all the points along the balloon’s voyage that U-2s were present.”

59. Podcast: Kocrete: The CIA has Activated Sleeper Cells to Conduct Sabotage Inside Russia — Jack Murphy

On February 7th KONCRETE released a new podcast episode. As per its description, “Jack Murphy is an author, journalist, & co-host of The Team House Podcast. Jack is also an eight-year Army Special Operations veteran who served as a sniper and team leader in 3rd Ranger Battalion and as a senior weapons sergeant on a military free fall team in 5th Special Forces Group.”

60. Ukrainian SBU Announces 15 Year Prison Sentence for Russian Agent Detained Last March

Following 2022 week 12 story #41, on February 8th Ukraine’s SBU announced that “the traitor who coordinated the strikes on Kyiv from the “Gradiv” (Градів) and “Smerchiv” (Смерчів) will spend 15 years behind bars. It was on his “tip-off” that in March of last year, the Russian occupiers shelled one of the districts of the capital with “Hail” (Град) and “Smerch” (Смерч) rocket launchers. As a result of enemy shelling, two people died, four more were injured. In the same month, SBU officers detained the attacker at his place of residence. According to the materials of the Security Service, the court sentenced him to 15 years in prison with confiscation of property. According to the investigation data, the criminal turned out to be a resident of the Svyatoshyn district of Kyiv, who supported the armed aggression of the Russian Federation. To help the occupiers, he created a public Telegram channel, where he posted the coordinates of the bases of Ukrainian defenders and the locations of critical infrastructure. Among the active users of this internet resource were members of the occupying groups of the Russian Federation, who used the published information for rocket and artillery shelling of the capital. In addition, the attacker called for support for the Russian invaders through the social network and justified their war crimes. During the search of his apartment, law enforcement officers found electronic files with a list and coordinates of Ukrainian military facilities. Based on the collected evidence, the court found the enemy henchman guilty under Part 2 of Art. 111 of the Criminal Code of Ukraine (treason committed under martial law). The Security Service emphasises the inevitability of punishment for crimes against Ukraine. The investigation was conducted by the SBU staff of Kyiv and Kyiv region under the procedural guidance of the prosecutor’s office.”

61. Greece: Predator Spyware Paid from Secret EYP Funds

Following the ongoing domestic government surveillance scandal in Greece, on February 10th the EfSyn newspaper reported that “the secret budget of the EYP skyrocketed in 2021; 4.7 million Euros were budgeted for that year and 27.5 million Euros were finally spent, i.e. 22.7 million Euros more; In the last three years approximately 280 million Euros were allocated through the secret funds, while only for the EYP the discrepancy recorded is of the order of… 480%; SYRIZA-P.S. party asks for answers on the new aspect of looting of public money.”

62. Frenemies: US-Israel Spy Strains Emerge Over Iran

Jonathan Broder of SpyTalk published this article stating that “it didn’t take long for the United States to distance itself from Israel’s Jan. 28 drone attack on an Iranian weapons factory in the city of Isfahan. Just a few hours later, U.S. officials leaked to the New York Times that Israel’s Mossad intelligence agency had carried out the strike, making sure to stress the Biden administration had no involvement whatsoever. By contrast, Israel still hasn’t taken credit for the attack. According to former intelligence officials in both countries, the apparent urgency with which the Americans fingered Israel, plus several other Iran-related developments, points to renewed tensions between the CIA and Mossad over Biden administration efforts to revive the 2015 Iran’s nuclear deal, even as the two countries hold joint military exercises meant to warn Tehran not to develop a nuclear weapon. The episode sheds fresh light on the close but contradictory ties between the U.S. and Israeli intelligence agencies, one of the most complicated relationships in the shadowy world of international espionage. On one hand, Mossad and CIA officers share intelligence and even coordinate some field operations, reflecting Israel’s status as a close and trusted U.S. ally. At the same time, the two spy services disagree sharply over Iran’s intentions. And despite fervent Israeli denials, former U.S. officials say the Mossad still runs aggressive intelligence-gathering operations in the United States that present thorny political challenges for U.S. officials.”

63. Pakistani Spy Agencies Expose Script of Another Plan of Indian False Flag Operation

On February 11th Samaa TV published this article saying that “Pakistani spy agencies uncovered another sinister plot of a false flag operation planned by India on the anniversary of the Pulwama terror attack that took place in February 2019 before the Indian parliamentary elections. As the election season approached, the Modi government reportedly resorted to underhanded strategies against Pakistan. The elections, set to take place in 9 states across India, are seen as crucial in determining the outcome of the 2024 Indian Lok Sabha elections. It was revealed that India had been secretly plotting a false flag operation, an act of aggression disguised as an attack by another party, aimed at inciting conflict with Pakistan. Before the plan was about to be put into motion, Pakistani agencies made their move and unearthed another vicious design. According to the Indian script, the southern districts of India Illegally Occupied Jammu and Kashmir (IIOJK) were to be attacked by a suicide bomber. There were also reports of attacks on military targets in Pulwama, Kulgam, Anantnag, and Shopian. The Indian authorities were to blame Pakistan and its premier spy agency — ISI — for the attack. Notably, In January 2022, Indian Congress Leader Udit Raj had claimed that “power-hungry” Narendra Modi had planned the Pulwama terror attack. Earlier this year in January, Pakistan’s intelligence and security agencies had exposed the script of a false flag operation of alleged infiltration into the IIOJK planned by India and its leader Prime Minister Narendra Modi on the eve of India’s Republic Day — January 26. According to the script unearthed by sleuths, the false flag operation was to be carried out by the Indian army and police personnel in the Poonch sector of IIOJK near the Line of Control (LOC) and would be blamed on Pakistan.”

64. Israel’s NSO and Candiru Eye New Indian Interceptions Contract

Intelligence Online published this article on February 9th stating that “the Israeli cyberintelligence firm NSO Group is circling a tender with India’s Research & Analysis Wing, but Indian officials are reticent to team with the company behind the Pegasus spyware. Candiru, which is close to NSO, would also like a slice of the action.”

65. United States: The Army Has Axed Its Dash-8 Surveillance Planes

On February 9th The Warzone published this article which is saying that “the U.S. Army says it has gotten rid of its entire fleet of Airborne Reconnaissance Low-Enhanced aircraft, or ARL-Es, and is now in the process of divesting dozens of smaller Enhanced Medium Altitude Reconnaissance and Surveillance System types, or EMARSSs. The service is planning to supplant these and other existing fixed-wing intelligence, surveillance, and reconnaissance (ISR) aircraft with a new fleet of business jet-based designs. However, the intended replacements are still years away from becoming operational in significant numbers. A spokesperson for the Army’s Program Executive Office for Aviation (PEO-A) confirmed to The War Zone today that all ARL-E aircraft, also known as RO-6As, were removed from service by the end of 2022. It’s unclear what the exact size of the ARL-E fleet was at its peak last year, with the service having at least six of these aircraft as of 2015 and prior plans to acquire a total of nine.”

66. Ukrainian SBU Detains FSB Agent — Employee of Ukrainian Railways

Following this week’s story #8, on February 9th Ukraine’s SBU announced that they “exposed an employee of Ukrainian Railways who worked for the FSB and adjusted missile strikes on Kyiv. The Security Service exposed a Russian agent in the ranks of the Ukrainian Railways state joint stock company. He turned out to be an active official of the South-Western Railway Regional Branch, whom the intelligence service of the Russian Federation involved in secret cooperation after a full-scale invasion. In the case of capturing the region, the invaders promised their henchman loyal treatment and leadership positions in the occupation administrations. The attacker was in constant contact with a case officer of the FSB, who coordinated his intelligence and subversive activities against Ukraine. First of all, the aggressor was interested in intelligence about the time and place of movement of military echelons with weapons and ammunition of the Armed Forces. In addition, the enemy henchman tried to give the occupiers the coordinates of energy-generating enterprises in Kyiv. In the case of receiving intelligence, the Rashists planned to use it to prepare and carry out a series of targeted missile strikes on Ukrainian infrastructure. However, the SBU officers worked ahead of time — timely exposed the Russian agent, documented his criminal activities and detained him in Chernihiv. During the searches, law enforcement officers found smartphones with evidence of conspiratorial correspondence with a representative of the Russian intelligence service.”

67. United States: Former CIA Counterintelligence Chiefs Weigh in on The Fourth Man

On February 5th The Cipher Brief published this article saying that “Robert Baer’s book The Fourth Man leads readers to conclude — falsely — that highly accomplished, retired CIA officer Paul Redmond was himself a long-time spy for the KGB. As former leaders of Counterintelligence who were directly involved over decades in the Russian operations and investigations discussed in the book, we found the book to be riddled with errors and what we found to be irresponsible, false assumptions from Mr. Baer’s primary sources. Let’s dig in to why. CIA counterintelligence investigators who were directly involved in the issues, as well as retired and currently serving intelligence officers at all levels, have voiced strong objections to the book. We owe it to them, to Mr. Redmond, to the intelligence profession, and our commitment to solve real counterintelligence threats, to correct the record. Dissecting all the inaccuracies in the book is beyond the scope of this article, so, our focus is on the most egregious errors and what might be done to correct them. Because of classification issues, even though we had access to sensitive details in our former roles, we cannot include all of the intelligence to which we were privy, which would further strengthen our findings.”

68. Cameroon: Yaoundé: The head of Counter-Espionage Summoned in the Case of Martinez Zogo’s Death

On February 6th Cameroon Intelligence Report stated that “Divisional Commissioner Léopold Maxime Eko Eko, head of the General Directorate of External Research (DGRE), the Cameroonian counterintelligence service, had his presence requested at the State Secretariat for Defence on 1 February. According to sources close to the investigation, Léopold Maxime Eko Eko has been summoned for questioning in connection with the assassination of journalist Martinez Zogo, whose body was discovered on the morning of 22 January, following that of Lieutenant-Colonel Justin Danwe, Director of Operations of the Direction générale de la recherche extérieure (DGRE), who is believed to have orchestrated Zogo’s kidnapping, custody, torture, and murder. Eko Eko’s arrest is the first significant step towards an investigation that has been slow to develop. It has long been believed that the authorities may have had something to do with the murder. On 27 January, Secretary General of the Presidency, Ferdinand Ngoh Ngoh, ordered that the investigation be opened, causing hope to abound. Before his August 2010 appointment as head of the DGRE, Eko Eko was Director of General Intelligence at the Délégation générale à la sûreté nationale, DGSN, (General Delegation for National Security). Already a police commissioner with a Doctorate in Information and Communication Sciences from l’université Paris-Est, Eko Eko has long been a supporter of treating perceived enemies of the state with force, as was the case with the disappearance of Guérandi Mbara’s as revealed in 2014 by us; Mbara being one of the masterminds of the 6 April 1984 coup d’état. Mbara was kidnapped in Bulgaria, repatriated to Cameroon, and delivered into the hands of the DGRE, never to be seen nor heard from again. According to our sources, Eko Eko has been temporarily replaced by Deputy Director General Monkouop Mouminou, Divisional Commissioner.”

69. Ukrainian SBU Says Tetyana Montyan Collaborates with Russian Intelligence for Psychological Operations

On February 10th Ukraine’s SBU announced that “the Security Service has collected a comprehensive evidence base on the pro-Kremlin propagandist Tetyana Montyan (Тетяну Монтян), who publicly justifies Russian armed aggression against Ukraine. Being on the territory of the aggressor country, she takes an active part in the information and psychological special operations of the Russian intelligence services. For this purpose, he regularly appears on Russian TV channels, where he actively calls for changes in the borders of the state border of Ukraine and support for the occupation groups. She also massively spreads disinformation about the situation in Ukraine through her own channels on YouTube and Telegram, which have almost half a million subscribers. According to the investigation, the perpetrator left for Russia in 2021. Since then, she has been constantly visiting the temporarily occupied regions of Donetsk and Luhansk regions to prepare propaganda stories in favor of the Kremlin regime.”

70. Video: S2 Underground: Tactical SIGINT — Tracking Spy Planes

On February 11th S2 Underground published a new video explaining how everyday citizens can perform some basic Signals Intelligence (SIGINT) to be able to track spy planes.

71. Russia: An Officer of the Ukrainian GUR was Liquidated

On February 9th the Russian RIA-FAN published an update on the ongoing conflict between Russia and Ukraine. Among others it says that “another employee of the Ukrainian intelligence services was liquidated in the NMD zone. It is reported that in the battle near Bakhmut, Alexander Tkachenko with the cryptonym Domovoy (Домовой), who was in the ranks of the Main Intelligence Directorate of the Ministry of Defence of Ukraine, died.”

72. United Kingdom: New Tory Chairman Believes Russian Spy Tried to Recruit Him in Pub

DailyMail reported on February 11th that “conservative Party chairman Greg Hands has said he believes a Russian spy tried to recruit him over a pint of beer in a London pub. The Cabinet minister said he met Alexander Kashitsyn — who he now thinks was a secret agent — at the Seven Stars pub in Fulham while he had been seeking election as Tory MP for the area almost 20 years ago. Mr Hands, who was elected MP for Chelsea and Fulham in 2010, claimed Mr Kashitsyn had first introduced himself as a Russian Embassy worker during a Conservative event in 2004 at which Boris Johnson was a guest speaker. He said Mr Kashitsyn asked for a meeting shortly afterwards and, at the pub, probed Mr Hands for information about Iran’s nuclear programme. Speaking with Channel 4 for a Dispatches documentary, Mr Hands said: “First he’d said he wanted to talk about street-sweeping cleaning or bin collection. “Then suddenly he asked me to get him a document about the Iranian nuclear programme from the House of Commons Library.” Mr Hands said he declined to help, adding: “I was very suspicious. “I thought he was a Russian intelligence officer getting a soon-to-be British Member of Parliament to do something for the Russian state. “This is sometimes a sort of a classic kind of… a sort of espionage technique.”

73. Video: Secret Government Numbers Stations Failures & Mishaps

Following this week’s story #15, on February 9th Ringway Manchester published a second video on a similar topic. This video covers some failures and mishaps of the following number stations: 1) Polish intelligence’s E11A “Oblique” at 7840 KHz; 2) Israeli Mossad’s E10 “JSR Variant” at 5091 KHz; 3) British intelligence’s E03 “Lincolnshire Poacher”.

74. Ukrainian SBU Declares People’s Deputy of Ukraine Oleg Voloshyn as Suspect of Treason

On February 10th Ukrainian SBU announced that “a member of the Verkhovna Rada was suspected of treason. On the basis of evidence collected by the SBU counter-intelligence, People’s Deputy of Ukraine Oleg Voloshyn (Олег Волошин) was suspected of treason. According to the investigation materials, during 2020–2021, this parliamentarian assisted the military and political leadership of the Russian Federation in subversive activities against Ukraine. Among other things, Voloshyn purposefully manipulated the public opinion of Ukrainians in the interests of the aggressor country. In particular, he presented distorted information about the military, political and social spheres of our state in his speeches and interviews. These and other activities of Voloshyn prove that he deliberately acted to the detriment of the sovereignty, territorial integrity and inviolability, defense capability, state, economic and information security of Ukraine. Currently, the Prosecutor General has drawn up a notice of suspicion to the People’s Deputy of Ukraine under Part 1 of Art. 111 of the Criminal Code of Ukraine (treason). As part of the open criminal proceedings, SBU officers, together with the SBU, under the procedural guidance of the Prosecutor General’s Office, conduct investigative actions at the registered addresses of the person involved and his relatives and connections. A set of measures is being taken to bring Voloshyn, who is currently hiding from justice abroad, to justice.”

75. China Cranking Up Political Espionage, German Official Tells Newspaper

Reuters reported on February 11th that “the head of Germany’s domestic intelligence agency fears that China is expanding its spy activities against Berlin, he said in a newspaper interview published on Saturday, adding that Beijing was focusing increasingly on political espionage. “China is developing wide-ranging spying and influence activities. We must be prepared for these to increase in the coming years,” Verfassungsschutz agency chief Thomas Haldenwang told the Welt am Sonntag newspaper. He warned that economic dependence on China could be exploited for political influence. “China is pursuing a long-term strategy to achieve its goals,” Haldenwang said. “The political leadership is already using its economic power, which also results from intensive relations with the German and European economies, to implement political goals.” The German government has been reassessing its economic relations with authoritarian countries after the Ukraine war laid bare the vulnerabilities of Berlin’s years-long energy dependence on Russia. In a strategy paper seen by Reuters, the Economy Ministry recommended imposing stricter requirements for firms dealing with China, for example by undergoing regular stress tests.”

76. United States: Police Officer Wants Badge Back After Spy Charges Dropped

The Washington Post reported on February 9th that “on a September day in 2020, New York City Police Officer Baimadajie Angwang kissed his toddler goodbye and was about to drive to work when he was surrounded by rifle-toting FBI agents. You’re under arrest, the bewildered cop was told. The charge: Being a secret agent for China. Angwang, a former U.S. Marine, spent six months in a federal detention center before he was freed on bail while awaiting trial on charges that he fed information about New York’s Tibetan community to officials at the Chinese consulate in New York. Then, just as suddenly, it was over. Federal prosecutors in Brooklyn dropped the charges Jan. 19, saying only that they were acting “in the interest of justice.” They didn’t explain further. Now Angwang says he wants to be reinstated to the police force, which suspended him with pay while the case was pending. But more than that, he wants answers. “Why did you start the investigation on me? Why did you drop all the charges?” said Angwang, who was born in Tibet but was granted political asylum in the U.S. as a teenager. “We want an explanation. We’re demanding it because you owe me,” he said during an interview at his attorney’s office. “You can’t just put me in jail for six months and ruin my name, ruin my reputation and give all this stress to my family members and friends, and then you say, ‘in the interest of justice.’ You just going to leave it like that?” China’s Communist Party has ruled over Tibet for seven decades and China has claimed a vast stretch of the Himalayas as part of its territory since the 13th century. But the relationship has been fraught with tension, with many Tibetans — some in exile — seeking independence. The original charge against Angwang was that he began supplying information to Chinese officials on Tibetan independence groups in New York in 2018.”

77. Ukraine’s SBU Dismantles Russian Bot Farm in Zaporizhzhia

On February 8th Ukraine’s SBU announced that they “exposed an enemy bot farm in Zaporizhzhia, which called for donations to support the occupiers. The Security Service blocked the activities of a powerful pro-Kremlin bot farm in Zaporizhzhia. Several thousand bots “dispelled” disinformation about the situation on the southern front, popularised the Russian occupation groups and called for donations to support them. In addition, they discredited the command of the Defence Forces and incited Ukrainian citizens to evade mobilisation. The Telegram channel of the enemy propagandist Rogov, who represents the occupation administration of Melitopol, was used as the primary source for spreading destructive content. Already at the very beginning of its activity, the bot farm had almost 2,000 fake accounts that spread pro-Russian narratives allegedly on behalf of local residents. In the future, the enemy “cell” was to become a “strike force” in carrying out large-scale information sabotage of the aggressor in the front-line areas of the region. According to the investigation, the illegal activity was organised by a local specialist in information and telecommunication technologies. He placed computer equipment for subversive work in one of the rented office premises in the city centre. The specialised equipment used by the attacker made it possible to register new anonymous accounts on social networks every day, including those banned in Ukraine. During the search of the suspect’s office, law enforcement officers discovered: ️computer equipment with evidence of illegal activity; ️2.5 thousand SIM cards of Ukrainian mobile operators; ️SIM gateways and other specialised equipment and software. The seized equipment was sent for examination.”

78. A Secret Russian Satellite Has Broken Apart in Orbit

On February 8th Business Insider reported that “a mysterious Russian satellite with a shady mission has broken apart in Earth’s orbit, creating a hazardous cloud of debris zipping around the planet and menacing other satellites, US Space Force announced. The 18th Space Defense Squadron said on Twitter Monday that it had confirmed a satellite called Kosmos 2499 had broken apart into 85 pieces. Previous collisions and satellite break-ups have created far larger and more hazardous debris fields than this. But the pieces of Kosmos 2499 are orbiting at an altitude of about 745 miles — so high that they’ll probably be there for a century or longer before Earth’s atmosphere drags them down and burns them up, according to NASA. Kosmos 2499 is one of three satellites that Russia launched secretly from 2013 to 2015. Its beginning is even more mysterious than its end. NASA and the US Department of Defense did not immediately respond to Insider’s requests for comment.”

79. U.S., UK Sanction Eight Bulgarians Over Alleged Corruption

On February 10th DailyMail reported that “the United States and Britain on Friday sanctioned eight Bulgarians for alleged corruption, including the country´s wealthiest man and a former minister who allegedly profited illegally from deals involving Bulgaria’s only nuclear power plant and Russian energy firms. The coordinated actions were aimed at countering “systemic corruption … that resulted in illicit personal gain, undermined the country´s democratic institutions, and perpetuated its corrosive dependence on Russian energy sources,” the U.S. Treasury said in a statement. Bulgaria, a member of NATO and the European Union, ranks among Europe´s most corrupt countries, according to the Transparency International advocacy group, and has been criticized for failing to root out corruption. Washington sanctioned five former Bulgarian officials and five entities controlled by two of them. London banned the entry into Britain and imposed asset freezes on three other Bulgarians — all slapped with U.S. sanctions in 2021 — including Vasil Bozhkov, the country´s wealthiest man. The U.S. measures freeze any property and interests the five former officials and five entities have in the United States, the statement said. Among those sanctioned was Rumen Ovcharov, a former energy minister and lawmaker who “repeatedly engaged in corrupt energy contracts” with Russian energy firms, accepting bribes in return for fixed-price deals for Russian gas, nuclear fuel, and support for the Kozloduy Nuclear Power Plant (KNPP), Bulgaria´s sole nuclear facility, the statement said. Ovcharov declined to comment. The statement said that he and another former energy minister, Aleksandar Nikolov, coordinated contracts to buy power from KNPP that they then resold to the national electricity company even though the company had a deal to purchase power directly from the facility. Nicholov said he did not know why he was sanctioned. Washington also targeted Nikolay Malinov, a former Parliament member, for allegedly bribing a judge to allow him to travel to Russia to receive an award from President Vladimir Putin. Malinov had been barred from leaving Bulgaria following his arrest in 2019 on espionage charges, the statement said. “I am flattered. If the U.S. Treasury barks against me that means I am headed in the right direction,” Malinov said in response. The Treasury said Vladislav Goranov, a former lawmaker and finance minister, was sanctioned for a scheme in which tens of millions of euros in bribes were paid to Bulgarian officials in exchange for legislation favoring the gambling industry. Goranov said he was not acquainted with the allegations. In addition to Bozhkov, who is a fugitive, Britain targeted former lawmaker Delyan Peevski and former national security official Ilko Zhelyazkov, a one-time board member of the country´s largest state energy company, for allegedly misusing state funds.”

80. North Korean Cyber Espionage Actor Profile

This technical presentation was published this week. It’s a cyber espionage actor profile for an actor dubbed as ScarCruft (also known as APT37, Group123, RICOCHET CHOLLIMA and Venus121) who is targeting South Korean journalists, North Korean defectors, and South Korean government officials for espionage purposes. ScarCruft is, reporterdly, associated with the intelligence services of North Korea.

81. Greece: Justice Time for the Virtual Invoices of Spyware Firm Krikel

The Greek EfSyn reported on February 11th that “the Prosecutors learned about the information about Krikel, Fullspan, Ioniki Technologica (interests of Lavranos) and the polling company Marc, from which it is proved that some in the control mechanisms of the state were covering up the illegalities. We reveal two new fake Italian IDs concerning persons in the close environment of Yannis Lavranos.”

82. How America Took Out The Nord Stream Pipeline

On February 8th investigative journalist Seymour Hersh published this article stating that “the U.S. Navy’s Diving and Salvage Center can be found in a location as obscure as its name — down what was once a country lane in rural Panama City, a now-booming resort city in the southwestern panhandle of Florida, 70 miles south of the Alabama border. The center’s complex is as nondescript as its location — a drab concrete post-World War II structure that has the look of a vocational high school on the west side of Chicago. A coin-operated laundromat and a dance school are across what is now a four-lane road. The center has been training highly skilled deep-water divers for decades who, once assigned to American military units worldwide, are capable of technical diving to do the good — using C4 explosives to clear harbors and beaches of debris and unexploded ordinance — as well as the bad, like blowing up foreign oil rigs, fouling intake valves for undersea power plants, destroying locks on crucial shipping canals. The Panama City center, which boasts the second largest indoor pool in America, was the perfect place to recruit the best, and most taciturn, graduates of the diving school who successfully did last summer what they had been authorized to do 260 feet under the surface of the Baltic Sea. Last June, the Navy divers, operating under the cover of a widely publicized mid-summer NATO exercise known as BALTOPS 22, planted the remotely triggered explosives that, three months later, destroyed three of the four Nord Stream pipelines, according to a source with direct knowledge of the operational planning.” The article continues that “back in Washington, planners knew they had to go to Norway. “They hated the Russians, and the Norwegian navy was full of superb sailors and divers who had generations of experience in highly profitable deep-sea oil and gas exploration,” the source said. They also could be trusted to keep the mission secret. (The Norwegians may have had other interests as well. The destruction of Nord Stream — if the Americans could pull it off — would allow Norway to sell vastly more of its own natural gas to Europe.) Sometime in March, a few members of the team flew to Norway to meet with the Norwegian Secret Service and Navy. One of the key questions was where exactly in the Baltic Sea was the best place to plant the explosives. Nord Stream 1 and 2, each with two sets of pipelines, were separated much of the way by little more than a mile as they made their run to the port of Greifswald in the far northeast of Germany.” Here’s an OSINT analysis indicating the gaps identified in this story.

83. Podcast: CIA Black Ops Spy Rick Prado

On February 11th the Night Dreams Talk Radio Network published this new podcast episode. As per its description, “born in Cuba, Prado and his family were caught in the midst of the Castro Revolution, and fled their war-torn home for a better life in the U.S. Fifty years after that daring escape, he retired from the CIA as the agency’s equivalent of a Two-Star General. During his two-and-a-half decade career, he was one of the agency’s best and most dedicated Black Ops specialists. Early in his career he served as a paramilitary officer in the agency’s elite Special Activities Group, where he fought alongside the Contras in the U.S.’s clandestine war against Nicaragua’s Sandinistas. Through his heroism and dedicated service there, he was awarded the CIA’s Intelligence Medal of Merit. As soon as he returned stateside, however, he faced the political firing squad of the Iran-Contra Scandal. His career took him around the globe in duty stations in Central and South America as well as the Philippines. Following those posts, Prado joined the highest echelons of the CIA headquarters in Langley, VA. Toward the end of 1995, Prado was appointed Deputy Chief of Station and co-founding member of the Bin Laden Task Force, followed by three years as head of Korean Operations. It was at that point that he took on one of the most dangerous missions of his career, re-establishing a once-abandoned CIA station inside a hostile nation long since considered a front line of the fight against Islamic terrorism. Prado carried out covert operations and developed assets that proved pivotal in the coming War on Terror. As Chief of Operations for the CIA’s Counterterrorist Center, he was one of the architects of the agency’s covert war to destroy Al Qaeda in the aftermath of the 9/11.”

84. Eizo Rugged Solutions: Using Edge GPGPUs in SIGINT Systems

On February 11th Unmanned Systems Technology published this article stating that “high-Performance Embedded Computing (HPEC) processing systems used in Signals Intelligence (SIGINT) applications are designed to handle large amounts of data and perform complex computations in real-time, enabling rapid decision-making and effective operations. There are several benefits of using Edge GPGPUs in SIGINT HPEC applications such as low-latency parallel processing, scalability, and cost-effectiveness. In the below article, EIZO Rugged Solutions covers using embedded GPGPUs in Signals Intelligence (SIGINT) applications for edge computing capability.”

85. OSINT on Iranian Cargo Ship Traces in the Red Sea

On February 9th maritime OSINT analyst Istihbarat1800L published this report indicating how an Iranian merchant ship was operating undercover in 2022. As per the article’s introduction, “the article no addresses the specific question of whether Iran sent weapons to Port Sudan, but instead focuses on the broader issue of Iran’s establishment and presence at strategic locations in the Red Sea.”

86. Greece: The EYP Classified Documents of the “Greek Mafia” Trial

The Greek NewsBreak published this article on February 11th describing in detail 4 classified documents and other evidence that the Greek National Intelligence Service (EYP) has submitted in a trial involving corrupt officials, law enforcement, and organised crime known as the “Greek Magia” trial. As per the article, NewsBreak “is today publishing in chronological order the classified documents of the EYP and the correspondence of the Prosecution Authorities with the competent services of the Hellenic Police. From these documents it is proven why the Three-Member Court of Misdemeanours of Athens was led to acquit all 17 accused who were alleged to be members of the Greek Mafia, in the period 2015–2016, judging that there is no evidence of guilt.”

87. Verkhovna Rada Appointed Vasyl Malyuk Head of the Security Service of Ukraine

The Odessa Journal reported on February 7th that “on the submission by President of Ukraine Volodymyr Zelenskyy, the Verkhovna Rada appointed Vasyl Malyuk Head of the Security Service of Ukraine who was previously Acting Head of the Security Service of Ukraine. The respective decision has been approved by 324 people’s deputies. Presenting the submission for the appointment of Vasyl Malyuk at the plenary session of the Parliament, the Head of State emphasized that such appointments were in line with the essence and objectives of the current period of war with Russia. Volodymyr Zelenskyy noted that Vasyl Malyuk is a combat officer who has been defending Ukraine since the first days of the full-scale invasion, and has been doing his job with dedication and professionalism. “During his actual leadership in the Security Service, Vasyl Malyuk has proved that the Security Service can meet the expectations of the people of Ukraine,” the President said. According to him, the Security Service conducts truly successful and often unique special operations. “Some of these operations helped change the picture of the war in our favor. Collaborators in the occupied territories have realized that they cannot avoid justice, and this is also one of the achievements of our Security Service,” the Head of State is convinced. Volodymyr Zelenskyy emphasized that strikes were also made against the internal enemy, which is reflected in the decisions of the National Security and Defense Council based on the data from the Security Service. “We managed to build a system of protection of Ukraine from enemy special operations and a system of countering Russian special services. There is a significant personal merit of Vasyl Malyuk in this,” he said.”

88. Israel: Former Mossad Chief, Ex-National Security Aides Urge Compromise on Judicial Shakeup

The Times of Israel reported this on February 11th saying that “a group of former national security advisers, including several appointed by Prime Minister Benjamin Netanyahu, on Saturday urged the opposing sides of the government’s push to radically transform the judicial system to meet in an effort to reach a compromise. In a letter sent to Knesset Speaker Amir Ohana, the ex-aides, including former Mossad chief and close Netanyahu ally Yossi Cohen, warned the lack of agreement could undermine Israel’s security, as “the national resilience of Israeli society” has enabled the country to tackle external threats. “In recent weeks, the political crisis has developed into a grave societal crisis,” they warned. “Lately, the flashpoint has been the judicial reform. The extreme comments that have been heard show the depth of the rift in the public. The feelings of crisis and distress are growing stronger because there is no serious effort to reach agreements of any type.” Citing their security backgrounds, the advisors warned that the intensity of the current “social and political conflict is endangering national resilience.” They said it was therefore incumbent upon coalition and opposition leaders to hold “serious dialogue without pre-existing conditions… to reach an agreed-upon framework regarding the relations between the legislative, executive and judicial branches.” “Only by reaching an agreed-upon framework will national resilience be strengthened, serving as proof that Israel is a strong and thriving country,” they added.”

89. United States: The FBI’s Most Controversial Surveillance Tool is Under Threat

WIRED published this story on February 10th stating that “an existential fight over the US government’s ability to spy on its own citizens is brewing in Congress. And as this fight unfolds, the Federal Bureau of Investigation’s biggest foes on Capitol Hill are no longer reformers merely interested in reining in its authority. Many lawmakers, elevated to new heights of power by the recent election, are working to dramatically curtail the methods by which the FBI investigates crime. New details about the FBI’s failures to comply with restrictions on the use of foreign intelligence for domestic crimes have emerged at a perilous time for the US intelligence community. Section 702 of the Foreign Intelligence Surveillance Act (FISA), the so-called crown jewel of US intelligence, grants the government the ability to intercept the electronic communications of overseas targets who are unprotected by the Fourth Amendment. That authority is set to expire at the end of the year. But errors in the FBI’s secondary use of the data — the investigation of crimes on US soil — are likely to inflame an already fierce debate over whether law enforcement agents can be trusted with such an invasive tool. Central to this tension has been a routine audit by the Department of Justice’s (DOJ) national security division and the office of the director of national intelligence (ODNI) — America’s “top spy” — which unearthed new examples of the FBI failing to comply with rules limiting access to intelligence ostensibly gathered to protect US national security. Such “errors,” they said, have occurred on a “large number” of occasions. A report on the audit, only recently declassified, found that in the first half of 2020, FBI personnel unlawfully searched raw FISA data on numerous occasions. In one incident, agents reportedly sought evidence of foreign influence linked to a US lawmaker. In another, an inappropriate search pertained to a local political party. In both cases, these “errors” attributed to a “misunderstanding” of the law, the report says. At some point between December 2019 and May 2020, FBI personnel conducted searches of FISA data using “only the name of a US congressman,” the report says, a query that investigators later found was “noncompliant” with legal procedures. While some searches were “reasonably likely to return foreign intelligence information,” investigators said, they were also “overly broad as constructed.” In another incident, the FBI ran searches using the “names of a local political party,” even though a connection to foreign intelligence was “not reasonably likely.” The DOJ explained the errors away by saying FBI personnel “misunderstood” the search procedures, adding they were “subsequently reminded of how to correctly apply the query rules.” These are the mistakes that will ultimately serve as ammunition in the coming fight to diminish the FBI’s power. Elizabeth Goitein, senior director of the Brennan Center for Justice’s national security program at New York University School of Law, says that while troubling, the misuse was entirely predictable. “When the government is allowed to access Americans’ private communications without a warrant, that opens the door to surveillance based on race, religion, politics, or other impermissible factors,” she says. Raw Section 702 data, much of which is derived “downstream” from internet companies like Google, is regarded as “unminimized” when it contains unredacted information about Americans. Spy agencies such as the CIA and NSA require high-level permission to “unmask” it. But in what privacy and civil liberties lawyers have termed a “backdoor search,” the FBI regularly searches through unminimized data during investigations, and routinely prior to launching them. To address concerns, the US Congress amended FISA to require a court order in matters that are purely criminal. Years later, however, it was reported that the FBI had never sought the court’s permission.”

90. Podcast: Cold War Conversations: Anna Montes “The Most Damaging Female Spy in US History”

On February 11th the Cold War Conversations published this new podcast episode. As per its description, “for nearly 17 years, Montes was one of the government’s top Cuba experts, with easy access to classified documents. By night, she was working for Fidel Castro’s Cuba, listening to coded messages over shortwave radio, passing US secrets to handlers in local restaurants, and slipping into Havana wearing a wig.”

91. Video: Dozens of Sudanese Protest Normalisation with Israel

The Associated Press published this video on February 11th stating that “dozens of Sudanese on Monday protested against plans by leaders in their country to establish diplomatic ties with Israel. Israel’s foreign minister Eli Cohen visited Khartoum on Thursday and met military leaders, including Sudan’s ruling general, Abdel-Fattah Burhan, who led a coup that overturned the country’s transitional government in 2021. Cohen later told reporters that his country will normalize its relationship with Sudan sometime later this year. Currently, Sudan, like most Arab states, has no diplomatic relations with Israel, which it has traditionally viewed with hostility for occupying what it views as Palestinian land. During Monday’s protest in Khartoum, many of the protesters held banner and shouted slogans again Israel and the normalization process. For Sudan’s ruling generals, a breakthrough with Israel could help convince foreign countries, including the United States and the UAE, to inject financial aid into the struggling economy. Sudan remains mired in a political stalemate between a popular pro-democracy movement and the country’s powerful armed forces. Sudan first signed a normalization agreement with Israel, joining Morocco, Bahrain and the UAE, in 2020 as part of the U.S.-brokered Abraham Accords to establish full diplomatic ties. However, the process stalled amid widespread popular opposition in Sudan. The military coup in October 2021 then deposed Sudan’s government, upending the African country’s fragile democratic transition.” Among others, AP also notes that the vide shows “a woman holding placard with characters depicting officials in Tel Aviv and Washington DC. UPSOUND (Arabic) “Corruption is normalization with the Mossad (the Israeli spy agency)”.”