SPY NEWS: 2024 — Week 19
Summary of the espionage-related news stories for the Week 19 (May 5–11) of 2024.
1. Russia/Germany: Russia Plotting Sabotage Across Europe, Intelligence Agencies Warn
Financial Times reported on May 5th that “European intelligence agencies have warned their governments that Russia is plotting violent acts of sabotage across the continent as it commits to a course of permanent conflict with the west. Russia has already begun to more actively prepare covert bombings, arson attacks and damage to infrastructure on European soil, directly and via proxies, with little apparent concern about causing civilian fatalities, intelligence officials believe. While the Kremlin’s agents have a long history of such operations — and launched attacks sporadically in Europe in recent years — evidence is mounting of a more aggressive and concerted effort, according to assessments from three different European countries shared with the Financial Times. Intelligence officials are becoming increasingly vocal about the threat in an effort to promote vigilance. “We assess the risk of state-controlled acts of sabotage to be significantly increased,” said Thomas Haldenwang, head of German domestic intelligence. Russia now seems comfortable carrying out operations on European soil “[with] a high potential for damage,” he told a security conference last month hosted by his agency, the Federal Office for the Protection of the Constitution.”
2. United Kingdom/Greece/Romania/Bulgaria/United States/Ukraine/Russia: NATO’s Eyes on the Black Sea
ItaMilRadar reported on May 5th that “despite it being Sunday, NATO surveillance operations continue intermittently along its eastern border. Particularly this morning, a mission is underway in the Black Sea area involving an RAF Boeing RC-135W (reg. ZZ665) , which took off from Souda Bay AB, where it has been stationed for some time. Before reaching its operational area (the western part of the basin off the Romanian and Bulgarian coasts), the aircraft conducted aerial refueling over Romania with a USAF Boeing KC-135R (reg. 59–1475), which departed from RAF Mildenhall in the United Kingdom. However, the RAF Rivet Joint is not the only NATO asset conducting surveillance missions in the area. A US Army Bombardier ARTEMIS (reg. N488CR — c/s BRIO68) has been orbiting along the border between Romania and Moldova since this morning.”
3. United States/United Kingdom: AFIO — Gordon Corera on Operation Columba — The Untold Story of the WWII Secret Pigeon Service in Europe
On May 5th the United States Association of Former Intelligence Officers (AFIO) published this video recording. As per its description, “interview of Friday, 1 December 2023. Gordon Corera, BBC National Security Correspondent, Author and Journalist, on his book “Operation Columba — The Secret Pigeon Service: The Untold Story of World War II Resistance in Europe.” The fascinating, untold story of how British intelligence secretly used homing pigeons as part of a clandestine espionage operation to gather information, communicate, and coordinate with members of the Resistance to defeat the Nazis in occupied Europe during World War II. Interviewer/host is AFIO President James Hughes, a former senior CIA Operations Officer and Former NSA Associate Deputy Director of Operations. The interview runs 21 minutes and includes several Q&As. GORDON CORERA is a journalist and writer on intelligence and security issues. Since 2004 he has been a security correspondent for the BBC, where he covers terrorism, cyber security, the work of intelligence agencies and other national security issues. He has reported from across the United States, Asia, Africa and the Middle East and presented a number of programmes focusing on intelligence agencies including MI6, MI5, GCHQ, the CIA, the NSA and Mossad. He is the author of Secret Pigeon Service: Operation Columba, Resistance and the Struggle to Liberate Europe, Intercept: The Secret History of Computers and Spies (entitled Cyberspies in the US), MI6: Life and Death in the British Secret Service (also entitled The Art of Betrayal), and Shopping for Bombs. He was educated at Oxford and Harvard universities, and lives in London.”
4. Australia/China/United States: Spy Agencies Kept MPs in Dark After They Were Targeted by Chinese Hackers
The Nightly published this exclusive story on May 6th saying that “Australia’s spy agencies were told twice that a group of Australian MPs belonging to an international committee on China had been targeted by Chinese hackers — but the authorities chose to keep the MPs in the dark about the cyber attacks. The Nightly understands that a Five Eyes intelligence agency first warned Australia’s agencies in mid-2021 that the attacks had taken place in January 2021. In June 2022, the FBI formally notified Australian authorities about the attempts by a Chinese hacking group called APT31 to target six Australian MPs. However, the agencies decided not to tell the Government or the MPs affected. Instead, the 20 Australian MPs belonging to the Inter-Parliamentary Alliance on China (IPAC) only learned of the attempted attack when the US Department of Justice released its indictment against seven Chinese hackers in April this year — three years after the first warning was provided.”
5. Cuba: Unravelling the Enigma: The Cuban Intelligence Directorate (DI)
Grey Dynamics published this article on May 5th with its introduction stating that “the Cuban Intelligence Directorate (Dirección de Inteligencia, DI), also known as G2, stands as one of the most enigmatic and potent intelligence agencies on the global stage. Originating in the crucible of the Cuban Revolution, this agency has evolved from its revolutionary roots to become a key player in international intelligence. It navigates through the Cold War’s espionage battles to the multifaceted geopolitical challenges of today. The DI’s journey is a testament to Cuba’s strategic intelligence capabilities. And, to its unwavering commitment to safeguard the nation’s sovereignty against external threats. The Cuban Intelligence Directorate’s story intertwines with the island’s turbulent history. This history is marked by its strategic geopolitical position and the ideological confrontations that defined the 20th century. As one of the Western Hemisphere’s most enduring intelligence entities, the DI has mastered the art of survival and adaptation. It does that in part by maintaining its relevance in the face of shifting global dynamics and technological advancements. Scholars and intelligence professionals have noted the DI’s effectiveness and its role in shaping Cuba’s defence strategy against perceived imperialist threats.”
6. Ukraine/Russia: SBU Detained 2 FSB Agents Near Kyiv
On May 6th Ukraine’s Security Service (SBU) announced that they “detained an FSB intelligence group that was preparing massive airstrikes in Ukraine on the eve of Easter. Among the enemy’s priority targets were energy-generating enterprises and logistics depots for the storage of fuel and lubricants. In addition, the occupiers hoped to receive “confirmation” from their agency regarding the current geolocations of military airfields, as well as special forces guarding the General Staff of the Armed Forces. To carry out these tasks, the Russian intelligence service involved two of its agents from Uman and Luben. For the conspiracy, the participants acted separately, but remotely “locked” on one handler from the FSB. The Security Service found out about all this at the initial stage of the intelligence activity of Russian agents, which it promptly exposed and documented step by step. Thanks to this, they were able to be caught red-handed near Kyiv, where they conducted reconnaissance near potential targets, and thereby foil the aggressor’s plans to prepare airstrikes. As the investigation established, both persons involved, 28-year-old unemployed, were recruited remotely in March of this year by a staff member of the “Crimean Administration” of the FSB. His identity has already been established by the Security Service. He promised his agents a monetary reward for cooperation with the occupiers. Anonymous chat in a popular messenger was used for communication.”
7. Iran/Israel/United States/United Kingdom/Yemen: Failure of US-Zionist Espionage Network in Yemen
The Islamic Republic News Agency reported on May 5th that “according to the official news agency of Yemen (Saba), a Yemeni security source reported that the country’s intelligence agencies were able to thwart the American and Zionist regime’s espionage operations. According to this report, the security institutions of Yemen will announce the details of this conspiracy tomorrow, Monday. This is despite the fact that the Yemeni army has targeted several American, British and Zionist ships or ships bound for the occupied territories in the Red Sea and the Bab al-Mandab Strait in support of the resistance of the Palestinian people in the Gaza Strip. The forces of the Yemeni army have pledged to target the ships of this regime or the ships bound for the occupied territories in the Red Sea until the Zionist regime does not stop its attacks on Gaza.”
8. United States/United Kingdom/France: RBZ Miniature WWII Radio Receiver
On May 6th we published this video. As per its description, “herein we present the RBZ miniature radio receiver from the WWII era. It was manufactured by Emerson Radio and Phonograph Corporation for the United States Navy. It was used during the D-Day landings but it also had a clandestine use by stay-behind and resistance forces organised by British special operators to receive instructions and updates over radio, primarily through BBC radio broadcasts.”
9. China: State Security Tightens Grip on Universities
Intelligence Online reported on May 5th that “under Xi Jinping’s third mandate the world of academia has to comply and restructure more than ever — and first serve the goals of the Chinese Communist Party. The Ministry of State Security has been tasked to keep a watch on campuses.”
10. Pakistan: Police Arrest Suspect Posing as Spy Agency Official
Dawn reported on May 6th that “Secretariat police team has arrested a suspect impersonating an official of an intelligence agency and recovered a wireless set, uniform and an MP5 rifle magazine from him, a police public relations officer said. He said the police have intensified crackdown against criminal elements to eliminate crime from the city. A case was also registered against the suspect and further investigation is underway. Meanwhile, Islamabad Police Special Sexual Offence Investigation Unit (SSOIU) and Noon police station teams have apprehended an absconder wanted in a rape case, a police public relations officer said. He said a citizen submitted an application with Noon police station, stating that the accused had sexually assaulted her. Upon receiving the application, the police registered an FIR and formed a team to arrested the accused. The unit and Noon police teams utilised scientific and human resources that helped in apprehending the wanted absconder. Citizens have been urged by the police to remain vigilant and promptly report any suspicious individual or activity on the emergency helpline ‘Pucar-15’ or via the‘ICT-15’ app.”
11. Netherlands/Belgium/Russia: Russian Fishing Vessels Suspected of Spying in Groningen
The Northern Times reported on May 6th that “Russian fishing vessels that are docking regularly at Groningen’s Eemshaven port are being suspected of spying, according to a report by investigative journalism platform Pointer. On Saturday, Pointer wrote that Reefer ships from the Russian fishing company Norebo are mooring in Eemshaven every two weeks close to a military site. According to the Belgian broadcaster VRT, Norebo owns more than 40 ships but activities other than fishing may be on their agenda. It mentioned how one of their ships called Taurus was linked to espionage in the past. The ‘fishing boat’ was found to have made unusual movements in 2022 which coincided with movements of American submarines. Citing a military intelligence report, Pointer said that the Netherlands is an important espionage target for Russia. It accuses Russia of mapping infrastructure in the North Sea “and is undertaking activities that indicate espionage and preparatory actions for disruption and sabotage.” Norebo denied any wrongdoing. “Norebo, its group companies and employees have never been, are not and will not be involved in espionage,” a spokesperson told Pointer. This comes after European intelligence agencies have warned their governments that Russia is plotting violent acts of sabotage across the continent as it commits to a course of permanent conflict with the west.”
12. Belarus: Hackers Take Down Spy Agency’s Website
Ujasusi Blog published this post on May 6th with its introduction saying that “the website of Belarus’ main security service agency (KGB) has reportedly been down for two months following a cyberattack by Belarusian politically motivated hackers. The hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is “in the process of development.” The announcement of the hackers’ operation came a few days after Belarus updated its military doctrine, introducing the possibility of responding to a cyberattack on its critical infrastructure with force. The Cyber-Partisans are made up of exiled tech specialists scattered around the world — part of the broader opposition movement in Belarus, using digital tools to try to topple Lukashenko’s regime.”
13. Canada/China: Chinese Election Meddling Could Undermine Canada Democracy
Reuters reported on May 7th that “persistent Chinese election meddling has the potential to undermine Canadian democracy, Canada’s main spy agency said on Tuesday in the latest official warning about clandestine activity by Beijing. The Canadian Security Intelligence Service (CSIS) made its comments in an annual report issued days after an official inquiry found China had tried to interfere in the last two Canadian elections. CSIS said China, known formally as the People’s Republic of China, or PRC, used deceptive methods in a bid to influence policy-making at all levels of government as well as in academia and the media. “Such activity, which seeks to advance PRC national interests, has the potential to undermine Canada’s democratic process and its institutions,” it said. China regularly dismisses such charges. China and organisations linked to the ruling Chinese Communist Party “remain an enduring threat to Canadian information, technology, democratic institutions, and diaspora communities”, CSIS said.”
14. France: Author of Book About France’s DGSI Faces Trial After Secret Recordings Found
Intelligence Online reported on May 6th that “the trial of a journalist who allegedly disclosed classified information in a book about France’s domestic intelligence service is expected to begin in 2025. Secret recordings allegedly show contacts with a former agent, in a case defence lawyers say is aimed at intimidating the press.”
15. Ukraine/Russia: Ukraine Says it Foiled A Russian Spy Agency Plot to Assassinate President Zelenskyy
CTV News reported on May 7th that “Ukrainian counterintelligence investigators have foiled a Russian plot to assassinate President Volodymyr Zelenskyy and other top military and political figures, Ukraine’s state security service said Tuesday. Two colonels in the State Guard of Ukraine, which protects top officials, were detained on suspicion of enacting the plan drawn up by Russia’s Federal Security Service, a statement said. The colonels were recruited before Russia’s full-scale invasion of Ukraine(opens in a new tab) in February 2022, according to the statement. It quoted the head of the State Security Service, Vasyl Maliuk, as saying the plot foresaw an attack ahead of Russian President Vladimir Putin’s inauguration for a fifth term Tuesday. Maliuk said he personally oversaw the top-secret operation to track the plot. Ukrainian claims of Russian efforts to kill Zelenskyy are not new. Zelensky said in 2022 there has been at least 10 attempts to assassinate him as the war with Russia stretches into a third year.”
16. Belgium/Germany/China: Police Raid Far-right German MEP’s Office in China Espionage Probe
Politico reported on May 7th that “Belgian and German police on Tuesday conducted searches at the European Parliament offices of a far-right MEP and his aide as part of an investigation into suspected Chinese espionage. An investigating judge of Germany’s Federal Court of Justice ordered the search of the offices of MEP Maximilian Krah, top candidate for next month’s EU election from the far-right Alternative for Germany party (AfD) and his aide Jian G., who is suspected of “of secret service agent activity,” according to German public prosecutors. The search was delayed, according to one of Krah’s employees — granted anonymity to speak freely — because police had a warrant to search Jian G’s desk and when they arrived, another staffer was sitting there, despite Jian G.’s name being on the nameplate. It took more than two hours to get a new search warrant for Jian G.’s actual desk. German police initially arrested Jian G. in late April on the charge that he had acted as an agent for China. Prosecutors allege the assistant repeatedly passed on information about “negotiations and decisions in the European Parliament” to Chinese intelligence agents. He is also accused of spying on Chinese opposition members inside Germany. Krah has denied any wrongdoing and has not been charged with any crimes. At the same time, German public prosecutor in the city of Dresden have initiated preliminary investigations into Krah on the suspicion he received payments from Russia and China “for his work as an MEP.” Krah remains the AfD’s lead candidate for the European election, though party leaders have decided that he should take a lower profile in the campaign in order “not to damage the election campaign or the reputation of the party.” It’s unclear the extent to which the allegations will hurt the AfD. For years, the party gained in popularity even as it became increasingly extreme. But since the beginning of this year, the AfD has been hit by a string of scandals that appear to have halted its rise.”
17. India/China: India’s Spying Upsurge Can Complicate Security Ties With the West
The Diplomat reported on May 6th that “espionage is standard fare for almost all global powers, but China and India stand out for their specific interests in their country’s mammoth diaspora. China and India might be seen as each other’s geopolitical opponents, but last month, they were both at the receiving end of similar exposés in the great global espionage game. In Britain and Germany, six individuals were arrested on charges of spying for Beijing. Among those arrested were a young aide to a prominent member of the British Parliament, and a German citizen of Chinese descent who worked for a far-right German member of the European Parliament. The accusations, authorities said, involved infiltrating the political establishment and attempting to influence the democratic process.”
18. France/Syria/Lebanon: DGSE Memo on Syrian Chemical Programme Upholds Justification for French Sanctions Against Beirut-based Firm
Intelligence Online reported on May 7th that “according to a French foreign intelligence service memo, the Beirut-based company Electronic Katrangi Trading has been engaged in chemical proliferation operations for the Syrian government since July 2020. The firm, which denies that, has been under French and US sanctions since 2018.”
19. Yemen/Israel/United States: Dismantled Large Espionage Network
Following this week’s story #7, on May 7th the Islamic World News reported that “Yemeni media outlets reported the details of the neutralization of the intelligence activities of the United States and the Israeli regime in Yemen, quoting statements of the Yemeni security organizations: The Yemeni security forces, with the support of the Yemeni Ministry of Defense, were able to arrest a number of spies in the past few days who were receiving orders from an intelligence agency called Force 400. These spies, under the command of a person named Ammar Afash, were engaged in collecting information and constant monitoring of missile, drone and warship deployment sites of the Yemeni army on the western coasts, and providing their information to Force 400 for air strikes by the US-British military coalition. The Joint Meeting Parties (JMP), an alliance of opposition political parties in Yemen, congratulated the success of the security organizations of the government and the Ansar Allah movement against the US and Israeli espionage network on the western coasts of Yemen. In this statement, the Joint Meeting Parties (JMP) described the neutralization of the intelligence project of these spies under the name of “Force 400” as a preemptive strike and a crushing slap in the face of the Americans and Israelis, and emphasized the unity of the internal front against the actions of the enemy.”
20. United Kingdom/China: China Suspected of Hacking British Military Payment System
The Record reported on May 7th that “officials in Westminster reportedly suspect China was behind a hack affecting a third-party payment system used by the British armed forces. A spokesperson for the Ministry of Defence said Defence Secretary Grant Shapps would make a statement to Parliament on Tuesday afternoon about the cyber incident. The statement is not expected to publicly attribute the hack to China, but will warn about hostile states targeting organizations in the country for cyber-espionage. It will also set out a plan to support and protect personnel who may have been impacted. It is not clear what information was compromised in the incident, which was first reported by Sky News, nor whether the suspicions regarding China are based on technical evidence or simply reflect the expectations of politicians and officials. An MoD spokesperson told Recorded Future News that the incident affected a payment rather than payroll system. Reports suggest the system, which was operated by a contractor and not part of the MoD’s protected networks, held names and bank details and in some cases personal addresses. BBC News reported the incident was discovered in recent days and is still being investigated. Currently the investigation “has not found evidence hackers removed data from the system,” although out of precaution the government is acting as if it had. The Times reported about 270,000 personnel and veterans have been affected. The individuals include regulars and reservists, but not members of the special forces. Tobias Ellwood, an MP and former soldier, told Sky News he suspected the breach was an act of espionage, with China potentially attempting to identify “financially vulnerable” personnel who could be exploited by financial inducements.”
21. Russia/United States/South Korea: Russia Detains Two US Nationals, Including A Serving Soldier
The Indian Express reported on May 7th that “Russian authorities said on Tuesday they had detained two US nationals, including a serving US soldier, in separate criminal cases. The soldier, detained on Monday on charges of criminal misconduct, was arrested on theft charges by a court in Vladivostok in Russia’s Far East, the regional office of the Interior Ministry said in a statement on Tuesday. The Russian Foreign Ministry said the case had no political element and there were no allegations of espionage. “As far as we understand, this is a purely everyday crime”, the TASS state media agency cited the ministry’s Vladivostok branch as saying. Criminal cases against Americans in Russia have assumed diplomatic significance in recent years, including a drugs case against basketball star Brittney Griner freed last year in a prisoner swap, and an espionage case against Evan Gershkovich, a Wall Street Journal reporter, which he and his employer deny. The court identified the soldier as Gordon Black and said he would be detained at least until July 2, according to RIA news agency. The US Army, which said on Monday it had been informed about the detention, has not identified the soldier. A US official, speaking on condition of anonymity, said the soldier had been based in South Korea. The Russian interior ministry in Vladivostok said a 32-year-old woman had filed a complaint against the 34-year-old suspect. The two had met in South Korea. The American had come to Vladivostok to visit her, the two had an argument, and she later filed a police report accusing him of stealing money, it said. He was arrested in a local hotel, having bought a plane ticket to return home. Separately, Moscow’s court service said on Tuesday that a court had remanded a US citizen whom it named as William Russell Nycum in custody for 10 days for “petty hooliganism”. It said he had been found naked outside after drinking alcohol in an incident it said “expressed obvious disrespect to society, citizens and public order”.”
22. Myanmar/United States/France: Retired US Marine Opens Doors for Security Firms in Myanmar
Intelligence Online reported on May 7th that “French security provider GEOS is counting on its partner Atalian Global Services and its local representative, US army veteran Adam Castillo, to provide security to the EU in Yangon. Castillo has been acting as a middleman for Western firms in the country for years.”
23. Israel/Qatar: Shin Bet Report That Led to Closure of Al Jazeera is ‘Classified,’ Won’t Be Released
The Times of Israel reported on May 7th that “the government will not make public the details of position papers submitted by the security services saying that Al Jazeera has harmed Israeli security, following a cabinet decision on Monday to temporarily shut down the Qatari news network. According to a government resolution passed on Sunday, the Shin Bet domestic security agency issued a report on April 9 that said Al Jazeera’s broadcasts were harmful to national security, while the IDF and Mossad issued reports that supported restricting the channel’s broadcasts. These reports are classified, an Israeli official noted, and they will not be released to the public. According to the law under which Communications Minister Shlomo Karhi ordered Al Jazeera off the air, the prime minister and communications minister must receive at least one position paper authored by one of the state security agencies detailing the “factual foundations” of the allegation that the foreign media outlet in question is causing “actual harm” to state security. The law was passed on April 2, and Karhi submitted a request the same day to the National Security Council and the cabinet secretary to have Al Jazeera shut down. The government resolution passed on Sunday states that the security cabinet sent a request to the IDF, the Shin Bet, the Mossad, and the military censor on April 3 asking for their position papers on whether Al Jazeera is causing damage to national security. The Shin Report was received on April 9 and its conclusions were that “all the information in the Shin Bet’s possession instructs that the content broadcast on the channel does actual harm to state security,” the resolution stated. It added that classified reports from the IDF and Mossad supported “the restriction of Al Jazeera broadcasts in Israel.”.”
24. Poland/United States: Poland Names Aerostat Programme, Confirms Number of Units
Janes reported on May 7th that “Poland’s Armament Agency announced on 6 May that its aerostat reconnaissance programme will be called Barbara, with four systems expected to be acquired to bolster surveillance. In February the US Defense Security Cooperation Agency (DSCA) announced Poland’s intention to procure Airspace and Surface Radar Reconnaissance (ASRR) aerostat systems for an estimated USD1.2 billion. The primary contractors fulfilling this requirement are Raytheon Intelligence & Space, ELTA North America, and Avantus Federal LLC. The procurement comprises ASRR aerostat systems as well as airborne early warning (AEW) radars with identification friend-or-foe (IFF) capabilities, electronic sensor systems, mooring systems with powered tether and embedded fibre optics, and ground control systems (GCS), as well as associated hardware, training, technical, and logistical support, the DSCA detailed.”
25. Poland/Turkey/Belarus: Senior Judge Fled Poland to Belarus
On May 6th Intel Takes tweeted that “an unusual espionage case is unfolding in Poland. Polish senior Judge Tomasz Szmydt suddenly fled Poland and asked for political asylum in Bielarus. Why it is concerning? Szmydt was a judge of Provincional Administrative Court in Warsaw. He worked on cases complaining denial of security clearances by ABW (Internal Security Agency). That means that he had full access to files on many interesting people (politicians, officers, civil servants). He was also active politically. Szmydt and his former wife took active role in secret influence campaign against other judges who were seen as not supportive of right wing government. His activity was coordinated with politicians of former government. link. According to Polish media Szmydt fled via Turkey in order not to raise suspicions. He was on leave from office since April 22nd. Internal Agency (ABW) and prosecutor office already opened investigation in alleged espionage and treason case. In the meantime Szmydt took part in press conferences in Minsk and open his own Telegram channel. His claims are so far compatible with typical Russian narrative that USA and UK are dragging Poland into war. Based on his public financial disclosure, judge Szmydt was deep in debt. He owes more than $100,000 to an unknown financial institutions with a quite high interests rates.”
26. Estonia/United States/Ukraine: Ex-CIA Officer’s Ambitious Plans to Train Baltic States in Drone Warfare Take Shape
Intelligence Online reported on May 7th that “James Acuna, an ex-CIA operations officer, is about to open the doors of a drone warfare training centre in Estonia with the aim of sharing information gained during the Russia-Ukraine war.”
27. United States/Egypt: Army Special Mission Unit Operator | Adam Gamal
Team House published this podcast episode on May 8th with a former member of JSOC’s Intelligence Support Activity (ISA), also known as Mission Support Activity (MSA), Office of Military Support (OMS), Field Operations Group (FOG), Studies and Analysis Activity (SAA), Tactical Concept Activity, Tactical Support Team, and Tactical Coordination Detachment. As per its description, “ADAM GAMAL is a pseudonym created to keep the author and his family safe from harm. Gamal served in the most elite units in the US Army, deployed more than a dozen times, and finally retired in 2016. His awards include the Bronze Star Medal, the Purple Heart, and the Legion of Merit. He is currently an international consultant for a security organization.”
28. United States/China: Any Number Given of VOLT TYPHOON Victims ‘Likely An Underestimate,’ CISA Says
The Record reported on May 8th that “the government of China’s objective in deploying Volt Typhoon hackers to break into U.S. critical infrastructure is to “cause disruption and sow societal panic,” a senior cybersecurity official said Tuesday. As China has increased its aggressiveness toward Taiwan, Volt Typhoon hackers have pre-positioned themselves in U.S. critical infrastructure in Guam and elsewhere with the intent of slowing any potential mobilization of forces. The Volt Typhoon campaign has set off an effort by the White House and other arms of the U.S government to not only root out the hackers but also harden critical infrastructure. In a roundtable on Tuesday at the RSA conference in San Francisco, Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), explained that they have found the hackers using living-off-the-land techniques on targets “where there is no reasonable espionage benefit.” When asked about the total number of Volt Typhoon victims, CISA Executive Director Brandon Wales said any number given “is likely an underestimate.” “And that is, in part, based on the fact that Chinese targeting of our critical infrastructure is broad-based,” he said. “It is not against the largest, most significant critical infrastructure in the United States. It is against a broad swath of small- and medium-sized companies that are potentially critical in individual supply chains or just capable of causing societal panic in some place around the country.” The goal, Wales said, is to disrupt the flow of U.S. military support to allies and partners in Asia while also hampering American systems to affect the government’s “geopolitical decision making.”.”
29. Italy: Cyber Defence Champion DEAS Goes on the Offensive
Intelligence Online reported on May 8th that “the firm is sharpening its cyber intelligence game by recruiting veterans from the country’s cyber intelligence industry which is booming thanks to favourable regulatory conditions.”
30. Canada/Israel: They Exposed An Israeli Spyware Firm. Now the Company is Badgering Them in Court
The Intercept reported on May 6th that “for years, cybersecurity researchers at Citizen Lab have monitored Israeli spyware firm NSO Group and its banner product, Pegasus. In 2019, Citizen Lab reported finding dozens of cases in which Pegasus was used to target the phones of journalists and human rights defenders via a WhatsApp security vulnerability. Now NSO, which is blacklisted by the U.S. government for selling spyware to repressive regimes, is trying to use a lawsuit over the WhatsApp exploit to learn “how Citizen Lab conducted its analysis.” The lawsuit, filed in U.S. federal court in 2019 by WhatsApp and Meta (then Facebook), alleges that NSO sent Pegasus and other malware to approximately 1,400 devices across the globe. For more than four years, NSO has failed repeatedly to get the case thrown out. With the lawsuit now moving forward, NSO is trying a different tactic: demanding repeatedly that Citizen Lab, which is based in Canada, hand over every single document about its Pegasus investigation. A judge denied NSO’s latest attempt to get access to Citizen Lab’s materials last week. Providing its raw work to NSO, Citizen Lab’s lawyers argued, would “expose individuals already victimized by NSO’s activities to the risk of further harassment, including from their own governments” and chill their future work. (NSO declined to comment about the lawsuit.) NSO has mounted an aggressive campaign to rehabilitate its image in recent years, particularly since being blacklisted in 2021. Last November, following the October 7 Hamas attacks, the firm requested a meeting with the State Department to discuss Pegasus as a “critical tool that is used to aid the ongoing fight against terrorists.”.”
31. Canada: CSIS Released the Public Report 2023
On May 7th CSIS announced that “the Canadian Security Intelligence Service acknowledges that its 2023 Public Report was written and published on the traditional and unceded territory of the Algonquin Anishinaabeg People.” You can download it here.
32. United States/Russia/Ukraine: A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities
On May 8th WIRED reported that “when the activities of Russian hacker groups are exposed in a major public report and tied to a government agency — such as the Russian military’s Sandworm unit, which has targeted Ukrainian electrical utilities to trigger three blackouts over the past decade, or the Russian foreign intelligence service’s APT29, which is believed to have carried out the notorious SolarWinds supply chain attack — they tend to slink into the shadows and lay low until their next operation. When the cybersecurity firm Mandiant last month highlighted the Cyber Army of Russia, by contrast, noting its haphazard attacks on Western critical infrastructure and the group’s loose ties to the Russian military, the hackers took a very different approach. “Comrades, today the collective rotten West recognized us as the most reckless hacker group 🏆, on which I actually congratulate all of us 🎉,” the group posted in Russian to its Telegram channel, along with a screenshot of WIRED’s article about the hackers, in which we had described them with that “most reckless” superlative. “As long as they are afraid of us, let them hate us as much as they want.” After that initial, less-than-friendly exchange of ideas, WIRED reached out to Cyber Army of Russia’s Telegram account to continue the conversation. So began a strange, two-week-long interview with the group’s spokesperson, “Julia,” represented by an apparently AI-generated image of a woman standing in front of Red Square’s St. Basil’s Cathedral. Over days of intermittent Telegram messages, often interspersed with unsolicited Russian nationalist political talking points, Julia answered WIRED’s questions — or at least some of them — laid out the group’s ethos and motivations, and explained the rationale for the hackers’ months-long cyber sabotage rampage, which initially focused on Ukrainian networks but has more recently included an unprecedented string of attacks hitting US and European water and wastewater systems.”
33. United States/Cuba/Bolivia: Ex-CIA Agent on Capturing Che Guevara, Who Truly Killed JFK, and Election Predictions
On May 7th Tucker Carlson published this interview. As per its description, “Che Guevara was executed in 1967 in a remote Bolivian village. One of the last people to speak to him alive was CIA officer Felix Rodriguez. Here’s his story.”
34. New Zealand: Cabinet Mulls Creation of Mega Spy Agency as FIANZ Seeks ‘Serious Rethink’
RNZ reported on May 9th that “a super security and intelligence agency recommended four years ago and said to be “not too far away” last August, is under “active consideration” by Cabinet. The Federation of Islamic Associations (FIANZ) is calling for the government to do a White Paper by March 2025, on setting it up. The number two recommendation of the 2020 Royal Commission of Inquiry into the 2019 mosque attacks was to set up a national intelligence and security agency, or NISA, as a way to cut through the confusion and inaction exhibited between the layers of government agencies prior to the terror attacks. Muslim groups say they would have more trust in the system and everyone would be safer, if such an independent, overarching body existed. However, in a new report submitted to the government, FIANZ, far from being impatient, has called for caution. “Given the complexity and the changing global politics and eco-climate context, there needs to be a serious rethink on the form and function of the proposed but absolutely necessary NISA,” it said in the 40-page report. Read the full report (PDF 4.2MB). NISA is integral to six of the Royal Commission’s first 10 recommendations, as a pivot around which the “threat horizon” would be scanned, obligations forced home on other agencies, and research done, such as into white supremacists’ groups largely ignored by the country’s spy and law enforcement agencies prior to the March 15 2019 attacks. It would be over and above the SIS and GCSB, taking a higher-level view. “We recommend that the Government: Establish a new national intelligence and security agency that is well-resourced and legislatively mandated to be responsible for strategic intelligence and security leadership functions,” the commission said.”
35. United States: Spy Agencies Adopt Rules for Purchasing Commercial Data on Americans
The Wall Street Journal reported on May 8th that “U.S. spy agencies will limit how they buy and use troves of data about Americans gleaned from thousands of smartphone apps and personal devices such as cars and internet-connected household appliances, according to a new policy directive released Wednesday. The directive establishing the new rules, issued by Director of National Intelligence Avril Haines, applies to all U.S. intelligence agencies, including the Central Intelligence Agency and National Security Agency. It won’t mandate that agencies obtain a warrant before purchasing or searching the data, a requirement sought by some lawmakers in recent months.”
36. United Kingdom/Russia: Britain to Expel Russian Defense Attache as ‘Undeclared Spy’
NHK World reported on May 9th that “Britain says it will expel Russia’s defense attache from the country, claiming the person is an undeclared intelligence officer. The British government announced on Wednesday that the move is part of steps against what it said is “malign activity” in the UK by Russia. The government also said it will remove diplomatic premises status from several Russian properties in the country. It said they are believed to have been used for intelligence purposes. Another measure is to cap the length of time Russian diplomats can spend in Britain. Home Secretary James Cleverly said the government is “taking action to send a strong deterrence message to Russia and to further reduce the ability” of the country’s intelligence agency.”
37. United States: NGA Director Pushes Back at Criticisms of Agency, Touts ‘Wetware,’ Tradecraft
Breaking Defense reported on May 8th that “Vice Adm. Frank Whitworth, the director of the National Geospatial-Intelligence Agency (NGA), wants to bust some “myths” about his agency — in particular that NGA’s analysts are a speedbump to rapid delivery of critical decision-making intelligence from satellites, both commercial and government, to US military commanders in the field. In an exclusive interview Monday during the US Geospatial Intelligence Foundation’s annual GEOINT conference in Kissimmee, Fla., Whitworth argued that not only is his agency delivering timely intelligence, surveillance and reconnaissance (ISR) to users, it also performs other critical functions — especially validating the authenticity of incoming sensor data and making sense out of that data. “I would just also caution, that if someone thinks that just raw data [sent to that] edge node is going to solve everything, I would ask them to put themselves in the position of maybe being that pilot or being that submarine captain, skipper or … the land component commander. Is the image going to help that individual without some level of analysis, fusion, [and] validation?” he told Breaking Defense. Whitworth’s comments come as NGA has been caught up in a swirling interagency debate, primarily with the Space Force, about respective roles in managing ISR assets and capabilities — a debate has led to questions from some involved about the agency’s continued relevance in the age of more satellites, more sensor data, more automated processing, and the increased pace of the battlefield. In his GEOINT keynote speech on Monday, Whitworth explained that NGA personnel are actually embedded at US combatant commands around the world and thus “have a deep understanding of operational priorities.” Further, he said, it is a “complete myth” that NGA’s actions and products are “not moving as rapidly as possible” to those needs. He acknowledged to Breaking Defense that military commanders always want more information, more quickly. However, he said, it is “another myth” that they are dissatisfied with NGA’s performance. “But if you ask them, ‘Well, are you unhappy with what NGA is providing in the way of dissemination and the way that we do our tasking?’ I don’t think you’re gonna get that many complaints,” Whitworth added. “I know I don’t. My email should be exploding if we’re doing a bad job.”.”
38. Pakistan/India: Two RAW Suspects Arrested in Karachi
Daily Times reported on May 8th that “Karachi police and intelligence agency in a joint operation arrested two suspects allegedly affiliated with the Indian spy agency Research and Analysis Wing (RAW) from the city’s Korangi area. Senior Superintendent of Police (SSP) Korangi Hassan Sardar said that the suspects, who were trained by RAW, were involved in target killing in Pakistan. The SSP said that the arrested suspects were identified as Khawar Hussain and Jabir, who were sending target killing details and images abroad. SSP Hassan Sardar said that the suspects were receiving funds from various accounts abroad. He added that further revelations from the arrested suspects are expected as the investigation is underway. The police also recovered two hand grenades, 9mm pistols, and bullets from the RAW agents. Separately, the Counter Terrorism Department (CTD) on Monday claimed to have arrested four members of a gang involved in the illegal smuggling of weapons in Karachi. The CTD spokesperson revealed that the four members — named Ghulam Rasool, Mohammad Yousuf, Gul Hassan, and Farhan alias Ganja — of an inter-provincial gang involved in the illegal smuggling of weapons in Karachi have been arrested. During the operation, the CTD officials recovered two bikes, and ammunitions along with two 9mm and four 30bore pistols from the possession of the arrested individuals.”
39. Turkey: Government Seeks to Expand Legal Scope of Espionage, Endangering Free Speech
Turkish Minute reported on May 8th that “the Turkish government is preparing to introduce criminal penalties for “agents of influence” in a new judicial package that will criminalize “black propaganda” against Turkey, in yet another development feared to stifle freedom of speech in the country, according to a report in a pro-government newspaper on Wednesday. The report by Yeni Şafak said the ninth judicial package, moved forward by the ruling Justice and Development Party (AKP), includes articles about the “new kinds of spying.” The package, which proposes amendments to the penal code, is expected to soon come to the floor of parliament. People who are accused of disseminating black propaganda against Turkey or who appear to be speaking in favor of Turkey when in fact they are actually speaking against it as well as individuals who damage the country’s economic, social or public order will be defined as “agents of influence” and face prison time, according to Yeni Şafak. The prosecution of social media users who are accused of acting as “agents of influence” will also be possible under the new legislation, which is feared to increase the weapons in the government’s arsenal for enforcing censorship and tightening its control over social media and independent journalists. Justice Minister Yılmaz Tunç, following recent police operations targeting Israeli spy networks in Turkey, hinted that the government was working on new legislation to prevent foreign countries from spying in Turkey. In a series of operations earlier this year, Turkish authorities detained dozens of people suspected of planning kidnappings and engaging in espionage for Israeli intel service Mossad, leading to the arrest of more than 20 suspects. Tunç said on March 8 that 63 people had been arrested in Turkey for alleged espionage for Israel since 2021, which rose to 65 with the arrest of two others in April. These events have heightened tensions between Turkey and Israel as there were reports of Israel’s intention to target members of Palestinian militant group Hamas in Turkey. In a recent visit to the Yeni Şafak daily, Tunç said the Turkish Penal Code (TCK) defines espionage as a crime when the use of secret information and documents are involved but that today many other technologies are used for spying. He said some countries and organizations are able to conduct spying activities in other countries with the use of these new technologies. “We have draft legislation that aims to prevent our country from being subjected to such operations and make sure that the new kind of espionage activities are thoroughly investigated,” the minister said.”
40. Poland/Russia: Russian Cyberspies Targeted Government Networks
Reuters reported on May 8th that “Russian cyberspies targeted networks belonging to the Polish government this week, the state-run National Research Institute (NASK) said on Wednesday. NASK said the group, known as APT28, was part of Russia’s GRU military intelligence agency and used malicious software to target Polish government institutions. Last week Germany and its allies said APT28 had conducted a sweeping cyberespioange campaign against German defence and aerospace firms, as well as Germany’s Social Democrats party. “Malware targeting Polish government institutions was distributed this week by the APT28 group, associated with Russia’s intelligence services,” NASK said in a statement. “Technical indicators and similarities to past attacks allowed the identification of the APT28 group … This group is associated with the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).” NASK recommended that network administrators verify whether employees were under attack. In an interview with Ukrainian news service Economic Truth cited by Polish state news agency PAP, Digital Affairs Minister Krzysztof Gawkowski said Warsaw was constantly identifying cyberattacks from Russia on targets including the water supply and the health service.”
41. Ukraine/Russia: SBU Detained Russian Informant in Kryvyi Rih
On May 8th Ukraine’s SBU announced that they “detained an informant of a Russian “military corps” who was pointing missiles at Kryvyi Rih. Among the enemy’s main targets were the combat positions of the Ukrainian Air Defence Forces, which defend Kryvyi Rih and the surrounding areas. In order to correct the rocket attack on the objects of the Armed Forces, the occupiers remotely engaged their informant — a 27-year-old local resident. His actions were coordinated by the Kremlin “military force”, which is part of Putin’s media pool and cooperates with Russian intelligence. On the instructions of the enemy propagandist, his accomplice went around the area, where he tried to identify the locations of radar stations and anti-aircraft missile systems. In addition, the new moon marked the geolocations of Ukrainian roadblocks and military equipment repair bases on Google Maps. The person involved planned to convey the received information to the occupiers via a messenger through a Russian “military officer”. However, the Security Service exposed the enemy henchman in time and caught him red-handed when he was conducting reconnaissance near a potential target. A mobile phone with electronic maps of the area was seized from the detainee, where he marked the locations for the preparation of the air attack of the Russian Federation. In addition, during the search of his apartment, an AK-74 machine gun with silencers and cartridges was found.”
42. United States: Microsoft Creates Top Secret Generative AI Service for US Spies
Bloomberg reported on May 7th that “Microsoft Corp. has deployed a generative AI model entirely divorced from the internet, saying US intelligence agencies can now safely harness the powerful technology to analyze top-secret information. It’s the first time a major large language model has operated fully separated from the internet, a senior executive at the US company said. Most AI models including OpenAI’s ChatGPT rely on cloud services to learn and infer patterns from data, but Microsoft wanted to deliver a truly secure system to the US intelligence community. Spy agencies around the world want generative AI to help them understand and analyze the growing amounts of classified information generated daily, but must balance turning to large language models with the risk that data could leak into the open — or get deliberately hacked. Microsoft has deployed the GPT4-based model and key elements that support it onto a cloud with an “air-gapped” environment that is isolated from the internet, said William Chappell, Microsoft’s chief technology officer for strategic missions and technology. Intelligence officials have repeatedly made clear they hanker after the same generative AI tools that promise to revolutionize swaths of business and modernize economies. The CIA last year launched a ChatGPT-like service at unclassified levels — but the community wanted something capable of dealing with far more sensitive data. “There is a race to get generative AI onto intelligence data,” Sheetal Patel, assistant director of the CIA for the Transnational and Technology Mission Center, told delegates to a security conference at Vanderbilt University last month. The first country to use generative AI for their intelligence would win that race, she said. “And I want it to be us.” Microsoft spent the past 18 months working on its system, including overhauling an existing AI supercomputer in Iowa. Chappell, an electrical engineer who previously worked on microsystems for the Defense Advanced Research Projects Agency, described the endeavor as a passion project and said his team wasn’t sure how to go about it when they started out in 2022.”
43. Russia/United States: Kremlin Botnet Launches Wave of Disinformation Claiming Havana Syndrome Doesn’t Exist
The Insider published this story on May 8th saying that “the Doppelgänger bot network has begun spreading Moscow’s response to The Insider’s joint investigation with 60 Minutes and Der Spiegel into Havana Syndrome. According to analysis by the Bot Blocker project, which closely tracks Doppelgänger’s online disinformation efforts, the current campaign has targeted German audiences. The joint investigation in question, which was published on Mar. 31 of this year, uncovered new evidence suggesting that heretofore unexplained “anomalous health incidents” (AHIs) reported by U.S. government officials and their families, also known as Havana Syndrome, may have their origin in the use of directed energy weapons wielded by members of GRU Unit 29155, a notorious assassination and sabotage squad attached to Russia’s military intelligence service. According to Bot Blocker, two articles were spread en masse via X (formerly Twitter). The first was sent out on April 3 — mere days after the investigation was published. Such a short time frame between the event and Doppelgänger’s reaction is extremely rare and indicates the importance of the issue for the disinformation network, the project’s analysts note.”
44. Ukraine/Russia: SBU Detained Russian Agent in Kyiv
On May 8th Ukraine’s SBU announced that they “detained a traitor who “leaked” the geolocations of the Armed Forces strongholds to the Russians during the battles for Kyiv. The Security Service detained a traitor in the Kyiv region who, at the beginning of the full-scale invasion of the Russian Federation, tried to help the aggressor capture the capital of Ukraine. During March 2022, she remotely transmitted to the aggressor the geolocations of the units of the Armed Forces defending the metropolis. The enemy was most interested in the locations of strongholds, roadblocks and firing positions of heavy artillery of Ukrainian troops. After the failure of the enemy’s attack on the capital of our country, the suspect stopped her intelligence activities and “lay low” in order to avoid justice. However, SBU officers still exposed the perpetrator, documented her criminal actions and detained her in her own apartment. According to the investigation, the traitor turned out to be a local resident who was in the agent apparatus of Russian intelligence. On the instructions of the occupiers, she drove around the suburbs of Kyiv in her own car and recorded the locations of the largest concentration of Ukrainian defenders. Particular attention was paid to firing positions and anti-tank barriers on key highways. The suspect sent the obtained coordinates to a specially created Telegram bot of the Russian intelligence service. Handlers from the Russian Federation used intelligence from the agent to plan offensive operations during the battles for Kyiv. During the search of the detainee’s apartment, a mobile phone was found, which she used for subversive activities in favour of the Russian Federation.”
45. United States: An FBI Agent Was Victim of A Havana Syndrome ‘Attack’ in Key West, Lawyer Tells Congress
Miami Herald reported on May 8th that “an FBI agent was the victim of a Havana Syndrome “attack” in Key West, the agent’s lawyer told members of Congress in a hearing Wednesday expanding on new information recently published by three media outlets suggesting Russia might be attacking U.S. officials at home and abroad. An active FBI special agent, identified only as Carrie, who appeared in disguise in a CBS 60 Minutes show on March 31 about Havana Syndrome, told the network she was “hit” in an undisclosed place in Florida in what she believed was one of the mysterious incidents linked to the so-called Havana Syndrome. At the time, she was investigating a suspected Russian spy who had been arrested in the Florida Keys in 2020. She said she was “hit” again in California a year later. During the Wednesday hearing organized by the House Homeland Security Subcommittee on Counterterrorism, Law Enforcement, and Intelligence, her lawyer, Mark Zaid, referred to her “incident” in Key West. In his full written testimony, Zaid, who was was also interviewed by 60 Minutes, wrote that the FBI agent appeared in the show to discuss “her attacks that occurred in Key West, Florida.” Asked about domestic incidents of Havana Syndrome, he referred to “a number of FBI personnel down in Florida” and CIA intelligence agents who have been targets in D.C. and northern Virginia. U.S. intelligence officials and diplomats around the world reporting “anomalous health incidents” — the U.S. government term for Havana Syndrome — have described experiencing pressure, noises or being suddenly hit with an array of symptoms like hearing and vision problems, migraines and cognitive deficits. Some were diagnosed with traumatic brain injuries. Some have already died, Zaid said, saying he was declining to share more details to protect their families’ privacy.”
46. Worldwide: Espionage in the Air: A Comprehensive Guide to Spy Planes
Grey Dynamics published this article on May 8th. As per its introduction, “aircraft are a technological marvel of the modern age which have almost no peer in complexity, in utility or impact to our everyday lives. Heavier than air flight has made possible an untold number of modern miracles. From allowing you to appear on the opposite side of this planet in a matter of mere hours, to transporting delicate cargo in rapid time, airplanes are without competition, the single greatest invention of the human species since the sailing ship. Of course, this technology can be coopted for the purposes of death and destruction. There isn’t a military anywhere in the world which doesn’t use some form or type of aircraft to deliver death and destruction. But not every aircraft in a military arsenal is used to bomb and blast enemy combatants.”
47. Ukraine/Russia: SBU Detained Russian Agent in Kharkiv
On May 9th Ukraine’s SBU announced that they “detained a recidivist who was spying for the Russian Federation behind the defence lines of Kharkiv. The Security Service prevented new attempts by Russian intelligence to obtain relevant information about the defense of Kharkiv. The aggressor was most interested in the geolocations of fortified areas with fortifications and heavy weapons of the Armed Forces defending the city from the northern border. The enemy also wanted to find out about the locations of mobile air defence fire groups that “hunt” for enemy drones in the border regions of the region. To obtain intelligence, the occupiers engaged their informant with a criminal past, who lived in the Vovchan district of the Kharkiv region. Under the guise of an ordinary citizen, he went around the border area, where he monitored the location of defence lines and firing positions of the Armed Forces. Returning home, the suspect marked the fixed coordinates on Google Maps to prepare a “report” to the Russian intelligence services. According to the available data, intelligence was necessary for the occupiers to plan military operations, including with the involvement of sabotage and reconnaissance groups. SBU officers exposed the Russian informant in advance and documented his criminal activities step by step. Thanks to this, it was possible to secure the temporary bases of the Armed Forces units and disguise their movement, and then to detain the person involved in his own apartment. As the investigation established, the enemy’s accomplice turned out to be a 45-year-old recidivist who had previously served a sentence for theft and inflicting grievous bodily harm, which led to the victim’s death. The former prisoner came to the attention of Russian intelligence because of his pro-Kremlin views, which he repeatedly made public among those around him.”
48. United States/Israel: Israel-Gaza War & US Threats: Beth Sanner
Intelligence Matters published this podcast episode on May 8th. As per its description, “Michael talks with Beth Sanner, a career CIA analyst who concluded her tenure with the federal government as Deputy Director of National Intelligence for Mission Integration at the ODNI from April 2019 to March 2021. She discusses the risks and potential next steps in the Israel-Gaza conflict, Iran and the Middle East, Russia’s war on Ukraine, and how she rose through the CIA’s ranks to become a world-class analyst specializing in South Asia.”
49. United Kingdom: ‘Troublemaker Journalists’ Phone Records Accessed, Court Hears
BBC reported on May 8th that “a court in London has heard claims that the PSNI accessed the phone records of “troublemaker journalists” to try to uncover their sources. The claim was made by Ben Jaffey KC. He is a lawyer acting for two journalists from Northern Ireland who believe they were targeted by unlawful covert surveillance. The Investigatory Powers Tribunal is examining allegations that the PSNI used unlawful covert surveillance in an attempt to unmask journalists’ sources. Evidence given to the tribunal in a witness statement from a former Durham police employee refers to a Police Service of Northern Ireland (PSNI) “defensive operation”. It involved “cross-referencing (telephone) billing with police telephone numbers on a six monthly basis” of Northern Irish journalists. Mr Jaffey, who is acting for Trevor Birney and Barry McCaffrey, said this operation was apparently in place at the end of 2017 and seems to have been in place for some time. It included all Northern Irish journalists who were perceived to conduct unwanted investigations into the PSNI every six months. He said it appears that Barry McCaffrey was one such journalist affected by this so-called “defensive operation”. He argued that as well as being obviously unlawful, this rolling programme of authorisations has never been disclosed or explained in the PSNI evidence to the tribunal to date. The Investigatory Powers Tribunal is examining allegations that Mr Birney and Mr McCaffrey were subject to unlawful covert surveillance.”
50. China: ‘Resist Temptations’: China’s Top Spy Agency Warns Overseas Staff Are Being Targeted for Hi-tech Secrets
South China Morning Post reported on May 10th that “China’s top intelligence agency has warned that overseas entities have been approaching and tricking Chinese personnel stationed in their countries to steal China’s hi-tech industrial secrets. In a post on its official WeChat account on Friday, the Ministry of State Security warned that the methods used by foreign spy agencies can be “quite deceptive” and overseas Chinese employees should take precautions.”
51. Ukraine/Russia: SBU Announced 15 Year Prison Term for Russian Agent Detained in 2023 in Mykolaiv
On May 9th Ukraine’s SBU announced that “a traitor who pointed Russian phosphorous shells at the Mykolaiv Region received 15 years in prison. The attacker corrected the aggressor’s strikes on the region using phosphorous ammunition, Grad rocket launchers and Shahed kamikaze drones. He transmitted information in the form of coordinates of assets and terrain with his “recommendations” for new or repeated strikes. SBU officers detained the suspect as a result of a special operation in the territory of the regional centre in May 2023. A mobile phone was seized from the detainee, which he used to photograph potential targets and correspond with the aggressor. According to the materials of the Security Service, the court sentenced the perpetrator to 15 years in prison with confiscation of property. As the investigation established, the convict is a local resident mobilised to the military unit stationed in the region. At the end of 2022, Russian intelligence remotely recruited him to carry out intelligence and subversive activities against Ukraine. Communication between the agent and his Russian handler took place through an anonymous chat in a popular messenger. For cooperation with the occupiers, their accomplice received a monetary “reward”, which went to his crypto wallet.”
52. United States/Israel/Qatar/Egypt: US Spy Chief Becomes Key Envoy as Biden-Netanyahu Ties Fray
Bloomberg reported on May 10th that “one key American official is quietly keeping Washington’s lines of communication open across the Middle East as the US and Israel endure their worst falling-out in decades over the war in Gaza. Central Intelligence Agency Director William Burns, a veteran diplomat and Arabic speaker, was in Cairo alongside Qatari and Egyptian mediators this week as US President Joe Biden set off a political firestorm by halting the shipment of about 3,500 bombs to Israel. The White House is increasingly concerned about massive civilian casualties if Israel launches a ground offensive on Rafah, the southern Gaza city where 1.4 million Palestinians are sheltering from the war.”
53. Israel: Mossad Openly Admitted for 1st Time ‘Surprised’ by Hamas Attack on Oct. 7
AA reported on May 10th that “Israeli intelligence agency Mossad has openly admitted for the first time that it was surprised by the attack carried out by Palestinian resistance group Hamas on Oct. 7 of last year. “Israel’s Mossad intelligence agency has admitted for the first time that it was surprised by the events of October 7, 2023,” Israeli security expert Yossi Melman wrote in Haaretz on Friday. According to Melman, Mossad prepared a document for the new edition of the Israel Intelligence Heritage and Commemoration Center’s bulletin detailing the agency’s activities during the war in the Gaza Strip. “The Institute for Intelligence and Special Operations (Mossad, or in its official English name — Israeli secret intelligence service) was also surprised on the morning of the holiday of Simchat Torah (October 7) by the code red alert sirens that pierced the sky,” reads the document, according to Haaretz. “While the admission might appear straightforward, its appearance in an official agency publication holds significant weight,” noted Melman. He said it is clear that “every word in the Mossad document was approved by Mossad Director David Barnea.” Israel has pounded the Gaza Strip in retaliation for an Oct. 7 attack by Hamas which killed about 1,200 people. More than 34,900 Palestinians have since been killed in Gaza, the vast majority of whom have been women and children, and over 78,500 others injured, according to Palestinian health authorities.”
54. Sudan: Strengthens Intelligence Service Powers
Sudan Tribune reported on May 10th that “Sudanese authorities amended the General Intelligence Service (GIS) law, granting the agency broader arrest, search, and immunity powers. The amendments reverse restrictions placed on the former National Security and Intelligence Service (NISS) by the transitional government, overthrown in the October 2021 coup. Sudan’s Sovereign Council secretary-general, Mohamed al-Ghali, explained the new measures grant the Director of Intelligence Service and its members immunity from lawsuits and the authority to conduct arrests and searches but require written authorization from the Director. Detention is limited to 30 days with mandatory family notification, with a possible 15-day extension for investigations. Intelligence service members also receive immunity, but lawsuits can be pursued with the Director’s approval.”
55. Turkey: Erdogan Government to Silence Critics by Branding Them as Agents with New Law
Nordic Monitor reported on May 10th that “the government of Turkish President Recep Tayyip Erdogan aims to punish dissidents as agents through an amendment to the Turkish Penal Code (TCK). The new regulation, expected to soon be presented to parliament for approval, is anticipated to be enacted before the legislature breaks for summer recess on July 1. According to reports in the pro-government media, a series of proposals called the 9th Judicial Package includes new penalties for espionage under the umbrella of what is called “Agents of Influence,” previously absent from the TCK. The term will be added to the definitions of “espionage” and “spying” in the code. The amendment aims to identify individuals who influence public opinion by disseminating propaganda against Turkey, although appearing to favor Turkey’s interests. Additionally, people propagating anti-Turkey views via social media will also be classified as agents of influence under the new regulation. These individuals are defined as those who disrupt the country’s economic, social or public order. Increasing penalties for espionage are also on the government’s agenda. According to the draft amendment, offenses under the title “Crimes Against State Secrets and Espionage” in the TCK, which involve destroying or obtaining documents related to state security or its internal or external political interests, could result in prison sentences ranging from eight to 12 years. People who commit the same crime during wartime could face life imprisonment, while those obtaining information regarding state security could incur sentences ranging from three to eight years. Life in prison is proposed for individuals who disclose classified information for purposes of political or military espionage. Justice Minister Yılmaz Tunç, following recent police operations targeting Israeli spy networks in Turkey, hinted that the government was working on new legislation to prevent foreign countries from spying in Turkey. In a series of operations earlier this year, Turkish authorities detained dozens of people suspected of planning kidnappings and engaging in espionage for Israeli intel service Mossad, leading to the arrest of more than 20 suspects. Tunç said on March 8 that 63 people had been arrested in Turkey for alleged espionage for Israel since 2021, which rose to 65 with the arrest of two others in April.”
56. South Korea/North Korea: NIS to Block Online Video of Song Praising N. Korean Leader Kim Jong-un
KBS World reported on May 11th that “South Korea’s spy agency plans to block an online video of a song released by North Korea praising regime leader Kim Jong-un, which has gone viral on short-form video platforms. An official at the National Intelligence Service(NIS) said on Saturday that the agency will request the Korea Communications Standards Commission to block domestic access to the video, titled “Friendly Father.” The official said that the video should be banned, in accordance with the Information and Communications Network Act, which bans distribution of details on acts in violation of the National Security Law through information and communications networks. A music video of the song, which Pyongyang released on April 17, can currently be accessed in South Korea through YouTube, and additional video contents using the song have appeared on other platforms like TikTok.”
57. Ukraine/Russia: SBU Detained Russian Agent in Kropyvnytskyi
On May 10th Ukraine’s SBU announced that they “detained an informant who, with the help of a webcam, wanted to adjust missiles on the railway echelons of the Armed Forces of Ukraine. According to the investigation, the enemy adjuster turned out to be a resident of Kropyvnytskyi. To fulfill the task, he tried to install a web camera near one of the bridges in order to record “graphs” of the movement of military echelons. In the case of detection of mobile units of the Armed Forces, the person involved had to transmit their coordinates to the aggressor online in order to prepare a targeted strike on the railway branch. In this way, the enemy hoped to disrupt the supply of Ukrainian weapons and ammunition to the front lines of the eastern and southern fronts. However, the SBU officers worked ahead of time and detained the Russian informer “red handed” when he tried to install a webcam near the track. During the search, a mobile phone was found in the attacker’s possession, to which he planned to “connect” a video device in order to monitor the movement of echelons.”
58. France/China: Le Meilleur: Xi Jinping’s Security Officers’ Chinese Food of Choice in Paris
This week’s selection for Intelligence Online’s Spy Way of Life was this. As per the article, “this week, Intelligence Online pulled up a chair at Le Meilleur, an Asian restaurant that was packed with hungry Chinese security officers during Xi Jinping’s visit to France this week.”
59. South Africa/Israel: Sylvia Rafael: the Mossad Spy They Buried Twice
The Jewish Chronicle reported on May 10th that “during the autumn of 1962, a young South African schoolteacher called Sylvia Rafael was sitting in her apartment in Tel Aviv, relaxing after a hard day’s work. She happened to be reading The Jewish War by Josephus Flavius, when the phone rang unexpectedly. The man on the other end of the line introduced himself as Gadi. He informed Sylvia that he was a representative of an Israeli government agency looking for new female recruits. When Sylvia asked what kind of work this would entail, he explained that if she agreed to meet him at the Café Hadley, on Judah Halevi Street, in Tel Aviv, the next afternoon, all would be revealed. Sylvia had travelled to Israel just three years previously. She had grown up in Pretoria, South Africa, in a family with a Jewish father and a gentile mother. But after a relative visited the Rafael home when Sylvia was very young — explaining how several family members had been massacred by the SS in the Ukraine during the Second World War — her appetite to learn about her Jewish ancestry grew voraciously. By the time she was in her teens, Sylvia had decided she was going to move to Israel: hoping to reconnect and interact with the Jewish culture from which she felt estranged. The first day Sylvia met Gadi an opportunity to do that suddenly presented itself. Gadi was a code name for Moti Kfir — commander of Unit 188’s School for Special Operations in Mossad: the Intelligence Corps that was responsible for missions outside of Israel. Kfir is now 77- years old, and a retired Mossad employee. Today, he recalls from his home in Tel Aviv, his first impressions of meeting Sylvia. “I knew I had seen a very intelligent person in front of me,” he says. “She seemed to understand quickly the things that were not said in the conversation. She also had a great sense of humour, which is a very efficient tool in clandestine activity.” Kfir, along with Ram Oren — a popular Israeli author who has sold over a million books — has recently published in English, Sylvia Rafael: The Life and Death of a Mossad Spy (University of Kentucky Press).”
60. India/Pakistan: Honey Trap Case: Man Spying for Pakistan’s Intelligence Agency ISI Arrested in Gujarat’s Bharuch
India TV News reported on May 10th that “a man has been arrested in the Bharuch district of Gujarat for allegedly spying for the Pakistani intelligence agency Inter-Services Intelligence (ISI), police said on Thursday (May 9). The accused has been identified as Pravin Mishra, who, according to police, was honey-trapped by an ISI handler. Police said that Mishra divulged vital information related to drones manufactured by the Defence Research and Development Organisation (DRDO). Gujarat CID ADGP Rajkumar Pandian said, “CSL CID Crime mounted surveillance in a factory in Ankaleshwar near Bharuch, during which, we found a person called Pravin Mishra. His phone was checked, and based on the information we recovered from his phone, we filed a case against him under section 123 of the IPC, IT Act, and conspiracy offence. The main accused, an ISI handler from Pakistan, identified herself as Sonal Garg. She told him that she was working at IBM Chandigarh. She honey-trapped one Pravin Mishra. She got Pravin Sharma to extract India’s defence-related information.” Pravin Mishra, the accused, had allegedly collected highly confidential information about the Indian Armed Forces and defence-related R&D firms, said the Gujarat Criminal Investigation Department (CID). The CID started its probe following a tip-off from the Military Intelligence, Udhampur. A resident of Ankleshwar in Bharuch district and native of Muzaffarpur in Bihar, Mishra was in contact with a Pakistani intelligence operative through WhatsApp calls and audio chat to carry out a criminal conspiracy against the country that could have serious security consequences, the CID said. “It was found that the information was being sent to an intelligence agency located in Pakistan,” the CID said. A case was registered against Mishra and the Pakistani operative who used an Indian WhatsApp number and the fake Facebook ID of `Sonal Garg’, it said.”
61. Ukraine/Russia: SBU Detained 5 Bloggers Leaking Military Bases
Ukraine’s SBU announced on May 10th that they “detained bloggers who filmed provocative streams about the Armed Forces of Ukraine and “leaked” military bases. The Security Service exposed five more bloggers in the Kyiv region who carried out information-subversive activities in favour of the Russian Federation, in particular, worked to disrupt mobilisation in Ukraine. They filmed provocative streams, wrote fake publications about servicemen of the Armed Forces, including representatives of military commissars. This destructive content was massively “picked up” by Russian propagandists to prepare production plots, in particular for an international audience. Also, those involved disseminated information about the deployment locations and movement routes of Ukrainian defenders. The aggressor could use these coordinates to carry out targeted missile and drone strikes on the locations of the Defence Forces. Yes, a man from Kyiv was detained, who was driving his own car and making streams on YouTube near the places of stay of the armed forces servicemen in the capital. During online broadcasts, the blogger not only published locations, but also spread fakes about the military in his comments. Another attacker turned out to be a capital taxi driver who administered a whole network of anonymous Telegram channels, conspired to provide advertising services and sell products. With the help of the network, he “dispersed” the Kremlin’s narratives about mobilisation in Ukraine and disseminated information about the whereabouts of military commissar officials. The third figure is a resident of the capital, who on his own pages in social networks called for the disruption of mobilisation due to forceful resistance to representatives of the TCC. Two more attackers from the Kyiv region “merged” locations of deployment of Ukrainian defenders into specialised groups and chatbots of popular messengers. Some of these internet resources were coordinated from the territory of the Russian Federation.”
62. Germany: Germany is Now Spying on its Own Top Spy
Foreign Policy reported on May 9th that “Germany’s former head of domestic intelligence, Hans-Georg Maassen, recently announced he would be suing the agency he used to lead for using its powers to “observe government opponents.” That is to say, for surveilling him. The initial revelation, about Maassen being monitored by the very intelligence agency he had once led, arrived in January. He accused the agency of abusing its power to “politically persecute government critics.” “In doing so, they are seriously violating their official duties and thus damaging liberal democracy,” he recently said. “Opponents of the government are not enemies of the constitution.” But the two are not mutually exclusive. Maassen, who the Süddeutsche Zeitung called the “Steve Bannon of Thuringia,” is well known for nationalistic, far-right rhetoric. He has denounced what he calls “racism against whites” and lamented “massive migration,” which he believes has led to “parallel societies,” the “dissolution of family and local relationships,” and a threat to “national cultures.” He’s also decried “migrant clans that are active in organized crime.” (In fact, immigrants in Germany commit far fewer crimes per capita than native Germans do.) “Only nations made up of free citizens who share a common culture and rule of law,” Maassen wrote in 2020, “manage to live in internal and external peace.” “This is typical right-wing populist rhetoric. Hans-Georg Maassen is part of the new-right milieu,” said journalist and historian Volker Weiss. “Imagine — he became president of the Office for the Protection of the Constitution to clean up after the NSU,” in reference to the National Socialist Underground, a far-right terrorist group that murdered and bombed immigrants in towns and cities across Germany from 1999 to 2011.”
63. Vietnam: Unit C03 Hears from Accountants in Risky Anti-corruption Probe
Intelligence Online reported on May 10th that “in questioning executives from KPMG, Deloitte and Ernst & Young in connection with the Truong My Lan case, the Ministry of Public Security is asserting its prerogatives in terms of financial intelligence. Having confidential information on banks controlled by business figures could prove invaluable in furthering MSP leader Tô Lâm’s ambitions.”
64. Latin America/Central America: ‘The Mask’ Espionage Group Resurfaces After 10-Year Hiatus
Dark Reading reported on May 9th that “an advanced persistent threat (APT) group that has been missing in action for more than a decade has suddenly resurfaced in a cyber-espionage campaign targeting organizations in Latin America and Central Africa. The group, called “Careto” or “The Mask”, began operations in 2007 and then seemingly wafted into thin air in 2013. Over that period, the Spanish-speaking threat actor claimed some 380 unique victims across 31 countries including the US, UK, France, Germany, China, and Brazil. Researchers from Kaspersky who tracked Careto 10 years ago — and also spotted its new attacks recently — have identified Careto’s previous victims as including government institutions, diplomatic offices and embassies, energy, oil and gas companies, research institutions, and private equity firms. In a blog post this week, Kaspersky reported the group as having targeted at least two organizations in its sophisticated new campaign, so far — one in Central Africa and the other in Latin America. The focus of the attacks appears to have been on stealing confidential documents, cookies, form history, and login data for Chrome, Edge, Firefox, and Opera browsers, Kaspersky said. The security vendor said it had also observed the attackers targeting cookies from messenger apps such as WhatsApps, WeChat, and Threema.”
65. United Kingdom/China: Two Britons to Be Tried on Charges of Spying for China
StratNews Global reported on May 10th that “two Britons, including a former researcher for a prominent Conservative Party lawmaker, have been informed that they will face trial next year on accusations of espionage for China. Christopher Cash, 29, and Christopher Berry, 32, were cinviharged last month with supplying prejudicial information to China, in violation of the Official Secrets Act. During their brief appearance at London’s Old Bailey Court, Cash and Berry only confirmed their names and dates of birth. Both have not yet entered a plea. The court announced that their trial would take place in the spring or summer of next year. They have been released on bail and are expected back in court on October 4. European nations have become increasingly concerned about suspected Chinese espionage activities, accusations that Beijing denies. The UK government has recently expressed rising concerns. Prime Minister Rishi Sunak delivered a speech in Warsaw last month where he condemned Chinese state-affiliated actors for orchestrating “malicious cyber campaigns” targeting British lawmakers. Earlier this week, Sunak noted that a “malign actor” had likely compromised the payment system used by the British armed forces. British media sources indicated that China was suspected to be behind this cyberattack. However, Beijing dismissed these allegations as “absurd.”.”
66. Sweden/Iran: Iran’s Espionage at Swedish Universities Exposed
Expressen reported on May 7th that “Swedish universities cooperate with Iran’s regime — without knowing it. A new report reveals the Revolutionary Guard’s insight into all research conducted in collaborations between Iranian and foreign universities. It ends up in the hands of terrorists, says Member of Parliament Alireza Akhondi, who sits on the board of the organisation United Against Nuclear Iran (UANI). Säpo warns of Iranian operations on Swedish soil and two Swedish citizens are imprisoned and threatened with the death penalty in Iran. At the same time, several exchange programmes are ongoing between universities in Sweden and Iran. This means that research conducted in Sweden is wide open to the Islamist regime’s espionage, according to the organisation UANI. Through sources in Iran, the organisation has come across documents that show how the notorious Islamic Revolutionary Guard Corps (IRGC) has total visibility into the international collaborations of Iranian universities. According to UANI, all Iranian students and researchers who are abroad are included in a programme whose purpose is to acquire knowledge that can be used by the defence industry in Iran.”
67. United Kingdom/China: Parliamentary Researcher, 29, and Ex-teacher, 32, Who Are Charged with Spying for China Will Face Trial Next Year
Daily Mail reported on May 10th that “a parliamentary researcher charged with spying for China will face trial next year. Christopher Cash, the former director of an influential China policy group with links to the Security Minister appeared in court today accused of passing secrets to the hostile state. The 29-year-old is charged with giving ‘articles, notes, documents or information’ to a foreign state under the Official Secrets Act 1911, along with a British teacher Christopher Berry, 32, with whom he once taught in China. e pair appeared at the Old Bailey for a brief hearing today, speaking only to confirm their names. Unusually, they were not asked to enter the dock and were allowed to sit in the legal benches beside their solicitors. Last month the duo were charged with ‘providing secret information to a foreign state by obtaining, collecting, recording, publishing or communicating notes, documents or information which might be, or were intended to be, directly or indirectly useful to an enemy’. Cash and Berry are accused of being in contact with each other and an individual assessed to be a Chinese intelligence agent. The two alleged spies became friends after both secured teaching jobs in China through a British firm which helps students and lecturers find employment in the country. As young graduates, they taught together at Hangzhou Oriental Middle School in eastern China near Shanghai around 2018. Cash went on to become the director of an influential China policy group with links to Security Minister Tom Tugendhat and Foreign Affairs Committee chair Alicia Kearns. Berry stayed in China teaching economics and English, but later moved to promoting Chinese landmarks, making YouTube videos about heritage sites.”
68. Russia/Europe: Suspected Russian Sabotage: The Great Return of Kremlin Agents to Europe?
France 24 reported on May 10th that “in a May 5 exclusive, the Financial Times reported that intelligence services from three different European countries have warned their governments that Russian agents are in the midst of plotting a series of bombing, arson and infrastructure attacks on European soil. “We assess the risk of [Russian] state-controlled acts of sabotage to be significantly increased,” Thomas Haldenwang, the head of German domestic intelligence, told a security conference in April, noting that the attacks would come with “a high potential for damage”. NATO is also on alert, a senior European government official told the paper, saying the alliance’s security services have brought to the table “clear and convincing information on Russian mischief”. The Kremlin scoffed at the claims, rejecting them as “unfounded” and “not serious”. But the warnings are not all that easy to dismiss. Especially as they have come amid of spate of sabotage attacks in both Europe and the United States in recent months with suspected links to Russian intelligence services. And the list of incidents continues to grow. A London warehouse containing aid shipments to Ukraine was destroyed in a fire on March 21, for example. Then, on April 15, an American artillery shell factory that ships some of its products to Ukraine went up in flames. Two days later, on April 17, an explosion rocked British defence contractor BAE Systems’ factory in Wales. The factory also manufactures weapons for Ukraine. And on April 18 a man linked to the Russian intelligence services was arrested in Poland after trying to collect information about security at the country’s Rzeszow airport. That same day, Germany arrested two German-Russian nationals suspected of plotting sabotage attacks in the country, including on US military facilities.”
69. United States: Joe Rogan Experience — Mike Baker
On May 8th Joe Rogan Experience published this podcast episode. As per its description, “Mike Baker is a former CIA covert operations officer and current CEO of Portman Square Group, a global intelligence and security firm. He’s also the host of the popular “President’s Daily Brief” podcast: a twice daily news report on critical events happening around the globe available on all podcast platforms.”
70. Iran/Canada: Iran Brands Canada’s Plan to Designate IRGC ‘Hostile’
Iran International reported on May 11th that “Iran’s Ministry of Foreign Affairs has branded ‘hostile’ a recent move by Canada’s House of Commons to label the Revolutionary Guard (IRGC) as a terrorist entity. “This is unwise, hostile, and contrary to accepted international legal standards,” Nasser Kanaani, the ministry’s spokesman said, responding to the Canadian parliamentary action. On Wednesday, the House of Commons passed a non-binding motion to designate the IRGC as a terrorist organization and called for the expulsion of approximately 700 Iranian agents believed to be operating in Canada. The decision follows a report from a House committee but does not obligate the Canadian government to act on the recommendation. Despite the non-binding nature of the vote, it symbolizes a significant political stance from Canada, which has seen gradual movements towards labeling the IRGC as a terrorist group, a policy Canada has been edging towards since at least 2012. More than a year after the Woman, Life, Freedom movement in Iran in 2022, and persistent appeals from the diaspora to prevent regime-affiliated officials from entering Canada, the Canadian government has started to implement measures to restrict entry and initiate deportation processes for these individuals. The diaspora continues to argue that the current actions are inadequate. They believe that including the IRGC on the terrorist list would hold its members, who have acquired Canadian citizenship, accountable for crimes committed abroad, thereby subjecting them to more severe penalties.”
71. United Kingdom/Israel/Palestine/Cyprus: UK Military Has Flown 200 Spy Missions Over Gaza in Support of Israel
Declassified UK reported on May 8th that “UK government refuses to give details of spy flights but Declassified independently obtains information: British spy plane landed at Israel’s major air force base, Nevatim, in February. UK’s Shadow R1 spy plane can supply intelligence for ‘target acquisition’. ICC could investigate British ministers over complicity in war crimes. The Royal Air Force (RAF) has flown 200 surveillance flights over Gaza since December, it can be revealed. The UK government refused to give any details about the flights which began on December 3 but Declassified has independently constructed a timeline. The extraordinary number of missions over the past five months works out at well over a flight per day and continues as Israel invades the supposedly “safe” southern city of Rafah. March saw the highest number of British spy flights over Gaza with 44 missions. The new information comes amid speculation that the International Criminal Court (ICC) is set to issue arrest warrants for Benjamin Netanyahu and his ministers. British officials could also face prosecution for complicity in war crimes, including defence secretary Grant Shapps. All the British spy flights have taken off from RAF Akrotiri, the UK’s sprawling air base on Cyprus, and have been in the air for around six hours. Gaza sits around 30 minutes flight time from the base so it is likely the RAF has gathered around 1,000 hours of surveillance footage over Gaza.”
72. India: R&AW Founder Perfectly Blended Intelligence with Strategic Objectives
StratNewsGlobal published this interview on May 10th. As per its description, “Rameshwar Nath Kao, or RN Kao, would have been 106 years old today. The founder of Research and Analysis Wing (R&AW) — India’s external intelligence agency — was an intensely private person, deeply religious and equally compassionate. He had the ability to see the larger picture and also pay attention to the minutest of detail, says Ramanathan Kumar, former Special Secretary, R&AW. “Often in the intelligence business, even the best of spymasters at times tend to develop tunnel vision and get into microscopic details, which is very important of course, without seeing the larger picture. But Mr Kao had the rare ability to understand the larger picture and its importance to the political leadership of the country. He would also ensure that the finest of details were taken care of when it came to conducting operations,” Kumar told StratNews Global Editor-in-Chief Nitin A. Gokhale. Kao was extremely fastidious when it came to analysis and disseminating notes to the government. He would correct the drafts put up by his subordinates, even the best of them, with the finest a fine tooth comb, adds Kumar. And when it came to R&AW operations, Kao was a man of tremendous discretion, tact and caution. “There was nothing reckless about Mr Kao. He was not a Rambo kind of operative. Every action of his was preceded by a very careful and methodical examination of the pros and cons.” Kao had the knack of harmonising intelligence goals with the larger political or strategic objectives. “Mr Kao had a very fine political antenna. Therefore, he made sure that the operational initiatives R&AW took were in perfect harmony with the larger strategic and political objectives that the political leadership had in mind at that point in time,” says Kumar.”
73. Greece: Espionage and Spying in Ancient Greece
Greek Reporter published this article on May 11th saying that “for as long as there has been war, there has been a need to reveal what the enemy is planning. This was no less true in ancient Greece where generals and statesmen relied on espionage to reveal the intentions and capabilities of their adversaries. The philosopher Plato believed that the ancient Greek states were in a constant state of war, whether declared or undeclared. It was within this grey zone that the subtleties of espionage took place, a dimension of foreign affairs that remains true to this day. Like the practice of spying itself, the sources regarding espionage in ancient Greece are murky. Nevertheless, there is enough evidence to paint a compelling picture of covert intelligence gathering across the epochs of Greek antiquity.”
74. United States: The Double-edged Sword of Cyber Espionage
The CyberWire published this podcast episode on May 11th. As per its description, “Dick O’Brien from Symantec Threat Hunter team is discussing their research on “Graph: Growing number of threats leveraging Microsoft API.” The team observed an increasing number of threats that have begun to leverage the Microsoft Graph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services. The research states “the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes.”.”
75. United States/Italy/Cyprus/Syria: New “Blackcat” Mission
ItaMilRadar reported on May 11th that “after a few days of inactivity, this morning we recorded a new mission of a US Navy Northrop Grumman MQ-4C “Triton” (reg. 169659 — c/s BLACKCAT5) launched from NAS Sigonella. The drone, after completing an orbit south of Cyprus, is heading towards the Eastern Mediterranean where it will carry out its mission. It’s likely that the Triton is conducting a mission to monitor (among other things) the movements of Russian Navy units in the area (which has its operational base in Tartus, Syria). Furthermore, it’s interesting to note the callsign used by the drone during this mission. No longer the usual “TRITON” but “BLACKCAT,” most likely a reference to the US Navy Catalina seaplane units that carried out nighttime anti-ship missions in the Pacific and were known as Black Cats.”
76. Russia: Recruiting Far-right Extremists to Launch Attacks in the West
The Telegraph reported on May 11th that “Russia is recruiting far-Right extremists to carry out attacks in the UK and Nato countries, The Telegraph understands. Intelligence sources have said that terrorists recruited by Russian GRU agents have been responsible for a series of attacks in Western Europe and the US in the last six months. The Telegraph understands that extremists are being recruited by undercover officers of the GRU — the Russian military intelligence service — and members of the mercenary group Wagner. It comes after the expulsion of Col Elovik Maxim, the Russian defence attache to the UK, who is believed to be a GRU operative. An intelligence source told National Security News: “The GRU are cultivating a network of Right-wing terrorists to deploy against Nato targets. “These attacks are already happening and have been going on for a while in various Nato countries and the UK is definitely on the target list.”
77. United States: Anthony Sabio | CIA Counterintelligence
On May 10th George Peyrouton published this podcast episode. As per the host’s introduction, “my name is Tony Sabio. I spent a lot of time in the military, in the Marine Corps, and then moved into the Secret Service, worked under Bush’s detail on SWAT team, K9 SWAT handler, and then, in 2007, got recruited into the CIA, and in the CIA I was part of a team called GRS, Global Response Staff, and then finished my time there with my last 3 years, for a total of 11, as a counter-intelligence officer dealing with the Gulf region.”
