[Le Procès du Forgeron] « Qui vole un œuf, viole un bœuf » Procès du forgeron de Tarnac : « On incrimine ma volonté »

Pour avoir refusé de donner son ADN aux officiers de l’anti-terrorisme, Charles Torres, « le forgeron de l’affaire Tarnac », lavé de tous soupçons depuis, est passé devant la justice. Le délibéré sera rendu par le tribunal de grande instance de Rouen le 6 mars 2013.

Mercredi 6 janvier 2013, Charles Torres était jugé pour refus de se soumettre au prélèvement d’ADN. Prélèvement demandé par la cellule anti-terroriste lors d’une garde-à-vue justifiée par sa possible appartenance à l’affaire Tarnac. Au moment de cette garde-à-vue, le 23 février 2012, Charles Torres, forgeron de profession, est soupçonné d’être l’artisan des crochets qui auront servi en 2008 à saboter des caténaires de la SNCF.

Le palais de justice de Rouen accueille donc le jour de l’audience du « Forgeron de Tarnac », tous ses soutiens, sa famille et une bonne dizaine de journalistes alléchés par cette audience connexe à l’affaire Tarnac. Quelques policiers, arnaché de gilets pare-balles et de talkie-walkies. Normal, c’est le procès d’une personne qui soupçonnée début 2012 d’association de malfaiteurs dans une entreprise terroriste.

La juge aura dû, en début d’audience faire taire le public venu en nombre pour soutenir Charles Torres. Celui-ci a souhaité lire devant le tribunal « sa plaidoirie » car il n’est « pas très à l’aise à l’oral ». L’homme de 28 ans, spécialisé dans la forge médiévale, a commencé son diatribe timidement, posant la question qui le taraude : « Pourquoi suis-je ici devant vous aujourd’hui ? Je ne le sais pas, personne ne le sait. À part peut-être, l’officier de la DCRI que j’ai vu arpenter ce tribunal aujourd’hui, avec une veste de moto. »

Le forgeron a eu à cœur de pousser les traits d’ironie, malgré sa gêne à parler publiquement. Il s’est même retourné une fois vers l’assemblée pour chercher du regard un soutien. « Adressez-vous au tribunal », le reprendra la juge. Après avoir raconté sa garde à vue, Charles Torres, cultivé et aux mots littéraires, donne ses hypothèses sur les raisons de sa présence devant le tribunal, s’appuyant sur sa connaissance du droit, de l’histoire et sa culture politique. « Dans refus de se soumettre au prélèvement biologique, il y a refus de se soumettre », commence-t-il, « On incrimine ici ma volonté. »

Le forgeron de Roncherolles-sur-le-Vivier explique ensuite pourquoi il s’est refusé à ce prélèvement d’ADN : « Je m’oppose au fichage génétique. » Il rappelle l’historique du Fichier national automatisé des empreintes génétiques (Fnaeg) initialement mis en place en 1998 pour ficher les délinquants sexuels, donc les personnes jugées coupables par la justice. Voulant prouver le ridicule de sa présence au tribunal, il se joue de l’adage « Qui vole un œuf, vole un bœuf » : « Qui vole un œuf, viole un bœuf. »

Sans désarmer, Charles Torres continue de justifier son refus de se soumettre, rappelant l’affaire Élodie Kulik, violée puis assassinée (2002). En 2011, les gendarmes parviennent à confondre l’un de ses agresseurs grâce à l’ADN de son père déjà fiché. Le forgeron s’appuiera sur ce détournement du Fnaeg : « Aujourd’hui, donner mon ADN, c’est donner celui de mon frère jumeau, mes parents et mes descendants ». Il conclut : « L’ADN est un instrument de contrôle. » Ce quart d’heure de discours est applaudi par l’assemblée.

Contre Charles Torres, le procureur a requis une peine « d’avertissement » : un mois de prison avec sursis. Ce qui ne suffit évidemment pas à Me William Bourdon et Me Marie Dosé, avocats de la défense. Ils s’appuient sur la pauvreté du dossier entre les mains du tribunal de Rouen. « Le tribunal de grande instance de Nanterre vous a confié un dossier de misère. Ce que vous savez, c’est ce que la presse vous a dit et ce nous vous disons », argumente Me Dosé.

Au dossier, quelques procès-verbaux, parfois non datés, ou des notifications de mise en garde à vue de Charles Torres. Le tribunal n’a pas accès au dossier de l’affaire Tarnac dans lequel figurent les raisons pour lesquelles le forgeron a été soumis à une garde à vue. « On vous empêche de vérifier s’il y avait des raisons plausibles pour le détenir » et donc pour lui demander son ADN.

Et Me Dosé d’avancer : « Dans la procédure Tarnac, Charles Torres n’est rien sauf les conséquences de son refus » de se soumettre au prélèvement biologique. Dans leur plaidoirie, les deux avocats du forgeron frôlent la violation de l’instruction judiciaire, sans jamais vraiment tomber dedans. « Les policiers mentent au tribunal, il n’y avait aucune raison pour le mettre en garde à vue, vous devez sanctionner cette manipulation judiciaire », reprend Me Bourdon qui considère le dossier Charles Torres comme « un vide intersidéral ».

Le tribunal rendra son délibéré le 6 mars 2013.

L’affaire du Forgeron soulève une question de constitutionnalité

Charles Torrès est jugé pour avoir refusé de donner son ADN aux policiers de l’anti-terrorisme dans le cadre de l’affaire Tarnac. Pour aller plus loin, ses avocats ont tenté de mettre en doute la constitutionnalité du prélèvement ADN à répétition et du fichage de tout un chacun. Le délibéré sera rendu le 6 mars 2013.

Le procès de Charles Torres, s’est ouvert ce mercredi 6 janvier 2013, au tribunal de grande instance de Rouen. Il est jugé pour avoir refusé de donner son ADN lors d’une garde à vue dans le cadre de l’affaire Tarnac. Ses avocats, Me William Bourdon et Me Marie Dosé, tous les deux au dossier de l’affaire Tarnac, essaieront de poser une question prioritaire de constitutionnalité (QPC).

Entrée en vigueur en 2010, la QPC permet de mettre en doute la constitutionnalité d’une loi déjà promulguée. Elle peut être posée par n’importe quel citoyen. On la pose devant un tribunal qui décide ou non de la transmettre à la cour de cassation.

Dans l’affaire de Charles Torres, ses avocats mettent en doute la constitutionnalité de l’article 706-56 du code de procédure pénal. Cet article encadre le prélèvement de l’empreinte biologique. Pour Me Bourdon, le dossier de Charles Torres, si petit et si peu extraordinaire soit-il, permettrait « d’envoyer un message puissant aux législateurs ». L’avocat remet en question l’alinéa 4 de l’article. Cet alinéa qui permet qu’en cas de refus de prélèvement, les officiers de police judiciaire peuvent récupérer l’ADN s’il est détaché du corps. « Lorsque Charles Torres refuse de se soumettre, il ne sait pas, que dans son dos, ou plutôt dans ses cheveux, on prélèvera la particule magique », plaide Me Bourdon, « S’il avait su que les policiers de la Sdat pouvaient faire cela, il aurait pu ajuster son comportement ». Ici, l’avocat pointe du doigt la faille de la loi qui peut conduire un citoyen à s’auto-incriminer sans être en mesure de se défendre.

L’avocat parle aussi « d’un cambriolage de l’enveloppe corporelle« , qui porte atteinte au droit de chaque citoyen de disposer de son corps. Enfin, pour plaider le dépôt de cette QPC, Me Bourdon pointe le « laisser-aller, la paresse » des policiers qui ne prennent pas le temps de vérifier si la personne concernée est déjà fichée qui peuvent conduire à une succession de prélèvements ADN sur un même citoyen.

Sans compter que le tribunal de Nanterre qui s’est dessaisi en 2012 de cette affaire, a omis de prévenir le tribunal de Rouen que la justice était bien en possession de l’ADN de Charles Torres… jugé pour avoir refusé de le donner.

La procureur refuse la QPC au motif que l’article 706-56 du code de procédure pénale aura déjà été jugé constitutionnel, dans sa globalité, par la cour de cassation. Le tribunal est allé dans ce sens et a refusé de transmettre la question prioritaire de constitutionnalité. Le procès de Charles Torres a donc bien eu lieu mercredi 6 février et les débats se sont donc poursuivis pour celui qui risque 15’000 euros d’amende et un an de prison ferme.

Publié par des larbins de la maison Poulaga (Zoé Lauwereys, Grand-Rouen.com, 7 février 2013)

Rencontre avec le « Forgeron » de Tarnac

Charles Torres a été « enlevé » par la police début 2012 dans le cadre de l’affaire Tarnac. Il est soupçonné, à ce moment là, d’être complice du sabotage de caténaires en 2008. Aucun fait n’aura été retenu contre lui. Pourtant, il est jugé mercredi 6 février 2013 au tribunal de grande instance de Rouen pour avoir refusé son ADN au moment de la perquisition.

Nous l’avons rencontré la veille de son procès pour refus de prélèvement génétique du 6 février 2013 au tribunal d’instance de Rouen. Avec son pull marin, ses cheveux en bataille, sa moustache et sa chevalière rehaussée d’une pierre blanche, il nous rejoint à la Conjuration des Fourneaux au 149 rue Saint-Hilaire. Le restaurant soutient Charles dans ses déboires judiciaires. Il nous raconte ces trente heures de garde à vue pendant lesquelles il a refusé de parler.

Ce matin du 23 février 2012, Charles Torres dort dans sa chambre, chez ses parents, à Roncherolles-sur-le-Vivier, près de Darnétal. À 28 ans, il y revient de temps en temps pour travailler. Son père, monteur en bronze, lui a installé dans son atelier, une forge pour qu’il puisse exercer son activité d’auto-entrepreneur forgeron. Il est 8 heures du matin quand une trentaine de policier de la sous-direction de l’anti-terrorisme (Sdat) frappe à la porte. « On a eu de la chance, il n’était pas 6 heures du matin et ils n’ont pas défoncé la porte », ironise celui que la presse surnommera le Forgeron dans l’affaire dite « de Tarnac ». Ce matin-là, les policiers de l’anti-terrorisme viennent perquisitionner. Ils pensent avoir trouvé celui qui a fabriqué les crochets en fer à béton responsables du sabotage de caténaires de la SNCF en 2008.

Pour ces faits, qui deviennent très vite l’affaire de Tarnac, dix personnes ont été mises en examen, pour « association de malfaiteurs en relation avec une entreprise terroriste » et « dégradations en réunion en relation avec une entreprise terroriste ». Les principaux accusés dans cette affaire sont Julien Coupat et sa compagne Yldune Lévy. Le rapport entre Tarnac et Charles Torres ? Ce dernier se l’explique facilement. « Je suis colocataire dans une maison, rue de Constantine, à Rouen, où plusieurs habitants, ont été mis en examen en 2008. Mais je n’étais même pas un des potes de Julien Coupat. Tarnac ce n’est même pas une bande de copains. Concrètement, on me soupçonnait d’avoir un comportement plus ou moins subversif d’un point de vue politique. » Charles avoue même ne pas connaître vraiment le dossier Tarnac, seulement ce que les mis en examen lui auront dit et ce qu’il aura lu dans les journaux. Il délivre son analyse : « Tarnac est devenu un groupe suite aux accusations. Il a fallu donner un cadre, d’où le nom. Ce qui fait que tu es dans le dossier ou pas, c’est ta place dans le scénario de la police. »

Quatre ans après le début de l’affaire de Tarnac, devenu au fil des années un bourbier judiciaire, la Sdat pense donc avoir trouvé un nouveau complice du sabotage. Ce 23 février 2012, « des flics de haut-vol » fouillent donc la maison des parents du forgeron après lui avoir signifié sa mise en garde à vue. Une garde à vue qui durera 35 heures. La perquisition aura fait beaucoup rire Charles qui avoue avoir eu « envie de plaisanter » mais s’être retenu par « peur qu’ils me prennent au premier degré ». « Ils ont fouillé toute la maison, ont retourné ma chambre, ont scruté mes bouquins, mon bureau, mes affaires de fac. Mais ils n’ont rien saisi dans ma chambre », se rappelle-t-il. « Pour prouver l’association de malfaiteurs et me lier aux mis en examen de Tarnac, ils ont saisi de vieux téléphones portables. » Rien non plus n’aura été saisi dans la forgerie, pourtant l’endroit le plus à même de receler des indices du sabotage. Et pourquoi pas quatre ans plus tard ? Charles se rappelle d’un détail qu’il raconte goguenard. « Dans la chambre de mon frère, ils ont trouvé deux cagoules trois trous. Elles avaient été utilisées pour l’enterrement de vie de garçon d’un copain », rit-il encore.

Charles Torres préférait ne pas être pris en photo.

La perquisition terminée, les policiers le menottent et l’emmènent « à 200 kilomètres/heure » à Levallois-Perret, dans les Hauts-de-Seine. Avant d’atteindre le siège de la Sdat, il rapporte avoir eu les yeux cachés par un masque de sommeil. « Là, j’ai senti que l’on descendait de cinq étages sous terre. Arrivés dans les locaux, on est passés de sas de sécurité en sas de sécurité »… jusqu’à la salle de garde à vue. Pendant ces 30 heures de garde à vue, Charles refusera de répondre aux questions : « J’ai décliné mon état-civil, sinon j’ai répondu des blagues ». La meilleure solution pour quelqu’un qui ne sait pas ce qu’on lui reproche, mis à part la vague « association de malfaiteurs ». « Ils n’avaient rien pour me mettre en garde-à-vue, il n’était pas question pour moi de leur donner de quoi me mettre en examen ». L’ancien étudiant en histoire se rappelle de quelques questions posées par la police. « Ils m’ont demandé ce que je pensais de la société capitaliste marchande ou quelles étaient mes opinions politiques », évoque-t-il. En lui présentant des photos des crochets utilisés pour saboter les caténaires, on lui aura même demandé s’il les avait fabriqués. Charles répondra avec l’ironie qui lui semble chère : « Vous m’amenez le modèle et je vous fais un devis ».

En fin de garde à vue, on lui demandera de donner son ADN, justifié par « des motifs graves ou concordants » dans l’affaire pour laquelle il était entendu. Chose qu’il refusera. Par conviction. « Je n’ai pas envie de faire partie d’un fichier ADN des catégories politiques », affirme-t-il. Pour lutter contre le « flicage », il refuse aussi d’avoir un téléphone ou une carte bancaire. Ce qu’il ne sait pas, à ce moment-là, c’est que la police a pris soin de nettoyer de fond en comble la salle de garde à vue, revèle Laurent Borredon, dans Le Monde du mardi 5 février 2013 : « Ce matin-là, les policiers ont nettoyé à fond les locaux de garde à vue, à l’aide d’une solution hydroalcoolique. Le bureau et le sol. Dans quelques instants, Charles Torrès va être entendu pour la quatrième fois. Les policiers souhaitent récupérer son ADN et il faut que tout soit immaculé. » Selon Le Monde qui s’est procuré le procès-verbal de la garde à vue, Charles fait bien en sorte ce jour-là de consommer « sa brique de jus d’orange sans en utiliser la paille » puis d’en « laver soigneusement l’extérieur, de sorte à n’y laisser aucune trace biologique. » Charles aura aussi mangé sans utiliser de couverts, « directement au moyen de ses doigts », pour être sûr de ne laisser aucune trace. Les policiers récupèrent tout de même quelques cheveux sur le sol du local où il était interrogé.

L’absurde du procès du mercredi 6 février 2013 ? La justice est en possession de l’ADN de Charles Torres mais on lui reproche de ne pas avoir voulu le donner. Il risque 15’000 euros d’amende et un an de prison ferme. Sur son blog, il appelle ses soutiens à « venir rire » au TGI de Rouen à 13h30, « parce qu’on ne peut que se réjouir de chaque humiliation que l’antiterrorisme s’inflige à lui-même ».

Publié par des larbins de la maison Poulaga (Zoé Lauwereys, Grand-Rouen.com, 6 février 2013)

Tarnac : un homme jugé pour refus de donner son ADN, déjà prélevé à son insu

Les policiers de la sous-direction antiterroriste (SDAT) de la police judiciaire n’ont pas peur de la contradiction. Le 24 février 2012, à 11h15, ils ont recueilli l’ADN de Charles Torrès, 28 ans, à son insu. Puis, à 11h35, ils ont lancé une procédure contre le jeune homme gardé à vue dans le cadre de l’affaire de Tarnac pour… refus de prélèvement génétique. Charles Torrès doit être jugé, mercredi 6 février, par le tribunal correctionnel de Rouen. Il risque, au maximum, un an de prison et 15’000 euros d’amende. À la suite de sa garde à vue, il avait été relâché sans charge, mais cela n’empêche pas d’être dans l’obligation de laisser son ADN. Il suffit qu’existent des “indices graves ou concordants” contre la personne entendue, indique le code de procédure pénale.

Ce matin-là, les policiers ont nettoyé à fond les locaux de garde à vue, à l’aide d’une solution hydroalcoolique. Le bureau et le sol. Dans quelques instants, Charles Torrès va être entendu pour la quatrième fois. Les policiers souhaitent récupérer son ADN et il faut que tout soit immaculé. Les enquêteurs veulent vérifier si le jeune homme, interpellé la veille près de Rouen, n’a pas forgé les crochets qui ont servi à saboter des lignes de TGV, à l’automne 2008.

“DÉLOYAUTÉ”

Charles Torrès est aussi prudent que les policiers sont méticuleux : il a “consommé sa brique de jus d’orange sans en utiliser la paille, puis en [a] soigneusement lavé l’extérieur, de sorte à n’y laisser aucune trace biologique (…). À l’heure du déjeuner, il a été constaté qu’il mangeait sans utiliser de couverts, directement au moyen de ses doigts”, note le lieutenant de la SDAT, dans son procès-verbal, que Le Monde a pu consulter.

Mais le stratagème réussit : les hommes de la police technique et scientifique parviennent à récupérer “les prélèvements de traces de contact” là où il “a apposé ses mains”. Encore mieux, “à l’aplomb du siège où [il] s’est assis, des cheveux jonchent le sol”. Précis, le policier indique “que la présence de ces cheveux au sol résulte de la propension qu’a manifestée Charles Torrès à se passer (nerveusement) les mains dans les cheveux”. Trente heures de garde à vue dans les locaux de la SDAT, c’est un peu stressant…

Comment justifier une procédure pour refus de prélèvement d’ADN quand on vient de le recueillir ? En faisant comme si de rien n’était : le procureur qui poursuit puis les magistrats qui vont juger le dossier “ADN” n’ont accès qu’aux pièces du dossier Tarnac que la SDAT veut bien leur transmettre. Le PV de recueil de traces génétiques a été opportunément exclu. Au contraire, une enquêtrice justifie la procédure en assurant que le prélèvement demandé à Charles Torrès “aurait utilement permis de déterminer le profil génétique de l’intéressé aux fins de comparaison avec les empreintes génétiques à ce jour non identifiées”.

“Il s’agit d’un symptôme de plus de la déloyauté qui contamine tout le dossier”, estime Me William Bourdon, l’un des avocats de Charles Torrès. Il souhaite déposer une question prioritaire de constitutionnalité, mercredi. Pour lui, les articles de loi sur les prélèvements d’ADN sont “défaillants” face au principe de libre disposition de son corps : l’officier de police judiciaire n’a pas d’obligation d’informer qu’il peut y avoir un prélèvement clandestin, puis que ce prélèvement a eu lieu — ce qui interdit tout recours — et, enfin, il n’est pas obligé de vérifier que le gardé à vue est déjà fiché, avec le risque d’une multiplication des prélèvements.

Et la comparaison des empreintes génétiques ? Au final, elle n’a rien donné.

Publié par des larbins de la maison Poulaga (Laurent Borredon, LeMonde.fr, 5-6 février 2013)

Pourquoi j’ai refusé de livrer mon ADN

Le 6 février 2013, Charles Torres comparaît au tribunal de Rouen pour avoir refusé le prélèvement de son ADN lors d’une garde à vue de 35 heures début 2012. Forgeron, on le soupçonnait de complicité dans l’affaire de Tarnac et d’avoir fabriqué les crochets qui servirent à bloquer des TGV en 2008.

Le 23 février 2012, je fis bien malgré moi une entrée fracassante dans l’affaire dite « de Tarnac ». Une escouade de policiers de la Sous-Direction antiterroriste (SDAT), avec à leur tête le médiatique juge Fragnoli, vint me sortir du lit de bon matin. Bien qu’habitant la Seine-Maritime, je devins ce jour-là « le forgeron de Tarnac ». À défaut de pouvoir établir le moindre lien entre les mis en examen et les fameux crochets, le juge voulait à toute force insinuer un lien entre eux et quelqu’un qui aurait pu les fabriquer. Je fus donc, avec mon père de 86 ans, soupçonné le temps d’une garde à vue d’avoir confectionné les crochets qui servirent à bloquer des TGV une nuit de novembre 2008.

On sait que le storytelling antiterroriste ne s’embarrasse guère de la vraisemblance, et les différents articles parus dans la presse lors de mon arrestation le reproduisirent fidèlement. Il n’y eut d’ailleurs à peu près personne pour mentionner le fait que je fus libéré au bout de 35 heures sans la moindre charge ; et ni le juge ni les policiers ne me présentèrent leurs excuses pour m’avoir ainsi kidnappé sans raison valable. Faute d’excuses, je pensais qu’ils auraient à cœur de se faire oublier pour ces 35 heures de séquestration légale. Sur ce point, c’est bien moi qui me suis trompé.

Comme je le précisais plus haut, des amis harcelés par l’antiterrorisme, j’en ai quelques-uns, à Rouen comme à Tarnac. Je lis la presse aussi. De ce fait, je sais comme tout un chacun que tout ce que l’on peut déclarer dans une garde à vue a vocation à être déformé et utilisé contre vous. Je réservais donc mes réponses aux questions des policiers sur mes idées politiques au juge en charge de l’enquête. Malheureusement, il ne crut pas bon de me recevoir. Quelques jours plus tard, je fis tout de même l’effort de lui écrire afin de ne laisser aucun doute quant à l’erreur manifeste que représentait mon arrestation. Le jour même où cette missive devait paraître, le juge, qui allait être dessaisi, la recouvrit de l’annonce de son autodessaisissement. Il fit ainsi d’une pierre deux coups, et la missive ne parut jamais.

Pas plus que je n’avais de raison d’être en garde à vue à Levallois-Perret, n’avais-je de raison de livrer mon ADN à la police, qui de toute façon alla le récupérer lamentablement sous la forme d’un cheveu laissé sur le sol d’une salle d’interrogatoire. Je refusai donc. Faut pas pousser.

Mais refuser de donner son ADN est un délit, en soi. C’est-à-dire que même lorsque l’on vous l’a pris malgré vous, qu’on l’a analysé, qu’il vous a dédouané et que vous êtes à l’évidence lavé des soupçons qui avaient justifié qu’on vous le demande, vous êtes encore et toujours coupable d’avoir refusé. C’est cela la loi sur l’ADN, et c’est pour cela que je comparaîtrai au tribunal de Rouen ce mercredi 6 février.

De prime abord, on pourrait penser que je suis, ici, victime de l’un des effets pervers d’une loi mal formulée et qu’il suffirait d’un peu de bon sens pour que tout rentre dans l’ordre. C’est tout le contraire que mon procès révèle.

On peut ainsi remettre en question l’efficacité de l’ADN, et la mystification qui consiste à corréler une trace souvent partielle avec un acte. On peut évoquer ce professeur d’EPS récemment accusé d’avoir tiré sur la police à Amiens car son ADN avait été retrouvé sur une arme : il avait eu le malheur de revendre sa voiture à quelqu’un du quartier insurgé longtemps auparavant. Coup de chance, il put prouver qu’il était en Bretagne la nuit des tirs. On peut avancer le cas de cette chimiste assermentée de Boston, Annie Dookhan, qui par zèle a bidonné, des années durant, ses « expertises », ce qui aboutit à la remise en cause de dizaines de milliers de condamnations dans le Massachusetts. On peut faire valoir que les traces génétiques que partout nous déposons se mêlent et s’entrelacent avec toutes celles de tous ceux que nous croisons, que nous aimons. Que l’existence est toujours collective et qu’aucune analyse génétique ne permettra jamais de décrypter le monde tel qu’il est vécu.

On peut tout autant s’indigner du fait que ce qui fut initialement vendu comme le « fichier des violeurs » comporte aujourd’hui plus de 2 millions d’identifications. On peut même tomber des nues en lisant dans Le Monde du 21 février 2012 que désormais la police, grâce à un « vide juridique », détourne les garde-fous du FNAEG pour retrouver des gens grâce à l’ADN de leurs parents (ce qui fait évidemment exploser le nombre de personnes effectivement fichées à des dizaines de millions).

…

Les invités de Mediapart, 5 février 2013

Posted on 9 février 2013 by juralib

Find this story at 9 February 2013

Britische Spitzel in Erklärungsnot

Auch ein UN-Gesandter kritisiert die sexualisierte Informationsbeschaffung britischer verdeckter Ermittler. Der Guardian enthüllte am Wochenende, wie die Polizisten Identitäten toter Kinder stehlen

Britische verdeckte Ermittler haben in den letzten Jahrzehnten in mindestens 80 Fällen die Identitäten gestorbener Kinder und Jugendlicher angenommen. Dies berichtete der Guardian am Wochenende. Die Spitzel bzw. deren Vorgesetzte suchten sich jene Kinder aus, deren Geburtsdatum etwa ihrem eigenen entsprach. Mit der jetzt vielfach kritisierten Praxis sollte das Auffliegen der Spitzel erschwert werden, da diese neben Geburtsdokumenten auch eine Biographie vorzeigen konnten.

Zur Ausgestaltung der falschen Identitäten unternahmen die Polizisten bisweilen Ausflüge in die frühere Umgebung der Toten, um auf etwaige Fragen antworten zu können. In keinem Fall wurden die Eltern der Kinder hiervon benachrichtigt. Die Verwandten der Gestorbenen tragen aber im Falle des Auffliegens der Spitzel ein beträchtliches Risiko, wenn etwa wütende, ausgeforschte Demonstranten bei ihnen vorstellig werden. Nach der Veröffentlichung bemühte sich die Polizei um Schadensbegrenzung: Angeblich würde der Identitätsdiebstahl nicht mehr angewandt.

Spitzel zeugen Kinder und tauchen ab

Der Skandal wirft ein weiteres Schlaglicht auf die dubiosen Methoden der britischen Polizei. Heute befasst sich der Innenausschuss des Parlaments in einer Anhörung mit Spitzeln, die mit den von ihnen ausgeforschten Ziel- oder Kontaktpersonen jahrelang emotionale Bindungen eingingen und Sexualität praktizierten. Dies hatte in der britischen Öffentlichkeit für Entsetzen gesorgt.

Elf Frauen und ein Mann brachten die Fälle letztes Jahr vor Gericht und verwiesen darauf, dass die Polizisten dabei mindestens drei Kinder gezeugt hatten (Emotionaler und sexueller Missbrauch durch Polizisten wird öffentlich). Die zwischen sieben Monaten und sechs Jahre dauernden Beziehungen endeten aber mit dem plötzlichen Abtauchen der vermeintlichen Partner, wenn deren Einsatz abgebrochen wurde. Die Klagen richten sich gegen die britische Metropolitan Police und die halbprivate “Association of Chief Police Officers”, die für die klandestinen Ermittlungen zuständig war.

Die Zivilklage betont unter anderem die Europäische Menschenrechtskonvention, die in Artikel 8 das “Recht auf Achtung des Privat- und Familienlebens” behandelt. Der zuständige Richter verglich das sexuelle Gebaren mit dem Geheimagenten James Bond, was in Großbritannien zu Debatten geführt hatte. Zwar unterstrich der traditionell gelockte Richter die Glaubwürdigkeit der Klagen, beschloss aber gleichzeitig, dass diese in Teilen nicht-öffentlich verhandelt werden. Derartige Geheimverfahren waren bislang nur für den Geheimdienst MI5 vorgesehen. Für die Klägerinnen bedeutet dies, dass sie nicht auf Einlassungen der Polizisten reagieren können.

Vom Geheimverfahren betroffen sind die Einsätze des bekannten Spitzels Mark Kennedy, der jetzt in den USA lebt. Mit seinem Kollegen, der unter dem Namen “Marco Jacobs” auftrat, unterwanderte Kennedy die linke Mobilisierung gegen den G8-Gipfel in Heiligendamm 2007 und den NATO-Gipfel in Strasbourg 2009 (Polizeispitzel belügen Staatsanwaltschaften und Gerichte).

Bundesregierung verweigert Aufklärung

Der geltungssüchtige Kennedy, der seine Spitzelei sogar in einer Doku-Fiction zu Geld machte, hatte sich letztes Jahr selbst zum Opfer erklärt: Öffentlichkeitswirksam nutzt er die Klagen der Frauen, um seinerseits Schadensersatz von seinen früheren Vorgesetzten zu fordern. Da diese ihn nicht an den sexuellen Affären und Beziehungen gehindert hätten, sollen sie ihm den dadurch entstandenen posttraumatischen Stress mit rund 120.000 Euro vergüten.

Im Januar schlug sich der UN-Berichterstatter für Versammlungsfreiheit und Vereinigung, Maina Kiai, auf die Seite der betroffenen Frauen. Der Kenianer richtete eine Protestnote an die britische Regierung, in der er eine öffentliche Untersuchung zu den Vorfällen fordert. Dies würde auch ein neues Licht auf den Spitzeltausch mit Deutschland werfen.

…

Matthias Monroy

Find this story at 5 February 2013

Copyright © 2013 Heise Zeitschriften Verlag

Senior Met officer quizzed by MPs over undercover police – as it happened

Metropolitan police’s Patricia Gallan gives evidence to MPs following Guardian revelations about undercover policing – along with victims’ lawyers and reporter Paul Lewis

The identities of an estimated 80 dead children have been used by undercover police. A police operative who used the alias Pete Black to spy on protest groups explains how they did it

Hello and welcome to live coverage of the Commons home affairs select committee’s hearing into the Guardian’s revelations about undercover policing.

Patricia Gallan, a deputy assistant commissioner in charge of the Metropolitan police’s investigation into the controversy, faces questions from MPs about the scandal, which this week widened to include the stealing by police of the identities of dead children.

Before Gallan appears, the public hearing will begin at 3.15pm with evidence from solicitors for women who feel they were duped into having relationships with undercover officers. Eleven women are currently bringing legal action against the Metropolitan police for damages. The lawyers appearing before the committee today are:

• Harriet Wistrich, solicitor, Birnberg Peirce & Partners
• Jules Carey, solicitor, Tuckers Solicitors
• Marian Ellingworth, solicitor, Tuckers Solicitors

Also speaking will be my colleague Paul Lewis, who along with fellow Guardian reporter Rob Evans two years ago broke the story that led to these hearings when they reported that police officer Mark Kennedy had lived for seven years undercover in the environmental protest movement, establishing sexual relationships with activists during the course of his work. One woman was his girlfriend for six years.

Lewis and Evans went on to report that, of nine undercover police identified by the Guardian over the past two years, eight were believed to have slept with the people they were spying on. In at least three cases, relationships between police and the women they were spying on resulted in the birth of children.

Kennedy will also give evidence today – but in private.

In a further development, this week Lewis and Evans reported that police secretly authorised undercover officers to steal the identities of around 80 dead children over three decades. (Kennedy is not thought to have done this.) In this video, a police operative who used the alias Pete Black to spy on protest groups explains how they did it.

Keith Vaz, the chair of the home affairs committee, has said he is “shocked” at the “gruesome” practice, and has said the police should inform parents whose children’s identities were used. Scotland Yard has announced an investigation into the controversy, and has said the practice is not “currently” authorised. Lord Macdonald, the former director of public prosecutions, has called for a public inquiry into undercover policing following the revelations.

We’ll be covering the hearing live here, and you can watch it on the parliament website.
Updated at 3.21pm GMT
3.21pm GMT

The committee seems to be running late – or the live broadcast is not working. Apologies.
Updated at 3.30pm GMT
3.36pm GMT

The live stream has begun. Sorry for the delay.
3.38pm GMT

Keith Vaz, the committee chair, says the committee has sat in private to take evidence from witnesses.

Now the lawyers are here to speak in public.

He starts with the issue of police using dead children’s identity.

Lawyer Jules Carey says he has been instructed by one family whose son Rod Richardson’s name was used by an undercover police officer, who infiltrated various political groups.
Updated at 3.38pm GMT
3.39pm GMT

Carey says his client wants to understand why he child’s name was used. He says he is also representing a number of women who are concerned that such operations are still carrying on.

He says he has submitted a written complaint to the police, which he believes is the complaint that has triggered a police investigation.
3.40pm GMT

Vaz asks lawyer Harriet Wistrich if there is any justification for police to use undercover tactics.

She says there is no justification for them to use sex in their work.

That is the issues she is concerned with: the “overwhelming damage” that has been caused.

All the women involved have been “very, very seriously psychologically harmed” as a result of what the police did to them, Wistrich says.

The police were aware of this, she says.
3.46pm GMT

Vaz quotes from Mr Justice Tugendhat’s recent judgment about undercover police, in which the judge used James Bond as context for police using sex during undercover work.

Wistrich asks what controls we can put on undercover police.

She says MPs could not have meant sexual relationships to have been part of the Regulation of Investigatory Practices Act.

Does the law need to be changed, Vaz asks lawyer Marian Ellingworth.

Ellingworth says sex should not be sanctioned.

Carey says RIPA cannot approve sexual relationships. The structure of the act does not envisage sexual relationships, he says. The words “personal and other relationships” cannot have been meant to include sex – they are too vague for that.

You cannot legislate to breach a fundamental right such as “bodily integrity”, Carey says.
3.49pm GMT

Tory Lorraine Fullbrook asks what the absolute legal limit should be on undercover police officers’ behaviours.

Wistrich says you have to completely stop before a sexual relationship.

Fullbrook tries to pin her down on the “absolute legal limit”, but Wistrich says that depends on the circumstances.

Vaz says Fullbrook is looking for a list of what is and isn’t acceptable.

Wistrich says again there are circumstances when different things are acceptable – for example to stop a child trafficking ring.

Carey says undercover officers shouldn’t be deployed unless it’s necessary and proportionate – political groups wouldn’t be covered, he says.
3.51pm GMT

Tory Michael Ellis repeats Tugendhat’s point that undercover policing wouldn’t surprise the public.

These kind of sexual relationships “probably happen more often to men” than to women, he claims, citing the example of Mata Hari.

He accuses the lawyers of wanting to tie the police’s hands unreasonably.
3.54pm GMT

Wistrich says using sex in this way is massively beyond the bounds of a civilised society.

Labour’s Bridget Phillipson asks if police were directed to form these relationships or did so of their own volition.

Ellingworth says the police won’t even confirm that the men in question were undercover officers, let alone say whether they were following orders.

Wistrich says the police have not yet tried to come up with a circumstance that they say are justified.

Phillipson asks if female officers have had relationships with men.

Carey says they are aware of one female officer who has been deployed in this way. None of the lawyers are instructed by males.

Wistrich says there are always exceptions, but this is really a form of “institutionalised sexism”.

The impact is massively upon women, she says.
3.57pm GMT

Labour’s David Winnick asks if it’s naive to believe the police were not aware sexual relationships were taking place involving undercover officers.

Wistrich says she believes they were, officially or unofficially.

Carey says there is a striking similarity in terms of how many of these relationships started and ended. Many of their clients felt these relationships were entered into by design by the officers. That suggests senior officers were aware of it.

Carey says the public would expect police officers to behave like James Bond if we lived in a world full of Dr Nos. But we don’t, he says.

There is no necessity for these actions, Carey says.
3.59pm GMT

Winnick raises the adopting of the names of dead children. Was this authorised?

Wistrich says she felt this would have been authorised.

Winnick asks if the lawyers consider that a particularly despicable act.

Carey says every aspect of this policing operation is “utterly depraved”. It’s very hard to quantify particular aspects.

“It’s utterly despicable,” says Wistrich.

Ellingworth agrees.
4.02pm GMT

Labour’s Chris Ruane asks how the police can be held to account here.

Wistrich says that’s what the lawyers are aiming to do.

They have met with “a complete barrage of obstacles” from the police. The police have asked for information from them but given none in return.

Wistrich says she has written to the IPCC, which is supervising an investigation into some of these issues, but got no response.

Ruane asks what the key questions that need to be answered. Wistrich suggests:

Why were the police involved in these people’s lives? What information did they gather? How can this be stopped from happening in the future?
4.05pm GMT

Carey says the principal question he would ask is whether they have read the nine principles of policing from 1828.

He reads one out: the police’s actions depend on public approval of those actions.

They’ve lost public respect through these actions, Carey says.

Tory Mark Reckless asks whether the deception by the officers means the sex they had with activists was non-consensual.

Wistrich says that’s a very good point. She’s written to the CPS but got no reply.

Vaz asks for copies of all these letters.

Carey says he is representing a client who had a child from one of these relationships.
Updated at 5.31pm GMT
4.11pm GMT

The Guardian’s Paul Lewis takes his seat.

Vaz asks how Lewis and Rob Evans discovered all this information.

Lewis says they spoke to police officers while working on a book related to this. He says the police officers were not just using the names of dead children, they were adopting many aspects of that person’s identity.

Where does the figure of 80 officers using this tactic come from, Vaz asks.

It’s an estimate, says Lewis. He’d like to hear from the Met police about this. It’s possible it could be fewer or more than 80 officers.

Carey’s complaint comes from 2003, he says.

Vaz says it’s a “pretty gruesome practice” and that it must be “heartless and cruel” for the parents not to have been informed.

Lewis ask if this was limited to the Special Demonstration Squad or was used more widely.
4.13pm GMT

Lewis says he has spoken to people whose children’s identities have been used in this way.

He says the Met police have placed the families of these children at some risk. Other activists could try to track down the undercover officers and seek out the family of the child whose identity was stolen. Far right groups were infiltrated in this way, Lewis says.

Vaz asks if the Met police have asked Lewis for this information.

Lewis says he has an obligation to protect his sources. He’s confident that the police know all the children’s identities.
4.15pm GMT

Vaz asks him to accept that in some circumstances the police are justified in using undercover agents.

Lewis says some undercover operations are justified, but raises the issue of proportionality. He mentions far right groups and violent animal rights groups. But in the main we are talking about non-violent activists, he says.
4.18pm GMT

Tory Michael Ellis asks if the public have a human right to be protected from crime and suggests senior officers are best-placed to decide when it’s right to use undercover officers.

He says he agrees with that.

But he begs to differ that the public would be unsurprised by officers using sex in this way.

Ellis says it was Tugendhat who said the public would be unsurprised, and he has great experience.

Lewis says Tugendhat was not referring to the public’s view, but to MPs’ view when they passed the relevant law.
4.21pm GMT

Ellis asks if Lewis has heard any account of absence of consent in these sexual relationships – discounting the overall deception.

Lewis says men and women have had sex with undercover police officers. They may argue that they did not have the necessary information to give informed consent – although Lewis says he doesn’t agree with that.

He says police say this behaviour was only happening among “bad apples”.

But he and Evans have identified nine undercover officers, and eight were having sexual relationships with activists. One officer was a woman, he says.

One undercover policeman told Lewis that of a team of 10 nine were having sexual relationships with activists.

Fullbrook asks if senior officers knew about this. Lewis says it’s likely. One undercover officer says he was told by a senior officer to use contraception. That implies the senior officer knew.
4.24pm GMT

Labour’s Bridget Phillipson says the length of the relationships involved shocked her.

Lewis says having met the victims he has found it difficult to convey their pain. He suggests the committee’s MPs think about how they would feel if their own partner turned out to be an agent of the state.

At least four children have been born as a result of these relationships, Lewis says.

Lewis says he does not believe MPs intended this in the RIPA, and would have used the words “sexual relationships” rather than “personal relationships”, and he certainly does not think they would have imagined children resulting from these relationships.
4.25pm GMT

Winnick asks if undercover agents could have done this job without embarking on sexual relationships with activists.

Lewis says some officers did not do this, so the answer is yes.
4.28pm GMT

Was it a rogue operation?

Lewis says some senior officers were unaware of the existence of the Special Demonstration Squad.

How can the police clean up this matter and restore confidence?

Openness and transparency, says Lewis. Over the last two years, the Met police have offered “very little help”.

We are heavily reliant on sources who have the courage to come forward, Lewis says.

At some stage the Met police will have to think about the best strategy to regain trust, he says.

The truth tends to come out eventually, he says.
4.30pm GMT

Deputy Assistant Commissioner Patricia Gallan of the Met police takes her place next.
4.33pm GMT

Vaz says there will be an open session and then a private session.

He says he was pretty shocked to learn about the use of dead children’s identities. Was she equally shocked?

Gallan tries to outline her role instead.

Vaz insists she answers the question.

Gallan says we are investigating something that has been going on since 1968 and it is important to understand the context.

She says she is overseeing the operation examining past practices relating to this.

She says she does not know if the figure of 80 children’s identities being used is accurate. She knows of two cases. More evidence will probably come to light, but she does not want to prejudge the investigation.

But she is very concerned at what she has heard, she says.

That is why the Met have asked the IPCC to supervise.
4.35pm GMT

Gallan says it is looking at the activities of the SDS over 40 years.

There are more than 50,000 documents to sift through and retired officers to speak to. They want to hear from anyone who has any evidence, she says.

But was she shocked, asks Vaz.

Gallan says she was “very concerned” because “it is not practice as I know it”.

That doesn’t sound very condemnatory, Vaz says.

It isn’t still happening, Gallan says. It has been confined to the SDS and the NPOIU (National Public Order Intelligence Unit).
4.38pm GMT

Vaz asks who is dealing with the operational matters regarding undercover policing. The commander of cover policing, Richard Martin, she says.

Assistant Commissioner Mark Rowley is above him, she says.

She can’t give a date when the practice of using dead children’s identities stopped, she says. But it is not sanctioned today among the Met or any other police force in the country, she says.

Should the children’s parents be informed, Vaz asks.

Gallan says it’s important to find out all the circumstances and whether they are accurate.

She says ethical and legal issues also need to be considered.

Would it affect any operatives whose positions would be exposed, she says.

Vaz says some members of the committee have heard this kind of thing regarding phone-hacking.
4.39pm GMT

Vaz stresses that where the police have names and addresses now, they should inform parents now.

Gallan says she can’t give a blanket yes or no.
4.42pm GMT

It has never been practice within most areas of undercover policing to take identities in this way, she says. Only the SDS and National Public Order Intelligence Unit did this.

Thirty-one staff are working on Operation Hearn, looking into the issue of undercover police regarding the SDS, including 20 police officers.

The estimated cost to date is £1.25m.

Vaz says that sounds like a lot of money and a lot of officers, implying that they can probably get through all those 50,000 documents more quickly than they are.

Vaz asks if when she has completed her operation she will inform the parents.

Gallan says she needs to consider all the issues and can’t give a yes or no answer.
4.44pm GMT

Vaz asks if she would like to apologise for this scandal.

Gallan says at the appropriate time statements would be made.

Until she knows all the facts she can’t do anything like that, she says.
4.46pm GMT

The admission that a second unit, the NPOIU, has used dead children’s identities is very important, since that unit was only formed in 1999.
4.48pm GMT

Vaz asks if the Guardian revelations broke the news to her of the use of children’s identities. She knew of one example in September last year.

Since then has she informed the parents, Vaz asks. She says she hasn’t and she’ll explain why in closed session.

Gallan is asked again about apologising. She says there are live proceedings ongoing and the Met police will decide at the end.
4.49pm GMT

Michael Ellis asks what rank of officer was in charge of the SDS or the NPOIU.

Superintendent, Gallan says.

Were they rogue units?

Gallan says from what she has seen the practices in place weren’t following national guidelines. We need to get all the evidence, she says, so she doesn’t want to go further than that.
4.51pm GMT

Ellis asks if taking children’s identities was not accepted practice even at the time.

Gallan says it was not standard procedure.

Ellis says these were unauthorised practices even at the time. He suggests these were rogue units or units operating outside their protocols.

That’s one of the things we’re investigating, Gallan says.

A senior officer cannot authorise something that is outside of procedures at the time, Ellis says.
4.53pm GMT

Winnick asks if Gallan thinks it was in the public interest for the Guardian to give the names of some of the dead children?

She says she believes in the free press.

Has the reputation of the press been harmed?

Gallan says when used appropriately undercover work is very important, and they are worried about anything that undermines confidence in that.

Asked the same question again, she says: “I think it is.”

I’ll take that to be a yes, says Winnick.
4.55pm GMT

How far is it possible for undercover work to take place without sexual relationships, Winnick asks.

Gallan says she doesn’t believe you can authorise such activities, morally.

If something like that does happen it should be reported immediately.

Winnick asks if it’s right to assume the officers were not not told to engage in sex.

Gallan says she might be able to explain that in closed session, but it was not authorised.
4.59pm GMT

Metropolitan police commissioner Bernard Hogan-Howe has said it is “almost inevitable” some undercover officers will have sexual relationships in this way although he wouldn’t encourage it, Vaz says. Doesn’t that contradict Gallan’s view?

Nick Herbert, the policing minister, has said that to ban such actions would provide a ready-made test for the targeted group, Vaz says.

What is her view?

Gallan repeats that there is a moral issue. Legally, the law is silent on that, and she will explain that in closed session, she says.

The Met police does not authorise that conduct, she repeats.

She says she cannot envisage under any circumstances a commander authorising this kind of behaviour.
5.02pm GMT

But was it prohibited, asks Vaz.

In the closed session, she will explain more, says Gallan.

Tory James Clappison suggests that some of these relationships went on for so long that senior officers must have known what was happening.

Vaz says he is disappointed that Gallan has not sent out a message that the Met police is sorry that the practice of using dead children’s identities has taken place.

Winnick adds that the committee is disappointed.

Vaz says he is concerned that she has known about one incident since September and still has not got to the bottom of it.

One of the victims followed the trail and turned up at the house of the dead child’s parents. They weren’t there, but imagine their grief if they had have been, Vaz says.

Gallan repeats her “concern” and says she is keeping an open mind about the facts.

It would be inappropriate to rush to make statements in haste, Gallan says.
5.03pm GMT

Does she have a timetable for the conclusion of Operation Hearn, Vaz asks.

Gallan says it would be wrong to put a timescale on it.

We are determined to go where the evidence takes us, she says.
5.03pm GMT

With that the committee goes into closed session.
5.36pm GMT
Summary

Here is a summary of what we have learned from that committee session.

• The use of dead children’s identities by undercover police officers was not confined to the Special Demonstration Squad, but was also a practice employed by the National Public Order Intelligence Unit, a unit that was only set up in 1999, Deputy Assistant Commissioner Patricia Gallan of the Metropolitan police revealed to the Commons home affairs committee.

• Gallan knew about one case of a child’s identity being used in this way in September last year. The practice is not sanctioned today among the Met or any other force in the country, she said.

• Including the case that came to light in September, she knew of only two cases of this happening, she said, and did not know if the Guardian’s estimate of 80 cases was accurate. But she felt that more cases would probably come to light.

• Keith Vaz, the chair of the committee, said he was “disappointed” that Gallan would not apologise for the police’s actions, saying only that she was “very concerned” at the allegations and wanted to wait until all the facts had been established before rushing to make a statement.

• Vaz was also extremely concerned that Gallan had not informed the parents in the case discovered in September last year, and wanted her to promise she would inform all the parents involved as soon as possible. Gallan would not agree to this.

• Police officers having sex with activists in groups they infiltrated was not authorised, and could not justified morally, Gallan said. She could not envisage any circumstances under which a commander would authorise this.

• She admitted the Metropolitan police’s reputation had been harmed by the scandal.

• Thirty-one staff are working on Operation Hearn, looking into the issue of undercover police, including 20 police officers. The estimated cost to date is £1.25m.

• Lawyers for women who feel they were duped into having relationships with undercover officers attacked the practice as being “depraved”, “dispicable” and beyond the bounds of a civilised society. MPs on the committee broadly seemed to agree, although Tory Michael Ellis drew attention to Mr Justice Tugendhat’s contention that such relationships would not surprise the public, accused the lawyers of wanting to tie the police’s hands unreasonable. He asked if the public had a human right to be protected from crime and suggested senior officers were best-placed to decide when it was and was not right to use undercover officers.

That’s all from me. Thanks for all your comments.
Next
Previous
Blog home
Related information
UK news
Police ·
Politics
House of Commons · Keith Vaz ·

Police must inform parents of children whose IDs were used by spies, says MP

4 Feb 2013

Keith Vaz says it would be heartless not to tell affected parents, and asks Theresa May to investigate whether practice was legal

4 Feb 2013

Police spy: ‘How we stole dead children’s identities’ – video

30 Jan 2013

Chief police officers criticise recruitment and promotion reforms

30 Jan 2013

If China lifts its game console ban, what will adults panic about next?

Should outsiders be allowed fast-track entry into the police?

30 Jan 2013

Home secretary Theresa May will today announce plans to allow police forces to recruit senior officers from outside the service, meaning business leaders, for example, could quickly move into top jobs rather than having to start as constables pounding the beat. Many police are opposed. Do you support the move?

Paul Owen
guardian.co.uk, Tuesday 5 February 2013 14.17 GMT

Find this story at 5 February 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Verdeckte Ermittler; Ermittlungstaktik, Lust und Liebe

In England hatte ein Undercover-Polizist regelmäßig Sex mit Frauen aus der überwachten Szene. In Deutschland wäre das unzulässig, beteuert das Innenministerium.von Christian Rath

Die Berichterstattung des „Guardian“ über Mark Kennedy brachte den Stein ins Rollen. Bild: screenshot guardian.co.uk

BERLIN taz | Verdeckte Ermittler von Bundeskriminalamt und Bundespolizei dürfen keine sexuellen Beziehungen eingehen, um Informationen zu erlangen. Das erklärte jetzt das Bundesinnenministerium auf eine parlamentarische Anfrage des Linken-Abgeordneten Andrej Hunko.

Anlass der Nachfrage ist der Fall des englischen Polizisten Mark Kennedy, der mit falschem Namen, langen Haaren und Ohrringen einige Jahre lang militante Umweltschützer und Globalisierungskritiker in ganz Europa ausspionierte. Auch in Deutschland war Kennedy aktiv: während des G-8-Gipfels in Heiligendamm 2007 sowie beim Nato-Gipfel in Baden Baden 2009.

Im Rahmen seiner Spitzeltätigkeit unterhielt der Polizist Kennedy auch zahlreiche Liebschaften. Wie die englische Zeitung Guardian aufdeckte, war es durchaus üblich, dass verdeckte Ermittler sexuelle Beziehungen in der von ihr überwachten Szene knüpften. Jetzt klagen zehn Frauen und ein Mann vor dem englischen High Court auf Schadensersatz. Sie hätten ein emotionales Trauma erlitten, nachdem Menschen, mit denen sie „tiefe persönliche“ Beziehungen eingingen, sich als Spitzel entpuppten.
Die Lustfrage

Der Bundestagsabgeordnete Andrej Hunko wollte deshalb von der Bundesregierung wissen, ob sie es für zulässig hält, wenn Verdeckte Ermittler „Sexualität oder sonstige emotional tiefgehende Beziehungen mit ihren Zielpersonen oder deren Kontaktpersonen praktizieren“. Antwort: Die Bundesregierung ist der Auffassung, „dass das Eingehen derartiger Beziehungen aus ermittlungstaktischen Gründen in aller Regel unzulässig ist“. Und Innenstaatssekretär Klaus-Dieter Fritsche, von dem die Antwort stammt, fügt hinzu: „Dies gilt auch für den Einsatz von Mitarbeitern ausländischer Behörden in Deutschland mit deutscher Zustimmung.“

Die Auskunft klingt eindeutig, enthält aber eine wichtige Einschränkung: Unzulässig ist der Ermittler-Sex nur, wenn er „aus ermittlungstaktischen Gründen“ stattfindet – sprich: Wenn der Polizist eigentlich keine Lust hat. Wenn der Verdeckte Ermittler aber aus Lust und/oder Liebe gerne mit einer Ziel- oder Kontaktperson schlafen will, scheint dies nach Ansicht von Staatssekretär Fritsche rechtlich nicht ausgeschlossen.

Dagegen hatte der auf Geheimdienstrecht spezialisierte Anwalt Udo Kauß 2011 im taz-interview gefordert: „Genauso wie ein Verdeckter Ermittler keine Straftaten begehen darf, darf er mit den Zielpersonen und deren Umfeld auch keine Liebesbeziehungen führen.“ Wenn ein Einsatz „aus dem Ruder“ laufe, müsse er abgebrochen werden.
Der deutsche Fall Bromma

In Baden-Württemberg hatte die Polizei 2010 den jungen Beamten Simon Bromma in linke studentische Gruppen eingeschleust. Er sollte herausfinden, ob im Umfeld der Antifaschistischen Initiative Heidelberg (AIHD) Gewaltakte gegen Polizisten und Nazis geplant waren. Er erschlich sich mit seiner freundlichen und hilfsbereiten Art in den Kreisen um die studentische „Kritische Initiative“ zahlreiche Freundschaften, flog dann aber auf, als ihn eine Ferienbekanntschaft erkannte.

Sieben Betroffene aus der bespitzelten Szene erhoben im August 2011 Klage beim Verwaltungsgericht Karlsruhe. Sie verlangen die Feststellung, dass der Undercover-Einsatz gegen die linke Heidelberger Szene generell rechtswidrig war. Sie seien keine „gewaltbereiten Gefährder“. Außerdem seien die Privatsphäre und die Menschenwürde verletzt, wenn den Aktivisten „ohne eigenes Wissen eine Freundschaft/Bekanntschaft zu einem polizeilichen Ermittler aufgezwungen“ werde.

Das Verfahren kommt allerdings nicht voran, weil der baden-württembergische Innenminister Reinhold Gall (SPD) alle Spitzelberichte Brommas gesperrt hat. Die Arbeitsweise Verdeckter Ermittler müsse geheim bleiben, da die Undercover-Agenten sonst leicht enttarnt werden könnten, argumentierte Gall. Dagegen klagten die Betroffenen in einem Zwischenverfahren und erzielten nun einen Teilerfolg.
Teilweise rechtswidrig

…

04.02.20133 Kommentare

Find this story at 4 February 2013

© der taz

Brother of boy whose identity was stolen by police spies demands apology

Anthony Barker says police could have put family in danger by using identity of brother John, who died aged eight

John Dines, a police sergeant who adopted the identity of John Barker to pose as an environmental campaigner, pictured in the early 1990s

Undercover police were “reckless” when they stole the identity of an eight-year-old boy who had died of leukaemia, according to his brother, who is demanding an apology for putting his family at risk.

Anthony Barker, whose brother John Barker died in 1968, said he was shocked to discover the boy’s identity was resurrected and adopted by undercover police spying on political groups.

The Metropolitan police has admitted that two of its undercover units appear to have used the identities of dead children, a practice which has lasted four decades and was still going on in the 2000s.

The identity of John Barker was adopted by a police sergeant called John Dines, who posed as an environmental campaigner between 1987 and 1992.

“The danger the police put my family in – and all the other families this has happened to – is horrendous,” Barker said. An investigation by the Guardian has established police used the identities of dead children so their undercover agents could pose as real people. Barker said that in doing so, they placed innocent families at risk.

“In our case, we now discover, there was a girlfriend who was left behind when the policeman pretending to be my brother disappeared from the scene,” he said. “Apparently she was so worried about him that she tracked him down to the house we had moved out of a few years earlier.

“Now, imagine that policeman had infiltrated a violent gang or made friends with a volatile person, then disappeared, just like this man did.

“Someone wanting revenge would have tracked us down to our front door – but they wouldn’t have wanted a cup of tea and a chat, like this woman says she did.”

Although many police spies using dead children’s identities were infiltrating peaceful leftwing and environmental groups, many were also deployed in violent far-right groups.

“If we had told those sorts of people that the man they thought they had known for so many years has died as a little boy, they would have thought we were lying,” Barker said. “Who knows what would have happened to us then?”

He added: “These people could have found our family in a heartbeat. That was an absolutely reckless thing for the police to do.”

Anthony Barker, who was born the year after his brother died, said: “My parents always said he was a lovely lad. They could not afford more than one child. They only had me because John passed away.

“It totally shattered my parents when he died. You can see from photographs how much his death aged them. When I was a toddler they looked like my grandparents.”

Barker described the use of dead children’s identities as a “clinical, mechanic way of policing” and morally “horrific”. He believed his parents, who are now deceased, would have been appalled to discover a police officer was posing as their beloved son.

“In my view, these were politically motivated undercover operations. That is what I cannot understand. What kinds of crimes did these political activists commit? We’re not talking about drug dealers or terrorists. These operations must have cost hundreds of thousands of pounds, and all the while my parents were living in poverty.”

He added: “Not only is it horrendous to steal the identity of a child but by taking that identity into an unpredictable and potentially dangerous situation, they’re putting entire families at risk.”

The Met has declined to say how many dead children’s identities it believes have been used by covert agents, although the force has stressed that the practice is not currently in use.

A document seen by the Guardian indicates that the Special Demonstration Squad, one of two police units known to have used the practice, used the identities of around 80 dead children.

On Tuesday the Met’s deputy assistant commissioner Patricia Gallan told a parliamentary inquiry that a second unit involved in spying on protesters appears to have used dead children’s identities.

The second unit, the National Public Order Intelligence Unit, was founded in 1999 and operated throughout the 2000s.

It suggests the total number of dead children’s identities used by police could exceed 100.

MPs expressed their disapproval when Gallan, who is overseeing a £1.25m review of protest spying operations, refused to apologise for any hurt caused until her inquiries were complete.

She also refused to say whether she would contact the families involved, saying there were “legal and ethical issues” to consider.

Barker said: “I strongly believe all the families who this has happened to need to be told. They have been placed at risk. That is the bottom line. These were undercover operations. Anything could have happened.”

…

Amelia Hill, Paul Lewis and Rob Evans
guardian.co.uk, Wednesday 6 February 2013 16.55 GMT

Find this story at 6 February 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

“Schaf de Staatsveiligheid af”

Renaat Landuyt (justitiespecialist sp.a): “We kunnen beter het federale parket en andere opsporingsdiensten versterken. Die zullen in elk geval nuttiger werk verrichten.” © belga.

Sp.a-justitiespecialist Renaat Landuyt pleit voor een afschaffing van de Belgische inlichtingendienst. “Die harkt toch maar krantenknipsels en roddels bijeen.” PS-senator Philippe Moureaux ziet alvast geen graten in het voorstel van de Vlaamse socialist.

Landuyt is sinds begin dit jaar burgemeester van Brugge. Maar de advocaat staat vooral bekend als justitiespecialist van zijn partij. De Staatsveiligheid functioneert na enkele hervormingen volgens hem al iets beter dan vroeger. “Maar niet in die mate dat ik ervan onder de indruk ben”, klinkt het.

“Ik vraag mij echt af of we een instelling zoals de Staatsveiligheid nodig hebben. In een democratie is er nood aan transparantie. Geheime organisaties zoals onze inlichtingendienst zijn niet meer van deze tijd. De dienst dateert nog uit een tijd dat staten in de eerste plaats vijanden van elkaar waren. Concurreren met die paar inlichtingendiensten in de wereld die er wel toe doen, kunnen we niet.”

Het argument dat je een inlichtingendienst nodig hebt om gevaarlijke organisaties en potentiële terroristen op te volgen, houdt volgens de Vlaamse socialist geen steek. “Net alsof we een Staatsveiligheid nodig hebben om ons tegen terrorisme te beschermen. Dat is eigenlijk opsporingswerk. Het federale parket kan en moet dat doen.”

Door de Staatsveiligheid af te schaffen, kunnen het federale parket en andere opsporingsdiensten worden versterkt. “Die zullen in elk geval nuttiger werk verrichten dan een dienst die toch maar krantenknipsels en roddels bijeenharkt.”

Moureaux, PS-senator en minister van Staat, zal naar eigen zeggen niet minder goed slapen als de Staatsveiligheid verdwijnt en het parket meer macht krijgt. “Ik ben destijds als minister van Justitie verantwoordelijk geweest voor de instelling. Veel respect heb ik nooit voor die mensen gehad”, klinkt het. “Ze werken vaak op basis van geruchten en zijn altijd aan spelletjes te spelen. Ik heb dat eerlijk gezegd altijd een beetje miserabel gevonden.”

Door een gebrek aan middelen zijn de agenten van de Staatsveiligheid eigenlijk niet meer dan veredelde scouts, stelt de Franstalige socialist. “Het beste voorbeeld daarvan is het rapport over politici die betrokken zouden zijn bij Scientology.”

…

Door: Steven Samyn en Martin Buxant
13/02/13 – 06u47

Find this story at 13 February 2013

© 2013 De Persgroep Digital

‘Map met naam Dewinter bevat oud juridisch dossier’; RTBF heeft beelden van dossier Dewinter bij Staatsveiligheid

De beelden van het interview met Alain Winants, de administrateur-generaal van de Staatsveiligheid, die maandag werden uitgezonden in het tv-journaal van de RTBF, tonen een dossier dat de naam van Filip Dewinter draagt. ‘Het betreft in feite een oud dossier betreffende een juridische procedure die door betrokkene opgestart werd’, aldus de Staatsveiligheid dinsdagmiddag in een reactie.

Bart Debie, de gewezen veiligheidsadviseur van Vlaams Belanger Filip Dewinter, zei maandag dat hij drie jaar lang als “mol” van de Belgische Staatsveiligheid binnen de partijtop van het Vlaams Belang heeft gefungeerd.

De RTBF draaide maandag beelden tijdens een interview met Winants. Op het moment dat de topman van de Staatsveiligheid benadrukt dat zijn diensten zich niet bezighouden met politici, filmde de tv-ploeg van de Franstalige openbare televisie een dossier op zijn bureau. Op de farde was te lezen “Dewinter Filip”.

…

dinsdag 12 februari 2013, 13u04 Bron: rtbf

Find this story at 12 February 2013

© De Standaard

Bart Debie et VB: la polémique enfle autour de la Sûreté de l’Etat

ABart Debie, ancien commissaire de police et conseiller de Filip Dewinter au sein du Vlaams Belang, affirme avoir été “une taupe” au sein du parti flamand d’extrême droite. Il aurait en effet fourni durant trois ans des informations sur le fonctionnement interne du parti à la Sûreté de l’État, a-t-il déclaré aux quotidiens De Standaard et Het Nieuwsblad. Filip Dewinter se dit trahi. La ministre de la Justice a rappelé à l’ordre la Sûreté quant à son devoir d’information à son égard.
Et aussi
Sûreté de l’Etat: le dossier “Dewinter Filip” est un “ancien dossier juridique”

“J’ai été recruté comme informateur en 2007. Jusqu’à ma démission du parti en 2010, j’ai rencontré presque tous les mois une personne des services de renseignements”, a déclaré Bart Debie qui était à cette époque une figure-clé du Vlaams Belang.

Bart Debie aurait notamment fourni des informations concernant les soutiens financiers du Vlaams Belang.

Il a décidé de s’exprimer quant à son rôle d’informateur à la suite de déclarations de la ministre de la Justice, Annemie Turtelboom, qui a affirmé récemment que la Sûreté de l’État n’était pas impliquée dans l’espionnage de parlementaires.

Annemie Turtelboom rappelle la Sûreté de l’Etat à l’ordre

La ministre de la Justice, Annemie Turtelboom, a rappelé lundi, dans un communiqué de presse, avoir demandé récemment à la Sûreté de l’Etat de vérifier si l’obligation d’information à son égard était bien respectée dans les cas de surveillance de parlementaires.

Une circulaire de 2009 prévoit que le ministre de la Justice doit être immédiatement informé chaque fois que le nom d’un membre actif du parlement fédéral apparaît dans un rapport de la Sûreté. Début février, après plusieurs affaires de surveillance impliquant des politiciens, Mme Turtelboom a demandé au Comité R, chargé de superviser la Sûreté, de vérifier que cette instruction était bien suivie.

Dans un communiqué diffusé lundi, Mme Turtelboom a répété ses demandes.

“A la suite de la fuite de l’analyse de phénomène, la ministre de la Justice a demandé à la Sûreté de l’Etat si toutes les instructions concernant le fonctionnement de la Sûreté de l’Etat sont rigoureusement appliquées”, selon le communiqué.

“Vu l’importance d’une organisation de l’information correcte par les services de renseignements, (elle) a également demandé une enquête de contrôle au Comité R, qui est responsable légalement du contrôle parlementaire sur le fonctionnement de ces services”, est-il précisé.

“Annemie Turtelboom doit s’expliquer”

Colère de Filip Dewinter qui se dit “trahi par un bon ami”. Il fait remarquer qu’il avait aidé Bart Debie par le passé, lors de son procès, que le parti a payé ses amendes et qu’il a été salarié du Belang pendant des années.

L’ancien président du parti d’extrême-droite a également indiqué lundi attendre de la ministre de la Justice, Annemie Turtelboom, de “très sérieuses explications”. Cette dernière avait affirmé que la Sûreté de l’État ne pistait par les parlementaires.

“Soit elle ment, soit elle n’est pas au courant. Dans les deux cas, c’est problématique”, a-t-il dit.

Au-delà des moyens juridiques dont il envisage de faire usage, le sénateur VB entend placer le débat sur la scène politique. “Utiliser la Sûreté comme un service de renseignement politique, selon le régime en place, cela va beaucoup trop loin. Qui plus est, l’objectif, ici, était clairement de déstabiliser un parti ou un homme politique”, a-t-il souligné.

M. Dewinter exige de pouvoir examiner son dossier à la Sûreté. Il demande également que la Sûreté fasse étalage de ses méthodes et qu’on fasse savoir si d’autres taupes ont infiltré le Belang.

“S’il était informateur, ce serait un délit pour lui de le révéler”, rappelle le patron de la Sûreté

Alain Winants, le patron de la Sûreté de l’Etat, a confirmé lundi qu’il ne souhaitait donner aucune information sur l’éventuel rôle d’informateur qu’aurait joué l’ancien membre du Vlaams Belang Bart Debie. “Je ne peux pas vous parler de nos éventuelles sources, cela serait un délit”, a-t-il dit à Belga. “Mais si Debie était effectivement un informateur, cela serait un délit pour lui aussi” d’en parler, a-t-il ajouté.

Alain Winants a répété lundi que la Sûreté ne suivait aucun politicien pour ses activités parlementaires. “Mais nous sommes compétents pour enquêter sur un certain nombre de menaces, notamment l’extrémisme. La collecte de fonds à l’étranger pour la création de mouvements anti-Islam pourrait tomber sous cette catégorie”, a-t-il dit, sans pour autant confirmer les propos de M. Debie.

Certaines affirmations sont “totalement erronées ou fausses”

“Un certain nombre d’affirmations de monsieur Debie sont totalement erronées ou fausses”, a encore fait savoir la Sûreté de l’Etat dans un communiqué de presse diffusé lundi soir, en réaction à l’aveu par l’ancien membre du Vlaams Belang, Bart Debie, de sa collaboration avec l’agence de renseignements. Elle n’en dit toutefois pas davantage.

“Avant toute chose, nous souhaitons clairement indiquer que le service ne souhaite en aucun cas faire de déclaration concernant le fait que l’intéressé soit ou non un informateur de la Sûreté de l’Etat, étant donné que communiquer à ce sujet est un délit, aussi bien pour les membres du service que pour toute personne qui offre sa collaboration en application de la loi organique des services de renseignement et de sécurité du 30 novembre 1998”, rappelle la Sûreté.

Elle insiste par ailleurs “fermement sur le fait qu’elle ne suit pas, ne screene pas, ne file pas – etc – en tant que tels des partis politiques, des mandataires, des politiciens dans le cadre de l’exercice de leur mandat parlementaire et/ou ministériel”.

“Notons par ailleurs que monsieur Debie, pour peu que l’on croirait son récit, déclare que l’initiative de la prise de contact serait venue de lui-même. En outre, il faut également noter qu’un certain nombre d’affirmations de monsieur Debie sont totalement erronées ou fausses”, ajoute encore la Sûreté, sans préciser lesquelles.

Le Comité R va enquêter

Les “récentes révélations sur des informateurs éventuels dans le milieu politique seront reprises” dans l’enquête que mène actuellement le Comité R sur la manière dont les services de renseignement s’intéressent, le cas échéant, à des mandataires, a indiqué lundi le président de l’organe de contrôle, Guy Rapaille.

“Le Comité permanent R a reçu, ces derniers jours, tant du Sénat que du ministre de la Justice, des missions d’enquêtes relatives aux documents de la Sûreté de l’Etat qui, malgré leur caractère secret, ont été diffusés dans les médias. Il s’agit d’une part d’une note relative à l’infiltration de la communauté congolaise de Bruxelles par le mouvement de la Scientologie, et d’autre part d’un rapport concernant une analyse de phénomène sur des activités d’ingérence non étatiques. Le Comité permanent R a repris les diverses questions de ces autorités dans deux enquêtes de contrôle distinctes”, a-t-il indiqué dans un communiqué.

La première enquête, qui a déjà démarré, mais dont la portée est à présent étendue, traite de la manière dont les documents susmentionnés ont été “préparés et diffusés”, ainsi que de leur “conformité aux règles en vigueur”, a confirmé Guy Rapaille. “L’enquête sur les fuites en tant que telles est en premier lieu du ressort des autorités judiciaires, étant donné qu’il pourrait s’agir de délits”, a-t-il toutefois précisé.

Une seconde enquête, plus générale, traitera “la manière dont la Sûreté de l’Etat et le Service Général du Renseignement et de la Sécurité recueillent, le cas échéant, des informations sur des mandataires politiques, la manière dont ils conservent et utilisent ces informations et la manière dont ils en font rapport aux ministres de tutelle ou à d’autres autorités”, a ajouté M. Rapaille. “Il va de soi que de récentes révélations sur des informateurs éventuels dans le milieu politique seront reprises dans cette enquête”, a-t-il précisé.

Bart Debie et les méthodes musclées

…

BELGIQUE | lundi 11 février 2013 à 4h37

Find this story at 11 February 2013

© RTBF

Rechterhand Filip Dewinter was spion staatsveiligheid

De Belgische Staatsveiligheid heeft jarenlang een ‘mol’ gehad binnen de top van het Vlaams Belang. Dat zegt Bart Debie, ex-politiecommissaris en gewezen veiligheidsadviseur van partijkopstuk Filip Dewinter. ‘De Staatsveiligheid deed onderzoek naar de financiering van de partij en naar de contacten van Filip Dewinter’, zegt Debie. ‘En ik was drie jaar lang hun informant.’

‘Wat ze met andere politici doen, weet ik niet. Maar de Staatsveiligheid heeft het Vlaams Belang jarenlang met héél véél aandacht gevolgd. En ik kan het weten, want ik was er zelf bij betrokken.’

Bart Debie (38) was eigenlijk van plan zijn werk als informant voor de Staatsveiligheid voor altijd geheim te houden. Maar na de uitspraken van minister van Justitie Annemie Turtelboom (Open VLD) vorige week dat de Staatsveiligheid ‘zich niet bezighoudt met het bespioneren van parlementsleden’ doorbreekt hij het stilzwijgen. Turtelboom deed haar uitspraken nadat twee rapporten van de Staatsveiligheid waren uitgelekt. Daarin werd een hele resem politici genoemd die gecontacteerd waren door sekten zoals Scientology. Turtelboom zei dat de Staatsveiligheid geen dossiers bijhoudt van parlementsleden.

‘Van Vlaams Belang alleszins wel’, zegt Debie. ‘In 2007 hebben ze me ingelijfd als informant. Tot mijn ontslag bij de partij in 2010 heb ik bijna elke maand op zijn minst één ontmoeting gehad met mijn vaste begeleider bij de inlichtingendienst.’

’Ik zocht zelf contact’

Debie is jarenlang een sleutelfiguur geweest bij Vlaams Belang. Hij is een voormalig commissaris van de Antwerpse politie die bekend werd met zijn harde aanpak van de criminaliteit op het Falconplein. Maar in 2003 kwam hij in opspraak na een gewelddadig verhoor van vijf Turkse arrestanten. Hij werd geschorst, nam later ontslag en werd in 2007 veroordeeld voor buitensporig geweld en vervalsing van pv’s. Filip Dewinter bood een vangnet: in 2004 lijfde hij Debie in bij Vlaams Belang als veiligheidsadviseur.

‘Voor alle duidelijkheid: het contact met de Staatsveiligheid is er op mijn initiatief gekomen’, zegt Debie. ‘Waarom ik contact zocht? Ik had het al langer moeilijk met bepaalde praktijken binnen de partij. De directe aanleiding was een stunt die Filip Dewinter wilde opvoeren. Ten tijde van de rellen in Brussel, waar met een kalasjnikov-geweer op de politie was geschoten, riep Dewinter me bij zich. Bart, kun jij via je contacten een aantal kalasjnikovs kopen? Hij wilde die op een persconferentie presenteren. Ik heb hem duidelijk gemaakt dat ik dat niet zag zitten, omdat het om strafbare feiten ging. En ik had al een strafblad, door die affaire in Antwerpen. Toen heb ik contact gezocht met de Staatsveiligheid. Deels om mezelf wat in te dekken, deels omdat ik dat soort praktijken binnen de partij kotsbeu was.’

Een paar dagen nadat hij zelf contact had gezocht, kreeg Debie telefoon van iemand die zich voorstelde als commissaris bij de Staatsveiligheid.

…

Lees de rest van het artikel in Het Nieuwsblad van maandag 11 februari.

Joris van der Aa en Tom Le Bacq

Find this story at 11 February 2013

© Nieuwsblad.be werkt samen met De Standaard en L’Avenir

Woman’s 18-year search for truth about police spy who used dead child’s name

When the man known to his activist girlfriend as John Barker disappeared, she embarked on a journey that led her to the former home of a child whose name he used as an alias

John Dines taking part in a race in the early 1990s when he was serving as an undercover sergeant in the Metropolitan police’s special branch

John Barker was an eight-year-old boy who died of leukaemia in 1968. Nineteen years later his identity was quietly resurrected by the police. The man who adopted the boy’s identity, claiming it as his own, was John Dines, an undercover sergeant in the Metropolitan police’s special branch.

In 1987 Dines was tasked with posing as an anti-capitalist protester, feeding intelligence to his handlers in a secret unit called the special demonstration squad (SDS). It was a controversial and morally dubious deployment that lasted five years and will now return to haunt him.

Like many SDS officers, Dines had a long-term girlfriend who was a political activist. She does not want to be identified and has asked to be referred to as Clare.

Her story lays bare the emotional trauma experienced by women whom police have described as “collateral” victims of their spy operations, as well as the risks police were taking by adopting the identities of dead children.

In 1990 the man Clare knew as John Barker asked to borrow money so he could fly to New Zealand for his mother’s funeral. “The night before he got the flight to go there, he stayed at my place and kind of poured his heart out. We became emotionally close. When he got back, we got together.”

There was no funeral in New Zealand and Dines had no need to borrow money. But Clare had known Dines as a fellow protester for three years and had no reason to suspect him. The couple would end up in an intimate relationship for two years.

“He said he wanted to spend the rest of his life with me and I was madly in love with him,” she said. “He said he wanted us to have kids. He used to say he had once seen an elderly Greek couple sitting on a veranda gazing into the sunset, and that he pictured us growing old like that.”

By the summer of 1991, as part of an exit strategy, Dines began exhibiting symptoms of a mental breakdown.

“He kept talking about how he had nobody left apart from me,” Clare said. “His parents had both died. He had no brothers and sisters. The only woman that he had ever loved before me, a woman called Debbie, had left him. He said he was convinced I was going to do the same to him.”

Dines gave the impression he wanted to run away to escape inner demons. “I saw him crying loads,” Clare said. “He told me that he had thrown all of his mother’s jewellery into a river because he thought she never loved him. He told me his parents had abused him.”

In March 1992 an emotional-sounding Dines called from Heathrow airport saying he was about to fly to South Africa. After that, Clare received two letters with South African postmarks. Then her boyfriend vanished altogether.

Clare was left distraught and confused. “I was very worried about his mental state,” she said. “I was also sick with worry that he might kill himself.”

Clare contacted the British consulate in South Africa and frantically phoned hostels she thought he may have stayed in Johannesburg. She later hired a private investigator who could find no trace of Dines.

It was the start of a journey for the truth that would last almost two decades and eventually take her to New Zealand. It was not until 2010 that she found out for sure that the man she had loved was a police spy.

For some of the time that Clare thought her boyfriend was missing abroad, he was actually working just a few miles away. When his undercover work finished, Dines changed his mullet-style haircut and returned to a desk job at the Met headquarters in Scotland Yard where, according to a colleague, he appeared “very miserable”.

In her search for clues, one of the first things Clare did was locate a copy of what she assumed was her boyfriend’s birth certificate. The document confirmed the details he had always given her: it named a city in the Midlands where he was born in January 1960. She had no idea that the identity was a forgery, or that the real John Barker had died as a boy.

In April 1993, desperate after a year of searching, Clare decided to visit Barker’s family home in the hope of finding any surviving relatives, but when she knocked on the door of the terrace house there was no answer. She went back later but the occupants said the family no longer lived there.

Looking back, she wonders what would have occurred if the dead child’s parents had opened the door. “It would have been horrendous,” she said. “It would have completely freaked them out to have someone asking after a child who died 24 years earlier.”

It was another 18 months before Clare decided to inspect the national death records. “I just suddenly got this instinct. It was a whim: I thought, I’m going to go in there and look through the death records.”

She recalls her horror when she discovered the real John Barker was dead. “It sent a chill down my spine,” she said. “When I got the certificate itself, it was so clear. The same person. The same parents. The same address. But he had died as an eight-year-old boy.”

The Guardian has been unable to find surviving relatives of the child.

The discovery turned Clare’s world upside down. “It was like a bereavement but it was not something I could talk to people about. Now suddenly he didn’t exist. This was a man I had known for five years, who I had lived with for two years. How could I trust anybody again?”

Clare now knew her boyfriend had lied about his identity, but still had no idea who he was. The idea that he might have been a police spy crossed her mind, but he might also have worked in corporate espionage or had a hidden criminal past. It was another 10 years of searching before she got closer to the truth.

Clare had two clues to go on. One was the name of a woman in New Zealand who Dines had told her was an aunt. The other was a letter in which he had made a curious reference to his biological father being a man he had never met, called Jim Dines.

The woman in New Zealand was not his aunt but, bizarrely, the mother of Dines’s real wife. Stranger still, Jim Dines was, in fact, the police officer’s real father and had brought him up in London.

Clare has no idea why the undercover police officer chose to compromise his deployment by giving Clare cryptic references to people in his real life. Perhaps he was psychologically traumatised by his dual identities and wanted to leave a trail that would allow Clare to find him.

Whatever his reason, the clues led Clare to a public archive in New Zealand. It was there, in 2003, that she made a crucial connection: a document that linked Dines with the woman he married, Debbie.

Clare instantly realised they must have been a married couple. Back in London, she ordered the couple’s wedding certificate. “What hit me like a ton of bricks is that he listed his occupation as a police officer,” she said. “When I read that, I felt utterly sick and really violated. It ripped me apart basically, just reading that.”

Clare was now agonisingly close to the truth. She knew that Dines was a police officer when he married his wife in 1977. But there was still a possibility that he gave up his job before becoming a political activist.

She shared the evidence with friends and family. Some cautioned her against concluding Dines had been a police spy. “I remember my dad and others said: ‘You’re being paranoid – that would never happen in this country.'”

…

Paul Lewis and Rob Evans
The Guardian, Sunday 3 February 2013 19.21 GMT

Find this story at 3 February 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Met chief summoned to explain why police stole identities of dead children

Deputy assistant commissioner Pat Gallan summoned before MPs to respond to revelations officers used IDs of children

John Dines, an undercover police sergeant, as he appeared in the early 1980s when he posed as John Barker, a protester against capitalism. Dines’s alternative identity used that of a child who had died. Photograph: Guardian

A senior police chief has been summoned to parliament to explain why police secretly authorised undercover officers to steal the identities of around 80 dead children.

Pat Gallan, the Metropolitan Police deputy assistant commissioner in charge of the complaints department, will respond to the revelations at a parliamentary committee hearing on Tuesday.

An investigation by the Guardian has revealed that police infiltrating protest groups have for three decades adopted the identities of dead children, without informing or consulting their parents.

Two undercover officers have provided a detailed account of how they and others used the identities of dead children.

Keith Vaz, chair of the home affairs select committee has said he is “shocked” at the “gruesome” practice.

“The committee will hear from those who have been involved in undercover operations as well as their victims,” he said. “I have asked the deputy assistant commissioner Pat Gallan to deal with the issues that have arisen.”

Gallan is head of the Met’s department for professional standards.

The Guardian has established how police officers were equipped with fabricated identity records, such as driving licences and national insurance numbers, in the name of their chosen dead child. They also visited the family home of the dead child to familiarise themselves with the surroundings and conducted research into other family members.

Scotland Yard has already announced an investigation into the controversy. It said it had received one complaint – believed to be a reference to a suspected police officer who was undercover in 2003 – and said it could “appreciate the concerns that have been raised”. The force said that the practice of using the identities of dead children is not currently authorised.

The operation is known to have been orchestrated by the Special Demonstration Squad, a secretive Met unit disbanded in 2008. Dozens of SDS officers are believed to have searched through birth and death certificates to find a child who had died young and would be a suitable match for their alias.

The officers then adopted the entire identity of the child as if the child had never died. One police officer has said the process was like “resurrecting” a dead person’s identity.

The disclosure comes after two years of revelations concerning undercover police officers having sexual relationships with women they are spying on. Eleven women are currently bringing legal action against the Met for damages.

Vaz said: “The activities of undercover police officers caused disbelief when they were revealed in 2011. These revelations [about the use of dead children’s identities] are shocking. I congratulate the Guardian on their investigation. To have used the identities of dead children without the knowledge or consent of their parents astonishes me. It sounds gruesome. ”

…

Rob Evans and Paul Lewis
guardian.co.uk, Monday 4 February 2013 12.36 GMT

Find this story at 4 February 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Police ‘stole identities of dead children’ to give undercover officers new identities

The Metropolitan Police covertly stole the identities of about 80 dead children for use in operations by undercover police officers, according to a new investigation.

The practice, condemned as “gruesome” by Keith Vaz, the chairman of the Home Affairs Select Committee, carried on for three decades as a means for police to infiltrate anti-racist, anti-capitalist and far-right protest groups. Officers obtained passports, driving licences and national insurance numbers under their new identities.

…

Tim Hume
Monday, 4 February 2013

Find this story at 4 February 2013

© independent.co.uk

Police spies stole identities of dead children

Exclusive: Undercover officers created aliases based on details found in birth and death records, Guardian investigation reveals

John Dines, an undercover police sergeant, as he appeared in the early 1990s when he posed as John Barker, a protester against capitalism

Britain’s largest police force stole the identities of an estimated 80 dead children and issued fake passports in their names for use by undercover police officers.

The Metropolitan police secretly authorised the practice for covert officers infiltrating protest groups without consulting or informing the children’s parents.

The details are revealed in an investigation by the Guardian, which has established how over three decades generations of police officers trawled through national birth and death records in search of suitable matches.

Undercover officers created aliases based on the details of the dead children and were issued with accompanying identity records such as driving licences and national insurance numbers. Some of the police officers spent up to 10 years pretending to be people who had died.

The Met said the practice was not “currently” authorised, but announced an investigation into “past arrangements for undercover identities used by SDS [Special Demonstration Squad] officers”.

Keith Vaz, the chairman of parliament’s home affairs select committee, said he was shocked at the “gruesome” practice. “It will only cause enormous distress to families who will discover what has happened concerning the identities of their dead children,” he said. “This is absolutely shocking.”

The technique of using dead children as aliases has remained classified intelligence for several decades, although it was fictionalised in Frederick Forsyth’s novel The Day of the Jackal. As a result, police have internally nicknamed the process of searching for suitable identities as the “jackal run”. One former undercover agent compared an operation on which he was deployed to the methods used by the Stasi.

Two undercover officers have provided a detailed account of how they and others used the identities of dead children. One, who adopted the fake persona of Pete Black while undercover in anti-racist groups, said he felt he was “stomping on the grave” of the four-year-old boy whose identity he used.

“A part of me was thinking about how I would feel if someone was taking the names and details of my dead son for something like this,” he said. The Guardian has chosen not to identify Black by his real name.

The other officer, who adopted the identity of a child who died in a car crash, said he was conscious the parents would “still be grief-stricken”. He spoke on the condition of anonymity and argued his actions could be justified because they were for the “greater good”.

Both officers worked for a secretive unit called the Special Demonstration Squad (SDS), which was disbanded in 2008.

A third undercover police officer in the SDS who adopted the identity of a dead child can be named as John Dines, a sergeant. He adopted the identity of an eight-year-old boy named John Barker, who died in 1968 from leukaemia. The Met said in a statement: “We are not prepared to confirm nor deny the deployment of individuals on specific operations.”

The force added: “A formal complaint has been received which is being investigated by the DPS [Directorate for Professional Standards] and we appreciate the concerns that have been raised. The DPS inquiry is taking place in conjunction with Operation Herne’s investigation into the wider issue of past arrangements for undercover identities used by SDS officers. We can confirm that the practice referred to in the complaint is not something that would currently be authorised in the [Met police].”

There is a suggestion that the practice of using dead infant identities may have been stopped in the mid-1990s, when death records were digitised. However, the case being investigated by the Met relates to a suspected undercover police officer who may have used a dead child’s identity in 2003.

The practice was introduced 40 years ago by police to lend credibility to the backstory of covert operatives spying on protesters, and to guard against the possibility that campaigners would discover their true identities.

Since then dozens of SDS officers, including those who posed as anti-capitalists, animal rights activists and violent far-right campaigners, have used the identities of dead children.

One document seen by the Guardian indicates that around 80 police officers used such identities between 1968 and 1994. The total number could be higher.

Black said he always felt guilty when celebrating the birthday of the four-year-old whose identity he took. He was particularly aware that somewhere the parents of the boy would be “thinking about their son and missing him”. “I used to get this really odd feeling,” he said.

To fully immerse himself in the adopted identity and appear convincing when speaking about his upbringing, Black visited the child’s home town to familiarise himself with the surroundings.

Black, who was undercover in the 1990s, said his operation was “almost Stasi-like”. He said SDS officers visited the house they were supposed to have been born in so they would have a memory of the building.

“It’s those little details that really matter – the weird smell coming out of the drain that’s been broken for years, the location of the corner Post Office, the number of the bus you get to go from one place to another,” he said.

The second SDS officer said he believed the use of the harvested identities was for the “greater good”. But he was also aware that the parents had not been consulted. “There were dilemmas that went through my head,” he said.

The case of the third officer, John Dines, reveals the risks posed to families who were unaware that their children’s identities were being used by undercover police.

During his covert deployment, Dines had a two-year relationship with a female activist before disappearing from her life. In an attempt to track down her disappeared boyfriend, the woman discovered the birth certificate of John Barker and tried to track down his family, unaware that she was actually searching for a dead child.

She said she was relieved that she never managed to find the parents of the dead boy. “It would have been horrendous,” she said. “It would have completely freaked them out to have someone asking after a child who died 24 years earlier.”

The disclosure about the use of the identities of dead children is likely to reignite the controversy over undercover police infiltration of protest groups. Fifteen separate inquiries have already been launched since 2011, when Mark Kennedy was unmasked as a police spy who had slept with several women, including one who was his girlfriend for six years.

…

Paul Lewis and Rob Evans
The Guardian, Sunday 3 February 2013 19.13 GMT

Find this story at 3 February 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Nestlégate: success in civil lawsuit against NESTLÉ and SECURITAS

ATTAC Switzerland has taken notice with great satisfaction of the civil court’s president Jean-Luc Genillard’s decision of 25 January 2013 in the case «Nestlegate». The Court has convicted NESTLE and SECURITAS AG of spying activities directed at ATTAC. It has recognized that these parties conducted illegal infiltrations. The claimants have been entitled to a financial compensation, since their personal rights have been violated. NESTLE and SECURITAS AG have been ordered to pay a financial compensation of 3.000 Swiss francs (3.238 US dollars) per claimant (a total of 27.000 Swiss francs – 29.145 US dollars).

ATTAC Switzerland has taken notice with great satisfaction of the civil court’s president Jean-Luc Genillard’s decision of 25 January 2013 in the case «Nestlegate». The Court has convicted NESTLE and SECURITAS AG of spying activities directed at ATTAC. It has recognized that these parties conducted illegal infiltrations. The claimants have been entitled to a financial compensation, since their personal rights have been violated. NESTLE and SECURITAS AG have been ordered to pay a financial compensation of 3.000 Swiss francs (3.238 US dollars) per claimant (a total of 27.000 Swiss francs – 29.145 US dollars).

Both a criminal and a civil case were filed after Swiss television revealed on 12 June 2008 that an ATTAC workgroup in Canton Vaud, which was preparing a book on NESTLE’s policies («Attac contre l’empire NESTLE», 2004), had been infiltrated and spied on by a SECURITAS employee on behalf of NESTLE. The woman had joined the ATTAC workgroup in 2003 under the false name of “Sara Meylan”, had attended private meetings (sometimes at the members’ homes), gathered confidential information and prepared detailed reports on the authors as well as on third parties for NESTLE. On September 26th, 2008, ATTAC discovered and denounced to the examining magistrate another SECURITAS spy, who was still active in ATTAC in 2008 under her real name.

The criminal proceedings were dropped on July 29th, 2009. The investigating judge mainly relied on the statements made by NESTLE and SECURITAS AG and found that the only infringement that may constitute an offense – a violation of the federal law of data protection – falls under the three-year statute of limitation. We regret the superficial investigation conducted during this criminal investigation, which Alec Feuz has well documented in his book « Affaire classée».

We are very satisfied that the civil court has now condemned NESTLE’s and SECURITAS AG’s spying activities. Nevertheless we’d like to point out that we are continuing to critically observe the worldwide activities of multinational corporations like NESTLE, especially concerning its hostile trade union policies and the excessive pumping of groundwater in different parts of the world.

Through a general increase of espionage and spying activities, basic democratic rights like the freedom of opinion, the freedom of speech and the freedom of assembly are called into question. The activities of NGOs, trade unions and critical political organizations are limited by private corporations, which perceive non-violent campaigns and action from civil society as a threat to their commercial interests. These transnational corporations thus try to reduce basic democratic rights and often profit from the fact that the State turns a blind eye to these infringements.

It is important to be able to fight for a just and egalitarian society, to oppose injustice around the world by means of free and independent research into the dealings of transnational corporations, without being surveyed or spied on.

Find this story at 28 January 2013

Chocolade spionnen

De Zwitserse afdeling van Attac heeft op 20 juni 2008 de autoriteiten van het Kanton Vaud, Zwitserland, gevraagd om de infiltratie van Attac door de multinational Nestlé te onderzoeken. Nestlé is het bedrijf van onder andere KitKat, After Eight, Bros en Nespresso. Acteur en regisseur George Clooney is de belichaming van het hippe kopje koffie. Attac heeft een aanklacht ingediend tegen een onbekende persoon wegens schending van de persoonlijke levenssfeer van de auteurs van het kritische boek over Nestlé: ‘Nestlé – Anatomie eines Weltkonzerns’ (Nestlé – Anatomie van een multinational) en van de overtreding van wetgeving ter bescherming van persoonsgegevens. Volgens Attac, een wereldwijde organisatie die het economische systeem wil veranderen met onder andere de slogan ‘de wereld is niet te koop’, vond de infiltratie plaats van september 2003 tot en met juni 2004. Nestlé lijkt met de infiltratie geprobeerd te hebben op de hoogte te blijven van het onderzoek van Attac naar de betrokkenheid van Nestlé bij genetisch gemanipuleerde gewassen, de privatisering van water en de behandeling van de vakbonden door het bedrijf.

Het zal geen verbazing wekken dat in de aanloop naar en tijdens de G8 in Evian, Zwitserland, in de zomer van 2003, infiltraties in organisaties van anti globalisten door politie en bedrijfsleven plaatsvonden. Zo geeft de politie van Waadtland in een uitzending van het televisieprogramma Temps Présent toe dat zij op de hoogte waren van infiltratiepogingen door het private recherchebureau Securitas AG (Zwitserland) in allerlei solidariteitsgroepen. Of Nestlé ook daadwerkelijk de opdracht heeft gegeven blijft een misterie. Securitas AG zou ook de infiltratie in Attac hebben uitgevoerd. Deze begon echter pas na de G8 top in Evian. Securitas AG is overigens niet onderdeel van het internationale bedrijf Sercuritas waartoe het Nederlandse bedrijf met dezelfde naam behoort.

Securitas AG zou een vrouw, met de schuilnaam ‘Sara Meylan’, hebben ingehuurd om deel te nemen aan de redactievergaderingen voor het boek ‘Nestlé – Anatomie eines Weltkonzerns’ (Nestlé – Anatomie van een multinational). Het boek is uiteindelijk in 2005 verschenen. ‘Sara Meylan’ meldde zich in de lente van 2003 en deed mee aan de protesten tegen de G8 voordat ze in het schrijversteam infiltreerde. In de uitzending van Temps Présent van 12 juni 2008 willen beide bedrijven niet op de concrete beschuldigingen van het televisieprogramma ingaan. Nestlé gaf wel in een verklaring aan dat zij Securitas AG had ingehuurd voor de beveiliging van haar staf en faciliteiten tijdens de G8. Het bedrijf verwachtte een confrontatie met de demonstranten. Securitas AG baas, Reto Casutt, gaf toe dat medewerkers van het bedrijf onder valse naam aan bijeenkomsten van verschillende solidariteitsorganisaties hebben deelgenomen. Hij noemt het zelf ‘niet sympathiek’, maar ook ‘niet verboden.’ Een maand later beweerde Casutt dat de omstandigheden van de G8 top in Evian te vergelijken waren met militaire omstandigheden en dat de inzet van de agent voor hun cliënt Nestlé slechts noodweer was. Securitas AG moest een informatievoorsprong hebben in verband met toekomstige acties. Casutt voelde zich gedwongen om te reageren op de negatieve berichten in de media.
‘Sara Meylan’ had maandenlang aan het boek van Attac meegewerkt en was na de publicatie spoorloos verdwenen. In e-mails aan de schrijvers meldde de agente dat ze het ‘super vond wat ze deden.’ Of ze veel aan het onderzoek en het boek heeft bijgedragen valt te betwijfelen. Zij deed niet mee aan discussies en kwam op de vergaderingen vaak laat en ging eerder weg. Wel kwam ze te weten met wie Attac contact onderhield in bijvoorbeeld Colombia waar Nestlé de vakbonden niet in haar fabrieken toelaat. Toen de publicatiedatum naderde begon ze afstand te nemen en wilde niet op de foto. Plotseling was ze toen verdwenen en onbereikbaar.

De agente van Nestlé werkte een jaar mee aan het boek. Ze kwam bij de zeven onderzoekers over de vloer, las de verschillende proefdrukken en hoorde de namen van de mensen die Attac van munitie voorzagen tegen het Zwitserse bedrijf. Volgens Jean-Philipp Ceppi van het televisieprogramma Temps Présent dat het nieuws in juni 2008 bracht, vond er een ontmoeting plaats tussen de agente ‘Sara Meylan’ en haar ‘runner’ (coach/begeleider) van Securitas AG en het hoofd beveiliging en het hoofd van de communicatie afdeling van Nestlé in maart 2004. Volgens Ceppi duidt dit erop dat het voor Nestlé een zaak was van veiligheid en van beeldvorming. Volgens hem zou dit verklaren waarom de infiltratie van Attac pas na de G8 top in Evian begon, want enige relatie tussen de redactievergaderingen van Attac voor het boek en de protesten tegen de G8 in Evian was er niet.

Nestlé heeft al een imago van een brute Zwitserse chocoladebeer, maar het bespioneren van een onderzoeksgroep die een boek over het concern schreef, lijkt iedereen te ver gaan. Naar aanleiding van de televisie uitzending schreef de privacy waakhond van Zwitserland Schweizer Datenschutz Securitas AG aan over de activiteiten van het beveiligingsbedrijf voor en tijdens de G8. “Nestlé geeft aan maatregelen te hebben getroffen voor de veiligheid van personen en faciliteiten met het oog op een eventuele terroristische aanslag tijdens de G8. De strijd tegen het terrorisme is echter een staatsaangelegenheid en niet een zaak van een privéonderneming,” vertelde woordvoerder Kosmas Tsiraktsopulos de SDA nieuwsdienst. Over de spionage van de schrijversgroep van Attac merkt hij op dat het om een “problematisch geval” gaat.

Niet alleen de privacy waakhond is verbolgen over het optreden van Securitas AG en Nestlé. Ook de VSPB, de vakbond van Zwitsers politiepersoneel, haalde hard uit naar Securitas AG. De vakbond vraagt zich in een schrijven af of Securitas AG wel een acceptabele partner voor de politie kan zijn. De politie heeft echter zelf ook geen schone handen. Terwijl in de uitzending van Temps Présent de politie aangeeft op de hoogte te zijn geweest van de activiteiten van Securitas AG in de aanloop en tijdens de G8 top, verklaarde een week later de veiligheidscoördinator van het kanton Waadt, Jacqueline de Quattro, dat de politie op de hoogte was van de infiltratie van een vrouwelijke medewerker van Securitas AG in Attac. Enkele maanden later wordt duidelijk dat de Dienst für Analyse und Prävention (DAP), de dienst voor analyse en preventie, in 2003 rond de G8 top bij toeval op de infiltratiepoging was gestoten. De baas van de DAP heeft toen aan de directie van Securitas AG gemeld dat de infiltratie problematisch was.

Op 23 juli 2008 zag Nestlé zich genoodzaakt na een hoorzitting een verklaring af te leggen over haar samenwerking met Securitas AG rond de G8 en Attac. Hans Peter Frick stelde dat Nestlé in de toekomst zulke maatregelen niet uitsluit. Aanleiding voor het opereren van Nestlé en Securitas AG rond de G8 top was een manifestatie op 28 maart 2003 bij het hoofdkantoor van Nestlé. Bij die manifestatie was ook José Bové aanwezig, de Franse boer die tegen de globalisering ten strijde trekt. Attac nam ook deel aan de manifestatie. Tussen de honder en vier honderd boeren uit verschillende landen wilden het hoofdkantoor van Nestlé binnendringen. Het liep enigszins uit de hand volgens Nestlé. Er sneuvelde een ruit van een voordeur en er werden leuzen op de ramen geschilderd. De politie verhinderde dat de demonstranten het hoofdkantoor betraden en de actie duurde niet lang. Frick vond dat deze manifestatie genoeg reden was om hardere maatregelen rond de G8 top te nemen. Blijkbaar was het bedrijf bang dat de media de verkeerde conclusie zou trekken uit de opmerking dat het bedrijf ook in de toekomst zulke maatregelen zou treffen. Het concern liet enkele uren later een woordvoerder duidelijk maken dat Frick niet de infiltraties voor ogen had bij zijn opmerking. Volgens hem behoort infiltratie niet tot de standaardoperaties van het bedrijf, maar het bedrijf sluit infiltratiepogingen echter ook niet uit.

In dezelfde verklaring legde Frick de verantwoordelijkheid voor het optreden van ‘Sara Meylan’ bij Securitas AG. Het beveiligingsbedrijf was met het idee gekomen en Frick had slechts zijn fiat gegeven. Tijdens de hoorzitting van 23 juli 2008 speelden beide partijen een slim spel. Nestlé bezat een dossier van 77 pagina’s over de opdracht aan Securitas AG. Securitas AG zelf had geen enkele documentatie met betrekking tot de zaak aangezien zij alle stukken aan het levensmiddelenbedrijf hadden overlegd. De advocaat van Nestlé stelde dat het dossier bestond uit alle stukken die de beveiligingsafdeling van het bedrijf van Securitas AG medewerkster ‘Sara Meylan’ heeft gekregen van september 2003 tot en met mei 2004. Attac liet het daarbij niet zitten en vorderde alle documenten. Volgens de organisatie zaten in het dossier van Nestlé niet de belangrijke stukken. Vooral het eindrapport van ‘Sara Meylan’ ontbreekt volgens Attac. Dit rapport moet volgens Attac aantonen dat de persoonlijke levenssfeer van de schrijvers van ‘Nestlé – Anatomie eines Weltkonzerns’ is geschonden. Op 15 augustus 2008 wees de rechtbank van Lausanne deze vordering af, daarmee ook een schadevergoeding. De rechtbank oordeelde dat de documenten die beide bedrijven op tafel hadden gelegd voldoende waren.

Op de dag van de uitspraak van de rechtbank in Lausanne zag Peter Brabeck, voorzitter van de raad van commissarissen van Nestlé, zich genoodzaakt te reageren op alle beschuldigingen aan zijn bedrijf. Hij onderstreepte nogmaals dat het initiatief voor de infiltratie niet van Nestlé was gekomen, maar van Securitas AG. ‘Als iemand mij vertelt dat wij een infiltratiepoging gaan uitvoeren, dan zal ik de nodige maatregelen nemen, want dit is niet in overeenstemming met ons beleid,’ vertelde Brabeck Radio RSR. Wat het beleid van Nestlé precies is wordt door de afgewezen vordering niet duidelijk, maar dat Nestlé de laatste jaren flink onder vuur ligt is wel duidelijk.

Vooral de activiteiten van het bedrijf in Colombia zijn een punt van kritiek. En in 2003 startte de Verein Multiwatch de voorbereidingen voor een hoorzitting van de Colombiaanse vakbonden over Nestlé. De hoorzitting vond op 29 oktober 2005 plaats, maar voordien vond er een inbraak in het kantoor van Multiwatch plaats waarbij geen waardevolle artikelen werden ontvreemd. Ook werd een van de vakbondsmensen vlak voor vertrek naar Zwitserland om deel te nemen aan de hoorzitting, vermoord. Beide gebeurtenissen kunnen toeval zijn en niets met Nestlé te maken hebben. Een inbraak kan altijd plaatsvinden en in Colombia zijn moordaanslagen eerder regel dan uitzondering.

De hypothese van Jean-Philipp Ceppi van Temps Présent dat Nestlé aan contra spionage doet om imagoschade af te wenden, is echter niet geheel onlogisch. Bij de voorbereidingen voor de hoorzitting over Nestlé in Colombia door Multiwatch zag het bedrijf zich genoodzaakt geregeld te reageren op de mogelijke beschuldigingen. Nestlé vond de beschuldigingen of uit de duim gezogen of getuigen van een gebrek aan kennis over de Colombiaanse situatie.

De kou lijkt echter niet uit de lucht voor Nestlé. Mensenrechtenactiviste Marianne Aeberhard nam deel aan twee conferentie in Freiburg en Vevey waar ook Colombiaanse vakbondsleden spraken. Aeberhard was niet een van de auteurs van het boek van Attac. Op grond van de Zwitserse wet op de bescherming van persoonsgegevens eiste zij van Nestlé de documenten die op haar betrekking hebben. De agente ‘Sara Meylan’ had namelijk over beide bijeenkomsten gerapporteerd. Nestlé weigerde Aeberhard de informatie zonder opgaaf van reden, wat er op zou kunnen duiden dat Attac toch gelijk heeft dat het dossier dat bij Nestlé ligt dikker is dan 77 pagina’s. Ook van Franklin Frederick, een activist in Brazilië, zijn e-mails door ‘Sara Meylan’ onderschept ten behoeve van het snuffelen voor Securitas AG. Frederick is vooral interessant gezien zijn rol in de strijd tegen de privatisering van water in Brazilië. Hij is erg succesvol en onderhoudt contacten met zowel kerkelijke als niet kerkelijke organisaties in Zwitserland en Brazilië in de strijd tegen de privatisering.

De rol die Securitas AG speelt is er een van informatiemakelaar. Het bedrijf zegt de volledige verantwoordelijkheid voor de infiltratiepoging te dragen. De agente was echter niet alleen geïnteresseerd in de schrijversgroep, maar bezocht ook bijeenkomsten van andere Attacleden en fora van andere organisaties over de activiteiten van Nestlé in Latijns Amerika.

En niet alleen Attac had last van een agente, ook de Gruppe Anti-Repression (GAR) uit Lausanne maakte gewag van een informante. GAR komt op voor het demonstratierecht en is een politieklachtenbureau. Op 8 september 2008 rapporteerde het programma ‘Mise au Point’ over de infiltratie van GAR. Ook GAR diende een klacht in tegen een onbekende persoon in verband met schending van de persoonlijke levenssfeer. Het zou gaan om de agente met de schuilnaam ‘Shanti Muller’. Zij was werkzaam voor Securitas AG en zij was tussen 2003 en 2005 actief binnen de anti-repressiegroep en andere alternatieve groepen zoals organisaties die zich verzetten tegen het Wereld Economisch Forum in Davos. Ook de dierenrechtenorganisatie LausAnimaliste stond op het lijstje van Muller. Ze zou tot in 2008 betrokken zijn geweest bij de organisatie. Het bedrijf zou informatie aan de politie hebben doorgespeeld. In wiens opdracht ‘Shanti Muller’ infiltreerde is nog niet bekend. ‘Muller’ had haar identiteit wel verder uitgebouwd. Ze zou de dochter van een Franse ontwikkelingswerker in Djibouti zijn en zelf 20 jaar in India met straatkinderen en Lepra slachtoffers hebben gewerkt. In de zomer van 2005 verdween ze plotseling, net als ‘Sara Maylan’ Attac plotseling Attac de rug toekeerde. ‘Muller’ gaf wel een reden aan voor haar vertrek. Ze zou haar ernstig zieke moeder in Frankrijk moeten verzorgen.

Om aan alle speculaties over de betrokkenheid van de politie bij de infiltratie pogingen te ontzenuwen was een oud rechter, François Jomini, aangesteld om de rol van de politie te onderzoeken. Zijn conclusie was simpel. De politie heeft geen privébedrijf ingehuurd om te spioneren en de informatie is ook niet bij de politie terechtgekomen. Het onderzoek van Jomini maakte in ieder geval duidelijk dat de politie wel degelijk op de hoogte was van de infiltratie. Tijdens de G8 top was er een speciale politie-eenheid die de informatiestromen coördineerde. Tijdens een bijeenkomst met het hoofd beveiliging van Nestlé is de politie ingelicht over de infiltratie van groepen die zich tegen de globalisering te weer stellen door Securitas AG. Volgens Jomini is de politie niet verteld over welke organisaties het precies gaat en over de infiltratie na de G8 wist de politie in het geheel niets. Of toch wel, want de DAP, dienst voor analyse en preventie van de politie, was op ‘Shanti’ gestoten en had Securitas AG op de vingers getikt. Of niet? Jomini schrijft in zijn rapport dat de politie de informatie over de infiltraties via de media moest vernemen. Dan blijft het wel vreemd dat Securitas AG na 2003 informatie over organisaties die kritisch staan tegenover globalisering aan de politie probeerde te verkopen. De politie ontkent dit weer niet. Volgens Securitas AG heeft zij in de herfst van 2005 de eenheid die verantwoordelijk is voor de infiltraties opgeheven. Deze beëindiging zou samenhangen met opmerkingen van de politie dat deze activiteiten niet behoren tot de taken van particuliere beveiligingsbedrijven.

En dan duikt plotseling in november 2008 de naam van een derde agente van Securitas AG op. ‘Le Matin Blue’, zoals haar schuilnaam luidt, zou ook in opdracht van Nestlé in Attac zijn geïnfiltreerd. Zij schreef rond de tien rapporten voor Securitas AG en Nestlé over Attac. Securitas AG weerspreekt het verhaal niet, maar verweert zich door te stellen dat de vrouw onder haar eigen naam aan openbare bijeenkomsten van de organisatie heeft deelgenomen. De derde infiltrant lijkt de publieke verontwaardiging te hebben aangewakkerd. Op 28 november 2008 ondertekenden 76 prominenten een manifest dat Nestlé en Securitas AG oproepen op te houden met het besnuffelen van mensen die gebruik maken van het recht op vrijheid van meningsuiting. De autoriteiten worden opgeroepen het Nestlé Securitas AG schandaal grondig te onderzoeken.

Find this story at 20 January 2009

 

Nestlé Found Guilty of Spying on Swiss Activists

Nestlé, the world’s largest food company, has been found guilty of spying on Swiss activists in 2003 with the help of Securitas, a private security company. Jean-Luc Genillard, president of the Lausanne civil court, told the two companies to pay 3,000 Swiss Francs ($3,267.55) to each of nine victims.

Vevey, Switzerland, based Nestlé sells $91 billion worth of products a year such as Nescafé coffee, KitKat chocolates and Maggi noodles. The company has frequently been criticized for marketing baby food in poor countries in violation of a 1981 World Health Organization code that regulates the advertising of breast milk substitutes. It has also come under fire from Greenpeace for using palm oil grown on deforested land in Borneo and buying cocoa beans from plantations that used child labor in Cote d’Ivoire in a film entitled “The Dark Side of Chocolate.”

In 2003, a group of activists with the Association pour la Taxation des Transactions pour l’Aide aux Citoyens (ATTAC) in Vaud, Switzerland, started working on a book on the global policies of Nestlé. A Securitas employee infiltrated the group under a false name (Sara Meyland) in order to attend the ATTAC meetings about the planned book.

In June 2008, Temps Présent, a Swiss TV program, revealed that the Securitas agent had briefed Nestlé security personnel as well as corporate communications staff about the meetings that she attended including ones held in private homes. Securitas also provided this information to the local police.

ATTAC members sued Nestlé after the news report was aired. “We are revolted by this practice, which overturns the principles of freedom of expression and basic democratic rights,” a press release from the group stated. “We condemn the role played by Securitas. This private security company, whose activities traditionally consist of guarding buildings and car parks, accepted a contract to spy on a group of people who in no way represented a threat or a danger, except for the fact that the results of their research activities could not be controlled by the transnational Nestlé.”

In recent years Nestlé has started to respond directly to some complaints of activist groups like Greenpeace, according to the Financial Times. “For a company like ours to prosper over the long term we have to create value for the communities in which we operate,” Janet Voûte, Nestlé’s global head of public affairs, told the newspaper. “And we fundamentally believe we cannot create shared value – not just for shareholders but for society – alone.”

Despite the new public relations strategy to contain activists, the company has been unable to quash the Vaud group. Although ATTAC dropped a criminal case against the two companies in 2009, it continued to press a civil claim in Lausanne courts which it dubbed “Nestlégate.”

“We are very satisfied that the civil court has now condemned NESTLE’s and SECURITAS AG’s spying activities,” ATTAC said in a press release issued after the judge ruled against the companies last week. “Nevertheless we’d like to point out that we are continuing to critically observe the worldwide activities of multinational corporations like NESTLE, especially concerning its hostile trade union policies and the excessive pumping of groundwater in different parts of the world.”

Nestlé reacted to the court ruling “with disappointment” although it added that “incitement to infiltration is against Nestlé’s corporate business principles.”

by Pratap Chatterjee, CorpWatch Blog
January 30th, 2013

Find this story at 30 January 2013

Nestlegate: Successful civil lawsuit against NESTLE and SECURITAS

Press release issued by ATTAC Switzerland, 26 January 2013

(English translation provided by ATTAC Switzerland – click here for German version)

ATTAC Switzerland has taken notice with great satisfaction of the civil court’s president Jean-Luc Genillard’s decision of 25 January 2013 in the case «Nestlegate». The Court has convicted NESTLE and SECURITAS AG of spying activities directed at ATTAC. It has recognized that these parties conducted illegal infiltrations. The claimants have been entitled to a financial compensation, since their personal rights have been violated. NESTLE and SECURITAS AG have been ordered to pay a financial compensation of 3,000 Swiss francs (3,238 US dollars) per claimant (a total of 27,000 Swiss francs = 29,145 US dollars = 18,570 pounds sterling).

Both a criminal and a civil case were filed after Swiss television revealed on 12 June 2008 that an Attac workgroup in Canton Vaud, which was preparing a book on Nestle’s policies («Attac contre l’empire Nestle», 2004), had been infiltrated and spied on by a Securitas employee on behalf of Nestle. The woman had joined the Attac workgroup in 2003 under the false name of “Sara Meylan”, had attended private meetings (sometimes at the members’ homes), gathered confidential information and prepared detailed reports on the authors as well as on third parties for Nestle. On September 26th, 2008, Attac discovered and denounced to the examining magistrate another Securitas spy, who was still active in Attac in 2008 under her real name.

The criminal proceedings were dropped on July 29th, 2009. The investigating judge mainly relied on the statements made by Nestle and Securitas AG and found that the only infringement that may constitute an offense – a violation of the federal law of data protection – falls under the three-year statute of limitation. We regret the superficial investigation conducted during this criminal investigation, which Alec Feuz has well documented in his book « Affaire classée».

We are very satisfied that the civil court has now condemned NESTLE’s and SECURITAS AG’s spying activities. Nevertheless we’d like to point out that we are continuing to critically observe the worldwide activities of multinational corporations like NESTLE, especially concerning its hostile trade union policies and the excessive pumping of groundwater in different parts of the world.

Through a general increase of espionage and spying activities, basic democratic rights like the freedom of opinion, the freedom of speech and the freedom of assembly are called into question. The activities of NGOs, trade unions and critical political organizations are limited by private corporations, which perceive non-violent campaigns and action from civil society as a threat to their commercial interests. These transnational corporations thus try to reduce basic democratic rights and often profit from the fact that the State turns a blind eye to these infringements.

It is important to be able to fight for a just and egalitarian society, to oppose injustice around the world by means of free and independent research into the dealings of transnational corporations, without being surveyed or spied on.

Find this story at 26 January 2013

Nestlégate; Nestlé in court for surveillance of ATTAC

On 24 and 25 January 2012, the multinational food-industry corporation Nestlé and the Swiss private security firm Securitas were in court in Lausanne, Switzerland, defending themselves against a civil suit for spying on the “anti-globalization” movement ATTAC. This trial, which has been delayed for a long time, has finally lift the veil of secrecy that has been draped over this spying scandal.

Nestlé and Securitas are accused of illegal surveillance and violations of privacy of ATTAC and its members. The charges were filed after Télévision Suisse Romande revealed on 12 June 2008 that a group of ATTAC members in Canton Vaud, who were working on a book on Nestlé’s policies, had been infiltrated and spied on by a Securitas employee on behalf of Nestlé. The woman joined the ATTAC group in 2003 under the false name “Sara Meylan”, attended working meetings (sometimes in the homes of members), and prepared detailed reports on them for Nestlé. As a member of the group, she had access to internal information, and to all the research by the authors, and to their sources and contacts, both in Switzerland and abroad.

On 26 September 2008, the plaintiffs denounced to the examining magistrate another Securitas spy, who was still active in ATTAC in 2008 under her real name. Nestlé and Securitas had claimed initially that the spying had been ended with the departure of “Sara Meylan” in June 2004. When this second secret agent was discovered, the companies said that this agent had not written any more confidential reports for Securitas and Nestlé since 2005.

The criminal proceedings were dropped on 29 July 2009 after a faulty investigation. The Canton examining magistrate at the time accepted the statements by Nestlé and Securitas and gave as one reason for dismissing the case the three-year statute of limitation of the Data Privacy Act – although the second Nestlé-Securitas agent had still been active in ATTAC in 2008!

Find this story at 24 January 2013

Agentenprozess in Stuttgart; Das geheime Leben von “Pit” und “Tina”

Mehr als 20 Jahre lang sollen zwei russische Agenten in Deutschland gelebt haben: Sie nannten sich Andreas und Heidrun Anschlag, studierten, arbeiteten, heirateten, bekamen eine Tochter und spitzelten wohl durchweg für Moskau. Wie geht das?

Kann es richtiges Leben geben in einem falschen? Welche Regungen sind echt, welche Entscheidungen aufrichtig, welche Handlungen gehören einem selbst? In dem Moment, als in Saal 18 des Stuttgarter Oberlandesgericht die Geburtsurkunde ihrer Tochter verlesen wird, bricht die Frau, die sich Heidrun Anschlag nennt, in Tränen aus. Sie presst ein Taschentuch vor das Gesicht und schluchzt hinein. Der Mann, den sie vor 22 Jahren im österreichischen Altaussee geheiratet hat und der sich Andreas Anschlag rufen lässt, schaut ausdruckslos ins Leere.

Die Eheleute heißen in Wirklichkeit anders, kolportiert werden die Namen Sascha und Olga, doch bestätigt sind auch die nicht. Festzustehen scheint jedoch, dass die beiden russische Staatsangehörige sind und vor mehr als zwei Jahrzehnten als Spitzel des KGB in die Bundesrepublik entsandt wurden. Später spionierten sie dann wohl für dessen Nachfolgeorganisation SWR, im Herbst 2011 flogen sie auf. Die Bundesanwaltschaft hat die Anschlags daher unter anderem wegen geheimdienstlicher Agententätigkeit angeklagt, ihnen drohen im Falle einer Verurteilung bis zu zehn Jahre Gefängnis.

Mit Handschellen gefesselt wird Andreas Anschlag in den Raum geführt. Die Haare des mutmaßlichen Agenten sind kurz und grau, sein Gesicht ist fahl. Den offenkundig falschen österreichischen Personalpapieren zufolge ist der Mann 1,80 Meter groß, 53 Jahre alt und wurde im argentinischen Valentin Alsina geboren. Anschlag trägt einen schwarzen Pullunder, ein schwarzes Hemd und Jeans.

Auch seine Frau ist eine unauffällige Person, 1,60 Meter groß, blonde Haare, orangefarbener Pullover zu hellblauer Jeans. Ihre Legende besagt, sie sei im peruanischen Lima geboren und inzwischen 47 Jahre alt. Während ihr Mann in Aachen Maschinenbau studierte und später als Diplomingenieur bei verschiedenen Automobilzulieferern arbeitete, war Heidrun Anschlag nach außen vor allem Hausfrau. Sie kümmerte sich um die gemeinsame Tochter.

Im Unterschied zu Spionen, die als Diplomaten in ihre Einsatzgebiete reisen, arbeiten mutmaßliche Agenten wie Heidrun und Andreas Anschlag nicht im Schutz der Botschaften. Diplomaten droht im schlimmsten Fall die Ausweisung – allen anderen eine langjährige Haftstrafe. Aufgrund des hohen Risikos werden sie in russischen Geheimdienstkreisen als “Wunderkinder” verehrt. Einem Staatsschützer zufolge ist mit weiteren Spähern in Deutschland zu rechnen.

Die Bundesanwälte werfen den Eheleuten vor, sie seien “hauptamtliche Mitarbeiter des russischen Auslandsnachrichtendienstes SWR”. Demnach stehe Andreas Anschlag im Rang eines Abteilungsleiters und beziehe monatlich 4300 Euro, seine Gattin sei stellvertretende Abteilungsleiterin und erhalte 4000 Euro – die Ersparnisse der Eheleute sollen sich auf etwa 600.000 Euro belaufen. Das “Ausforschungsinteresse” der Agenten mit den Decknamen “Pit” und “Tina” habe sich auf “politische, militärische und militärpolitische Aufklärungsziele” konzentriert, heißt es in der Anklageschrift. Vor allem sei es den beiden um Informationen aus Nato- und EU-Kreisen gegangen.

Botschaften in “toten Briefkästen”

Zu diesem Zweck führten die Anschlags laut Bundesanwaltschaft von Oktober 2008 bis kurz vor ihrer Festnahme im Herbst 2011 den niederländischen Diplomaten Raymond P. als Quelle. Der Beamte des Den Haager Außenministeriums, Deckname “BR”, soll in dieser Zeit mehrere hundert vertrauliche Dokumente geliefert haben und dafür mit mindestens 72.200 Euro entlohnt worden sein. Die Übergabe der Papiere erfolgte zumeist in den Niederlanden, danach deponierte Andreas Anschlag die Akten in “toten Briefkästen” im Raum Bonn, wo sie anschließend von Mitarbeitern der russischen Botschaft abgeholt wurden.

Laut Anklage handelte es sich dabei unter anderem um

einen Sitzungsbericht des Nordatlantikrates zur Zusammenarbeit der Nato mit Russland im Bereich der Raketenabwehr,

Dokumente zur Strukturreform der Nato,

Papiere zur Nato-Strategie während der Revolution in Libyen,

Berichte über den Isaf-Einsatz in Afghanistan.

Darüber hinaus besuchte Andreas Anschlag der Bundesanwaltschaft zufolge über Jahre Tagungen der Deutschen Atlantischen Gesellschaft, der Clausewitz-Gesellschaft, der Gesellschaft für Wehr- und Sicherheitspolitik sowie der Friedrich-Naumann-Stiftung, über die er Moskau fortlaufend Bericht erstattete. Zudem wies er seine Geheimdienstkollegen auf mögliche Informanten hin, die er bei den Veranstaltungen kennenlernte. Auch seine Arbeitgeber spähte er laut Anklage nach “wissenschaftlich-technischen Informationen” aus.

Für die Kommunikation mit der Zentrale soll vor allem Heidrun Anschlag zuständig gewesen sein, so die Bundesanwälte: Sie war es, die in ihrem angemieteten, 200 Quadratmeter großen Haus im hessischen Marburg geheime Direktiven aus Moskau erhielt. Dazu nutzte sie einen Kurzwellenempfänger, der mit einem Decoder und einem Computer verbunden war. Die Rückmeldungen erfolgten über Textnachrichten, die per Satellit verschickt wurden. Auch mittels YouTube tauschte sich Heidrun Anschlag als “Alpenkuh1” mit ihren russischen Kollegen aus. Dazu nutzten die Geheimdienstler offenbar codierte Kommentare.

…

15. Januar 2013, 15:44 Uhr
Von Jörg Diehl, Stuttgart

Find this story at 15 January 2013

© SPIEGEL ONLINE 2013

Alleged Russian spy couple in ‘Cold War’ trial

A married couple accused of spying for the Russian secret services for more than 20 years went on trial in Germany on Tuesday, in one of the biggest espionage court cases since the Cold War.
Germany charges two alleged Russian spies – National (28 Sep 12)
Russian spies suspected of stealing car secrets – National (25 Oct 11)
Suspected Russian spy pair arrested – National (22 Oct 11)

The pair, identified only by codenames Andreas and Heidrun Anschlag (which means attack in German), are said to have been planted in West Germany from 1988 by the Soviet Union’s KGB and later used by its SVR successor secret service.

The defendants declined to confirm any details about their real identities or the charges against them as the trial got underway in the higher regional court in the southwestern city of Stuttgart.

Defence lawyer Horst-Dieter Pötschke said they had Russian citizenship.

Prosecutors say one of them arrived in still divided Germany in 1988 — a year before the Berlin Wall fell — and the other in 1990, posing as Austrian citizens who had been born and grew up in South America.

According to the Federal Prosecutor’s Office, light could only be shed on the final three years of their alleged activities as agents.

They had “the mission from SVR headquarters to obtain NATO and EU political and military secrets”, federal public prosecutor Wolfgang Siegmund said, adding: “Particularly also geo-strategic findings on the relationship of NATO and the EU with the countries of Eastern Europe and Central Asia.”

Prosecutors say the couple set up a “middle-class existence” to cover up their activity for the secret services.

Andreas Anschlag studied engineering and worked in the auto industry while Heidrun was a housewife. According to the Frankfurter Allgemeine Sonntagszeitung weekly, even their own daughter had no idea about their double lives.

The couple allegedly passed on documents they obtained from a Dutch official in the foreign ministry between 2008 and 2011.

The court heard that the official, Raymond Valentino Poeteray, obtained several hundred pages of classified, partly secret documents from different Dutch embassies and received more than €72,000 for his efforts.

The accused left the documents in “dead-letter boxes”, for example under certain trees, from where they were picked up by employees of the Russian consulate general in the western city of Bonn, according to the federal prosecutor.

Heidrun Anschlag was responsible for communicating with the SVR via short-wave radio, the court heard.

The pair, who were allegedly jointly paid around €100,000 a year, communicated with their Moscow masters using text messages, satellite phones and hidden messages in comments in YouTube videos under agreed names, it heard.

In mid-2011, Siegmund said the pair had received orders to withdraw from Germany because of the risk of being exposed and were preparing to do so when they were arrested in October of that year.

They face up to 10 years in prison if found guilty.

On the sidelines of the trial, defence lawyer Pötschke said the documents in question were “of average quality” and “so, no so-called grave damage occurred” to Germany.

…

Published: 15 Jan 13 11:25 CET | Print version
Updated: 15 Jan 13 15:58 CET

Find this story at 15 January 2013

© The Local Europe GmbHc

Court tries couple in suburban spy thriller

A spectacular trial has begun at a Stuttgart court involving a German-based couple accused of spying on NATO and the EU for decades on Russia’s behalf. Neighbors say they knew something was fishy.

It reads like a John le Carre novel: “dead mail boxes,” secret radio signals, encrypted messages hidden in plain sight on the Internet.

According to accusations, a married couple has been spying in Germany for more than 20 years – first at the behest of the Soviet Union and thereafter for its post-Soviet incarnation, the Russian Foreign Intelligence Service.

On Tuesday (15.01.2013) the trial against 54-year-old Andreas Anschlag and his 48-year-old wife, Heidrun, opened up in Stuttgart. Federal prosecutors accused them of “secret agent activity” and of “forgery of documents.”
The former KGB building is today’s Foreign Intelligence headquarters

As to whether those are the real names of the accused, however, there is reason to doubt. In an interview with DW, the couples’ defense lawyer, Horst-Dieter Pötschke, did not deny that “Anschlag” might not be the true surname of the suspected agent pair. He also responded evasively to questions about the accusations themselves. What the Munich lawyer did say, however, is that the potential ten-year sentence is nothing short of excessive.

In cases of espionage, Pötschke is on familiar ground. In the 70s and 80s he defended former agents who had fled the Soviet KGB or the East German state security apparatus, the Stasi. One of his most well-known cases involved Günter Guillaume, a speaker for former German Chancellor Willy Brandt who also turned out to be an East German spy. When Guillaume’s true identity was revealed in 1974, Chancellor Brandt resigned.

A discrete life

The history of the purported agent couple begins at a time when the Soviet Union still existed and the Cold War was still cold. According to accusations, Andreas Anschlag traveled to West Germany in 1988 with the help of a forged Austrian passport. His wife did the same in 1990. Both were supposed to have been born in South America. The two settled in Aachen, close to the western border with Belgium, where Mr. Anschlag studied mechanical engineering.

With the birth of a daughter their German disguise was complete. The couple moved to a popular neighborhood of Meckenheim, a small town of 24,000 inhabitants close to the former West German capital of Bonn. There they lived discreetly. Neighbors describe them as friendly, if a bit distant.
The house in Michelbach in which the accused “Anschlag” couple lived

“They didn’t have much contact with others,” a neighbor said. “I never saw the husband, even though we lived close to each other.”

NATO documents for Moscow

For their informant, the couple managed to recruit a Dutch diplomat, says the German Attorney General. The diplomat, in turn, is supposed to have provided dozens of secret documents from NATO and the EU. Among the topics covered within those documents were issues relating to Russia.

The files were delivered via “dead mail boxes,” according to official charges, to the Russian Foreign Intelligence Service in Moscow. The couple apparently received further commands through an agent radio network and sent their own messages via satellite and through an internet video platform.

When they were arrested in October 2011, the German news magazine Der Spiegel reported that the woman was sitting in front of a shortwave receiver, writing down secret messages. At that point the pair was living in a house in Michelbach, a small community in the German state of Hesse.

“Suddenly we had this spy thriller taking place right outside our window – it was better than the movies,” one of the neighbors told DW.

The husband was arrested on the same day 200 kilometers (120 miles) away in the town of Balingen. For days thereafter, German criminal officers – with the help of special electronic devices – searched the house and the foundation of the supposed “agent couple.”

A post-judgment exchange?

How can it be that the Russian agents could work in Germany for so many years without their cover being blown? A neighbor in Michelbach claims to have recognized the pair’s eastern European accent. The story about the “Austrian” couple’s Latin American origins appeared suspicious, some now say, as did a few of the pair’s habits. “The wife usually went into the backyard to make telephone calls, even in winter,” a woman said.
The entrance to the Upper Regional Court in Stuttgart, where the trial is taking place

…

Date 14.01.2013
Author Mikhail Bushuev / rg, cd
Editor Gabriel Borrud

Find this story at 14 January 2013

© 2012 Deutsche Welle

Germany Tries Couple on Spy Charges

The two accused spies, their faces not shown due to a court order, appearing in a German courtroom Tuesday.

Germany put a married couple thought to be in their mid-40s on trial this week on suspicion that they spied for Russia for more than two decades under the cover of being an ordinary middle-class family.

The case of Andreas and Heidrun Anschlag, names believed to be aliases, is likely to add pressure to Berlin’s troubled relations with Moscow until June.

The court in the southwestern city of Stuttgart is planning to hold 31 hearings over five months, according to a schedule on the court’s website.

Prosecutors say the pair collected sensitive information from NATO and the European Union for Russia’s Foreign Intelligence Service while posing as Austrian nationals with Latin American heritage.

Their names and passports are thought to be fake, but the judge said at the initial hearing Tuesday that she would continue to address them as Herr and Frau Anschlag “to make communication easier,” local media outlets reported.

The couple, who face up to a decade in prison if convicted, denied guilt but declined to make any further statements. The hearing continued Thursday with the questioning of a federal police investigator, court spokesman Stefan SchЯler said by e-mail.

The case has been linked to the “deep cover” sleeper agents uncovered in the U.S. in 2010. According to a report by German weekly Der Spiegel, the Anschlags’ October 2011 arrest was made possible when the FBI passed on information from Alexander Poteyev, a Foreign Intelligence Service colonel who reportedly acted as a U.S. mole.

Poteyev, who ostensibly betrayed the spy ring even as he ran it, fled Moscow just days before the FBI rolled up the operation on June 27, 2010. In 2011, a Moscow military court sentenced him in absentia to 25 years in prison on charges of treason and desertion.

Analysts have speculated about why the Anschlags’ case went to court while the U.S. spy ring was whisked off to Russia within weeks in a Cold War-style spy swap.

German media reported last year that Berlin had decided to press charges after the Kremlin failed to react to a German offer for a spy swap.

…

18 January 2013 | Issue 5049
By Nikolaus von Twickel

Find this story at 18 January 2013

© Copyright 1992-2013. The Moscow Times

Intelligence chiefs and special forces plot Sahara mission

Action against al-Qa’ida in North Africa could last decades, PM warns

The West faces a decades-long battle to defeat al-Qa’ida in North Africa, David Cameron warned today, as he signalled a dramatic shift in the UK’s fight against terrorism.

The heads of MI5, MI6, GCHQ and the Chief of the Defence Staff will gather on Tuesday to begin planning Britain’s response to the burgeoning terror threat from Saharan Africa.

Britain will offer money, military co-operation and security training to African states to head off the advance of Islamist radicalism.

Special forces are understood to be preparing to hunt down the jihadist leader behind the siege and hostage killings in Algeria, Mokhtar Belmokhtar.

Britain will use its chairmanship of the G8 to focus militarily and diplomatically on the Sahara region, following the hostage crisis which claimed the lives of up to six Britons. One Middle East expert likened the long-term impact of the atrocity in Algeria to the 9/11 attacks.

Following the end of the four-day stand-off at the BP gas plant at In Amenas, Algerian forces discovered 25 more bodies and took five militants alive. The death toll had previously been put at 23 hostages and 32 captors.

Three Britons have been confirmed among the dead and another three are feared to have been killed during the siege, which ended with a shoot-out on Saturday. Tonight 46-year-old Paul Thomas Morgan was the first British victim to be named by the Foreign and Commonwealth Office.

Kenneth Whiteside, an engineer from Glenrothes in Fife, and Garry Barlow, a BP systems supervisor from Merseyside, are also understood to be among the dead. Another UK resident was also believed to have been killed.

Twenty-two other British nationals have arrived home, many with chilling stories of how they evaded capture by jihadists belonging to an al-Qa’ida splinter group styling themselves Those Who Sign In Blood.

Alan Wright, from Aberdeenshire, told of how he hid in an office for 24 hours before joining Algerian workers who cut their way through a perimeter fence and fled.

Mr Cameron will update MPs on the attack today and hold a meeting of Whitehall’s emergency Cobra committee to consider the implications of the attack.

French forces – with support from Britain – are attempting to oust insurgents from northern Mali, amid fears that neighbouring countries including Niger and Mauritania could fall under their influence.

As the French Defence Minister, Jean-Yves Le Drian, described the hostage-taking as an “act of war”, Belmokhtar was reported to be “ready to negotiate” in return for an end to the action in Mali.

Last night Mauritanian news website Sahara Media said Belmokhtar had claimed responsibility in the name of al Qa’ida for the hostage-taking in a video. He had said: “We in al Qa’ida announce this blessed operation. We are ready to negotiate with the West and the Algerian government provided they stop their bombing of Mali’s Muslims. We had around 40 jihadists, most of them from Muslim countries and some even from the West.”

A BP spokesman would not comment on reports in Algeria that Belmokhtar’s men had infiltrated the gas plant as drivers, cooks and guards working on short-term contracts.

Mr Cameron spelt out the scale of the challenge posed by al-Qa’ida-affiliated groups operating in the region. “It will require a response that is about years, even decades, rather than months,” he said. “And it requires a response that is painstaking, that is tough but also intelligent, but above all has an absolutely iron resolve. And that is what we will deliver over these coming years.

“What we face is an extremist, Islamist, al-Qa’ida-linked terrorist group. Just as we had to deal with that in Pakistan and in Afghanistan, so the world needs to come together to deal with this threat in North Africa… We need to work with others to defeat the terrorists and to close down the ungoverned spaces where they thrive with all the means that we have.”

The Government has not ruled out giving extra help to the French-led operation in Mali.

However, Whitehall sources said the terrorist threat in the region would ultimately be best tackled by diplomatic means. Britain is to beef up its presence in nations where the UK historically had a limited presence and to liaise more closely with Paris over the challenges faced by the traditionally Francophone area.

Abdelasiem el-Difraoui, an al-Qa’ida expert with the Berlin Institute for Media and Communications Studies, told a French newspaper that the hostage-taking would for France make as “a huge bang as strong as September 11”.

The French Government distanced itself from suggestions among other nations caught up in the hostage crisis that Algeria’s response was “heavy-handed”.

President François Hollande said: “When so many hostages have been taken and when the terrorists are ready to murder them in cold blood, I think the Algerian approach was the best one.”
Britons in the desert

Garry Barlow: Semtex was strapped to his chest

Garry Barlow, 49, was a systems supervisor for BP Exploration Algeria, Statoil and Sonatrach JV. He lived in the Mossley Hill area of Liverpool with his wife Lorraine, and sons Scott, 17, and Paul, 15.

He had been working in In Amenas since October 2011, and had worked previously for Addax Petroleum and Shell EP on the west coast of Central Africa.

He was captured with some of his colleagues including 29-year-old project services contracts administrator Mark Grant, who is believed to have survived the ordeal.

Initial reports suggested Mr Barlow was safe and well and was being repatriated by the Foreign Office, but he is now thought to have died as Algerian troops tried to regain control of the compound.

The last his wife heard from him was a message in which he said: “I’m sitting here at my desk with Semtex strapped to my chest. The local army have already tried and failed to storm the plant and they’ve said that if that happens again they are going to kill us all.”

Paul Morgan: Former soldier died fighting

The first British victim of the Algerian hostage crisis was described last night as a “true gentleman” who “loved life and lived it to the full”.

Paul Morgan, 46, from Liverpool, a former soldier with the French Foreign Legion, reportedly “went down fighting” when the bus he was travelling in was attacked by the kidnappers last Wednesday.

His mother Marianne and partner Emma Steele, 36, paid tribute to him: “Paul died doing the job he loved. We are so proud of him and so proud of what he achieved in his life. He will be truly missed.”

Kenneth Whiteside: Shot as army stormed compound

Kenneth Whiteside had been living in Johannesburg with his wife and two daughters but was originally from Glenrothes in Fife.

An Algerian colleague at the plant is said to have witnessed the BP project services manager “being shot” by his captors as commandos stormed the compound.

The 59-year-old was educated at Auchmuty High School and studied engineering at Glenrothes Technical College between 1970 and 1974.

Friends posted tribute messages on his Facebook account on Saturday. Steward Goodwin in South Africa wrote: “How will we understand this? My heartfelt condolences go to the family and friends who are trying to come to terms with this senseless murder.”

Billy Hunter wrote: “We’ll always remember him and his bagpipes.” “It’s hard to understand such senseless waste of life,” added Joe McMahon.

…

Nigel Morris, John Lichfield
Monday, 21 January 2013

Find this story at 21 January 2013

© independent.co.uk

U.S. Weighs Base for Spy Drones in North Africa

WASHINGTON — The United States military is preparing to establish a drone base in northwest Africa so that it can increase surveillance missions on the local affiliate of Al Qaeda and other Islamist extremist groups that American and other Western officials say pose a growing menace to the region.

For now, officials say they envision flying only unarmed surveillance drones from the base, though they have not ruled out conducting missile strikes at some point if the threat worsens.

The move is an indication of the priority Africa has become in American antiterrorism efforts. The United States military has a limited presence in Africa, with only one permanent base, in the country of Djibouti, more than 3,000 miles from Mali, where French and Malian troops are now battling Qaeda-backed fighters who control the northern part of Mali.

A new drone base in northwest Africa would join a constellation of small airstrips in recent years on the continent, including in Ethiopia, for surveillance missions flown by drones or turboprop planes designed to look like civilian aircraft.

If the base is approved, the most likely location for it would be in Niger, a largely desert nation on the eastern border of Mali. The American military’s Africa Command, or Africom, is also discussing options for the base with other countries in the region, including Burkina Faso, officials said.

The immediate impetus for a drone base in the region is to provide surveillance assistance to the French-led operation in Mali. “This is directly related to the Mali mission, but it could also give Africom a more enduring presence for I.S.R.,” one American military official said Sunday, referring to intelligence, surveillance and reconnaissance.

A handful of unarmed Predator drones would carry out surveillance missions in the region and fill a desperate need for more detailed information on a range of regional threats, including militants in Mali and the unabated flow of fighters and weapons from Libya. American military commanders and intelligence analysts complain that such information has been sorely lacking.

The Africa Command’s plan still needs approval from the Pentagon and eventually from the White House, as well as from officials in Niger. American military officials said that they were still working out some details, and that no final decision had been made. But in Niger on Monday, the two countries reached a status-of-forces agreement that clears the way for greater American military involvement in the country and provides legal protection to American troops there, including any who might deploy to a new drone base.

The plan could face resistance from some in the White House who are wary of committing any additional American forces to a fight against a poorly understood web of extremist groups in North Africa.

If approved, the base could ultimately have as many as 300 United States military and contractor personnel, but it would probably begin with far fewer people than that, military officials said.

Some Africa specialists expressed concern that setting up a drone base in Niger or in a neighboring country, even if only to fly surveillance missions, could alienate local people who may associate the distinctive aircraft with deadly attacks in Pakistan, Somalia and Yemen.

Officials from Niger did not respond to e-mails over the weekend about the plan, but its president, Mahamadou Issoufou, has expressed a willingness to establish what he called in a recent interview “a long-term strategic relationship with the U.S.”

“What’s happening in northern Mali is a big concern for us because what’s happening in northern Mali can also happen to us,” Mr. Issoufou said in an interview at the presidential palace in Niamey, Niger’s capital, on Jan. 10, the day before French troops swept into Mali to blunt the militant advance.

Gen. Carter F. Ham, the head of the Africa Command, who visited Niger this month to discuss expanding the country’s security cooperation with the United States, declined to comment on the proposed drone base, saying in an e-mail that the subject was “too operational for me to confirm or deny.”

Discussions about the drone base come at a time when the French operation in Mali and a militant attack on a remote gas field in the Algerian desert that left at least 37 foreign hostages, including 3 Americans, dead have thrown a spotlight on Al Qaeda’s franchise in the region, Al Qaeda in the Islamic Maghreb, and forced Western governments and their allies in the region to accelerate efforts to combat it.

Senator Dianne Feinstein, a California Democrat who is chairwoman of the Intelligence Committee, said on CBS’s “Face the Nation” on Sunday that in the wake of Osama bin Laden’s death and the turmoil of the Arab Spring, there was “an effort to establish a beachhead for terrorism, a joining together of terrorist organizations.”

According to current and former American government officials, as well as classified government cables made public by the group WikiLeaks, the surveillance missions flown by American turboprop planes in northern Mali have had only a limited effect.

Flown mainly from Ouagadougou, the capital of Burkina Faso, the missions have faced stiff challenges as militant leaders have taken greater precautions in using electronic communications and have taken more care not to disclose delicate information that could be monitored, like their precise locations.

General Ham said in an interview on his visit to Niger that it had been difficult for American intelligence agencies to collect consistent, reliable intelligence about what was going on in northern Mali, as well as in other largely ungoverned parts of the sub-Saharan region.

“It’s tough to penetrate,” he said. “It’s tough to get access for platforms that can collect. It’s an extraordinarily tough environment for human intelligence, not just ours but the neighboring countries as well.”

…

January 28, 2013
By ERIC SCHMITT

Find this story at 28 January 2013

© 2013 The New York Times Company

UN official calls on British government to investigate undercover police scandal

Maina Kiai says he is ‘deeply concerned’ about use of officers such as Mark Kennedy to infiltrate non-violent groups

Mark Kennedy, an undercover police officer who infiltrated a group of environmental protesters. Photograph: Philipp Ebeling

A senior United Nations official has called on the British government to launch a judge-led public inquiry into the “shocking” case of Mark Kennedy and other undercover police officers who have been infiltrating protest groups.

Maina Kiai, a UN special rapporteur, said the scandal involving undercover police cultivating intimate sexual relationships with political activists over long periods of time had been as damaging as the phone-hacking controversy that prompted the Leveson inquiry.

He said he was “deeply concerned” about the UK’s use of undercover police officers in non-violent groups exercising their democratic rights to protest.

“The case of Mark Kennedy and other undercover officers is shocking as the groups in question were not engaged in criminal activities,” Kiai told a central London news conference. “The duration of this infiltration, and the resultant trauma and suspicion it has caused, are unacceptable in a democracy.

“It is a clear violation of basic rights protected under the Human Rights Act, and more generally under international law, such as the right to privacy.”

He added: “This is not a James-Bond-type movie issue. I think it is unacceptable that the state can pay somebody who will use women, and be part of their lives and then just devastate them and leave them. That’s unbelievable.”

Kiai is the latest senior figure to call for a full investigation into the controversy since the Guardian began revealing details of the spy operation two years ago. The undercover policing controversy will be raised in parliament next month during a special hearing hosted by the home affairs select committee.

Undercover police have been living double lives for several years among protest groups, sometimes even residing with female activists and spending weeks abroad with them on holiday. At the end of their deployment, the police spies vanish without a trace.

The surveillance operation, which has continued to plant long-term spies in protest groups despite recent controversies, comes under the remit of an initiative to combat what police call domestic extremism. Many of the targets of the operation have turned out to be law-abiding anti-capitalist campaigners or protesters against global warming.

In at least three cases, relationships between police and the women they were spying on have resulted in the birth of children.

The UN rapporteur’s preliminary report follows a 10-day fact-finding mission to London, Belfast and Edinburgh. Kiai met campaigners, senior police, civil servants and the home secretary, Theresa May. He said she told him a full inquiry into undercover policing was “not something on the agenda”.

However, Kiai, who has responsibility in the UN for the rights to freedom of peaceful assembly, said he believed the case of Kennedy and others had left a “trail of victims and survivors in its wake” who deserved answers.

Eleven women and one man are bringing a high court legal action for the emotional trauma suffered as a result of “deeply personal” relationships they formed with men who turned out to be police officers.

A judge ruled last week that some of their claims should be heard by the Investigatory Powers Tribunal, an obscure body that usually deals with complaints against MI5 and MI6.

Mr Justice Tugendhat cited the fictional case of James Bond to argue that when parliament introduced legislation allowing covert police to have personal relationships with targets, they must have assumed they may have sexual encounters.

Rejecting the idea that it could be a “James Bond movie issue”, Kiai said: “I therefore call on the authorities to undertake a judge-led public inquiry into the Mark Kennedy matter, and other related cases, with a view to giving voice to victims, especially women, who were deliberately deceived by their own government, and paving the way for reparations.”

The government has so far resisted calls for a judge-led inquiry, instead choosing to back a host of other separate reviews into the conduct of Kennedy and related issues.

…

Paul Lewis and Rob Evans
The Guardian, Wednesday 23 January 2013 16.49 GMT

Find this story at 23 January 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Women who had relationships with police spies win partial legal victory

Judge rules half of the women’s cases can be heard in open court but half must be first heard by secret tribunal

The judge said that claims against two police officers – Mark Kennedy (pictured above) and a second spy who posed as Mark Jacobs – should first be heard by the Investigatory Powers Tribunal. Photograph: Philipp Ebeling

Ten women who say they were deceived into having sexual relationships with undercover police officers have won only a partial victory in their fight to have their case heard in the high court.

Mr Justice Tugendhat said the lawsuit alleged “the gravest interference” with the fundamental rights of women who had long-term relationships with police officers sent to spy on their political groups. The judge rejected an attempt by the Metropolitan police to have the whole case struck out of the court.

However, in a mixed ruling, the judge said that half the cases in the legal action should first be heard by a secretive tribunal that usually deals with complaints against MI5.

The case relates to a joint lawsuit brought by 10 women and one man who claim they suffered emotional trauma after forming “deeply personal” relationships with the police spies.

In his ruling, Tugendhat acknowledged that the allegations made by the women were “very serious”. He added that the case appeared to be unprecedented. “No action against the police alleging sexual abuse of the kind in question in these actions has been brought before the courts in the past, so far as I have been made aware.”

The judge drew a comparison with James Bond, the fictional member of the intelligence service who “used relationships with women to obtain information, or access to persons or property”.

Although Ian Fleming, the writer of the Bond series, did not dwell on “psychological harm he might have done to the women concerned”, the judge said fictional accounts such as these point to how “intelligence and police services have for many years deployed both men and women officers to form personal relationships of an intimate sexual nature”.

Lawyers for the Met had attempted to have all 11 cases struck out of the court, arguing they constituted an abuse of process and should instead by heard by the Investigatory Powers Tribunal (IPT), a little-known complaints body.

However, they achieved only a partial victory.

In his ruling, the judge said that claims against two police officers – Mark Kennedy and a second spy who posed as Mark Jacobs – should first be heard by the IPT. Both of these officers were deployed after 2000, and some of the claims allege their activities constituted a breach of the Human Rights Act, which came into force in October that year.

However, the judge said that other claims for damages under common law, including torts of misfeasance in public office, deceit, assault and negligence, should be heard by the high court.

He temporarily stayed high court proceedings pending the conclusion of cases at the IPT. The special tribunal was introduced in 2000 to examine complaints from the public about unjustified state surveillance within what it calls “a necessary ring of secrecy”. Complainants do not see the evidence put forward by the state and have no automatic right to an oral hearing. Neither can they appeal its decision.

Lawyers for the some of the women described the decision to send half of the cases to the tribunal as an “outrage”.

Harriet Wistrich, of Birnberg Peirce, said: “We brought this case because we want to see an end to sexual and psychological abuse of campaigners for social justice and others by undercover police officers. We are outraged that the high court has allowed the police to use the IPT to preserve the secrecy of their abusive and manipulative operations in order to prevent public scrutiny and challenge.”

…

Rob Evans and Paul Lewis
guardian.co.uk, Thursday 17 January 2013 14.01 GMT

Find this story at 17 January 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Did US spies hack French government computers using Facebook?

A sophisticated computer virus discovered at the center of the French government’s secure computer network was planted there by the United States, according to unnamed sources inside France’s intelligence community. Paris-based magazine L’Express, France’s version of Time magazine, says in its current issue that the alleged American cyberattack took place shortly before last April’s Presidential elections in France. It resulted in the infection of the entire computer system in the Palais de l’Élysée, which is the official residence of the President of France. The French magazine cites unnamed sources inside the French Network and Information Security Agency (ANSSI), which is responsible for cybersecurity throughout France. The sources claim that the snooping virus allowed its handlers to gain access to the computers of most senior French Presidential aides and advisers during the final weeks of the administration of French President Nicolas Sarkozy, including his Chief of Staff, Xavier Musca. The article claims that the virus used a source code nearly identical to that of Flame, a super-sophisticated version of Stuxnet, the virus unleashed a few years ago against the computer infrastructure of the Iranian nuclear energy program. Many cybersecurity analysts believe that the US and Israel were instrumental in designing both Stuxnet and Flame. IntelNews understands that the alleged virus was initially directed at employees of the Palais de l’Élysée through Facebook. The targets were allegedly befriended by fake Facebook profile accounts handled by the team that operated the virus. The targets were then sent phishing emails that contained links to phony copies of the login page for the Palais de l’Élysée intranet website. Though that bogus website the hackers acquired username and password data of several Palais de l’Élysée staffers, which they subsequently used to gain access to the Presidential Palace’s computer system. Assuming that the virus planted on the Palais de l’Élysée intranet was similar to Flame in method and scope, it can be inferred that its handlers were able to spy on conversations taking place at the Palais using the infected computers’ audiovisual peripherals, as well as log keystrokes and acquire screen shots at regular intervals. The collected data was then routed through a host of different servers on five continents before reaching the hackers.

…

November 22, 2012 by Joseph Fitsanakis 6 Comments

By JOSEPH FITSANAKIS | intelNews.org |

Find this story at 22 November 2012

Cyberguerre: comment les Américains ont piraté l’Élysée

EXCLUSIF. En mai, l’équipe de Nicolas Sarkozy a été victime d’une opération d’espionnage informatique hypersophistiquée. Les sources de L’Express concordent : le coup vient de… l’ami américain. Révélations sur une attaque qui s’inscrit dans une bataille planétaire.

CYBERGUERRE – Les intrus qui se sont introduits dans les réseaux informatiques de l’Elysée en mai dernier ont subtilisé des notes secrètes et des plans stratégiques à partir des ordinateurs de proches conseillers de Nicolas Sarkozy.
DR

C’est l’un des hold-up les plus audacieux réalisés contre l’Etat français. En mai dernier, quelques jours avant le second tour de l’élection présidentielle, des pirates ont réussi à s’introduire dans les réseaux informatiques de l’Elysée. Révélée par le quotidien régional Le Télégramme, cette intrusion avait alors été soigneusement étouffée par le Château. Une omerta qui, jusqu’à présent, n’avait pas été brisée. Aucune information n’avait filtré sur la nature des agresseurs, ou même sur le préjudice subi. Pourtant, l’affaire est grave, d’autant qu’elle constituerait une cyberattaque sans précédent entre pays alliés.

L’Express peut révéler que les intrus ont non seulement réussi à pénétrer au coeur même du pouvoir politique français, mais qu’ils ont pu fouiller les ordinateurs des proches conseillers de Nicolas Sarkozy. Des notes secrètes ont été récupérées sur des disques durs, mais aussi des plans stratégiques. Du vrai travail de pro, digne du dernier James Bond, Skyfall. Et, comme souvent dans ce type d’attaque, une négligence humaine est à l’origine de la catastrophe.
L’ordinateur du secrétaire général de l’Elysée pillé

Tout a commencé sur Facebook. Les assaillants ont d’abord identifié, sur le réseau social, le profil de personnes travaillant au palais présidentiel. Se faisant passer pour des amis, ils les ont ensuite invitées, par un message électronique, à se connecter sur l’intranet du Château. Sauf que ce lien menait à une fausse page Web – une réplique de celle de l’Elysée. Les victimes n’y ont vu que du feu ; et lorsque est apparu, à l’écran, un message leur demandant leur identifiant et leur mot de passe, elles les ont donnés en toute bonne foi. Une technique bien connue des hackers, qui leur a permis de récupérer les clefs numériques pour s’inviter en toute quiétude dans le saint des saints.

Une fois à l’intérieur, les pirates ont installé un logiciel espion qui s’est propagé d’un ordinateur à l’autre. Très élaboré, ce “ver” n’a infecté que quelques machines. Et pas n’importe lesquelles : celles des conseillers les plus influents du gouvernement… et du secrétaire général, Xavier Musca. Nicolas Sarkozy y a, lui, échappé. Et pour cause, il ne possédait pas de PC. Malheureusement pour les assaillants, le code malveillant a laissé des empreintes. “Telles des marionnettes actionnées par des fils invisibles, les machines infectées communiquent avec leur maître pour prendre leurs ordres, décrypte un expert, Olivier Caleff, responsable sécurité du Cert-Devoteam, une société de sécurité informatique. Lorsque l’on essaie de remonter ces fils sur Internet, on arrive souvent sur des serveurs situés à l’étranger.”

C’est ce travail de fourmi qu’ont mené les enquêteurs français. Le degré de sophistication de l’attaque était tel que les suspects se limitaient, d’emblée, à une poignée de pays. Pour preuve, le cyberpompier de l’Etat, l’Agence nationale de la sécurité des systèmes d’information (Anssi), a mis plusieurs jours pour restaurer le réseau de l’Elysée. Difficile de trouver l’origine de l’offensive. Souvent, les assaillants brouillent les pistes en passant par des pays tiers. Autant de rebonds, sur des serveurs situés sur les cinq continents, qui rendent ce fil d’Ariane très compliqué à suivre, même pour les “cyberdétectives” de l’Etat mobilisés pour l’occasion. Mais, selon les informations recueillies par L’Express auprès de plusieurs sources, leurs conclusions, fondées sur un faisceau de présomptions, convergent vers le plus vieil allié de la France : les Etats-Unis.
Le virus porte la marque de son auteur

Le code malveillant utilisé affiche, en effet, les mêmes fonctionnalités qu’un ver informatique extrêmement puissant, baptisé Flame, identifié à la fin du mois de mai par une grande société russe d’antivirus, Kaspersky. “Très perfectionné, il peut collecter les fichiers présents sur une ma-chine, réaliser des captures d’écran et même activer le microphone d’un PC pour enregistrer les conversations, expli-que Vitaly Kamluk, spécialiste du sujet chez cet éditeur. Sa conception a demandé beaucoup d’argent et des moyens humains que seul un grand pays est en mesure de mobiliser.” Ou même deux : selon la presse anglo-saxonne, le ver aurait été créé par une équipe américano-israélienne, car il devait viser initialement des pays du Moyen-Orient (Iran, Egypte). Autre élément à charge : tel un peintre reconnaissable à son trait, un virus porte les marques du savoir-faire de son auteur. Janet Napolitano, secrétaire d’Etat à la Sécurité intérieure de l’administration Obama, n’a ni confirmé ni démenti nos informations.

Contactés à ce sujet, ni l’Anssi ni l’Elysée n’ont souhaité faire de commentaires. Reste une question. Pourquoi un allié de la France lancerait-il une telle opération ? “Vous pouvez être en très bons termes avec un “pays ami” et vouloir, en même temps, vous assurer de son soutien indéfectible, surtout dans une période de transition politique”, note un proche du dossier, sous le couvert de l’anonymat. Sans compter que l’Elysée joue un rôle clef dans la signature de grands contrats avec des pays étrangers, notamment au Moyen-Orient. “C’était encore plus vrai à l’époque de Nicolas Sarkozy”, rappelle Nicolas Arpagian, directeur scientifique du cycle sécurité numérique à l’Institut national des hautes études de la sécurité et de la justice.

Un instantané des cyberattaques en cours…

HoneyMap réalisé par Honeynet Project

Quitte à être espionné, sans doute vaut-il mieux l’être par un allié… “Nous avons de grands partenaires avec lesquels nous collaborons et entretenons des relations de confiance, et d’autres avec qui nous ne partageons pas les mêmes valeurs”, rappelle le contre-amiral Arnaud Coustillière, responsable du volet militaire de la cyberdéfense française. Il n’empêche, l’attitude de l’administration Obama suscite de nombreuses interrogations.
Vers des attaques “pires que le 11 Septembre” ?

Dans une version du livre blanc sur la défense, actuellement en cours de rédaction, des auteurs ont soulevé les ambiguïtés de Washington. “Face à la difficulté d’utiliser les voies de droit, [les Etats-Unis] ont recours de plus en plus à l’action clandestine, ce qui peut poser une question de contrôle démocratique.”

Ironie du sort, le Congrès américain vient, le 14 novembre, de publier un rapport accablant sur l'”acteur le plus menaçant du cyberespace”, à savoir… la Chine. Leon Panetta, secrétaire d’Etat à la Défense, a même déclaré récemment que, par leur puissance numérique, “certains pays” seraient, d’ores et déjà, capables de provoquer un “cyber-Pearl Harbor” : “Ce serait pire que le 11 Septembre ! Des assaillants pourraient faire dérailler un train de voyageurs ou un convoi de produits chimiques dangereux. Ou, encore, contaminer les systèmes d’eau des grandes villes ou éteindre une grande partie du réseau électrique.” Le tout en se cachant derrière des écrans d’ordinateurs situés à des milliers de kilomètres…
Dans le monde virtuel, tous les coups sont permis

Leon Panetta sait de quoi il parle. L’Oncle Sam a déjà utilisé ces moyens. C’était en 2010, lors de l’opération “Jeux olympiques”, lancée conjointement avec Israël contre l’Iran. Leur logiciel Stuxnet aurait endommagé un grand nombre des centrifugeuses utilisées par Téhéran pour enrichir de l’uranium. Spectaculaire, cette opération ne doit pas faire oublier que d’autres nations oeuvrent dans l’ombre. Dans le plus grand secret, de nombreux pays, démocratiques ou non, fourbissent leurs armes numériques. Des forces secrètes se constituent, des mercenaires vendent leurs services aux plus offrants. Sans foi ni loi. La Toile n’est pas un champ de bataille comme les autres. Oubliez les codes de l’honneur, les conventions internationales ou les alliances. Tous les coups sont permis. Et mieux vaut avoir les moyens de se battre. Dans le cyberespace, personne ne vous entendra crier.

Pour s’en convaincre, il suffit de se rendre au quartier général de l’Otan, à Bruxelles. Tou-tes les nuits, vers 1 heure, c’est le même rituel, explique l’un des responsables européens de la sécurité au sein de l’organisation. “Sur une carte, à l’écran, on voit des dizaines de lumières s’allumer en Chine, explique-t-il. Ce sont les hackers qui, le matin, lancent des attaques lorsqu’ils arrivent au boulot. Et, le soir, elles s’éteignent quand ils rentrent chez eux.” Même constat d’un proche de la NSA, l’agence de renseignement des Etats-Unis : “Parfois, nous enregistrons une baisse sensible des tentatives d’intrusion sur nos sites, témoigne-t-il. Invariablement, cela correspond à des jours fériés en Chine.” Mais l’image d’une “superagence” où des armées de pirates travailleraient en batterie pour ravir les secrets de l’Occident ne reflète pas la réalité. Selon ce même agent, “leur capacité offensive est beaucoup moins centralisée qu’on pourrait l’imaginer. De nombreuses régions ont mis en place leur propre dispositif, qui dépend du bureau politique local. Et il n’est pas rare que ces factions se combattent entre elles.”
Coût d’une attaque : quelques centaines de milliers d’euros

Un hacker, qui souhaite rester anonyme, pense, lui aussi, que l’on surestime un peu le “cyberpéril jaune”. “J’ai eu l’occasion de voir travailler les Chinois, ce ne sont pas les plus affûtés, dit-il. Leurs techniques sont assez rudimentaires par rapport à celles des Américains ou des Israéliens…”

REUTERS/Minoru Iwasaki/Pool

“Les questions de sécurité alimentaire, d’énergie et de cybersécurité deviennent plus aiguës”
Hu Jintao, secrétaire général du Parti communiste chinois, novembre 2012.

A chaque pays sa spécificité. En Russie, le dispositif d’attaque est opaque. De nombreux spécialistes occidentaux du renseignement soupçonnent l’existence d’une relation triangulaire entre l’Etat, la mafia et certaines sociétés de conseil informatique qui seraient le bras armé du Kremlin. “Avez-vous déjà vu, en Russie, un hacker avoir des problèmes avec la police ? questionne Garry Kasparov, ancien champion du monde d’échecs, aujourd’hui l’un des opposants au président Poutine. Non, parce que l’on sait qui se trouve aux manettes, dans l’ombre…”

Contrairement à ce que l’on pourrait croire, les Européens ne sont pas en reste. La France, c’est une surprise, dispose d’une force de frappe numérique. Mais on trouve aussi, sur l’échiquier mondial, des Etats moins avancés sur le plan technique, tels l’Iran et la Corée du Nord. Nul besoin, en effet, d’investir dans des infrastructures coûteuses. Il suffit d’un ordinateur, d’un accès à Internet et de quelques centaines de milliers d’euros pour monter une attaque. Car sur la Toile, comme dans la vraie guerre, on trouve toutes sortes d’armes sur le marché. Il suffit de frapper aux bonnes portes. Au lieu d’une kalachnikov, on repartira avec un logiciel malveillant (malware, dans le jargon) qui permettra de prendre le contrôle d’un système ennemi. La première motivation : “Faire du business !”

“C’est un enjeu de domination. En maîtrisant l’information, on contrôle tout”, résume Jonathan Brossard. Ce hacker français renommé intervient aujourd’hui dans des groupes internationaux.

Son job consiste à s’introduire dans les systèmes informatiques pour en révéler les failles – et trouver des parades. Pour lui, les risques d’un cyberconflit existent, mais ils masquent une autre motivation, bien plus puissante : “Faire du business ! Etre capable de griller un réseau électrique, c’est bien, mais le véritable enjeu, c’est surtout de gagner des parts de marché.” Connaître, dans le détail, la proposition d’un concurrent, lors d’un gros appel d’offres, donne un avantage décisif. Pour l’avoir négligé, certaines sociétés ont péri. Des pirates – chinois semble-t-il – ont pillé les secrets du géant canadien des télécoms Nortel pendant près de dix ans, au point de l’acculer à la faillite. De tels exemples abondent.

Et la France n’est, malheureusement, pas épargnée. Les grandes entreprises du CAC 40 compteraient même parmi les plus vulnérables d’Europe. Sur ce nouveau champ de bataille invisible, on ne compte pas les morts, mais les points de PIB perdus. Et, derrière, sans doute des emplois par milliers.
Batailles de virus

STUXNET
Découverte : juin 2010.
Cible : ce logiciel a détruit des milliers de centrifugeuses nucléaires, en Iran.
Origine supposée : opération “Jeux olympiques”, menée par les Etats-Unis et Israël.

DUQU
Découverte : septembre 2011.
Cible : lié à Stuxnet, ce ver informatique a servi à espionner le programme nucléaire iranien.
Origine supposée : Etats-Unis et Israël.

MAHDI
Découverte : février 2012.
Cible : capable d’enregistrer les frappes sur un clavier et les photos et textes d’un ordinateur, Mahdi a été retrouvé en Iran, en Afghanistan et en Israël.
Origine supposée : inconnue.

WIPER
Découverte : avril 2012.Cible : ce virus fait disparaître les données des disques durs des ordinateurs infectés. Il a touché des compagnies pétrolières iraniennes.
Origine supposée : inconnue.

FLAME
Découverte : mai 2012.
Cible : ce logiciel très sophistiqué aurait espionné depuis 2007 plusieurs pays, dont l’Iran, la Syrie, le Soudan, ou encore l’Arabie saoudite.
Origine supposée : opération des Etats-Unis et d’Israël.

GAUSS
Découverte : juin 2012.
Cible : capable d’espionner les transactions financières et messages électroniques, ce virus s’est répandu au Liban, en Israël et en Palestine.
Origine supposée : inconnue.

SHAMOON
Découverte : août 2012.
Cible : les ordinateurs des compagnies pétrolières saoudiennes Aramco et RasGas au Qatar ont été attaqués par ce virus.
Origine revendiquée : groupe de hackers appelé “Glaive tranchant de la justice”, peut-être d’origine iranienne.

La réaction de l’ambassade des Etats-Unis à Paris

Nous réfutons catégoriquement les allégations de sources non-identifiées, parues dans un article de l’Express, selon lesquelles le gouvernement des Etats-Unis d’Amérique aurait participé à une cyberattaque contre le gouvernement français. La France est l’un de nos meilleurs alliés. Notre coopération est remarquable dans les domaines du renseignement, du maintien de l’ordre et de la cyberdéfense. Elle n’a jamais été aussi bonne et demeure essentielle pour mener à bien notre lutte commune contre la menace extrémiste.
Mitchell Moss, porte-parole de l’ambassade des Etats-Unis à Paris

REUTERS/Larry Downing

“La cybermenace est l’un des plus sérieux défis auxquels nous soyons confrontés en tant que nation”
Barack Obama, président des Etats-Unis, mai 2009.

REUTERS/Neil Hall

“Nous consacrerons un budget de plus d’un demi-milliard de livres [626 millions d’euros] à la cybersécurité”
David Cameron, Premier ministre britannique, octobre 2010.

REUTERS/Thomas Peter

“Les attaques cybernétiques sont aussi dangereuses que la guerre conventionnelle”
Angela Merkel, chancelière allemande, avril 2011.

Par Charles Haquet et Emmanuel Paquette (L’Express) – publié le 20/11/2012 à 15:31

Find this story at 20 November 2012

© Groupe Express-Roularta

Fascinating profile of the Soviet KGB’s little-known tech wizard

It is often suggested by intelligence researchers that one major difference between Western and Soviet modes of espionage during the Cold War was their degree of reliance on technology. It is generally accepted that Western espionage was far more dependent on technical innovation than its Soviet equivalent. While this observation may be accurate, it should not be taken to imply that the KGB, GRU, and other Soviet intelligence agencies neglected technical means of intelligence collection. In a recent interview with top-selling Russian newspaper Komsomolskaya Pravda, Russian intelligence historian Gennady Sokolov discusses the case of Vadim Fedorovich Goncharov. Colonel Goncharov was the KGB’s equivalent of ‘Q’, head of the fictional research and development division of Britain’s MI6 in the James Bond films. A veteran of the Battle of Stalingrad, Goncharov eventually rose to the post of chief scientific and technical consultant of KGB’s 5th Special Department, later renamed Operations and Technology Directorate. According to Sokolov, Goncharov’s numerous areas of expertise included cryptology, communications interception and optics. While working in the KGB’s research laboratories, Goncharov came up with the idea of employing the principles behind the theremin, an early electronic musical instrument invented by Soviet physicist Léon Theremin in 1928, in wireless audio surveillance. According to Sokolov, the appropriation of the theremin by the KGB under Goncharov’s leadership “changed the world of intelligence”.

Renamed “passive bug” by the Soviets, a modified version of Theremin’s invention allowed the KGB to do away with wires and hidden microphones, using instead tiny coils and metal plates surreptitiously hidden in a target room or area. Such contraptions acted as sensors that picked up the vibrations in the air during conversations and transmitted them to a beam (receiver) placed nearby, usually in an adjoined room or vehicle. One such device was planted by the KGB inside the large wooden replica of the Great Seal of the United States given by the Soviets to US Ambassador to the USSR, Averell Harriman, as a present in February 1945. By hanging the decorative artifact in his embassy office in Moscow, the Ambassador enabled the KGB to listen in to his private conversations, as well as those of his successors, including Walter Bedell Smith (later Director of Central Intelligence), Alan G. Kirk, and George F. Kennan, for nearly eight years. The bug was discovered by the US in 1952 and exposed to the world during a conference at the United Nations (see photo).

Sokolov says that Goncharov also used the “passive bug” in several Moscow hotels frequented by Western visiting dignitaries, such as the Hotel National and the Hotel Soviet. Targets of “passive bug” operations included Indonesian President Sukarno, British Prime Minister Harold Wilson and German Chancellor Konrad Adenauer, whose conversations Goncharov allegedly managed to bug even though the West German leader chose to spend most of his trip to the USSR inside a luxury train compartment provided by the West German government. The Russian intelligence historian also claims that the theremin-based bug was used to eavesdrop on the conversations of Princess Margaret, sister of Queen Elizabeth II of the United Kingdom. The KGB allegedly bugged Margaret’s cigarette lighter, cigarette case and ashtrays, and was able to listen in to the Princess’ “drunken sprees” during her trips around Western Europe, collecting “dirt on the British Royal House”.

…

December 24, 2012 by intelNews 5 Comments

By JOSEPH FITSANAKIS | intelNews.org |

Find this story at 24 December 2012

We bugged Princess Margaret’s ashtrays, admit KGB

KGB homed in on Princess during visit to Copenhagen in 1964
Bugging devices attached to ashtrays and lighters to listen in on ‘scandalous gossip’
Spies set up failed ‘honey trap’ for former Prime Minister Harold Wilson

Soviet spies have admitted using bugging devices on the Royal Family and former British Prime Minister Harold Wilson.

Secret agents from the KGB targeted Princess Margaret in the 1960s, attaching listening aids to her lighter, cigarette case, ashtrays and telephones.

According to the Sunday Express, they homed in on the Princess during a trip to Copenhagen, Denmark in 1964.

Lord Snowdon And Princess Margaret get ready to board a plane in September 1964 ahead of their visit to Copenhagen. Russian spies have admitted bugging the Princess on the trip

Until now, Russia has always denied the covert operation, which took place in a hotel, but has now admitted compiling a dossier on the Princess’s love affair with Robin Douglas-Home and further relationships with Roddy Llewellyn, Colin Tennant and Dominic Ewes, a painter who later committed suicide.

Spies passed photos, tape recordings and ‘most interesting, even scandalous’ gossip involving senior royal figures.

It is also said agents tried to get information from Margaret’s therapist, Kay Kiernan, who also treated the Queen.

Intelligence on Prince Phillip was gathered via society osteopath and artist Stephen Ward, who later killed himself at the height of the Profumo affair.

But spies failed in a sting operation on then future leader Harold Wilson, setting up a ‘honey trap’ for him in a Moscow hotel.

Princess Margaret (second from right and then left) was targeted by KGB spies on her visit to Copenhagen in 1964. Bugging devices were planted in her lighter, cigarette case, ashtrays and telephones

A new book will detail the KGB spies’ attempts at bugging the Royal Family. Pictured, the Kremlin, in Moscow

Female agents posing as prostitutes patrolled the hotel overlooking the Kremlin, with a camera planted in a chandelier in his bedroom.

But when the film was developed, Wilson’s face was disguised.

Colonel Vadim Goncharov, who has since died, was the KGB chief in charge of the snooping operations, and he was ordered by bosses to go on television to deny the claims, fearing they would cast a shadow over the Queen’s first and only visit to Russia in 1994.

…

By Daily Mail Reporter

PUBLISHED: 11:01 GMT, 23 December 2012 | UPDATED: 17:05 GMT, 23 December 2012

Find this story at 23 December 2012

© Associated Newspapers Ltd

USSR ‘used civilian planes to spy’

Defence Secretary John Nott warned Mrs Thatcher that the USSR was using civilian aircraft to carry out spying missions in the UK

The Soviet Union used civil airliners to conduct secret Cold War spying missions over Britain, according to newly published Government files.

Some aircraft would switch off their transponders, alerting air traffic controllers to their position before veering off their approved flight paths to carry out aerial intelligence-gathering missions over sensitive targets, papers released by the National Archives under the 30-year rule show.

In a memorandum marked SECRET UK US EYES ONLY, Defence Secretary John Nott informed prime minister Margaret Thatcher in December 1981 that the RAF was monitoring the hundreds of monthly flights through UK airspace by Warsaw Pact airliners.

“One incident of particular interest took place on 9th November, when an Aeroflot IL62 made an unauthorized and unannounced descent from 35,000 ft to 10,000 ft just below cloud level, to fly over RAF Boulmer, a radar station currently being modernised. It subsequently climbed back to 37,000 ft,” he wrote.

“During this manoeuvre its Secondary Surveillance Radar which automatically broadcasts the aircraft’s height was switched off, though it was on before and after the incident. It must, therefore, be assumed that it was switched off intentionally to conceal a deliberate and premeditated manoeuvre.

“Our investigations have now revealed it was the same aircraft which over flew the USN base at Groton when the first Trident submarine was being launched. You will recall that as a result of this incident the President banned Aeroflot flights over the USA for a short period.”

But that was not the only example of bad behaviour by enemy spies that year. In August 1981 the Second Secretary at the USSR embassy VN Lazin became the first Soviet diplomat for a decade to be expelled for “activities incompatible with his status”.

The Foreign Office informed No 10 that Lazin, actually the senior member of the scientific and technical intelligence section of the KGB in London, was arrested during a “clandestine meeting” with a Portuguese national.

“He developed his relationship with the Portuguese national over several months and sought to obtain technical and scientific information in the UK from him and to use him as an agent with the possibility of eventually placing him in a Nato post,” the Foreign Office noted.

The Soviets responded in traditional fashion with the tit-for-tat expulsion of the British cultural attache in the Moscow embassy. More was to follow six months later in February 1982 when MI5 decided to call time on the espionage career of another Soviet, Vadim Fedorovich Zadneprovskiy, a member of the Soviet trade delegation whom for the previous five years operated as a KGB agent-runner. His recruits included a British businessman who was given the codename COURT USHER.

Updated: 28 December 2012 11:48 | By pa.press.net

Find this story at 28 December 2012

© 2013 Microsoft

KGB Used Aeroflot Jets as Spy Planes, U.K. Files Show

Soviet spies used civilian planes to snoop on British and American military installations during the 1980s, newly released U.K. documents show.

Britain’s Royal Air Force “established that some of these aircraft deviated from their flight-plan routes in circumstances which would lead us to assume that they were gathering intelligence,” the then defense secretary, John Nott, wrote in a memo to Prime Minister Margaret Thatcher that’s among government files from 1982 published today after being kept confidential for the prescribed 30 years.

The papers from the National Archives in London give an insight into both the extent of Soviet espionage and the U.K. government’s awareness of it. One agent from the KGB, the Soviet security agency, was identified on arrival in 1977 and followed for five years, subject to a series of British intelligence operations before finally being expelled.

Relations between Thatcher’s government and the Soviet Union were tense at the time, despite attempts by diplomats to persuade her to take a conciliatory line. More than once in her files she rejects a course of action proposed in a memo, referring to the 1979 Soviet invasion of Afghanistan as the reason.

As Communist Party general secretary Leonid Brezhnev approached his 75th birthday at the end of 1981, Foreign Secretary Peter Carrington said it would be “churlish” of her not to send congratulations.

“Afghanistan?” Thatcher wrote in the margins of the memo suggesting this. “I really don’t think we should send a message.” She underlined “don’t.”
‘Unannounced Descent’

Nott wrote to Thatcher about the KGB’s use of Aeroflot planes over Britain after the Royal Air Force decided to look at the activities of “the thousand or so Warsaw Pact airliners which fly over the U.K. each month.”

In “one incident of particular interest,” the defense secretary wrote, an Ilyushin IL62 from the Soviet airline “made an unauthorized and unannounced descent from 35,000 feet to 10,000 feet, just below cloud level, to fly over RAF Boulmer, a radar station currently being modernized” in northeast England.

The plane turned off its automatic broadcast of its height during the maneuver, after which it returned to its previous altitude and began transmitting again.

The RAF subsequently established the same plane performed a similar operation over the U.S. Navy base at Groton, Connecticut, when the first Trident submarine was being launched.
Trade Official

The KGB was also using more traditional methods. In February 1982, the Security Service, the British internal security agency popularly known as MI5, asked for permission to expel a Russian trade official, Vadim Fedorovich Zadneprovskiy, after he “engaged in unacceptable intelligence-gathering activities.” According to the MI5 report, he had been identified as a KGB agent on his arrival in 1977 and followed.

MI5 used his inquiries about British counter-surveillance techniques to establish gaps in the KGB’s knowledge, with “some success.” The security service watched as he ran a British businessman, whom they codenamed “Court Usher,” as an agent, even using him to deliver equipment “in a thoroughly clandestine manner.” After concluding it wouldn’t be able to recruit Zadneprovskiy, MI5 demanded he be thrown out.

It wasn’t just professional spies trying to get in on the act. As the Falklands War raged, and the government wrestled with the question of how to keep French-built Exocet anti-ship missiles out of Argentine hands, Attorney General Michael Havers sent Thatcher a handwritten note suggesting a way to intercept a shipment.
‘Bond Movie’

Acknowledging his idea “may be thought to be more appropriate to a James Bond movie,” Havers said the Secret Intelligence Service, MI6, should try to insert its own person as loadmaster on any flight used to carry missiles to Argentina.

“If this can be agreed, the loadmaster has total control over the flight and, therefore, could redirect the aircraft in transit to (for example) Bermuda,” he wrote. “This will cost money (this is an expensive dirty business) but could, in my view, be cheap at the price.”

Havers may not have been aware at the time that MI6 was already running operations to precisely that end. Nott’s diary recalls, without giving details, how the agency both prevented Argentina buying missiles available on the open market and disabled missiles it thought could fall into Argentine hands.

The U.S., while leading attempts to broker a cease-fire between Argentina and the U.K., provided information from spies as part of its support to Britain in the conflict.
‘Magnificent Support’

…

By Robert Hutton and Thomas Penny – Dec 27, 2012

Find this story at 27 December 2012

®2013 BLOOMBERG L.P. ALL RIGHTS RESERVED.

Canadian diplomats spied on Cuba for CIA in aftermath of missile crisis: envoy

In a little-known chapter of the Cold War, Canadian diplomats spied for the U.S. Central Intelligence Agency in Cuba in the aftermath of the 1962 missile crisis – and for years afterward.

A major part of that story is told in a forthcoming memoir by retired Canadian envoy John Graham. Mr. Graham was one of a series of Canadian diplomats recruited to spy for the CIA in Havana. The missions went on for at least seven years, during the 1960s.

“We didn’t have a military attaché in the Canadian embassy,” explained Mr. Graham, who worked under the cover of Political Officer. “And to send one at the time might have raised questions. So it was decided to make our purpose less visible.”

Mr. Graham said he worked as a spy for two years, between 1962 and 1964. His mandate was to visit Soviet bases, identify weapons and electronic equipment and monitor troop movements.

The espionage missions began after President John Kennedy asked Prime Minister Lester Pearson – at their May, 1963, summit in Hyannis Port, Mass. – whether Canada would abet American intelligence-gathering efforts in Cuba.

As a result of the crisis, which brought the superpowers to the brink of nuclear war, the Soviets had agreed to withdraw nuclear missiles from Cuban territory, in exchange for Washington’s pledge to remove its own missile batteries from Turkey and Italy.

To monitor Russian compliance, the United States needed to supplement data gleaned from almost daily U-2 reconnaissance flights. It had few assets on the ground. Its networks of Cuban agents had been progressively rolled up by Castro’s efficient counterintelligence service. And having severed diplomatic relations with Cuba in 1961, it had no embassy of its own through which to infiltrate American spies.

Soon after the summit meeting, Ottawa sent diplomat George Cowley to Havana.

Now deceased, Mr. Cowley, who had served in the Canadian embassy in Japan and sold encyclopedias in Africa, spent about two months in Havana in the late spring of 1963.

He was followed by Mr. Graham, seconded from his post as chargé d’affaires in the Dominican Republic.

His formal training, he told The Globe and Mail, was minimal – a few days at CIA headquarters in Langley, Va. At the end of it, an agency officer offered him a farewell gift – a sophisticated camera with an assortment of telephoto lenses.

He declined the present, arguing that if he were ever caught with it, he’d surely be arrested.

“But how will we know what the Soviet military convoys are carrying?” a CIA officer asked him. “We need precision. Configuration is essential for recognition.”

“I’ll draw you pictures,” Mr. Graham said. “It was a bit like the character in Graham Greene’s Our Man in Havana, but that’s what I did.”

In the Greene novel, an inept salesman, recruited to spy for Britain, sends illustrations of vacuum cleaner parts to his handler, calling them drawings of a military installation.

Mr. Graham’s sketches, however, were the real thing. To get them to Canada, he flew to Mexico City – the only regional air connection – and deposited the drawings at the Canadian embassy. From there, they were dispatched by diplomatic courier to Ottawa. Copies were subsequently sent to the CIA and, Mr. Graham later heard, to the Kennedy White House.

His written reports, sent by ciphered telegram to the Canadian embassy in Washington and then to Ottawa, contained details of electronic arrays in use at Soviet bases. “That information,” he said, “could tell an expert what weapons systems they had.”

Although Moscow had removed its nuclear arsenal by the time Mr. Graham arrived, it maintained a significant military presence. Russian soldiers typically dressed in civilian clothes, usually in plaid sport shirts, khaki pants and running shoes.

To fit in, Mr. Graham adopted the same ensemble – purchased at a Zellers store in Ottawa. Although many missions involved early morning surveillance of naval facilities, he was never followed. He was stopped only once by the police, roaming through a secure section of a communications building. He pretended to be a bumbling tourist and was let go.

On several occasions, Mr. Graham conducted joint reconnaissance with an agent of another Western country that he declines to identify. “He was brilliant and altogether remarkable. At parties, he composed Monty-Python-like lyrics to pet and lingerie commercials, accompanying himself on the piano.”

To relieve the stress of their missions, they would stop for seaside picnics on the way home. “Mr. X would pull out two crystal goblets and a Thermos of premixed martinis. I supplied the olives.”

Canadian officials, he said, went to extraordinary lengths to protect his identity as an agent. He stamped his sketches with the words, “For Canadian Eyes Only, Confidential.” But in Ottawa they were given an additional security designation – “Secret, Ottawa Only, Protect Source,” a classification he had never seen, before or since.

In 1964, Mr. Graham was promoted within the embassy and replaced in his espionage work by Alan McLaine.

In fact, he said, Canada’s role as CIA surrogate in Cuba continued for several years, even under the government of Pierre Trudeau, who had developed a personal friendship with Cuban leader Fidel Castro.

…

MICHAEL POSNER

OTTAWA — The Globe and Mail

Published Monday, Oct. 15 2012, 9:56 PM EDT

Last updated Tuesday, Oct. 16 2012, 5:02 AM EDT

Find this story at 15 October 2012

© Copyright 2013 The Globe and Mail Inc. All Rights Reserved.

The “Red October” Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies

During the past five years, a high-level cyber-espionage campaign has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations, gathering data and intelligence from mobile devices, computer systems and network equipment.

Kaspersky Lab’s researchers have spent several months analyzing this malware, which targets specific organizations mostly in Eastern Europe, former USSR members and countries in Central Asia, but also in Western Europe and North America.

The campaign, identified as “Rocra”, short for “Red October”, is currently still active with data being sent to multiple command-and-control servers, through a configuration which rivals in complexity the infrastructure of the Flame malware. Registration data used for the purchase of C&C domain names and PE timestamps from collected executables suggest that these attacks date as far back as May 2007.

Some key findings from our investigation:
The attackers have been active for at least five years, focusing on diplomatic and governmental agencies of various countries across the world. Information harvested from infected networks is reused in later attacks. For example, stolen credentials were compiled in a list and used when the attackers needed to guess passwords and network credentials in other locations. To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries (mainly Germany and Russia). The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the true -mothership- command and control server.
The attackers created a multi-functional framework which is capable of applying quick extension of the features that gather intelligence. The system is resistant to C&C server takeover and allows the attacker to recover access to infected machines using alternative communication channels.
Beside traditional attack targets (workstations), the system is capable of stealing data from mobile devices, such as smartphones (iPhone, Nokia, Windows Mobile); dumping enterprise network equipment configuration (Cisco); hijacking files from removable disk drives (including already deleted files via a custom file recovery procedure); stealing e-mail databases from local Outlook storage or remote POP/IMAP server; and siphoning files from local network FTP servers.
We have observed the use of at least three different exploits for previously known vulnerabilities: CVE-2009-3129 (MS Excel), CVE-2010-3333 (MS Word) and CVE-2012-0158 (MS Word). The earliest known attacks used the exploit for MS Excel and took place in 2010 and 2011, while attacks targeting the MS Word vulnerabilities appeared in the summer of 2012.

The exploits from the documents used in spear phishing were created by other attackers and employed during different cyber attacks against Tibetan activists as well as military and energy sector targets in Asia. The only thing that was changed is the executable which was embedded in the document; the attackers replaced it with their own code.

Sample fake image used in one of the Rocra spear phishing attacks.
During lateral movement in a victim’s network, the attackers deploy a module to actively scan the local area network, find hosts vulnerable for MS08-067 (the vulnerability exploited by Conficker) or accessible with admin credentials from its own password database. Another module used collected information to infect remote hosts in the same network.
Based on registration data of the C&C servers and numerous artifacts left in executables of the malware, we strongly believe that the attackers have Russian-speaking origins. Current attackers and executables developed by them have been unknown until recently, they have never related to any other targeted cyber attacks. Notably, one of the commands in the Trojan dropper switches the codepage of an infected machine to 1251 before installation. This is required to address files and directories that contain Cyrillic characters in their names.
Rocra FAQ:

What is Rocra? Where does the name come from? Was Operation Rocra targeting any specific industries, organizations or geographical regions?

Rocra (short for “Red October”) is a targeted attack campaign that has been going on for at least five years. It has infected hundreds of victims around the world in eight main categories:
Government
Diplomatic / embassies
Research institutions
Trade and commerce
Nuclear / energy research
Oil and gas companies
Aerospace
Military

It is quite possible there are other targeted sectors which haven’t been discovered yet or have been attacked in the past.

How and when was it discovered?

We have come by the Rocra attacks in October 2012, at the request of one of our partners. By analysing the attack, the spear phishing and malware modules, we understood the scale of this campaign and started dissecting it in depth.

Who provided you with the samples?

Our partner who originally pointed us to this malware prefers to remain anonymous.

How many infected computers have been identified by Kaspersky Lab? How many victims are there? What is the estimated size of Operation Red October on a global scale?

During the past months, we’ve counted several hundreds of infections worldwide – all of them in top locations such as government networks and diplomatic institutions. The infections we’ve identified are distributed mostly in Eastern Europe, but there are also reports coming from North America and Western European countries such as Switzerland or Luxembourg.

Based on our Kaspersky Security Network (KSN) here’s a list of countries with most infections (only for those with more than 5 victims):Country Infections

RUSSIAN FEDERATION 35
KAZAKHSTAN 21
AZERBAIJAN 15
BELGIUM 15
INDIA 14
AFGHANISTAN 10
ARMENIA 10
IRAN; ISLAMIC REPUBLIC OF 7
TURKMENISTAN 7
UKRAINE 6
UNITED STATES 6
VIET NAM 6
BELARUS 5
GREECE 5
ITALY 5
MOROCCO 5
PAKISTAN 5
SWITZERLAND 5
UGANDA 5
UNITED ARAB EMIRATES 5

For the sinkhole statistics see below.

Who is behind/responsible for this operation? Is this a nation-state sponsored attack?

The information we have collected so far does not appear to point towards any specific location, however, two important factors stand out:
The exploits appear to have been created by Chinese hackers.
The Rocra malware modules have been created by Russian-speaking operatives.

Currently, there is no evidence linking this with a nation-state sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere.

Are there any interesting texts in the malware that can suggest who the attackers are?

Several Rocra modules contain interesting typos and mis-spellings:

network_scanner: “SUCCESSED”, “Error_massage”, “natrive_os”, “natrive_lan”
imapispool: “UNLNOWN_PC_NAME”, “WinMain: error CreateThred stop”
mapi_client: “Default Messanger”, “BUFEER IS FULL”
msoffice_plugin: “my_encode my_dencode”
winmobile: “Zakladka injected”, “Cannot inject zakladka, Error: %u”
PswSuperMailRu: “——-PROGA START—–“, “——-PROGA END—–”

The word “PROGA” used in here might refer to transliteration of Russian slang “ПРОГА”, which literally means an application or a program among Russian-speaking software engineers.

In particular, the word “Zakladka” in Russian can mean:
“bookmark”
(more likely) a slang term meaning “undeclared functionality”, i.e. in software or hardware. However, it may also mean a microphone embedded in a brick of the embassy building.

The C++ class that holds the C&C configuration parameters is called “MPTraitor” and the corresponding configuration section in the resources is called “conn_a”. Some examples include:

conn_a.D_CONN
conn_a.J_CONN
conn_a.D_CONN
conn_a.J_CONN

What kind of information is being hijacked from infected machines?

Information stolen from infected systems includes documents with extensions:

txt, csv, eml, doc, vsd, sxw, odt, docx, rtf, pdf, mdb, xls, wab, rst, xps, iau,
cif, key, crt, cer, hse, pgp, gpg, xia, xiu, xis, xio, xig, acidcsa, acidsca,
aciddsk, acidpvr, acidppr, acidssa.
In particular, the “acid*” extensions appear to refer to the classified software “Acid Cryptofiler”, which is used by several entities such as the European Union and/or NATO.

What is the purpose/objective of this operation? What were the attackers looking for by conducting this sustained cyber-espionage campaign for so many years?

The main purpose of the operation appears to be the gathering of classified information and geopolitical intelligence, although it seems that the information gathering scope is quite wide. During the past five years, the attackers collected information from hundreds of high profile victims although it’s unknown how the information was used.

It is possible that the information was sold on the black market, or used directly.

What are the infection mechanisms for the malware? Does it have self-propagating (worm) capabilities? How does it work? Do the attackers have a customized attack platform?

The main malware body acts as a point of entry into the system which can later download modules used for lateral movement. After initial infection, the malware won’t propagate by itself – typically, the attackers would gather information about the network for a few days, identify key systems and then deploy modules which can compromise other computers in the network, for instance by using the MS08-067 exploit.

In general, the Rocra framework is designed for executing “tasks” that are provided by its C&C servers. Most of the tasks are provided as one-time PE DLL libraries that are received from the server, executed in memory and then immediately discarded.

Several tasks however need to be constantly present in the system, i.e. waiting for the iPhone or Nokia mobile to connect. These tasks are provided as PE EXE files and are installed in the infected machine.
Examples of “persistent” tasks
Once a USB drive is connected, search and extract files by mask/format, including deleted files. Deleted files are restored using a built in file system parser
Wait for an iPhone or a Nokia phone to be connected. Once connected, retrieve information about the phone, its phone book, contact list, call history, calendar, SMS messages, browsing history
Wait for a Windows Mobile phone to be connected. Once connected, infect the phone with a mobile version of the Rocra main component
Wait for a specially crafted Microsoft Office or PDF document and execute a malicious payload embedded in that document, implementing a one-way covert channel of communication that can be used to restore control of the infected machine
Record all the keystrokes, make screenshots
Execute additional encrypted modules according to a pre-defined schedule
Retrieve e-mail messages and attachments from Microsoft Outlook and from reachable mail servers using previously obtained credentials
Examples of “one-time” tasks
Collect general software and hardware environment information
Collect filesystem and network share information, build directory listings, search and retrieve files by mask provided by the C&C server
Collect information about installed software, most notably Oracle DB, RAdmin, IM software including Mail.Ru agent, drivers and software for Windows Mobile, Nokia, SonyEricsson, HTC, Android phones, USB drives
Extract browsing history from Chrome, Firefox, Internet Explorer, Opera
Extract saved passwords for Web sites, FTP servers, mail and IM accounts
Extract Windows account hashes, most likely for offline cracking
Extract Outlook account information
Determine the external IP address of the infected machine
Download files from FTP servers that are reachable from the infected machine (including those that are connected to its local network) using previously obtained credentials
Write and/or execute arbitrary code provided within the task
Perform a network scan, dump configuration data from Cisco devices if available
Perform a network scan within a predefined range and replicate to vulnerable machines using the MS08-067 vulnerability
Replicate via network using previously obtained administrative credentials

The Rocra framework was designed by the attackers from scratch and hasn’t been used in any other operations.

Was the malware limited to only workstations or did it have additional capabilities, such as a mobile malware component?

Several mobile modules exist, which are designed to steal data from several types of devices:
Windows Mobile
iPhone
Nokia

These modules are installed in the system and wait for mobile devices to be connected to the victim’s machine. When a connection is detected, the modules start collecting data from the mobile phones.

How many variants, modules or malicious files were identified during the overall duration of Operation Red October?

During our investigation, we’ve uncovered over 1000 modules belonging to 30 different module categories. These have been created between 2007 with the most recent being compiled on 8th Jan 2013.

Here’s a list of known modules and categories:

Were initial attacks launched at select “high-profile” victims or were they launched in series of larger (wave) attacks at organizations/victims?

All the attacks are carefully tuned to the specifics of the victims. For instance, the initial documents are customized to make them more appealing and every single module is specifically compiled for the victim with a unique victim ID inside.

Later, there is a high degree of interaction between the attackers and the victim – the operation is driven by the kind of configuration the victim has, which type of documents the use, installed software, native language and so on. Compared to Flame and Gauss, which are highly automated cyberespionage campaigns, Rocra is a lot more “personal” and finely tuned for the victims.

Is Rocra related in any way to the Duqu, Flame and Gauss malware?

Simply put, we could not find any connections between Rocra and the Flame / Tilded platforms.

How does Operation Rocra compare to similar campaigns such as Aurora and Night Dragon? Any notable similarities or differences?

Compared to Aurora and Night Dragon, Rocra is a lot more sophisticated. During our investigation we’ve uncovered over 1000 unique files, belonging to about 30 different module categories. Generally speaking, the Aurora and Night Dragon campaigns used relatively simple malware to steal confidential information.

With Rocra, the attackers managed to stay in the game for over 5 years and evade detection of most antivirus products while continuing to exfiltrate what must be hundreds of Terabytes by now.

How many Command & Control servers are there? Did Kaspersky Lab conduct any forensic analysis on them?

During our investigation, we uncovered more than 60 domain names used by the attackers to control and retrieve data from the victims. The domain names map to several dozen IPs located mostly in Russia and Germany.

Here’s an overview of the Rocra’s command and control infrastructure, as we believe it looks from our investigations:

More detailed information about the Command and Control servers will be revealed at a later date.

Did you sinkhole any of the Command & Control servers?

We were able to sinkhole six of the over 60 domains used by the various versions of the malware. During the monitoring period (2 Nov 2012 – 10 Jan 2013), we registered over 55,000 connections to the sinkhole. The number of different IPs connecting to the sinkhole was 250.

From the point of view of country distribution of connections to the sinkhole, we have observed victims in 39 countries, with most of IPs being from Switzerland. Kazakhstan and Greece follow next.

Sinkhole statistics – 2 Nov 2012 – 10 Jan 2013

Is Kaspersky Lab working with any governmental organizations, Computer Emergency Response Teams (CERTs), law enforcement agencies or security companies as part of the investigation and disinfection efforts?

Kaspersky Lab, in collaboration with international organizations, Law Enforcement, Computer Emergency Response Teams (CERTs) and other IT security companies is continuing its investigation of Operation Red October by providing technical expertise and resources for remediation and mitigation procedures.

Kaspersky Lab would like to express their thanks to: US-CERT, the Romanian CERT and the Belarusian CERT for their assistance with the investigation.

If you are a CERT and would like more information about infections in your country, please contact us at theflame@kaspersky.com.

Here’s a link to the full paper (part 1) about our Red October research. During the next days, we’ll be publishing Part 2, which contains a detailed technical analysis of all the known modules. Please stay tuned.

A list of MD5s of known documents used in the Red October attacks:
114ed0e5298149fc69f6e41566e3717a
1f86299628bed519718478739b0e4b0c
2672fbba23bf4f5e139b10cacc837e9f
350c170870e42dce1715a188ca20d73b
396d9e339c1fd2e787d885a688d5c646
3ded9a0dd566215f04e05340ccf20e0c
44e70bce66cdac5dc06d5c0d6780ba45
4bfa449f1a351210d3c5b03ac2bd18b1
4ce5fd18b1d3f551a098bb26d8347ffb
4daa2e7d3ac1a5c6b81a92f4a9ac21f1
50bd553568422cf547539dd1f49dd80d
51edea56c1e83bcbc9f873168e2370af
5d1121eac9021b5b01570fb58e7d4622
5ecec03853616e13475ac20a0ef987b6
5f9b7a70ca665a54f8879a6a16f6adde
639760784b3e26c1fe619e5df7d0f674
65d277af039004146061ff01bb757a8f
6b23732895daaad4bd6eae1d0b0fef08
731c68d2335e60107df2f5af18b9f4c9
7e5d9b496306b558ba04e5a4c5638f9f
82e518fb3a6749903c8dc17287cebbf8
85baebed3d22fa63ce91ffafcd7cc991
91ebc2b587a14ec914dd74f4cfb8dd0f
93d0222c8c7b57d38931cfd712523c67
9950a027191c4930909ca23608d464cc
9b55887b3e0c7f1e41d1abdc32667a93
9f470a4b0f9827d0d3ae463f44b227db
a7330ce1b0f89ac157e335da825b22c7
b9238737d22a059ff8da903fbc69c352
c78253aefcb35f94acc63585d7bfb176
fc3c874bdaedf731439bbe28fc2e6bbe
bb2f6240402f765a9d0d650b79cd2560
bd05475a538c996cd6cafe72f3a98fae
c42627a677e0a6244b84aa977fbea15d
cb51ef3e541e060f0c56ac10adef37c3
ceac9d75b8920323477e8a4acdae2803
cee7bd726bc57e601c85203c5767293c
d71a9d26d4bb3b0ed189c79cd24d179a
d98378db4016404ac558f9733e906b2b
dc4a977eaa2b62ad7785b46b40c61281
dc8f0d4ecda437c3f870cd17d010a3f6
de56229f497bf51274280ef84277ea54
ec98640c401e296a76ab7f213164ef8c
f0357f969fbaf798095b43c9e7a0cfa7
f16785fc3650490604ab635303e61de2

GReAT
Kaspersky Lab Expert
Posted January 14, 13:00 GMT

Find this story at 14 Januar 2013

And “Red October” Diplomatic Cyber Attacks Investigation

Angriff von “Roter Oktober” Spionageprogramm

Anti-Viren-Experten haben einen ausgeklügelten Spionagevirus auf Rechnern vor allem in Russland und Zentralasien entdeckt. Dateien und E-Mails wurden in großem Stil entwendet. Zu den Zielen gehörten Regierungen, Botschaften, Forschungseinrichtungen, Militär und Energiewirtschaft.

Moskau – Sicherheitsexperten haben einen großangelegten Spionageangriff auf diplomatische Vertretungen, Regierungsorganisationen und Forschungsinstitute in Osteuropa und Zentralasien entdeckt. Die Fachleute der russischen Sicherheitssoftware-Firma Kaspersky berichten, dass die Spionageprogramme über fünf Jahre hinweg unentdeckt auf den Computern und in den Netzwerken der betroffenen Organisationen systematisch nach hochsensiblen Dokumenten mit vertraulichen, oft geopolitisch relevanten Inhalten suchten. Weil die Spionagesoftware so lange unentdeckt blieb, haben die Kaspersky-Experten sie “Red October” (kurz Rocra) getauft – wie das lautlose U-Boot in Tom Clancys Thriller.

Die Angreifer nutzen demnach hochspezialisierte Schadprogramme. Die russischen Experten zeigen sich beeindruckt von der dabei genutzten Infrastruktur: Die Komplexität der Rocra-Software könnte es mit Flame aufnahmen, schreiben sie. Der Hightech-Schädling Flame galt bei der Entdeckung Anfang 2012 als eine der komplexesten Bedrohungen, die je entdeckt worden sind.

Rocras Komponenten spionierten verschiedene Plattformen aus: PC, iPhones, Nokia- und Window-Mobile-Smartphone sowie Business-Hardware des US-Konzerns Cisco.

Kommando-Rechner haben die Kaspersky-Experten an 60 verschiedenen Serverstandorten beobachtet, davon viele in Russland und Deutschland. Mit der Virenfamilie um Flame, Gauss und Duqu, deren Ziele sich vor allem in Iran und im Nahen Osten befinden, hat Rocra aber nichts zu tun, glauben die Kaspersky-Forscher. Man habe keine Verbindungen finden können, Rocra sei wesentlich “personalisierter” als Flame, Duqu und Gauss.

Wer ist betroffen?

Kaspersky schreibt, man habe “mehrere hundert” befallene Rechner weltweit entdeckt. Betroffen seien vor allem Computer und Netzwerke in Regierungsstellen, diplomatischen Vertretungen, Forschungsinstituten, im Nuklearsektor, in der Öl- und Gasindustrie, in Luftfahrtunternehmen und im Militär.

Kaspersky hat zudem über Monate hinweg analysiert, in welchen Staaten die eigene Software Spuren von Rocra-Infektionen findet. So entstand diese Rangliste der Infektionen nach Standort der betroffenen Systeme (in Klammern steht jeweils die Zahl der infizierten Systeme):

Russland (35)
Kasachstan (21)
Aserbaidschan (15)
Belgien (15)
Indien (14)
Afghanistan (10)
Armenien (10)
Iran (7)
Turkmenistan (7)

Außerdem betroffen sind demnach jeweils fünf oder sechs Rechner oder Netzwerke in der Ukraine, den USA, Vietnam, Weißrussland, Griechenland, Italien, Marokko, Pakistan, der Schweiz, Uganda und den Vereinigten Arabischen Emiraten.

Was suchten die Täter?

Laut Kaspersky wurden Dateien in großem Stil von den infizierten Rechnern kopiert. Die Beschreibung klingt eher nach einer breit angelegten Erkundung als nach zielgerichteten Angriffen. Die Täter haben nach Textdateien, Tabellen, Schlüsseln für die Kryptografie-Programme PGP und GnuPG gesucht. Auch E-Mails wurden kopiert, angeschlossene Laufwerke und Smartphones ausgelesen.

Dateiendungen, nach denen Rocra Ausschau hielt, deuten laut Kaspersky auch auf ein besonderes Interesse an Dateien hin, die mit dem von der EU und Nato genutzten Verschlüsselungsprogramm Acid Cryptofiler in Zusammenhang stehen. Die Dateiendung xia könnte ein Hinweis auf die deutsche Verschlüsselungssoftware Chiasmus sein.

Wie wurde der Angriff entdeckt?

Auf den Angriff wurde Kaspersky nach eigenen Angaben von einem Geschäftspartner hingewiesen, der anonym bleiben möchte. Die Analyse des entdeckten Schädlings brachte die Forscher dann auf die Spur weiterer Opfer. Mit einer Art Fallenkonstruktion, einem sogenannten Sinkhole, identifizierte Kaspersky schließlich sechs der 60 Kontrollserver, von denen die befallenen Rechner Befehle empfangen.

Wie gingen die Angreifer vor?

Die Attacken waren offenbar genau auf die jeweiligen Opfer zugeschnitten. So verschickten die Angreifer per E-Mail Dokumente, die für die Opfer interessant zu sein schienen. Als Beispiel präsentiert Kaspersky den Screenshot einer Werbeanzeige für ein gebrauchtes Diplomatenfahrzeug. Spätere Infektions-E-Mails seien offenbar auf Basis früher entwendeter Daten passgenau aufgesetzt worden. Die Dokumente waren mit einem Schadcode kombiniert, der bereits bekannte Sicherheitslücken ausnutzte, und zwar in Microsoft Word und Excel.

Sobald der Empfänger einen solchen Dateianhang öffnete, wurde ein Trojaner in die Rechner eingeschleust, der dann wiederum einen weiteren Schadcode aus einer gewaltigen Bibliothek nachlud. Gesteuert wurden die gekaperten Rechner dann von einer Kaskade von 60 sogenannten Command-&-Control-Servern (C&C). Die seien so hintereinander geschaltet, dass es unmöglich sei, die eigentliche Quelle der Steuerbefehle auszumachen, so Kaspersky.

Die Spionagewerkzeuge, die nachgeladen wurden, sind vielfältig und ausgeklügelt. Über tausend Software-Module habe man gefunden, die 34 verschiedene Funktionen erfüllten. Manche Module erkundeten das befallene Netzwerk, kopierten die Surf-History des installierten Browsers oder prüften, welche Laufwerke angeschlossen waren. Andere waren auf Passwort-Klau spezialisiert oder darauf, gleich den gesamten E-Mail-Verkehr oder ganze Verzeichnisse von dem befallenen Rechner zu kopieren. Andere Module waren auf das Auslesen von angeschlossenen USB-Laufwerken spezialisiert, einige sogar auf das Wiederherstellen gelöschter Daten auf solchen Laufwerken.

Auch an infizierte Rechner angeschlossene Mobiltelefone kann Rocra übernehmen oder zumindest auslesen, die Kontaktliste beispielsweise. Fast schon selbstverständlich, dass die Angreifer auch Hintertüren auf den befallenen Rechnern und Telefonen installierten, um später weitere Befehle ausführen oder Software nachladen zu können. Rocra überträgt die gefundenen Dateien schließlich gepackt und verschlüsselt über das Internet an Steuerungsrechner.

Wer könnte dahinterstecken?

Kaspersky zufolge enthält die Schadsoftware Hinweise auf Entwickler aus mindestens zwei unterschiedlichen Nationen. Die Exploits, also die Teile des Schadcodes, die bestimmte Sicherheitslücken ausnutzen, “scheinen von chinesischen Hackern entwickelt worden zu sein”, schreiben die Autoren des Berichts. Sie seien in der Vergangenheit auch schon bei Cyberangriffen gegen tibetische Aktivisten und Ziele aus dem Energie- und Militärbereich in Asien eingesetzt worden. Solche Exploits könnten auch auf dem Schwarzmarkt eingekauft worden sein. Der Malware-Code selbst aber scheine von “russischsprachigen” Entwicklern zu stammen.

So tauchte im Programmcode beispielsweise der russische Begriff “Zakladka” auf. Es kann Grundstein heißen oder für etwas “Eingebettetes” stehen. Der Begriff könnte aber auch “Lesezeichen” oder einfach “nicht näher definierte Funktion” bedeuten. Damit könnte aber auch ein “in der Wand einer Botschaft verstecktes Mikrofon” gemeint sein, heißt es in dem Kaspersky-Bericht.

…

14. Januar 2013, 18:37 Uhr

Von Konrad Lischka und Christian Stöcker

Find this story at 14 Januar 2013

© SPIEGEL ONLINE 2013

‘Red October’ cyber-attack found by Russian researchers

A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.

Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.

It was designed to steal encrypted files – and was even able to recover files that had been deleted.

One expert described the attack find as “very significant”.

“It appears to be trying to suck up all the usual things – word documents, PDFs, all the things you’d expect,” said Prof Alan Woodward, from the University of Surrey.

“But a couple of the file extensions it’s going after are very specific encrypted files.”

In a statement, Kaspersky Labs said: “The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.

“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.”
‘Carefully selected’

In an interview with the BBC, the company’s chief malware researcher Vitaly Kamluk said victims had been carefully selected.

“It was discovered in October last year,” Mr Kamluk said.

“We initiated our checks and quite quickly understood that is this a massive cyber-attack campaign.

“There were a quite limited set of targets that were affected – they were carefully selected. They seem to be related to some high-profile organisations.”

Red October – which is named after a Russian submarine featured in the Tom Clancy novel The Hunt For Red October – bears many similarities with Flame, a cyber-attack discovered last year.

Like Flame, Red October is made up of several distinct modules, each with a set objective or function.

“There is a special module for recovering deleted files from USB sticks,” Mr Kamluk said.

“It monitors when a USB stick is plugged in, and it will try to undelete files. We haven’t seen anything like that in a malware before.”

Also unique to Red October was its ability to hide on a machine as if deleted, said Prof Woodward.

“If it’s discovered, it hides.

“When everyone thinks the coast is clear, you just send an email and ‘boof’ it’s back and active again.”
Cracked encryption

Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common.

Prof Woodward explained that while Cryptofiler is no longer used for extremely sensitive documents, it is still used by the likes of Nato for protecting privacy and other information that could be valuable to hackers.

Red October’s targeting of Cryptofiler files could suggest its encryption methods had been “cracked” by the attackers.

Like most malware attacks, there are clues as to its origin – however security experts warn that any calling cards found within the attack’s code could in fact be an attempt to throw investigators off the real scent.

Kaspersky’s Mr Kamluk said the code was littered with broken, Russian-influenced English.

“We’ve seen use of the word ‘proga’ – a slang word common among Russians which means program or application. It’s not used in any other language as far as we know.”

But Prof Woodward added: “In the sneaky old world of espionage, it could be a false flag exercise. You can’t take those things at face value.”

Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses. In simpler terms, this means that large numbers of computers were infected in single locations – possibly government buildings or facilities.

A 100-page report into the malware is to be published later this week, the company said.

14 January 2013 Last updated at 13:26 GMT
By Dave Lee
Technology reporter, BBC News

Find this story at 14 Januar 2013

BBC © 2013 The BBC is not responsible for the content of external sites. Read more.

The hunt for Red October: The astonishing hacking ring that has infiltrated over 1,000 high level government computers around the world

Researchers say the cyber attack has been in operation since 2007 – and is still running
Operation described as ‘massive’ and has stolen ‘several terabytes’ of data
Security firm which discovered the attacks claims there is ‘strong technical evidence the attackers have Russian-speaking origins’- but say a private firm or rogue nation could be behind the network.
Targets included diplomatic and governmental agencies of various countries across the world, research institutions, energy and nuclear groups, and trade and aerospace firms

A major cyber-attack that has been stealing information from high level government computers around the world since 2007 has been discovered.

Kaspersky Labs, which made the discovery, said in addition to diplomatic and governmental agencies of various countries across the world, Red October also targeted research institutions, energy and nuclear groups, and trade and aerospace targets.

The firm even said the malware was used to infiltrate smartphones of government workers to electronically steal information.

The full extent of the Red October operation is revealed in this infographic, showing how it has hit countries across the globe

WHAT HAS BEEN STOLEN?

The main objective of the attackers was to gather sensitive documents from the compromised organisations.

This included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.

Overall, Kaspersky said over 7 terabytes, or 7,000GB data has been stolen.

The primary focus of the campaign was targeting countries in eastern Europe.

‘Former USSR Republics and countries in Central Asia were targeted, although victims can be found everywhere, including Western Europe and North America’, said Kaspersky Lab, an antivirus software firm which made the discovery.

‘The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,’

Red October, which has been active since at least 2007, appears to collect files encrypted with software used by several entities from the European Union to Nato.

Kaspersky said Red October also infected smartphones, including iPhones, Windows Mobile and Nokia handsets.

It is believed to be still operating, although since the research was published, the attackers are believed to have started dismantling the system to protect their identities.

‘The project started in October 2012, we received a suspicious executable from a partner,’ Vitaly Kamluk, Chief Malware Expert at Kaspersky Lab told MailOnline.

‘We checked and began to understand what we had was quite massive – we found 1,000 different files in a few weeks, each of them a personalised email.’

Mr Kamluk said the attacks were highly customised.

‘There are a very limited number of machines, around 1,000 around the world, but every target is carefully selected.’

‘We extracted language used and found Broken English was used, with Russian words thrown in, such as Proga, commonly used among Russian programmers.

‘However, we are not pointing fingers at Russia – just that Russian language has been spotted.

‘It could be any organisation or country behind this, it could be nation states or a private business or criminal group.

HOW RED OCTOBER WORKS

One of the fake emails used to infect computers

Red October is a malware attack.

Initially the malicious code was delivered via e-mail as attachments (Microsoft Excel, Word and, probably PDF documents) which were rigged with exploit code for known security vulnerabilities in the various applications.

Intended targets received personalised correspondence based on gathered intelligence on individual people (an example is on the right).

These attacks comprised of two major stages:

Initial infection: Right after the victim opens the malicious document on a vulnerable system, the embedded malicious code initiates the setup of the main Red October software on the machine.

This handles further communication with the master servers run by the hackers, and can survive the computer being restarted.

Spying: Next, the system receives a number of additional spy modules from the hacker’s server, including modules to handle infection of smartphones – the team said iPhones, Windows phones and Nokia handsets were seen on the network.

The specific modules are customised for each mobile depending on the infomration the hackers wanted.

The main purpose of the spying modules is to steal information.

All gathered information is packed, encrypted and only then transferred to the Red October command servers.

Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common

The campaign, identified as ‘Rocra’, short for ‘Red October’, is currently still active with data being sent to multiple command-and-control servers, through a configuration which rivals in complexity the infrastructure of the Flame malware.

Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses.

Most infection connections were found coming from Switzerland, followed by Kazakhstan and Greece.

‘There is senstitive geopolitical information being stolen, which is very valuable,’ said Mr Kamluk.

Kaspersky estimate there were 20-30 developers working full time on this, and all were ‘very experienced programmers’.

…

By Mark Prigg

PUBLISHED: 14:39 GMT, 16 January 2013 | UPDATED: 14:56 GMT, 16 January 2013

Find this story at 16 Januar 2013
© Associated Newspapers Ltd

Former U.S. Navy Officer Detained for Attempting to Spy for Russia

Hoffman, 39, is set to remain in custody until a detention hearing on Tuesday.

A former U.S. Navy officer has been detained for attempting to hand over secret information on tracking U.S. submarines to Russian intelligence.

CNN reported Thursday that submarine specialist Robert Patrick Hoffman II was detained Thursday morning in Virginia Beach, Virginia, while trying to pass classified information to CIA operatives posing as Russian agents.

…

07 December 2012
The Moscow Times

Find this story at 6 December 2012

© Copyright 2013. The Moscow Times. All rights reserved.

Former Navy Sailor Charged with Attempted Espionage

A former Navy sailor has been arrested and charged with attempting to pass classified information about U.S. submarines to Russian spies.

Robert Patrick Hoffman II was arrested by agents from the FBI and the Naval Criminal Investigative Service (NCIS) this morning at his home in Virginia Beach.

According to the indictment returned by a federal grand jury in Norfolk, Va., Hoffman served in the Navy for 22 years and achieved the rank of petty officer first class. Hoffman worked as a cryptological technician where he had access to classified information about codes and signals intelligence. Hoffman, who served as a submarine warfare specialist, retired from active duty on Nov. 1, 2011.

The indictment alleges that on Oct. 21, 2012 Hoffman attempted to pass information “relating to the national defense of the United States, including information classified as SECRET that revealed and pertained to methods to track U.S. submarines, including the technology and procedures required.”

Hoffman believed he was meeting with representatives from the Russian government but in actuality they were undercover FBI agents.

“The indictment does not allege that the Russian Federation committed any offense under U.S. laws in this case,” the Justice Department noted in the press release announcing the case.

…

Dec 6, 2012 4:43pm

Find this story at 6 December 2012

Copyright © 2013 ABC News

FBI: Retired sailor faces spy charges

A retired cryptologic technician allegedly attempted to deliver sub-tracking secrets to the Russians, but ended up caught in an FBI sting instead.

A federal grand jury charged retired Cryptologic Technician 1st Class (SS) Robert Patrick Hoffman II on Wednesday with attempted espionage, according to an FBI release. The former sailor earned a top secret security clearance while in the Navy, according to the release, and allegedly offered secret information to the Russians in October.

The “Russians” were actually part of an undercover FBI operation, according to the release. Hoffman, 39, was arrested Thursday morning “without incident” and is scheduled to be in federal court in Norfolk, Va., on Thursday afternoon.

…

He retired Oct. 31, 2011, about a year before his alleged espionage.

By Kevin Lilley – Staff writer
Posted : Thursday Dec 6, 2012 13:52:16 EST

Find this story at 6 December 2012

All content © 2013, Gannett Government Media Corporation