Verrat bei der Nato30 augustus 2013
Eine Notfallübung der US-Streitkräfte in Afghanistan: Die gestohlenen Ramstein-Dossiers offenbar die geheime Taktik der Nato-Einsatzkräfte in Krisenfällen
Fataler Spähangriff auf das Militärbündnis: Ein Deutscher soll die GEHEIMSTEN KRISENPLÄNE gestohlen und verkauft haben
Ein kleiner Ort in der Pfalz, gerade mal 900 Einwohner. Gepflegte Gemüsebeete, an den Obstbäumen blinken die letzten Äpfel des Jahres. Ab und zu rumpeln Bauern mit ihren Traktoren über die Dorfstraße von Börrstadt, 25 Kilometer östlich von Kaiserslautern. Auf einem vergilbten Plakat, mit Reißnägeln an der dicken Linde befestigt, bittet die Landjugend zum Tanz.
In dem schmucklosen Einfamilienhaus in der Hintergasse ist niemand willkommen. „Ich sage nichts“, ruft Rosemarie K. mit viel Zorn in der Stimme und lässt sofort die Rollläden herunter.
Die Nachbarschaft bewegt sich jetzt hinter Gardinen, viele hören wohl zu. Und fragen sich wie schon seit mehreren Wochen: Wo ist bloß der Ehemann von Rosemarie K.? Was mag passiert sein?
Es ist ein realer Krimi, passiert direkt vor der Tür. Und niemand hat es bemerkt: Das spitzgiebelige Haus stand wochenlang unter heimlicher Beobachtung – auch Telefon, E-Mail und Faxgerät wurden überwacht.
Anfang August dann, keiner hat es so früh am Morgen gesehen, holten Staatsschützer des Landeskriminalamts (LKA) Rheinland-Pfalz den Hauseigentümer Manfred K. ab. Seitdem sitzt der 60-Jährige auf Anordnung des Ermittlungsrichters am Bundesgerichtshof in Untersuchungshaft.
Die Karlsruher Bundesanwaltschaft und das LKA in Mainz ermitteln in einem harten Polit- und Spionagethriller:
Manfred K. soll jahrelang auf dem 1400 Hektar großen US-Militärflughafen Ramstein die geheimsten Programme und Codeschlüssel für weltweite Luftlandeoperationen der US-Streitkräfte gestohlen haben.
Die Fahnder haben klare Hinweise darauf, dass Manfred K. die brisante Ware bereits verkauft hat – womöglich sogar an Feinde und potenzielle Kriegsgegner der USA.
Ein Beleg für dieses Geschäft könnten die circa 6,5 Millionen Euro sein, die Fahnder des Mainzer LKA auf Tarnkonten von Manfred K. in Luxemburg und in London entdeckten.
Die Affäre, die nahezu unbemerkt in der Pfalz begann, hat längst das Pentagon in Washington erreicht. Angespannt verfolgt das US-Verteidigungsministerium die Ermittlungen in Deutschland. Das Allied Command Counterintelligence (ACCI), die Spionageabwehr der Nato, muss über seine Büros in Heidelberg und Ramstein permanent Bericht erstatten.
Ramstein Air Base, auf dem 35 000 Soldaten und 6000 Nato-Zivilisten wie Manfred K. arbeiten, ist immerhin der größte Luftwaffenstützpunkt außerhalb der USA. Auch die Nato-Kommandobehörde zur Führung von Luftstreitkräften ist hier untergebracht.
Über zwei Start- und Landebahnen wickeln die USA Truppen-, Fracht- und Evakuierungsflüge ab. Verletzte GIs landen hier und werden anschließend in Landstuhl behandelt. Kampfbrigaden der 101. oder der 82. Luftlandedivision sowie Spezialeinheiten wie Rangers, Delta Force oder Navy Seals fliegen von der Pfalz aus in den Einsatz. Bis 2005 lagerten in Ramsteins Bunkern 130 Atomwaffen.
Der militärische Schaden, verursacht durch den mutmaßlichen Verräter Manfred K., ist offenbar gigantisch. „Die weltweite Eventualplanung für Krisen- und Kriegseinsätze müsste komplett neu gemacht werden, weil der potenzielle Gegner alles weiß. Das bedeutet jahrelange Generalstabsarbeit“, sagt Erich Schmidt-Eenboom, einst Sicherheitsoffizier der Heeresflugabwehr 1 in Hannover und heute Autor von Geheimdienst-Büchern.
FOCUS Magazin | Nr. 44 (2012)
Verrat bei der Nato – Seite 2
dpa
Fallschirmspringer der US-Armee verlassen in Ramstein ein Transportflugzeug
Ob und an wen Manfred K. die Militärdaten aus Ramstein für die bislang entdeckten Millionen verscherbelt hat, ist derzeit noch ungeklärt. Der Spezialist für Informationstechnik und Telekommunikation, den Kollegen und Nachbarn als kontaktscheuen Eigenbrötler beschreiben, macht kaum Angaben zur Sache. Die verdächtigen Millionen will er bei Bankgeschäften verdient haben.
Die LKA-Leute fanden heraus, dass K., seit 1991 in Ramstein beschäftigt, die auf mehrere Sticks überspielten Geheimdaten ausgedruckt haben muss. Papier fand sich indes nicht mehr – hat also jemand dafür in harter Währung bezahlt?
„Russlands Militärgeheimdienst GRU würde für solches Material zehn Millionen Dollar auf den Tisch legen – ohne auch nur mit der Wimper zu zucken“, behauptet ein Spionageabwehr-Experte des Bundeskriminalamts im Gespräch mit FOCUS.
Die Ermittlungen gegen Manfred K., der als Nato-Mitarbeiter im Monat mehr als 6000 Euro netto verdiente und morgens mit seinem koreanischen Kleinwagen nach Ramstein fuhr, orientieren sich derzeit an Paragraf 96 des Strafgesetzbuches. Die „landesverräterische Ausspähung“ von Staatsgeheimnissen wird demnach mit Gefängnis bis zu zehn Jahren bestraft.
Sollte jedoch ein klarer Kontakt zu einem ausländischen Geheimdienst nachgewiesen werden, könnte die Strafe härter ausfallen. So erging es in den 80er-Jahren einem Mitarbeiter der 8. US-Luftlandedivision in Mainz, der geheime Unterlagen an die Russen verkauft hatte. Der Mann wurde zu 15 Jahren Gefängnis verurteilt.
Die Ermittler haben in diesen Tagen ziemlich viel Spaß daran, dass sich der mutmaßliche Datenräuber Manfred K. letztlich selbst ans Messer geliefert hat. Der Delinquent wollte schlauer als alle Sicherheitsbehörden sein – und fiel damit voll auf die Nase.
„60 Jahre“, sagte der stets gepflegte 1,75 Meter große Mann zu einem Nachbarn, „sind doch kein Alter.“ K. und seine Frau, obwohl schwer zuckerkrank, schwärmten davon, nach Mittelamerika auszuwandern. Seinen vorzeitigen Ruhestand wollte K. mit einem Trick erzwingen.
Schritt eins: K. spendete eine größere Geldsumme an die vom Verfassungsschutz beobachtete – aber nicht verbotene – NPD.
Schritt zwei: K. schrieb anonym an das Kölner Bundesamt für Verfassungsschutz und teilte als angeblich treuer Staatsbürger mit, dass ein gewisser Herr Manfred K. aus 67725 Börrstadt/Pfalz, Datenspezialist auf dem US-Fliegerhorst Ramstein und befugt zum Umgang mit Geheimpapieren, ein Unterstützer der rechtsradikalen NPD sei. Schritt drei – wie K. hoffte: Das Bundesamt für Verfassungsschutz wird dem Nato-Mitarbeiter K. keinen weiteren Zugang zu Dossiers gestatten.
Schritt vier – wie K. glaubte: Die Nato wird K. mit guten Bezügen in den vorzeitigen Ruhestand schicken. Und tschüss!
So kam es aber nicht. Die Kölner Behörde ließ K. pro forma den Sicherheitscheck bestehen und verständigte parallel die Kollegen vom Nato-Abwehrdienst ACCI.
FOCUS Magazin | Nr. 44 (2012)
Verrat bei der Nato – Seite 3
dpa
Drehscheibe Ramstein: Die gestohlenen Dossiers liefern Informationen über die Logistik der Nato
Jetzt begann die konzertierte Aktion gegen den vermeintlichen Maulwurf. Spezialisten der US-Streitkräfte stellten mit Entsetzen fest, dass Manfred K. wohl seit Jahren auf sensibelste Daten zugreifen konnte. Das Mainzer LKA, mittlerweile von der Bundesanwaltschaft eingeschaltet, fand bei seinen verdeckten Ermittlungen heraus: K. hatte offenbar einen über Funk gesteuerten und von außen nicht zu knackenden Datentunnel geschaffen. Mit ihm konnte er die illegal abgezweigten Infos direkt von seinem Büro in Ramstein auf den Heimcomputer in Börrstadt überspielen.
Nach Feierabend war´s dann wohl ein Kinderspiel: K. soll die erbeuteten Daten auf USB-Sticks gespeichert haben.
Die zeitgleiche Überwachung des Informatikers brachte keine Erkenntnisse. Das Ehepaar lebt völlig isoliert in Börrstadt. Niemand rief an. Niemand kam ins Haus, keine Freunde, keine Verwandten. Gelegentlich telefonierte K. mit seinem 88-jährigen Schwiegervater, der ganz in der Nähe einen Bauernhof besitzt und gegenüber FOCUS beteuerte: „Der Manfred ist ein lieber, ehrlicher und fleißiger Mensch. Bei Reparaturen auf dem Hof hat er mir stets geholfen. Der spioniert doch nicht, nie und nimmer.“
Kurz nach K.´s Verhaftung setzte eine penible Hausdurchsuchung ein. Beschlagnahmte Unterlagen, zum Teil verschlüsselt, lieferten Hinweise auf die versteckten Millionenkonten.
Die allerbesten Beweise waren raffiniert versteckt. Einen USB-Stick entdeckten die Fahnder in einem Einweckglas mit Kompott, ein anderer lag unter gut duftenden Lavendelblättern. Als die Beamten damit drohten, bei der Suche nach weiteren Beweisen den Fußboden aufzustemmen und die recht neue Küche auseinanderzunehmen, soll die Pfälzer Hausfrau Rosemarie K. schnell nachgegeben haben: Somit fanden die Ermittler schließlich zwei weitere Sticks mit zunächst seltsamen Inhalten.
Bei der ersten Überprüfung der Datenspeicher stießen die LKA-Ermittler auf Bilder aus Panama, auf Fotos von Schiffen und auf lustige Seemannslieder. Manfred K. hatte sofort eine Erklärung dafür: Er wolle womöglich mit seiner Frau nach Panama auswandern, und die Seefahrt mitsamt ihren Liedern, die habe ihn schon immer fasziniert.
Die anderen Daten konnte der Untersuchungshäftling überhaupt nicht erklären: Im Umfeld der gespeicherten Reise- und Seemannsfolklore waren, handwerklich sehr geschickt, geheime Daten von der Ramstein Air Base versteckt. Ein Volltreffer für das LKA.
So viel Raffinesse hatten die meisten Fahnder noch nie erlebt. Deshalb baten sie um eine ungewöhnliche Amtshilfe: Der Militärische Abschirmdienst (MAD), der Geheimdienst der Bundeswehr, wurde um die Bereitstellung eines Bodenradars gebeten. Mit diesem High-Tech-Gerät können die besten Verstecke im Boden aufgespürt werden.
Zunächst wieherte der Amtsschimmel. Der MAD zierte sich, da er das gesetzlich geregelte Trennungsgebot bei der Kooperation von Nachrichtendienst und Polizei verletzt sah. Schließlich kam das grüne Licht – und Rosemarie K. wurde wirklich wütend.
Vor dem Einsatz des Bodenradars räumte ein Trupp der Polizei das gesamte Haus aus – alles landete im Garten, mit einer großen Plane tagelang vor Wind und Wetter geschützt. Doch der Aufwand sollte sich lohnen. Zwei weitere Sticks wurden entdeckt – und ein Gelddepot mit ein paar tausend Euro unter der Badewanne.
Ein Videoteam der Polizei dokumentierte die Zwangsräumung und die anschließende Handwerkerleistung: Alle Tapeten, zumeist noch mit Blümchenmuster aus den 50er-Jahren, mussten runter.
Rosemarie K. kennt da kein Pardon. Für das staatliche Stühlerücken verlangt sie jetzt Schadensersatz.
Montag, 29.10.2012, 00:00 · von FOCUS-Reporter Josef Hufelschulte und FOCUS-Redakteur Marco Wisniewski
AFP
Find this story at 29 October 2012
© FOCUS Online 1996-2013
Elusive Snowden Could Cause New Hitch in U.S.-Russia Ties1 juli 2013
Ecuador’s flag flying above its coat of arms at the country’s embassy in Moscow on Monday. Snowden is seeking asylum in the South American nation.
Journalists flocked to Moscow’s Sheremetyevo Airport on Monday to board a flight to Cuba that supposedly would also contain fugitive Edward Snowden, who is attempting to escape arrest by U.S. authorities for revealing highly classified surveillance programs.
According to a widely distributed statement by an unidentified Aeroflot employee, Snowden should have been on flight SU150 direct to Havana leaving Moscow on Monday afternoon. The Aeroflot employee even said which seat he was to occupy, 17A.
But reporters, whose news organizations shelled out about $2,000 per ticket to get them on board at the last minute, found no Snowden anywhere on board — increasing suspicions that Russia could be helping to stymie U.S. efforts to catch him amid a low point in bilateral relations.
After Snowden supposedly arrived at Sheremetyevo from Hong Kong on Sunday, Washington pressured Moscow to detain him, apparently to no avail. Russian officials said that given poor ties between the countries, which have split in recent months over issues including the civil war in Syria and the U.S. Magnitsky Act, they are in no rush to help their former Cold War foes.
“Ties are in a rather complicated phase, and when ties are in such a phase, when one country undertakes hostile action against another, why should the United States expect restraint and understanding from Russia?” Alexei Pushkov, the head of the State Duma’s International Affairs Committee, repeated Reuters.
A former technical contractor with the U.S. National Security Agency, Snowden is reportedly seeking to travel to Ecuador, which is considering his asylum request. His current whereabouts are unknown.
Ecuador has already equipped Snowden with refugee papers that could allow him safe passage to his destination, according to WikiLeaks founder Julian Assange, whose organization has assisted Snowden. The U.S. government said earlier that Snowden’s American passport had been revoked.
Assange told the Guardian on Monday that he was aware of Snowden’s whereabouts but that he was unable to reveal them due to “bellicose threats coming from the U.S. administration.”
U.S. Secretary of State John Kerry, speaking on Monday at a news conference in New Delhi, implored Russia to assist in efforts to apprehend Snowden, recalling that over the last two years, the U.S. had extradited seven prisoners requested by Russia. “Reciprocity and the enforcement of the law is pretty important,” he said.
“I suppose there is no small irony here. I mean, I wonder if Mr. Snowden chose China and Russia’s assistance in his flight from justice because they are such powerful bastions of Internet freedom, and I wonder if while he was in either of those countries he raised the question of Internet freedom, since that seems to be what he champions,” Kerry said.
The cooperation described by Kerry is a drop in the bucket compared to the disputes between the countries, however.
Following some successes during a “reset” in ties kicked off in 2009 at the behest of U.S. President Barack Obama, relations took a sharp downward turn with the return of Vladimir Putin to the Kremlin last year.
Under Putin, the Russian government has undertaken what critics call a harsh crackdown on the opposition and on civil society, including kicking out the U.S. Agency for International Development, while the U.S. last year passed the Magnitsky Act, which imposes economic and travel restrictions on Russian officials implicated in human rights abuses. Russia retaliated by outlawing U.S. adoptions of Russian orphans.
More recently, the two nations have argued bitterly over what tack to take in seeking a solution to the civil war in Syria, with Russia backing President Bashar Assad and the U.S. supporting the rebels.
Now, the fate of Snowden, a 30-year-old former employee of a U.S. security contractor whose exposure of government phone and Internet surveillance has provoked public outrage, is becoming another point of contention.
According to Andrei Soldatov, a leading expert in Russia’s security agencies, the Russian government itself has an extensive system to monitor almost any kind of communication between its citizens.
Pushkov said Russia had no obligation to help the U.S. in this situation, given the recently passed Magnitsky Act. It was unclear whether Russian authorities had had contact with Snowden — Putin’s spokesman said Monday that the Kremlin was unaware of any such contact — but it seemed unlikely that the government could be unaware of Snowden’s whereabouts if he had entered Russia.
“All these flights carried out by Aeroflot via Moscow, as though there is no other route, are emblematic of Russia’s involvement in the process,” said Valery Garbuzov, deputy director of the Institute for U.S. and Canadian Studies in Moscow.
Ecuador’s foreign minister also said his government was in “respectful” contact with Russia over Snowden’s asylum application.
Nonetheless, Washington appears to be holding out hope for assistance from Moscow.
Caitlin Hayden, a spokeswoman for the U.S. National Security Council, mentioned “intensified cooperation after the Boston marathon bombings and our history of working with Russia on law enforcement matters” as grounds for Russia “to look at all options available to expel Mr. Snowden back to the U.S. to face justice for the crimes with which he is charged.”
25 June 2013 | Issue 5154
By Ivan Nechepurenko
Nikolay Asmolovskiy / Reuters
Find this story at 25 June 2013
© Copyright 1992-2013. The Moscow Times
Decades of distrust restrain cooperation between FBI and Russia’s FSB10 mei 2013
Shortly after FBI agent Jim Treacy arrived in Moscow in early 2007 as the new legal attache at the U.S. Embassy, he turned around outside a Metro station and saw a man photographing him. Treacy had no doubt his shadow was an agent with the FSB, Russia’s Federal Security Service, and that he wanted to be seen — the officer, after all, was standing 15 feet away, clicking ostentatiously with a long-range lens.
“I just assumed it was the FSB welcoming me back to Moscow,” said Treacy, who did a tour in the Russian capital in the late 1990s.
For much of the past decade, cooperation between the FSB and the FBI has been guarded and pragmatic at best. In the wake of the Boston Marathon bombing, and the identification of ethnic Chechen suspects with potential ties to an Islamist insurgency in the Russian Caucasus, the White House and the Kremlin have been talking up greater cooperation on counterterrorism.
“This tragedy should motivate us to work closer together,” Russian President Vladimir Putin said at a news conference late last month. “If we combine our efforts, we will not suffer blows like that.”
President Obama echoed those remarks, and FBI Director Robert S. Mueller III visited Moscow this week for what were described as productive meetings. FBI agents have been working closely with the FSB to determine whether suspected Boston bomber Tamerlan Tsarnaev, who was killed in a shootout with police four days after the blasts, received any training when he visited Dagestan for six months in 2012. Dagestan, which borders fellow Russian republic Chechnya, has been plagued by a bloody Islamist insurgency.
Russia has provided more information since the April 15 bombing, including details about intercepted telephone conversations involving Tsarnaev’s mother that were the basis of Moscow’s initial concern about his possible extremist leanings. But U.S. counterterrorism agencies have not seen evidence to substantiate reports in Russia that Tsarnaev met with militants in Dagestan.
Deep mutual suspicion, which stretches back to the Cold War and is periodically inflamed by cases such as the sleeper agents busted by the FBI in 2010, means there are significant limits to U.S.-Russian security cooperation, according to former and current law enforcement officials and scholars of the countries’ relationship. Putin once named the United States as the “main opponent,” and the United States and Europe are the targets of aggressive high-tech and industrial espionage by Russia, according to intelligence officials.
“There is a broad culture of mistrust that is going to be very hard to change,” said Fiona Hill, a senior fellow at the Brookings Institution and the co-author of “Mr. Putin: Operative in the Kremlin.” “That’s a huge obstacle to moving forward on counterterrorism. It’s the same sets of people who have to cooperate.”
Hill said that “for real counterterrorism cooperation, as you have with the Brits or the Europeans, you have to be able to share operational information.”
Beyond slivers of intelligence in cases with some mutual interest, neither side appears prepared to risk its secrets. That has limited potential cooperation ahead of Russia’s 2014 Winter Olympics in Sochi, Hill said.
For their part, Russians are no more sanguine about the true state of the bilateral security relationship.
“The key word is trust,” Nikolai Kovalyov, the former director of the FSB, said in a telephone interview. “Trust between people, trust between our politicians and trust between security services. Because we have this mistrust, ordinary Americans now suffer, and some of them had to sacrifice their lives.”
The limit on any broad collaboration does not mean that the agencies cannot work together productively on specific cases — as they appear to be doing on the Boston bombing. “It’s gotten better,” said a U.S. intelligence official, who spoke on the condition of anonymity to discuss the ongoing investigation. Before the bombing, the official added, “It was obviously zero.”
During Treacy’s tenure in Moscow, each side sent the other about 800 requests annually for information or assistance on financial crimes, cyberattacks and organized crime, as well as terrorism.
“Cooperation certainly still existed, because the Russians are nothing if not pragmatic,” said Treacy, who retired in 2009 after 24 years with the FBI. “They look at their relations with the U.S. agencies as a resource that they can mine, and they certainly attempt to do that — at an arm’s length.”
The Russians formed a similar impression of American willingness to take without giving much in return after the Sept. 11, 2001, attacks, when Russia cooperated with U.S. efforts in Afghanistan. But Putin believed that he was repaid for his assistance with NATO’s eastward expansion and U.S. meddling in post-Soviet republics. And the Kremlin views U.S. information sharing as equally self-interested.
…
Michael Birnbaum and Anne Gearan in Moscow and Greg Miller in Washington contributed to this report.
By Peter Finn, Published: May 8
Find this story at 8 May 2013
© The Washington Post Company
The Official Tsarnaev Story Makes No Sense1 mei 2013
We are asked to believe that Tamerlan Tsarnaev was identified by the Russian government as an extremist Dagestani or Chechen Islamist terrorist, and they were so concerned about it that in late 2010 they asked the US government to take action. At that time, the US and Russia did not normally have a security cooperation relationship over the Caucasus, particularly following the Russian invasion of Georgia in 2008. For the Russians to ask the Americans for assistance, Tsarnaev must have been high on their list of worries.
In early 2011 the FBI interview Tsarnaev and trawl his papers and computers but apparently – remarkably for somebody allegedly radicalised by internet – the habitually paranoid FBI find nothing of concern.
So far, so weird. But now this gets utterly incredible. In 2012 Tamerlan Tsarnaev, who is of such concern to Russian security, is able to fly to Russia and pass through the airport security checks of the world’s most thoroughly and brutally efficient security services without being picked up. He is then able to proceed to Dagestan – right at the heart of the world’s heaviest military occupation and the world’s most far reaching secret police surveillance – again without being intercepted, and he is able there to go through some form of terror training or further Islamist indoctrination. He then flies out again without any intervention by the Russian security services.
That is the official story and I have no doubt it did not happen. I know Russia and I know the Russian security services. Whatever else they may be, they are extremely well-equipped, experienced and efficient and embedded into a social fabric accustomed to cooperation with their mastery. This scenario is simply impossible in the real world.
…
Craig Murray is an author, broadcaster and human rights activist. He was British Ambassador to Uzbekistan from August 2002 to October 2004 and Rector of the University of Dundee from 2007 to 2010.
By Craig Murray
April 23, 2013 “Information Clearing House” – There are gaping holes in the official story of the Boston bombings.
Find this story at 22 April 2013
© 2005-2013 GlobalResearch.ca
Gordievsky: Russia has as many spies in Britain now as the USSR ever did15 maart 2013
KGB’s former spy chief in Britain says he has no regrets about betraying the Soviet Union as he likens Putin to Mussolini
Oleg Gordievsky says he is the only agent to defect from the KGB in the 1980s to survive. ‘I was supposed to die,’ he says. Photograph: Steve Pyke
Three decades ago, Oleg Gordievsky was dramatically smuggled out of the Soviet Union in the boot of a diplomatic car. A strident figure of a man, he passed to the British vital details of Moscow’s espionage operation in London.
These days, Gordievsky is a shadow of his former self. He walks with a stick and is stooped, following an episode five years ago in which he says he was poisoned. But though diminished, Gordievsky remains combative and critical of his homeland.
Intriguingly, as Britain and Russia embark on something of a mini-thaw this week with top-level bilateral talks in London, Gordievsky warned that Moscow was operating just as many spies in the UK as it did during the cold war.
Gordievsky, 74, claims a large number of Vladimir Putin’s agents are based at the Russian embassy in Kensington Palace Gardens. As well as career officers, the embassy runs a network of “informers”, who are not officially employed, Gordievsky said, but regularly pass on useful information. They include a famous oligarch.
“There are 37 KGB men in London at the moment. Another 14 work for GRU [Russian military intelligence],” Gordievsky told the Guardian. How did he know? “From my contacts,” he said enigmatically, hinting at sources inside British intelligence.
Gordievsky began helping British intelligence in 1974. From 1982-85 he was stationed at the Soviet embassy in London. He was even designated rezident, the KGB’s chief in Britain. Back then, the KGB’s goal was to cultivate leftwing and trade union contacts, and to acquire British military and Nato secrets. After the collapse of the Soviet Union, the KGB was divided into the SVR and FSB, Russia’s foreign and domestic intelligence agencies. Vladimir Putin is the FSB’s former boss.
According to Gordievsky, Putin’s foreign intelligence field officers fulfil similar roles to their KGB predecessors. In these days of capitalism, however, they also want sensitive commercial information of use to Moscow. And they keep tabs on the growing band of Russian dissidents and businessmen who fall out with the Kremlin and decamp to London – a source of continuing Anglo-Russian tension.
Former KGB agents, including Putin, now occupy senior roles in Russia’s murky power structures. Many are now billionaires. Gordievsky, meanwhile, was sentenced to death in absentia; the order has never been rescinded. (Under the KGB’s unforgiving code, a traitor is always a traitor, and deserves the ultimate punishment.) Gordievsky noted wryly: “I’m the only KGB defector from the 1980s who has survived. I was supposed to die.”
In 2008, however, Gordievsky claims he was poisoned in the UK. He declined to say precisely what happened. But the alleged incident has taken a visible toll on his health. Physically, he is a shadow of the once-vigorous man who briefed Margaret Thatcher and Ronald Reagan on the Soviet leadership. Mentally, he is sharp and often acerbic.
Gordievsky said he had no regrets about betraying the KGB. He remains a passionate fan of Britain; he reads the Spectator and writes for the Literary Review. “Everything here is divine, compared to Russia,” he said. In 2007 the Queen awarded him the CMG “for services to the security of the UK”.
Gordievsky says he first “dreamed” of living in London after the 20th party congress in 1956, when Khrushchev launched his famous denunciation of Stalin. There is, he insists, nothing in Russia that he misses.
Gordievsky has little contact with his two grown-up daughters, Maria and Anna, or his ex-wife Leila. When he escaped to Britain his family remained behind in Russia, and were only allowed to join him six years later following lobbying from Thatcher. The marriage did not survive this long separation. Gordievsky’s long-term companion is a British woman, whom he met in the 1990s.
A bright pupil, with a flair for languages, Gordievsky joined the KGB because it offered a rare chance to live abroad. In 1961 Gordievsky – then a student – was in East Berlin when the wall went up. “It was an open secret in the Soviet embassy. I was lying in my bed and heard the tanks going past in the street outside,” he recalls.
In 1968, when he was working as a KGB spy in Copenhagen, the Soviet Union invaded Czechoslovakia. Gordievsky was already disillusioned with the Soviet system; from this point he decided to conspire against it.
It was not until 1974 that he began his career as a double agent in Denmark. Gordievsky met “Dick”, a British agent. After Denmark Gordievsky was sent to Britain, to the delight of MI5. In London he warned that the politburo erroneously believed the west was planning a nuclear strike on the Soviet Union. In 1985, the KGB grew suspicious and summoned him home. He was interrogated, drugged and accused of being a traitor. He managed to get word to his British handlers, who smuggled him across the Finnish border in the boot of a diplomatic car, an incident recalled in his gripping autobiography, Next Stop Execution.
Gordievsky is scathing about the Soviet Union’s leadership. “Leonid Brezhnev was nothing special. Gorbachev was uneducated and not especially intelligent,” he sniffed. What about Putin?
“Abscheulich,” he replied, using the German word for abominable and loathsome. (Gordievsky speaks fluent German, as well as Swedish, Danish and English, which he learned last.) By contrast, he praises William Hague. “I used to like him a lot. He was sharp.”
Asked whether he thought there was any prospect of democratic change in Russia – an idea nurtured by anti-Kremlin street protests in 2010 and 2011 – he replied: “What a naive question!”
He added gloomily: “Everything that has happened indicates the opposite direction.” He likens post-communist Russia under Putin to Mussolini’s Italy. Theoretically, he suggested, he might return to Moscow if there were a democratic government – but there is little prospect of that.
It is an open question how effective Russia’s modern spying operation really is. In 2010, 10 Russian agents, including the glamorous Anna Chapman, were caught in the US, and swapped for a Russian scientist convicted of working for Washington. Gordievsky is familiar with these kind of “deep-cover” operations. He began his espionage career in the KGB’s second directorate, which was responsible for running “illegals” – agents with false biographies planted abroad. Many felt Russia’s blundering espionage ring was more of a joke than a threat to US security.
Gordievsky, however, said it would be unwise to be complacent about Moscow’s intelligence activities. He mentions George Blake – a British spy who was a double agent for Moscow. In 1966 Blake escaped from Wormwood Scrubs prison and defected to the Soviet Union. Blake’s and Gordievsky’s careers mirror each other: Gordievsky lives on a civil service pension in the home counties; Blake on a KGB pension in Moscow. Reaching for a sip of his beer, Gordievsky described the treacherous Blake as “effective”. He added: “You only need one spy to be effective.”
Gordievsky said he was convinced that Putin was behind the 2006 assassination of his friend Alexander Litvinenko, who had defected to Britain in 2000. In December it emerged that Litvinenko had been working for the British and Spanish secret services at the time of his death. An inquest into Litvinenko’s murder will take place later this year.
Controversially, the foreign secretary, William Hague, wants to keep the government’s Litvinenko files secret – to appease Moscow, according to critics.
…
Luke Harding
guardian.co.uk, Monday 11 March 2013 17.07 GMT
Find this story at 11 March 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Spying claims against top British diplomat threaten Anglo-Russian détente15 maart 2013
As William Hague and Philip Hammond prepare to meet their Russian counterparts in London this week, Jason Lewis reveals how a very suspicious spying slur is threatening to derail the reconciliation.
Denis Keefe, right, in the Caucasus, at Black Cliff Lake
To the outside world he is the epitome of diplomatic decorum: polite, softly spoken, with razor-sharp intellect. He has friends all over eastern Europe and the former Soviet Union, where he has a record of distinguished service on behalf of Britain, and is known for his keen ear for choral music and love of sailing.
Having joined the Foreign Office 30 years ago, straight out of Cambridge, he has earned a reputation for his brilliant mind and as an unfailingly safe pair of hands.
And yet to the astonishment of those who know him, Denis Keefe, the respected deputy ambassador to Russia, has for the past few months been trailed by a bizarre cloud of rumours and intrigue straight out of a Jason Bourne film.
Wherever Mr Keefe goes outside Moscow, he runs the risk of being accosted by Russian journalists and accused of being a spy.
Regional news reports froth with insinuations that he is something far more subversive than a diplomat, and has been sent by Britain to ferret out information and undermine the government of President Vladimir Putin.
Related Articles
US ambassador to Moscow calls on Russia to stop exploiting adoption row 22 Feb 2013
‘Absurd’ Sergei Magnitsky trial adjourned 28 Jan 2013
Sergei Magnitsky’s Russian trial condemned as ‘absurd’ 27 Jan 2013
London banker shooting: man arrested in Moscow 08 Feb 2013
Alexander Litvinenko evidence to remain secret 27 Feb 2013
Alexander Litvinenko: UK and Russia want inquest secrecy ’to protect trade deals’ 26 Feb 2013
British officials have tried to play down official anger at the hounding of Mr Keefe, which The Sunday Telegraph is reporting for the first time in Britain.
But the accusations, described by diplomatic sources as “an unprecedented attack on a very senior diplomat”, threaten to cast a shadow over a meeting this week in London designed to “reset” the thorny relationship between Britain and Russia.
William Hague, the Foreign Secretary, and Philip Hammond, the Defence Secretary, will meet their Russian counterparts for a “strategic dialogue” intended to look beyond a series of angry rows that have hampered cooperation between the two countries.
They include the recent decision to grant asylum in Britain to Andrei Borodin, a billionaire former Russian banker accused by Moscow of fraud, Russia’s attempts to hinder investigations into the poisoning in London of the former spy Alexander Litvinenko, and the beginning this week of the posthumous “show trial” of the late Sergei Magnitsky.
Magnitsky, a Russian lawyer who worked for a London-based hedge fund, uncovered what is thought to be the largest tax fraud ever committed in Russia, but on reporting it was himself imprisoned, and later died in custody, aged 37.
The allegations against Mr Keefe are being seen in some circles as a deliberate attempt to discredit British officials in Moscow and to undermine efforts to improve relations with Russia.
Last month, the career diplomat, who speaks six languages including fluent Russian, was confronted by a Russian journalist, who demanded: “They say you are a spy for MI6 – tell us, does James Bond exist?”
Evidently irritated, Mr Keefe, 54, replied: “I don’t think this is a serious matter or that it has anything to do with me.”
Another reporter pressed him on his alleged MI6 status: “Can you give a straightforward answer to this question? Do you confirm or deny it?” He was quoted as replying: “Please. This is not a serious question. Please …”
Mr Keefe, a father of six who lists his interests as singing, sailing, walking and learning languages, was also questioned about his links to Russian opposition figures.
One of his first diplomatic postings, on joining the Foreign Office in 1982, was to Prague. Before the 1989 Velvet Revolution, he made friends with opponents of the one-party state, including Vaclav Havel. He later returned to help the newly democratic Czech Republic prepare to join Nato and the European Union.
He was also ambassador to Georgia during the 2008 Russo-Georgian War, and several reports used that against him – accusing him of becoming involved in the dispute over the breakaway region of South Ossetia. One report said he “actively advocated Georgia’s accession to Nato and urged speedy modernisation of its army, presenting Russia as a direct threat to the former Soviet republic”.
Neither episode endeared him to hardliners in the Putin regime and the incidents appear calculated to undermine him. A Siberian television channel, NTN-4, devoted a two-and-a-half minute slot to alleging that a former spy had listed Mr Keefe “as an officer of the secret intelligence service”. It stated that “in MI6, like in our intelligence services, there is no such thing as a former officer”.
The presenter questioned whether it was wise to invite Mr Keefe — “an intelligence service officer of a foreign country” — to Akademgorodok, a university town which is the hub of Russia’s cutting edge science and nuclear research.
In December, Mr Keefe faced a similar attack on a visit to the Ural Mountains to award diplomas to Open University graduates. One report bluntly stated: “Denis Keefe can be described as an undercover spy with his diplomatic position serving as a smoke screen.”
A news website warned students, officials and teachers to be wary in case Mr Keefe tried to “recruit” them. “A person well-versed in recruiting agents like Denis Keefe, bearing in mind his serious diplomatic experience, could easily catch in his net the immature soul of a graduate or a participant in Britain’s Open University programme,” it said.
“And you don’t need a codebreaker to work out what that could lead to.”
Diplomatic sources have told The Sunday Telegraph that the continuing allegations, which appeared to stem from a discredited list of MI6 agents posted online in 2005, were “ridiculous”.
They come after painstaking efforts to rebuild Anglo-Russian relations, following the Litvinenko poisoning in London in 2006.
An inquest into his death will open on May 1, but his murder led to a series of tit-for-tat diplomatic expulsions. The then British ambassador, Anthony Brenton, was subjected to a four-month campaign of harassment, with members of a pro-Kremlin youth group interrupting his speeches, stalking him at weekends and banging fists on his diplomatic Jaguar.
In an embarrassing revelation, British agents were caught red-handed using a transmitter hidden inside a fake rock, planted on a Moscow street, so spies could pass them secrets.
At the same time, Russian police raided offices of the British Council, claiming that the body – which promotes British culture abroad – had violated Russian laws, including tax regulation.
“It is a cultural, not a political institution and we strongly reject any attempt to link it to Russia’s failure to cooperate with our efforts to bring the murderer of Alexander Litvinenko to justice,” said a Foreign Office spokesman at the time.
Leading British companies, including BP, faced problems operating in Russia, which had a negative effect on trade for both countries. More than 600 UK companies are active in Russia and Russian firms account for about a quarter of foreign share flotations on the London Stock Exchange.
Two years ago, David Cameron signed a series of trade deals and a symbolic memorandum on cooperation, and this week’s meeting in London was seen as an important “incremental step” towards restoring relations with the Russians.
But the timing of the attacks on Mr Keefe, coupled with continuing pressure to extradite the main suspects in the murder of Mr Litvinenko, a British citizen, provide an uncomfortable backdrop. On Saturday night Whitehall sources insisted that difficult issues, including the murder, would “not be left outside the room” at this week’s meeting.
Nataliya Magnitskaya, mother of Sergei Magnitsky, grieves over her son ’s body
But MI6 was again accused last week of being at the centre of another anti-Russian conspiracy – this time in connection with Monday’s opening of the trial of Magnitsky.
He is charged with defrauding the Russian state, along with the British-based millionaire businessman Bill Browder, the head of Hermitage Capital Management, which employed Magnitsky. Mr Browder has declined to go to Moscow for the trial.
A widely viewed television documentary in Russia last week accused the two men of being part of an MI6 conspiracy to undermine the Russian government.
An investment fund auditor, Magnitsky said he had uncovered a £150 million tax fraud involving Russian government officials, but was then arrested himself on accusations of fraud.
He died in prison in 2009, having been denied visits from his family, forced into increasingly squalid cells, and ultimately contracting pancreatitis. Despite repeated requests, he was refused medical assistance and died, having been put in a straitjacket and showing signs of beatings. The case has become a rallying call for critics of Mr Putin’s regime, who accuse the state of a campaign of intimidation against political opponents.
German Gorbuntsov was gunned down, Alexander Litvinenko was poisoned, Andrei Borodin was granted asylum
…
By Jason Lewis, Investigations Editor
9:00PM GMT 09 Mar 2013
Find this story at 9 March 2013
© Copyright of Telegraph Media Group Limited 2013
UK ambassador’s protest at Georgia TV hoax; Mr Keefe has asked that the TV station broadcast a correction15 maart 2013
The British ambassador to Georgia has complained about footage of him used in a TV hoax about a Russian invasion.
There was panic in Georgia on Saturday after a TV report that Russian tanks had invaded the capital and the country’s president was dead.
It included footage of ambassador Denis Keefe, which was edited to make it look like he was talking about the invasion.
Mr Keefe has asked the TV station to make it clear he knew nothing about the “irresponsible” programme.
The TV station – pro-government Imedi TV – said the aim had been to show how events might unfold if the president were killed. It later apologised.
Networks overwhelmed
It used archive footage of the 2008 war between Russia and Georgia and imagined how opposition figures might seize power after an assassination of President Mikhail Saakashvili.
But many Georgians believed it to be a real news report – mobile phone networks were overwhelmed with calls and many people rushed on to the streets.
Mr Keefe, footage of whom was included in the report, has complained about the programme on the British Embassy in Georgia’s website.
I consider Imedi TV’s misuse of this footage to be a discourtesy to me as ambassador of the United Kingdom in Georgia
Denis Keefe
Georgians question un-reality TV
He said the use of archive footage of him speaking about “real events completely unrelated to the subject of the programme was deeply misleading”.
He also complained that there had been a suggestion that the president of Georgia and the British prime minister had spoken about the “non-existent events described”.
“I wish to make clear that neither I, nor the UK government had any involvement in or foreknowledge of an irresponsible programme that unnecessarily caused deep concern amongst the Georgian public,” Mr Keefe said.
“I consider Imedi TV’s misuse of this footage to be a discourtesy to me as ambassador of the United Kingdom in Georgia, reflecting badly on Georgia’s reputation for responsible and independent media.”
…
Page last updated at 14:03 GMT, Tuesday, 16 March 2010
Find this story at 16 March 2010
BBC © 2013
UK requests Lugovoi extradition A formal extradition request has been made to Russia by the UK, for the ex-KGB agent wanted over Alexander Litvinenko’s murder.15 maart 2013
It follows the recommendation by the UK director of public prosecutions that Andrei Lugovoi be tried for the crime.
Mr Lugovoi denies the charges, and the Kremlin says Russia’s constitution does not allow it to hand him over.
Former KGB officer Mr Litvinenko died in London in 2006 after exposure to the radioactive isotope polonium-210.
The British embassy in Moscow has confirmed that the formal extradition request has been handed over, and the Russian prosecutor’s office has confirmed that the documents have been received.
Attack ‘victim’
Mr Lugovoi maintained last week that he was innocent and described himself as a “victim not a perpetrator of a radiation attack” while in London. He has called the charges “politically motivated”.
Mr Lugovoi met Mr Litvinenko on the day he fell ill.
Polonium-210 was found in a string of places Mr Lugovoi visited in London, but he has insisted he is a witness not a suspect.
The UK’s director of public prosecutions Sir Ken Macdonald said Mr Lugovoi should be extradited to stand trial for the murder of Mr Litvinenko by “deliberate poisoning”.
But the Kremlin maintains Russia’s constitution does not allow it to hand over Mr Lugovoi, a position reaffirmed by the country’s justice minister Vladimir Ustinov last week.
“The Russian constitution will stay inviolable and it will be observed to the full,” the news agency Itar-Tass quoted him as saying.
…
Published: 2007/05/28 15:56:55 GMT
Find this story at 28 May 2007
© BBC 2013
British journalists worked for MI6 during the Cold War: investigation15 maart 2013
Numerous notable journalists working for some of Britain’s most prestigious publications routinely collaborated with British intelligence during the Cold War, according to a BBC investigation. In 1968, Soviet newspaper Izvestia published the contents of an alleged British government memorandum entitled “Liaison Between the BBC and SIS”. SIS, which stands for Secret Intelligence Service, also known as MI6, is Britain’s foremost external intelligence agency. The paper, which was the official organ of the Presidium of the Supreme Soviet of the USSR, claimed that the foreign correspondents of most leading British newspapers secretly collaborated with the British intelligence community. It also alleged that the BBC’s world radio service had agreed with MI6 to broadcast preselected sentences or songs at prearranged times. These signals were used by British intelligence officers to demonstrate to foreign recruits in the Eastern Bloc that they were operating on behalf of the UK. At the time, the BBC virulently rejected the Izvestia’s claims, calling them “black propaganda” aimed at distracting world opinion from the invasion of Czechoslovakia by Warsaw Pact troops, which had taken place some months earlier. But an investigation aired this week by the BBC Radio 4’s investigative Document program suggests that the memo published by the Soviet newspaper was probably genuine. The program says it discovered a memorandum in the BBC’s archives, which laments the embarrassment caused to MI6 by the Soviet claims. The memorandum, dated April 24, 1969, describes MI6 as “our friends”. The BBC program, which is available to listen to here, discusses the Soviets’ claims that several notable British journalists were MI6 agents. They include Edward Crankshaw and David Astor of The Observer, Lord Hartwell and Roy Pawley of The Daily Telegraph, Lord Arran of The Daily Mail, Henry Brandon of The Sunday Times, and even Mark Arnold-Foster of the left-leaning Guardian newspaper. Leading veteran security and intelligence correspondent Phillip Knightley told Document that he would not be surprised if Izvestia’s claims turned out to be true.
…
March 5, 2013 by Joseph Fitsanakis 11 Comments
Find this story at 5 March 2013
MI6 and the Media15 maart 2013
Jeremy Duns examines leaked documents which suggest close links between MI6 and the British press during the Cold War.
In December 1968, the British media was shaken by a series of secret documents leaked to Soviet state newspapers. The documents claimed a range of key Fleet Street correspondents and news chiefs were working for the intelligence services. Further papers alleged close links between the BBC and MI6.
…
Duration: 28 minutes
First broadcast: Monday 04 March 2013
Find this story at 4 March 2013
BBC © 2013
Alexander Litvinenko murder suspect to avoid taking part in inquest15 maart 2013
Andrei Lugovoy said he had ‘lost all faith in the opportunity of an unbiased investigation in Britain’
A former KGB officer suspected of murdering Alexander Litvinenko has announced he will not take part in the coroner’s inquest due to take place later this year and attacked the British police and courts as “politically motivated”.
Andrei Lugovoy, now a politician in Russia, told a hastily assembled press conference that he had lost faith in British justice and said he would take no further steps to clear his name.
It emerged last year that at the time of his death in 2006, after being poisoned with radioactive polonium, Mr Litvinenko had been a paid agent for MI6 and was dealt with by a handler known as “Martin”.
The Foreign Secretary, William Hague, has asked for unspecified evidence relating to the case to be heard in secret for national security reasons. The move has been opposed by Mr Litvinenko’s widow, Marina, but last month the coroner, Sir Robert Owen, ruled that he would hold a hearing behind closed doors to see the Government’s evidence. The inquest is due to formally open on 1 May.
Russia has refused to extradite Mr Lugovoy, who is wanted by the Metropolitan Police in connection with the killing of Mr Litvinenko, who died after an agonising ordeal in hospital. Doctors diagnosed his condition as polonium poisoning just before he died.
Mr Lugovoy said: “I lost all faith in the opportunity of an unbiased investigation in Britain. It’s not clear how I can defend myself and oppose arguments that are not going to be made public. Who will evaluate the truthfulness of secret facts?”
During the press conference, he held up a Scotland Yard report to the coroner, which he said had been provided to him by British authorities under a non-disclosure agreement. He said the few facts contained in the report proved his version of events, claiming it established that the polonium trail led from London back to Moscow, rather than the other way round. He said the rest was a mix of “politically motivated rumours and gossip” designed to smear him and Russia.
…
Shaun Walker
Moscow
Tuesday 12 March 2013
Find this story at 12 March 2013
© independent.co.uk
In blow to inquest, key suspect in Russian spy murder refuses to cooperate15 maart 2013
Andrei Lugovoi, who is now an elected official in Russia, says he won’t talk even by video to British investigators about the poisoning of Alexander Litvinenko in London just over six years ago.
During a Tuesday press conference in Moscow, KGB-officer-turned-parliamentarian Andrei Lugovoi holds papers about the 2006 poisoning of former Russian agent turned Kremlin critic Alexander Litvinenko in London that he said he got from Scotland Yard,
The murder of former Russian spy Alexander Litvinenko in London just over six years ago, using what must be the world’s most exotic poison, radioactive polonium 210, has never been solved and remains the subject of conflicting narratives and still-deepening intrigue over who may have killed him and why.
Related stories
Do you know anything about Russia? A quiz.
Vladimir Putin 101: A quiz about Russia’s president
Russian beauty queens offer opinions beyond world peace, making people mad
Now it appears that a British public inquest that aimed to find definitive answers to those questions, slated to open in May, may have virtually no chance of getting to the bottom of it.
On Tuesday, the main suspect in the case, Russian KGB-officer-turned-parliamentarian Andrei Lugovoi, said he will not travel to Britain to give testimony or even provide evidence via video link.
RECOMMENDED: Do you know anything about Russia? A quiz.
“I have come to the conclusion that the British authorities will not give me an opportunity to prove my innocence and that I will not be able to find justice in Great Britain,” Mr. Lugovoi told a Moscow press conference.
“I have definitely lost my faith in the possibility of an unbiased investigation of this case in Great Britain. I have to state that I am withdrawing from the coroner’s investigation and will no longer participate in it,” he said.
No one denies that Lugovoi and his business partner Dmitry Kovtun met with Litvinenko in a London bar on the day he fell ill. British investigators later established that Litvinenko’s teacup at that meeting was contaminated with polonium-210, and thus was almost certainly the murder weapon. Traces of polonium, a substance that’s almost impossible to obtain except by governments, were later found in Mr. Kovtun’s apartment in Germany and on the clothes of both Kovtun and Lugovoi.
Britain demanded at the time that Lugovoi be returned to London to stand trial for murder. But Russia refused, saying the Russian Constitution prohibits the extradition of Russian citizens. Lugovoi was subsequently elected to the State Duma on the ticket of the pro-Kremlin United Russia party, where he is still a member enjoying parliamentary immunity.
The upcoming inquest, where witnesses must testify under oath, has been regarded as the last chance to unravel all the conflicting stories and perhaps arrive at the truth.
But its prospects for success have already been under doubt due to the British government’s efforts to limit access to sensitive materials about the case which some critics claim it is doing as part of a deal with Russia aimed at improving ties between the two countries.
But, until today, Lugovoi had insisted that he was ready to cooperate with the investigation. And Russian authorities have repeatedly said they too want to see the truth revealed.
Related stories
Do you know anything about Russia? A quiz.
Vladimir Putin 101: A quiz about Russia’s president
Russian beauty queens offer opinions beyond world peace, making people mad
Ads by Google
Shen Yun 2013 The Hague
Classical Chinese dance & orchestra
A very beautiful show… Fantastic!
www.shenyun.com
Subscribe Today to the Monitor
Click Here for your FREE 30 DAYS of
The Christian Science Monitor
Weekly Digital Edition
The murder of Mr. Litvinenko led to a prolonged chill in Russian-British relations which has only recently begun to abate.
The main suspicion in the West all along has been that Litvinenko was killed on the order of Russian authorities because he had publicly disclosed secrets of the FSB security service and then defected to Britain in 2000, where he continued to make dark and sweeping allegations against Russian President Vladimir Putin and his government.
A good deal of the evidence since dredged up by Western investigative journalists points to Russia — if not the Kremlin directly — as the source of the polonium that killed him and probably the motive for doing so as well.
The Russians have countered with various theories, including that Litvinenko may have been murdered by his sponsor and friend, renegade Russian oligarch Boris Berezovsky, in a plot to blame Russia for poisoning an outspoken critic and blacken the reputation of Mr. Putin.
Lugovoi has argued that Litvinenko must have obtained the polonium on his own, and either killed himself with it or was murdered by someone else. Last year Lugovoi took a lie detector test in Moscow, widely covered by Russian media, which reportedly upheld his claim of noninvolvement in Litvinenko’s death.
Complicating the picture are persistent allegations that, after receiving asylum in Britain in 2001, Litvinenko went to work for the British intelligence service MI6, providing information about the FSB and the activities of the Russian mafia.
Though Litvinenko’s widow earlier denied that her husband had been working for British secret services, her lawyer recently told the Kremlin-funded RT network that “at the time of his death Litvinenko had been for a number of years a regular and paid agent and employee of MI6 with a dedicated handler whose pseudonym was Martin.”
…
By Fred Weir, Correspondent / March 12, 2013
Find this story at 12 March 2013
© The Christian Science Monitor
Alexander Litvinenko coroner to hold closed hearing on evidence8 maart 2013
A coroner is to hold a private hearing to decide if an inquest into the death of former Russian spy Alexander Litvinenko should hear secret evidence from the intelligence services.
Lawyers for the dissident’s widow, Marina, will be excluded from the special session.
…
27 February 2013
Find this 27 February 2013
© 2012 Evening Standard Limited
Litvinenko Lawyer Accuses U.K., Russia of Cover-Up8 maart 2013
LONDON — A lawyer for the family of former Russian spy Alexander Litvinenko accused the British and Russian governments Tuesday of trying to stymie a long-delayed inquest into his poisoning death.
Litvinenko, a Russian intelligence agent turned Kremlin critic, died in London in November 2006 after drinking tea laced with the rare radioactive isotope polonium-210.
The allegations of a cover-up came at a London court hearing where British media organizations challenged a government bid to hold parts of the inquest in secret for security reasons. In Britain, inquests are held to determine the facts whenever someone dies violently, unexpectedly or in disputed circumstances.
Ben Emmerson, the lawyer for Litvinenko’s widow Marina, said the government’s quest for secrecy was delaying proceedings and suggested that foreign policy — namely trade relations — could be at the heart of the matter.
“We know nothing about why these applications are being made, and we are dancing in the dark,” he told coroner Robert Owen. “This is beginning to look like you’re being steamrollered by two states acting in collaboration with each other.”
Lawyers for Litvinenko’s family say that at the time of his death he was working for the British intelligence services, and Britain accuses two Russians of the killing. Moscow authorities have refused to extradite them for trial.
British government lawyer Neil Sheldon said “the disclosure of the material in question would pose a real risk to the public interest.”
Emmerson, who said the inquest is “shaping up to be a stain on British justice,” called the government’s arguments for secrecy absurd.
Alex Bailin, the lawyer representing prominent British media organizations, insisted that at the very least the government must clarify what issues are at stake and what harm they could cause.
Failing to do so, he said, “would have the very serious effect of undermining the public’s confidence in this inquest.”
…
26 February 2013 | Issue 5077
The Associated Press
Find this story at 26 February 2013
© Copyright 1992-2013. The Moscow Times
Foreign Office bid to guard secrets at Alexander Litvinenko inquest8 maart 2013
The public may be excluded from part of a pre-inquest hearing into the death of former Russian spy Alexander Litvinenko.
A coroner was today considering an application from the government to keep some information secret at the forthcoming inquest.
Mr Litvinenko died at a London hospital in November 2006, three weeks after drinking tea which had been poisoned with the radioactive isotope polonium-210.
…
26 February 2013
Find this story at 26 February 2013
© 2012 Evening Standard Limited
Litvinenko inquest: newspapers launch challenge over withholding of evidence8 maart 2013
Media groups including Guardian will challenge government over attempt to conceal sensitive documents
Alexander Litvinenko pictured shortly before his death in 2006. Photograph: Natasja Weitsz/Getty Images
Media groups will on Tuesday challenge what they describe as a “deeply troubling” attempt by the government to withhold evidence from the inquest into the murder of Alexander Litvinenko.
The Guardian, the BBC, the Financial Times and other newspapers are challenging a submission by the foreign secretary, William Hague, to conceal sensitive documents. Hague argues the material could harm “national security”, as well as the UK’s “international relations”.
The government has refused to say what evidence it wants to hide. But it is likely to deal with revelations made at a hearing in December that at the time of his poisoning in November 2006 Litvinenko was actively working for the British secret services.
Litvinenko was also a “paid agent” of the Spanish security services. MI6 encouraged him to supply information to the Spanish about Russian mafia activities, and alleged links between top organised criminals and the Kremlin, the hearing was told.
Litvinenko travelled to Spain in 2006 and met his MI6 handler, “Martin”, shortly before his fateful encounter with Andrei Lugovoi and Dmitry Kovtun, the two men accused of killing him. The inquest – scheduled to begin in May – will hear claims that the pair were part of a “Russian state” plot to murder Litvinenko using radioactive polonium.
The fact that Litvinenko – a former Russian spy – was working for MI6 raises embarrassing questions as to whether British intelligence should have done more to protect him. Litvinenko had a dedicated phone to contact “Martin” and received regular payments to his bank account from MI6 and Madrid, it emerged in December.
In making their submission to the coroner, Sir Robert Owen, on Tuesday, the media groups will seek to argue that Hague’s attempt to withhold evidence could undermine public confidence in the inquest. Currently the media – as well as Litvinenko’s widow, Marina, and son, Anatoly, – are “completely in the dark” over what material the FCO seeks to exclude.
The media groups will seek to persuade the coroner that the government has also failed to explain what “harm” the release of the information might cause. Nor has it properly considered “lesser measures”, such as redaction, which would allow some disclosure of sensitive documents, or the possibility of closed sessions.
Alex Bailin QC, the lawyer acting for the Guardian, will argue that “the public and media are faced with a situation where a public inquest into a death … may have large amounts of highly relevant evidence excluded from consideration by the inquest. Such a prospect is deeply troubling.”
There are grave public concerns that allegations of “state-sponsored assassination” on the streets of London require “maximum openness”. Additionally, the inquest is likely to be the only judicial forum where evidence will be heard, since the Kremlin has refused to extradite Lugovoi and Kovtun.
Speaking on Monday, Litvinenko’s friend Alex Goldfarb said the foreign secretary appeared unwilling to offend Russia’s “vindictive” president. Goldfarb told the Guardian: “I recognise that Mr Hague has a well-founded interest not to rock the boat with [Vladimir] Putin. He’s afraid. He’s afraid Putin will not vote the way he wants in the UN or squeeze Britain’s interests.”
He added: “The inquest is a balance between the interests of international relations and justice. The bottom line is how far do you compromise with your own justice and decency, and the benefits from doing business with arrogant, murderous and dictatorial foreign states?”
Goldfarb said forensic evidence and reports from Scotland Yard had already been disclosed to interested parties. But he said he was worried the government wanted to keep secret highly sensitive documents showing links between Russian mobsters in Spain and “Putin’s inner circle”. “That’s what Sasha [Litvinenko] was up to,” Goldfarb said.
An FCO spokesperson said: “The government has made an application to the court for public interest immunity in line with its duty to protect national security and the coroner is responsible for deciding that application based on the overall public interest.”
Owen is due to hear submissions from the media at a hearing in the Royal Courts of Justice on Tuesday. He has previously indicated that he wants the inquest to be as open and broad as possible.
What’s this?
More from the Guardian
Microsoft fined €561m for ‘browser choice’ error 06 Mar 2013
30 best iPhone and iPad apps this week 08 Mar 2013
Saudi seven face crucifixion and firing squad for armed robbery 05 Mar 2013
Woman dies in Barnet after possible road rage attack 05 Mar 2013
Two-year-old at risk of becoming a victim of forced marriage 05 Mar 2013
‘Bradford Batman’ unmasks himself 05 Mar 2013
Related information
Law
Media
Politics
William Hague ·
UK news
World news
Alexander Litvinenko · Russia ·
Steve Bell on government plans to restrict ‘health tourism’ – cartoon
4 Mar 2013
The government is examining ways to remove incentives for eastern Europeans to come to Britain when EU restrictions are lifted
4 Mar 2013
Libyan politician offers to settle UK lawsuit for £3 and an apology
3 Mar 2013
Assad: UK is ‘famously unconstructive’ towards Syria – video
27 Feb 2013
Alexander Litvinenko’s widow: ‘I trust the coroner’ – video
UK files on murdered spy Litvinenko must stay secret, rules coroner
27 Feb 2013
Media and widow of Russian excluded from pre-inquest hearing in London on William Hague’s request to withhold evidence
Luke Harding
guardian.co.uk, Monday 25 February 2013 14.27 GMT
Find this story at 25 February 2013
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Agentenprozess in Stuttgart; Das geheime Leben von “Pit” und “Tina”4 februari 2013
Mehr als 20 Jahre lang sollen zwei russische Agenten in Deutschland gelebt haben: Sie nannten sich Andreas und Heidrun Anschlag, studierten, arbeiteten, heirateten, bekamen eine Tochter und spitzelten wohl durchweg für Moskau. Wie geht das?
Kann es richtiges Leben geben in einem falschen? Welche Regungen sind echt, welche Entscheidungen aufrichtig, welche Handlungen gehören einem selbst? In dem Moment, als in Saal 18 des Stuttgarter Oberlandesgericht die Geburtsurkunde ihrer Tochter verlesen wird, bricht die Frau, die sich Heidrun Anschlag nennt, in Tränen aus. Sie presst ein Taschentuch vor das Gesicht und schluchzt hinein. Der Mann, den sie vor 22 Jahren im österreichischen Altaussee geheiratet hat und der sich Andreas Anschlag rufen lässt, schaut ausdruckslos ins Leere.
Die Eheleute heißen in Wirklichkeit anders, kolportiert werden die Namen Sascha und Olga, doch bestätigt sind auch die nicht. Festzustehen scheint jedoch, dass die beiden russische Staatsangehörige sind und vor mehr als zwei Jahrzehnten als Spitzel des KGB in die Bundesrepublik entsandt wurden. Später spionierten sie dann wohl für dessen Nachfolgeorganisation SWR, im Herbst 2011 flogen sie auf. Die Bundesanwaltschaft hat die Anschlags daher unter anderem wegen geheimdienstlicher Agententätigkeit angeklagt, ihnen drohen im Falle einer Verurteilung bis zu zehn Jahre Gefängnis.
Mit Handschellen gefesselt wird Andreas Anschlag in den Raum geführt. Die Haare des mutmaßlichen Agenten sind kurz und grau, sein Gesicht ist fahl. Den offenkundig falschen österreichischen Personalpapieren zufolge ist der Mann 1,80 Meter groß, 53 Jahre alt und wurde im argentinischen Valentin Alsina geboren. Anschlag trägt einen schwarzen Pullunder, ein schwarzes Hemd und Jeans.
Auch seine Frau ist eine unauffällige Person, 1,60 Meter groß, blonde Haare, orangefarbener Pullover zu hellblauer Jeans. Ihre Legende besagt, sie sei im peruanischen Lima geboren und inzwischen 47 Jahre alt. Während ihr Mann in Aachen Maschinenbau studierte und später als Diplomingenieur bei verschiedenen Automobilzulieferern arbeitete, war Heidrun Anschlag nach außen vor allem Hausfrau. Sie kümmerte sich um die gemeinsame Tochter.
Im Unterschied zu Spionen, die als Diplomaten in ihre Einsatzgebiete reisen, arbeiten mutmaßliche Agenten wie Heidrun und Andreas Anschlag nicht im Schutz der Botschaften. Diplomaten droht im schlimmsten Fall die Ausweisung – allen anderen eine langjährige Haftstrafe. Aufgrund des hohen Risikos werden sie in russischen Geheimdienstkreisen als “Wunderkinder” verehrt. Einem Staatsschützer zufolge ist mit weiteren Spähern in Deutschland zu rechnen.
Die Bundesanwälte werfen den Eheleuten vor, sie seien “hauptamtliche Mitarbeiter des russischen Auslandsnachrichtendienstes SWR”. Demnach stehe Andreas Anschlag im Rang eines Abteilungsleiters und beziehe monatlich 4300 Euro, seine Gattin sei stellvertretende Abteilungsleiterin und erhalte 4000 Euro – die Ersparnisse der Eheleute sollen sich auf etwa 600.000 Euro belaufen. Das “Ausforschungsinteresse” der Agenten mit den Decknamen “Pit” und “Tina” habe sich auf “politische, militärische und militärpolitische Aufklärungsziele” konzentriert, heißt es in der Anklageschrift. Vor allem sei es den beiden um Informationen aus Nato- und EU-Kreisen gegangen.
Botschaften in “toten Briefkästen”
Zu diesem Zweck führten die Anschlags laut Bundesanwaltschaft von Oktober 2008 bis kurz vor ihrer Festnahme im Herbst 2011 den niederländischen Diplomaten Raymond P. als Quelle. Der Beamte des Den Haager Außenministeriums, Deckname “BR”, soll in dieser Zeit mehrere hundert vertrauliche Dokumente geliefert haben und dafür mit mindestens 72.200 Euro entlohnt worden sein. Die Übergabe der Papiere erfolgte zumeist in den Niederlanden, danach deponierte Andreas Anschlag die Akten in “toten Briefkästen” im Raum Bonn, wo sie anschließend von Mitarbeitern der russischen Botschaft abgeholt wurden.
Laut Anklage handelte es sich dabei unter anderem um
einen Sitzungsbericht des Nordatlantikrates zur Zusammenarbeit der Nato mit Russland im Bereich der Raketenabwehr,
Dokumente zur Strukturreform der Nato,
Papiere zur Nato-Strategie während der Revolution in Libyen,
Berichte über den Isaf-Einsatz in Afghanistan.
Darüber hinaus besuchte Andreas Anschlag der Bundesanwaltschaft zufolge über Jahre Tagungen der Deutschen Atlantischen Gesellschaft, der Clausewitz-Gesellschaft, der Gesellschaft für Wehr- und Sicherheitspolitik sowie der Friedrich-Naumann-Stiftung, über die er Moskau fortlaufend Bericht erstattete. Zudem wies er seine Geheimdienstkollegen auf mögliche Informanten hin, die er bei den Veranstaltungen kennenlernte. Auch seine Arbeitgeber spähte er laut Anklage nach “wissenschaftlich-technischen Informationen” aus.
Für die Kommunikation mit der Zentrale soll vor allem Heidrun Anschlag zuständig gewesen sein, so die Bundesanwälte: Sie war es, die in ihrem angemieteten, 200 Quadratmeter großen Haus im hessischen Marburg geheime Direktiven aus Moskau erhielt. Dazu nutzte sie einen Kurzwellenempfänger, der mit einem Decoder und einem Computer verbunden war. Die Rückmeldungen erfolgten über Textnachrichten, die per Satellit verschickt wurden. Auch mittels YouTube tauschte sich Heidrun Anschlag als “Alpenkuh1” mit ihren russischen Kollegen aus. Dazu nutzten die Geheimdienstler offenbar codierte Kommentare.
…
15. Januar 2013, 15:44 Uhr
Von Jörg Diehl, Stuttgart
Find this story at 15 January 2013
© SPIEGEL ONLINE 2013
Alleged Russian spy couple in ‘Cold War’ trial4 februari 2013
A married couple accused of spying for the Russian secret services for more than 20 years went on trial in Germany on Tuesday, in one of the biggest espionage court cases since the Cold War.
Germany charges two alleged Russian spies – National (28 Sep 12)
Russian spies suspected of stealing car secrets – National (25 Oct 11)
Suspected Russian spy pair arrested – National (22 Oct 11)
The pair, identified only by codenames Andreas and Heidrun Anschlag (which means attack in German), are said to have been planted in West Germany from 1988 by the Soviet Union’s KGB and later used by its SVR successor secret service.
The defendants declined to confirm any details about their real identities or the charges against them as the trial got underway in the higher regional court in the southwestern city of Stuttgart.
Defence lawyer Horst-Dieter Pötschke said they had Russian citizenship.
Prosecutors say one of them arrived in still divided Germany in 1988 — a year before the Berlin Wall fell — and the other in 1990, posing as Austrian citizens who had been born and grew up in South America.
According to the Federal Prosecutor’s Office, light could only be shed on the final three years of their alleged activities as agents.
They had “the mission from SVR headquarters to obtain NATO and EU political and military secrets”, federal public prosecutor Wolfgang Siegmund said, adding: “Particularly also geo-strategic findings on the relationship of NATO and the EU with the countries of Eastern Europe and Central Asia.”
Prosecutors say the couple set up a “middle-class existence” to cover up their activity for the secret services.
Andreas Anschlag studied engineering and worked in the auto industry while Heidrun was a housewife. According to the Frankfurter Allgemeine Sonntagszeitung weekly, even their own daughter had no idea about their double lives.
The couple allegedly passed on documents they obtained from a Dutch official in the foreign ministry between 2008 and 2011.
The court heard that the official, Raymond Valentino Poeteray, obtained several hundred pages of classified, partly secret documents from different Dutch embassies and received more than €72,000 for his efforts.
The accused left the documents in “dead-letter boxes”, for example under certain trees, from where they were picked up by employees of the Russian consulate general in the western city of Bonn, according to the federal prosecutor.
Heidrun Anschlag was responsible for communicating with the SVR via short-wave radio, the court heard.
The pair, who were allegedly jointly paid around €100,000 a year, communicated with their Moscow masters using text messages, satellite phones and hidden messages in comments in YouTube videos under agreed names, it heard.
In mid-2011, Siegmund said the pair had received orders to withdraw from Germany because of the risk of being exposed and were preparing to do so when they were arrested in October of that year.
They face up to 10 years in prison if found guilty.
On the sidelines of the trial, defence lawyer Pötschke said the documents in question were “of average quality” and “so, no so-called grave damage occurred” to Germany.
…
Published: 15 Jan 13 11:25 CET | Print version
Updated: 15 Jan 13 15:58 CET
Find this story at 15 January 2013
© The Local Europe GmbHc
Court tries couple in suburban spy thriller4 februari 2013
A spectacular trial has begun at a Stuttgart court involving a German-based couple accused of spying on NATO and the EU for decades on Russia’s behalf. Neighbors say they knew something was fishy.
It reads like a John le Carre novel: “dead mail boxes,” secret radio signals, encrypted messages hidden in plain sight on the Internet.
According to accusations, a married couple has been spying in Germany for more than 20 years – first at the behest of the Soviet Union and thereafter for its post-Soviet incarnation, the Russian Foreign Intelligence Service.
On Tuesday (15.01.2013) the trial against 54-year-old Andreas Anschlag and his 48-year-old wife, Heidrun, opened up in Stuttgart. Federal prosecutors accused them of “secret agent activity” and of “forgery of documents.”
The former KGB building is today’s Foreign Intelligence headquarters
As to whether those are the real names of the accused, however, there is reason to doubt. In an interview with DW, the couples’ defense lawyer, Horst-Dieter Pötschke, did not deny that “Anschlag” might not be the true surname of the suspected agent pair. He also responded evasively to questions about the accusations themselves. What the Munich lawyer did say, however, is that the potential ten-year sentence is nothing short of excessive.
In cases of espionage, Pötschke is on familiar ground. In the 70s and 80s he defended former agents who had fled the Soviet KGB or the East German state security apparatus, the Stasi. One of his most well-known cases involved Günter Guillaume, a speaker for former German Chancellor Willy Brandt who also turned out to be an East German spy. When Guillaume’s true identity was revealed in 1974, Chancellor Brandt resigned.
A discrete life
The history of the purported agent couple begins at a time when the Soviet Union still existed and the Cold War was still cold. According to accusations, Andreas Anschlag traveled to West Germany in 1988 with the help of a forged Austrian passport. His wife did the same in 1990. Both were supposed to have been born in South America. The two settled in Aachen, close to the western border with Belgium, where Mr. Anschlag studied mechanical engineering.
With the birth of a daughter their German disguise was complete. The couple moved to a popular neighborhood of Meckenheim, a small town of 24,000 inhabitants close to the former West German capital of Bonn. There they lived discreetly. Neighbors describe them as friendly, if a bit distant.
The house in Michelbach in which the accused “Anschlag” couple lived
“They didn’t have much contact with others,” a neighbor said. “I never saw the husband, even though we lived close to each other.”
NATO documents for Moscow
For their informant, the couple managed to recruit a Dutch diplomat, says the German Attorney General. The diplomat, in turn, is supposed to have provided dozens of secret documents from NATO and the EU. Among the topics covered within those documents were issues relating to Russia.
The files were delivered via “dead mail boxes,” according to official charges, to the Russian Foreign Intelligence Service in Moscow. The couple apparently received further commands through an agent radio network and sent their own messages via satellite and through an internet video platform.
When they were arrested in October 2011, the German news magazine Der Spiegel reported that the woman was sitting in front of a shortwave receiver, writing down secret messages. At that point the pair was living in a house in Michelbach, a small community in the German state of Hesse.
“Suddenly we had this spy thriller taking place right outside our window – it was better than the movies,” one of the neighbors told DW.
The husband was arrested on the same day 200 kilometers (120 miles) away in the town of Balingen. For days thereafter, German criminal officers – with the help of special electronic devices – searched the house and the foundation of the supposed “agent couple.”
A post-judgment exchange?
How can it be that the Russian agents could work in Germany for so many years without their cover being blown? A neighbor in Michelbach claims to have recognized the pair’s eastern European accent. The story about the “Austrian” couple’s Latin American origins appeared suspicious, some now say, as did a few of the pair’s habits. “The wife usually went into the backyard to make telephone calls, even in winter,” a woman said.
The entrance to the Upper Regional Court in Stuttgart, where the trial is taking place
…
Date 14.01.2013
Author Mikhail Bushuev / rg, cd
Editor Gabriel Borrud
Find this story at 14 January 2013
© 2012 Deutsche Welle
Germany Tries Couple on Spy Charges4 februari 2013
The two accused spies, their faces not shown due to a court order, appearing in a German courtroom Tuesday.
Germany put a married couple thought to be in their mid-40s on trial this week on suspicion that they spied for Russia for more than two decades under the cover of being an ordinary middle-class family.
The case of Andreas and Heidrun Anschlag, names believed to be aliases, is likely to add pressure to Berlin’s troubled relations with Moscow until June.
The court in the southwestern city of Stuttgart is planning to hold 31 hearings over five months, according to a schedule on the court’s website.
Prosecutors say the pair collected sensitive information from NATO and the European Union for Russia’s Foreign Intelligence Service while posing as Austrian nationals with Latin American heritage.
Their names and passports are thought to be fake, but the judge said at the initial hearing Tuesday that she would continue to address them as Herr and Frau Anschlag “to make communication easier,” local media outlets reported.
The couple, who face up to a decade in prison if convicted, denied guilt but declined to make any further statements. The hearing continued Thursday with the questioning of a federal police investigator, court spokesman Stefan SchЯler said by e-mail.
The case has been linked to the “deep cover” sleeper agents uncovered in the U.S. in 2010. According to a report by German weekly Der Spiegel, the Anschlags’ October 2011 arrest was made possible when the FBI passed on information from Alexander Poteyev, a Foreign Intelligence Service colonel who reportedly acted as a U.S. mole.
Poteyev, who ostensibly betrayed the spy ring even as he ran it, fled Moscow just days before the FBI rolled up the operation on June 27, 2010. In 2011, a Moscow military court sentenced him in absentia to 25 years in prison on charges of treason and desertion.
Analysts have speculated about why the Anschlags’ case went to court while the U.S. spy ring was whisked off to Russia within weeks in a Cold War-style spy swap.
German media reported last year that Berlin had decided to press charges after the Kremlin failed to react to a German offer for a spy swap.
…
18 January 2013 | Issue 5049
By Nikolaus von Twickel
Find this story at 18 January 2013
© Copyright 1992-2013. The Moscow Times
Fascinating profile of the Soviet KGB’s little-known tech wizard24 januari 2013
It is often suggested by intelligence researchers that one major difference between Western and Soviet modes of espionage during the Cold War was their degree of reliance on technology. It is generally accepted that Western espionage was far more dependent on technical innovation than its Soviet equivalent. While this observation may be accurate, it should not be taken to imply that the KGB, GRU, and other Soviet intelligence agencies neglected technical means of intelligence collection. In a recent interview with top-selling Russian newspaper Komsomolskaya Pravda, Russian intelligence historian Gennady Sokolov discusses the case of Vadim Fedorovich Goncharov. Colonel Goncharov was the KGB’s equivalent of ‘Q’, head of the fictional research and development division of Britain’s MI6 in the James Bond films. A veteran of the Battle of Stalingrad, Goncharov eventually rose to the post of chief scientific and technical consultant of KGB’s 5th Special Department, later renamed Operations and Technology Directorate. According to Sokolov, Goncharov’s numerous areas of expertise included cryptology, communications interception and optics. While working in the KGB’s research laboratories, Goncharov came up with the idea of employing the principles behind the theremin, an early electronic musical instrument invented by Soviet physicist Léon Theremin in 1928, in wireless audio surveillance. According to Sokolov, the appropriation of the theremin by the KGB under Goncharov’s leadership “changed the world of intelligence”.
Renamed “passive bug” by the Soviets, a modified version of Theremin’s invention allowed the KGB to do away with wires and hidden microphones, using instead tiny coils and metal plates surreptitiously hidden in a target room or area. Such contraptions acted as sensors that picked up the vibrations in the air during conversations and transmitted them to a beam (receiver) placed nearby, usually in an adjoined room or vehicle. One such device was planted by the KGB inside the large wooden replica of the Great Seal of the United States given by the Soviets to US Ambassador to the USSR, Averell Harriman, as a present in February 1945. By hanging the decorative artifact in his embassy office in Moscow, the Ambassador enabled the KGB to listen in to his private conversations, as well as those of his successors, including Walter Bedell Smith (later Director of Central Intelligence), Alan G. Kirk, and George F. Kennan, for nearly eight years. The bug was discovered by the US in 1952 and exposed to the world during a conference at the United Nations (see photo).
Sokolov says that Goncharov also used the “passive bug” in several Moscow hotels frequented by Western visiting dignitaries, such as the Hotel National and the Hotel Soviet. Targets of “passive bug” operations included Indonesian President Sukarno, British Prime Minister Harold Wilson and German Chancellor Konrad Adenauer, whose conversations Goncharov allegedly managed to bug even though the West German leader chose to spend most of his trip to the USSR inside a luxury train compartment provided by the West German government. The Russian intelligence historian also claims that the theremin-based bug was used to eavesdrop on the conversations of Princess Margaret, sister of Queen Elizabeth II of the United Kingdom. The KGB allegedly bugged Margaret’s cigarette lighter, cigarette case and ashtrays, and was able to listen in to the Princess’ “drunken sprees” during her trips around Western Europe, collecting “dirt on the British Royal House”.
…
December 24, 2012 by intelNews 5 Comments
By JOSEPH FITSANAKIS | intelNews.org |
Find this story at 24 December 2012
We bugged Princess Margaret’s ashtrays, admit KGB24 januari 2013
KGB homed in on Princess during visit to Copenhagen in 1964
Bugging devices attached to ashtrays and lighters to listen in on ‘scandalous gossip’
Spies set up failed ‘honey trap’ for former Prime Minister Harold Wilson
Soviet spies have admitted using bugging devices on the Royal Family and former British Prime Minister Harold Wilson.
Secret agents from the KGB targeted Princess Margaret in the 1960s, attaching listening aids to her lighter, cigarette case, ashtrays and telephones.
According to the Sunday Express, they homed in on the Princess during a trip to Copenhagen, Denmark in 1964.
Lord Snowdon And Princess Margaret get ready to board a plane in September 1964 ahead of their visit to Copenhagen. Russian spies have admitted bugging the Princess on the trip
Until now, Russia has always denied the covert operation, which took place in a hotel, but has now admitted compiling a dossier on the Princess’s love affair with Robin Douglas-Home and further relationships with Roddy Llewellyn, Colin Tennant and Dominic Ewes, a painter who later committed suicide.
Spies passed photos, tape recordings and ‘most interesting, even scandalous’ gossip involving senior royal figures.
It is also said agents tried to get information from Margaret’s therapist, Kay Kiernan, who also treated the Queen.
Intelligence on Prince Phillip was gathered via society osteopath and artist Stephen Ward, who later killed himself at the height of the Profumo affair.
But spies failed in a sting operation on then future leader Harold Wilson, setting up a ‘honey trap’ for him in a Moscow hotel.
Princess Margaret (second from right and then left) was targeted by KGB spies on her visit to Copenhagen in 1964. Bugging devices were planted in her lighter, cigarette case, ashtrays and telephones
A new book will detail the KGB spies’ attempts at bugging the Royal Family. Pictured, the Kremlin, in Moscow
Female agents posing as prostitutes patrolled the hotel overlooking the Kremlin, with a camera planted in a chandelier in his bedroom.
But when the film was developed, Wilson’s face was disguised.
Colonel Vadim Goncharov, who has since died, was the KGB chief in charge of the snooping operations, and he was ordered by bosses to go on television to deny the claims, fearing they would cast a shadow over the Queen’s first and only visit to Russia in 1994.
…
By Daily Mail Reporter
PUBLISHED: 11:01 GMT, 23 December 2012 | UPDATED: 17:05 GMT, 23 December 2012
Find this story at 23 December 2012
© Associated Newspapers Ltd
USSR ‘used civilian planes to spy’24 januari 2013
Defence Secretary John Nott warned Mrs Thatcher that the USSR was using civilian aircraft to carry out spying missions in the UK
The Soviet Union used civil airliners to conduct secret Cold War spying missions over Britain, according to newly published Government files.
Some aircraft would switch off their transponders, alerting air traffic controllers to their position before veering off their approved flight paths to carry out aerial intelligence-gathering missions over sensitive targets, papers released by the National Archives under the 30-year rule show.
In a memorandum marked SECRET UK US EYES ONLY, Defence Secretary John Nott informed prime minister Margaret Thatcher in December 1981 that the RAF was monitoring the hundreds of monthly flights through UK airspace by Warsaw Pact airliners.
“One incident of particular interest took place on 9th November, when an Aeroflot IL62 made an unauthorized and unannounced descent from 35,000 ft to 10,000 ft just below cloud level, to fly over RAF Boulmer, a radar station currently being modernised. It subsequently climbed back to 37,000 ft,” he wrote.
“During this manoeuvre its Secondary Surveillance Radar which automatically broadcasts the aircraft’s height was switched off, though it was on before and after the incident. It must, therefore, be assumed that it was switched off intentionally to conceal a deliberate and premeditated manoeuvre.
“Our investigations have now revealed it was the same aircraft which over flew the USN base at Groton when the first Trident submarine was being launched. You will recall that as a result of this incident the President banned Aeroflot flights over the USA for a short period.”
But that was not the only example of bad behaviour by enemy spies that year. In August 1981 the Second Secretary at the USSR embassy VN Lazin became the first Soviet diplomat for a decade to be expelled for “activities incompatible with his status”.
The Foreign Office informed No 10 that Lazin, actually the senior member of the scientific and technical intelligence section of the KGB in London, was arrested during a “clandestine meeting” with a Portuguese national.
“He developed his relationship with the Portuguese national over several months and sought to obtain technical and scientific information in the UK from him and to use him as an agent with the possibility of eventually placing him in a Nato post,” the Foreign Office noted.
The Soviets responded in traditional fashion with the tit-for-tat expulsion of the British cultural attache in the Moscow embassy. More was to follow six months later in February 1982 when MI5 decided to call time on the espionage career of another Soviet, Vadim Fedorovich Zadneprovskiy, a member of the Soviet trade delegation whom for the previous five years operated as a KGB agent-runner. His recruits included a British businessman who was given the codename COURT USHER.
Updated: 28 December 2012 11:48 | By pa.press.net
Find this story at 28 December 2012
© 2013 Microsoft
KGB Used Aeroflot Jets as Spy Planes, U.K. Files Show24 januari 2013
Soviet spies used civilian planes to snoop on British and American military installations during the 1980s, newly released U.K. documents show.
Britain’s Royal Air Force “established that some of these aircraft deviated from their flight-plan routes in circumstances which would lead us to assume that they were gathering intelligence,” the then defense secretary, John Nott, wrote in a memo to Prime Minister Margaret Thatcher that’s among government files from 1982 published today after being kept confidential for the prescribed 30 years.
The papers from the National Archives in London give an insight into both the extent of Soviet espionage and the U.K. government’s awareness of it. One agent from the KGB, the Soviet security agency, was identified on arrival in 1977 and followed for five years, subject to a series of British intelligence operations before finally being expelled.
Relations between Thatcher’s government and the Soviet Union were tense at the time, despite attempts by diplomats to persuade her to take a conciliatory line. More than once in her files she rejects a course of action proposed in a memo, referring to the 1979 Soviet invasion of Afghanistan as the reason.
As Communist Party general secretary Leonid Brezhnev approached his 75th birthday at the end of 1981, Foreign Secretary Peter Carrington said it would be “churlish” of her not to send congratulations.
“Afghanistan?” Thatcher wrote in the margins of the memo suggesting this. “I really don’t think we should send a message.” She underlined “don’t.”
‘Unannounced Descent’
Nott wrote to Thatcher about the KGB’s use of Aeroflot planes over Britain after the Royal Air Force decided to look at the activities of “the thousand or so Warsaw Pact airliners which fly over the U.K. each month.”
In “one incident of particular interest,” the defense secretary wrote, an Ilyushin IL62 from the Soviet airline “made an unauthorized and unannounced descent from 35,000 feet to 10,000 feet, just below cloud level, to fly over RAF Boulmer, a radar station currently being modernized” in northeast England.
The plane turned off its automatic broadcast of its height during the maneuver, after which it returned to its previous altitude and began transmitting again.
The RAF subsequently established the same plane performed a similar operation over the U.S. Navy base at Groton, Connecticut, when the first Trident submarine was being launched.
Trade Official
The KGB was also using more traditional methods. In February 1982, the Security Service, the British internal security agency popularly known as MI5, asked for permission to expel a Russian trade official, Vadim Fedorovich Zadneprovskiy, after he “engaged in unacceptable intelligence-gathering activities.” According to the MI5 report, he had been identified as a KGB agent on his arrival in 1977 and followed.
MI5 used his inquiries about British counter-surveillance techniques to establish gaps in the KGB’s knowledge, with “some success.” The security service watched as he ran a British businessman, whom they codenamed “Court Usher,” as an agent, even using him to deliver equipment “in a thoroughly clandestine manner.” After concluding it wouldn’t be able to recruit Zadneprovskiy, MI5 demanded he be thrown out.
It wasn’t just professional spies trying to get in on the act. As the Falklands War raged, and the government wrestled with the question of how to keep French-built Exocet anti-ship missiles out of Argentine hands, Attorney General Michael Havers sent Thatcher a handwritten note suggesting a way to intercept a shipment.
‘Bond Movie’
Acknowledging his idea “may be thought to be more appropriate to a James Bond movie,” Havers said the Secret Intelligence Service, MI6, should try to insert its own person as loadmaster on any flight used to carry missiles to Argentina.
“If this can be agreed, the loadmaster has total control over the flight and, therefore, could redirect the aircraft in transit to (for example) Bermuda,” he wrote. “This will cost money (this is an expensive dirty business) but could, in my view, be cheap at the price.”
Havers may not have been aware at the time that MI6 was already running operations to precisely that end. Nott’s diary recalls, without giving details, how the agency both prevented Argentina buying missiles available on the open market and disabled missiles it thought could fall into Argentine hands.
The U.S., while leading attempts to broker a cease-fire between Argentina and the U.K., provided information from spies as part of its support to Britain in the conflict.
‘Magnificent Support’
…
By Robert Hutton and Thomas Penny – Dec 27, 2012
Find this story at 27 December 2012
®2013 BLOOMBERG L.P. ALL RIGHTS RESERVED.
The “Red October” Campaign – An Advanced Cyber Espionage Network Targeting Diplomatic and Government Agencies24 januari 2013
During the past five years, a high-level cyber-espionage campaign has successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations, gathering data and intelligence from mobile devices, computer systems and network equipment.
Kaspersky Lab’s researchers have spent several months analyzing this malware, which targets specific organizations mostly in Eastern Europe, former USSR members and countries in Central Asia, but also in Western Europe and North America.
The campaign, identified as “Rocra”, short for “Red October”, is currently still active with data being sent to multiple command-and-control servers, through a configuration which rivals in complexity the infrastructure of the Flame malware. Registration data used for the purchase of C&C domain names and PE timestamps from collected executables suggest that these attacks date as far back as May 2007.
Some key findings from our investigation:
The attackers have been active for at least five years, focusing on diplomatic and governmental agencies of various countries across the world. Information harvested from infected networks is reused in later attacks. For example, stolen credentials were compiled in a list and used when the attackers needed to guess passwords and network credentials in other locations. To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries (mainly Germany and Russia). The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the true -mothership- command and control server.
The attackers created a multi-functional framework which is capable of applying quick extension of the features that gather intelligence. The system is resistant to C&C server takeover and allows the attacker to recover access to infected machines using alternative communication channels.
Beside traditional attack targets (workstations), the system is capable of stealing data from mobile devices, such as smartphones (iPhone, Nokia, Windows Mobile); dumping enterprise network equipment configuration (Cisco); hijacking files from removable disk drives (including already deleted files via a custom file recovery procedure); stealing e-mail databases from local Outlook storage or remote POP/IMAP server; and siphoning files from local network FTP servers.
We have observed the use of at least three different exploits for previously known vulnerabilities: CVE-2009-3129 (MS Excel), CVE-2010-3333 (MS Word) and CVE-2012-0158 (MS Word). The earliest known attacks used the exploit for MS Excel and took place in 2010 and 2011, while attacks targeting the MS Word vulnerabilities appeared in the summer of 2012.
The exploits from the documents used in spear phishing were created by other attackers and employed during different cyber attacks against Tibetan activists as well as military and energy sector targets in Asia. The only thing that was changed is the executable which was embedded in the document; the attackers replaced it with their own code.
Sample fake image used in one of the Rocra spear phishing attacks.
During lateral movement in a victim’s network, the attackers deploy a module to actively scan the local area network, find hosts vulnerable for MS08-067 (the vulnerability exploited by Conficker) or accessible with admin credentials from its own password database. Another module used collected information to infect remote hosts in the same network.
Based on registration data of the C&C servers and numerous artifacts left in executables of the malware, we strongly believe that the attackers have Russian-speaking origins. Current attackers and executables developed by them have been unknown until recently, they have never related to any other targeted cyber attacks. Notably, one of the commands in the Trojan dropper switches the codepage of an infected machine to 1251 before installation. This is required to address files and directories that contain Cyrillic characters in their names.
Rocra FAQ:
What is Rocra? Where does the name come from? Was Operation Rocra targeting any specific industries, organizations or geographical regions?
Rocra (short for “Red October”) is a targeted attack campaign that has been going on for at least five years. It has infected hundreds of victims around the world in eight main categories:
Government
Diplomatic / embassies
Research institutions
Trade and commerce
Nuclear / energy research
Oil and gas companies
Aerospace
Military
It is quite possible there are other targeted sectors which haven’t been discovered yet or have been attacked in the past.
How and when was it discovered?
We have come by the Rocra attacks in October 2012, at the request of one of our partners. By analysing the attack, the spear phishing and malware modules, we understood the scale of this campaign and started dissecting it in depth.
Who provided you with the samples?
Our partner who originally pointed us to this malware prefers to remain anonymous.
How many infected computers have been identified by Kaspersky Lab? How many victims are there? What is the estimated size of Operation Red October on a global scale?
During the past months, we’ve counted several hundreds of infections worldwide – all of them in top locations such as government networks and diplomatic institutions. The infections we’ve identified are distributed mostly in Eastern Europe, but there are also reports coming from North America and Western European countries such as Switzerland or Luxembourg.
Based on our Kaspersky Security Network (KSN) here’s a list of countries with most infections (only for those with more than 5 victims):Country Infections
RUSSIAN FEDERATION 35
KAZAKHSTAN 21
AZERBAIJAN 15
BELGIUM 15
INDIA 14
AFGHANISTAN 10
ARMENIA 10
IRAN; ISLAMIC REPUBLIC OF 7
TURKMENISTAN 7
UKRAINE 6
UNITED STATES 6
VIET NAM 6
BELARUS 5
GREECE 5
ITALY 5
MOROCCO 5
PAKISTAN 5
SWITZERLAND 5
UGANDA 5
UNITED ARAB EMIRATES 5
For the sinkhole statistics see below.
Who is behind/responsible for this operation? Is this a nation-state sponsored attack?
The information we have collected so far does not appear to point towards any specific location, however, two important factors stand out:
The exploits appear to have been created by Chinese hackers.
The Rocra malware modules have been created by Russian-speaking operatives.
Currently, there is no evidence linking this with a nation-state sponsored attack. The information stolen by the attackers is obviously of the highest level and includes geopolitical data which can be used by nation states. Such information could be traded in the underground and sold to the highest bidder, which can be of course, anywhere.
Are there any interesting texts in the malware that can suggest who the attackers are?
Several Rocra modules contain interesting typos and mis-spellings:
network_scanner: “SUCCESSED”, “Error_massage”, “natrive_os”, “natrive_lan”
imapispool: “UNLNOWN_PC_NAME”, “WinMain: error CreateThred stop”
mapi_client: “Default Messanger”, “BUFEER IS FULL”
msoffice_plugin: “my_encode my_dencode”
winmobile: “Zakladka injected”, “Cannot inject zakladka, Error: %u”
PswSuperMailRu: “——-PROGA START—–“, “——-PROGA END—–”
The word “PROGA” used in here might refer to transliteration of Russian slang “ПРОГА”, which literally means an application or a program among Russian-speaking software engineers.
In particular, the word “Zakladka” in Russian can mean:
“bookmark”
(more likely) a slang term meaning “undeclared functionality”, i.e. in software or hardware. However, it may also mean a microphone embedded in a brick of the embassy building.
The C++ class that holds the C&C configuration parameters is called “MPTraitor” and the corresponding configuration section in the resources is called “conn_a”. Some examples include:
conn_a.D_CONN
conn_a.J_CONN
conn_a.D_CONN
conn_a.J_CONN
What kind of information is being hijacked from infected machines?
Information stolen from infected systems includes documents with extensions:
txt, csv, eml, doc, vsd, sxw, odt, docx, rtf, pdf, mdb, xls, wab, rst, xps, iau,
cif, key, crt, cer, hse, pgp, gpg, xia, xiu, xis, xio, xig, acidcsa, acidsca,
aciddsk, acidpvr, acidppr, acidssa.
In particular, the “acid*” extensions appear to refer to the classified software “Acid Cryptofiler”, which is used by several entities such as the European Union and/or NATO.
What is the purpose/objective of this operation? What were the attackers looking for by conducting this sustained cyber-espionage campaign for so many years?
The main purpose of the operation appears to be the gathering of classified information and geopolitical intelligence, although it seems that the information gathering scope is quite wide. During the past five years, the attackers collected information from hundreds of high profile victims although it’s unknown how the information was used.
It is possible that the information was sold on the black market, or used directly.
What are the infection mechanisms for the malware? Does it have self-propagating (worm) capabilities? How does it work? Do the attackers have a customized attack platform?
The main malware body acts as a point of entry into the system which can later download modules used for lateral movement. After initial infection, the malware won’t propagate by itself – typically, the attackers would gather information about the network for a few days, identify key systems and then deploy modules which can compromise other computers in the network, for instance by using the MS08-067 exploit.
In general, the Rocra framework is designed for executing “tasks” that are provided by its C&C servers. Most of the tasks are provided as one-time PE DLL libraries that are received from the server, executed in memory and then immediately discarded.
Several tasks however need to be constantly present in the system, i.e. waiting for the iPhone or Nokia mobile to connect. These tasks are provided as PE EXE files and are installed in the infected machine.
Examples of “persistent” tasks
Once a USB drive is connected, search and extract files by mask/format, including deleted files. Deleted files are restored using a built in file system parser
Wait for an iPhone or a Nokia phone to be connected. Once connected, retrieve information about the phone, its phone book, contact list, call history, calendar, SMS messages, browsing history
Wait for a Windows Mobile phone to be connected. Once connected, infect the phone with a mobile version of the Rocra main component
Wait for a specially crafted Microsoft Office or PDF document and execute a malicious payload embedded in that document, implementing a one-way covert channel of communication that can be used to restore control of the infected machine
Record all the keystrokes, make screenshots
Execute additional encrypted modules according to a pre-defined schedule
Retrieve e-mail messages and attachments from Microsoft Outlook and from reachable mail servers using previously obtained credentials
Examples of “one-time” tasks
Collect general software and hardware environment information
Collect filesystem and network share information, build directory listings, search and retrieve files by mask provided by the C&C server
Collect information about installed software, most notably Oracle DB, RAdmin, IM software including Mail.Ru agent, drivers and software for Windows Mobile, Nokia, SonyEricsson, HTC, Android phones, USB drives
Extract browsing history from Chrome, Firefox, Internet Explorer, Opera
Extract saved passwords for Web sites, FTP servers, mail and IM accounts
Extract Windows account hashes, most likely for offline cracking
Extract Outlook account information
Determine the external IP address of the infected machine
Download files from FTP servers that are reachable from the infected machine (including those that are connected to its local network) using previously obtained credentials
Write and/or execute arbitrary code provided within the task
Perform a network scan, dump configuration data from Cisco devices if available
Perform a network scan within a predefined range and replicate to vulnerable machines using the MS08-067 vulnerability
Replicate via network using previously obtained administrative credentials
The Rocra framework was designed by the attackers from scratch and hasn’t been used in any other operations.
Was the malware limited to only workstations or did it have additional capabilities, such as a mobile malware component?
Several mobile modules exist, which are designed to steal data from several types of devices:
Windows Mobile
iPhone
Nokia
These modules are installed in the system and wait for mobile devices to be connected to the victim’s machine. When a connection is detected, the modules start collecting data from the mobile phones.
How many variants, modules or malicious files were identified during the overall duration of Operation Red October?
During our investigation, we’ve uncovered over 1000 modules belonging to 30 different module categories. These have been created between 2007 with the most recent being compiled on 8th Jan 2013.
Here’s a list of known modules and categories:
Were initial attacks launched at select “high-profile” victims or were they launched in series of larger (wave) attacks at organizations/victims?
All the attacks are carefully tuned to the specifics of the victims. For instance, the initial documents are customized to make them more appealing and every single module is specifically compiled for the victim with a unique victim ID inside.
Later, there is a high degree of interaction between the attackers and the victim – the operation is driven by the kind of configuration the victim has, which type of documents the use, installed software, native language and so on. Compared to Flame and Gauss, which are highly automated cyberespionage campaigns, Rocra is a lot more “personal” and finely tuned for the victims.
Is Rocra related in any way to the Duqu, Flame and Gauss malware?
Simply put, we could not find any connections between Rocra and the Flame / Tilded platforms.
How does Operation Rocra compare to similar campaigns such as Aurora and Night Dragon? Any notable similarities or differences?
Compared to Aurora and Night Dragon, Rocra is a lot more sophisticated. During our investigation we’ve uncovered over 1000 unique files, belonging to about 30 different module categories. Generally speaking, the Aurora and Night Dragon campaigns used relatively simple malware to steal confidential information.
With Rocra, the attackers managed to stay in the game for over 5 years and evade detection of most antivirus products while continuing to exfiltrate what must be hundreds of Terabytes by now.
How many Command & Control servers are there? Did Kaspersky Lab conduct any forensic analysis on them?
During our investigation, we uncovered more than 60 domain names used by the attackers to control and retrieve data from the victims. The domain names map to several dozen IPs located mostly in Russia and Germany.
Here’s an overview of the Rocra’s command and control infrastructure, as we believe it looks from our investigations:
More detailed information about the Command and Control servers will be revealed at a later date.
Did you sinkhole any of the Command & Control servers?
We were able to sinkhole six of the over 60 domains used by the various versions of the malware. During the monitoring period (2 Nov 2012 – 10 Jan 2013), we registered over 55,000 connections to the sinkhole. The number of different IPs connecting to the sinkhole was 250.
From the point of view of country distribution of connections to the sinkhole, we have observed victims in 39 countries, with most of IPs being from Switzerland. Kazakhstan and Greece follow next.
Sinkhole statistics – 2 Nov 2012 – 10 Jan 2013
Is Kaspersky Lab working with any governmental organizations, Computer Emergency Response Teams (CERTs), law enforcement agencies or security companies as part of the investigation and disinfection efforts?
Kaspersky Lab, in collaboration with international organizations, Law Enforcement, Computer Emergency Response Teams (CERTs) and other IT security companies is continuing its investigation of Operation Red October by providing technical expertise and resources for remediation and mitigation procedures.
Kaspersky Lab would like to express their thanks to: US-CERT, the Romanian CERT and the Belarusian CERT for their assistance with the investigation.
If you are a CERT and would like more information about infections in your country, please contact us at theflame@kaspersky.com.
Here’s a link to the full paper (part 1) about our Red October research. During the next days, we’ll be publishing Part 2, which contains a detailed technical analysis of all the known modules. Please stay tuned.
A list of MD5s of known documents used in the Red October attacks:
114ed0e5298149fc69f6e41566e3717a
1f86299628bed519718478739b0e4b0c
2672fbba23bf4f5e139b10cacc837e9f
350c170870e42dce1715a188ca20d73b
396d9e339c1fd2e787d885a688d5c646
3ded9a0dd566215f04e05340ccf20e0c
44e70bce66cdac5dc06d5c0d6780ba45
4bfa449f1a351210d3c5b03ac2bd18b1
4ce5fd18b1d3f551a098bb26d8347ffb
4daa2e7d3ac1a5c6b81a92f4a9ac21f1
50bd553568422cf547539dd1f49dd80d
51edea56c1e83bcbc9f873168e2370af
5d1121eac9021b5b01570fb58e7d4622
5ecec03853616e13475ac20a0ef987b6
5f9b7a70ca665a54f8879a6a16f6adde
639760784b3e26c1fe619e5df7d0f674
65d277af039004146061ff01bb757a8f
6b23732895daaad4bd6eae1d0b0fef08
731c68d2335e60107df2f5af18b9f4c9
7e5d9b496306b558ba04e5a4c5638f9f
82e518fb3a6749903c8dc17287cebbf8
85baebed3d22fa63ce91ffafcd7cc991
91ebc2b587a14ec914dd74f4cfb8dd0f
93d0222c8c7b57d38931cfd712523c67
9950a027191c4930909ca23608d464cc
9b55887b3e0c7f1e41d1abdc32667a93
9f470a4b0f9827d0d3ae463f44b227db
a7330ce1b0f89ac157e335da825b22c7
b9238737d22a059ff8da903fbc69c352
c78253aefcb35f94acc63585d7bfb176
fc3c874bdaedf731439bbe28fc2e6bbe
bb2f6240402f765a9d0d650b79cd2560
bd05475a538c996cd6cafe72f3a98fae
c42627a677e0a6244b84aa977fbea15d
cb51ef3e541e060f0c56ac10adef37c3
ceac9d75b8920323477e8a4acdae2803
cee7bd726bc57e601c85203c5767293c
d71a9d26d4bb3b0ed189c79cd24d179a
d98378db4016404ac558f9733e906b2b
dc4a977eaa2b62ad7785b46b40c61281
dc8f0d4ecda437c3f870cd17d010a3f6
de56229f497bf51274280ef84277ea54
ec98640c401e296a76ab7f213164ef8c
f0357f969fbaf798095b43c9e7a0cfa7
f16785fc3650490604ab635303e61de2
GReAT
Kaspersky Lab Expert
Posted January 14, 13:00 GMT
Find this story at 14 Januar 2013
And “Red October” Diplomatic Cyber Attacks Investigation
Angriff von “Roter Oktober” Spionageprogramm24 januari 2013
Anti-Viren-Experten haben einen ausgeklügelten Spionagevirus auf Rechnern vor allem in Russland und Zentralasien entdeckt. Dateien und E-Mails wurden in großem Stil entwendet. Zu den Zielen gehörten Regierungen, Botschaften, Forschungseinrichtungen, Militär und Energiewirtschaft.
Moskau – Sicherheitsexperten haben einen großangelegten Spionageangriff auf diplomatische Vertretungen, Regierungsorganisationen und Forschungsinstitute in Osteuropa und Zentralasien entdeckt. Die Fachleute der russischen Sicherheitssoftware-Firma Kaspersky berichten, dass die Spionageprogramme über fünf Jahre hinweg unentdeckt auf den Computern und in den Netzwerken der betroffenen Organisationen systematisch nach hochsensiblen Dokumenten mit vertraulichen, oft geopolitisch relevanten Inhalten suchten. Weil die Spionagesoftware so lange unentdeckt blieb, haben die Kaspersky-Experten sie “Red October” (kurz Rocra) getauft – wie das lautlose U-Boot in Tom Clancys Thriller.
Die Angreifer nutzen demnach hochspezialisierte Schadprogramme. Die russischen Experten zeigen sich beeindruckt von der dabei genutzten Infrastruktur: Die Komplexität der Rocra-Software könnte es mit Flame aufnahmen, schreiben sie. Der Hightech-Schädling Flame galt bei der Entdeckung Anfang 2012 als eine der komplexesten Bedrohungen, die je entdeckt worden sind.
Rocras Komponenten spionierten verschiedene Plattformen aus: PC, iPhones, Nokia- und Window-Mobile-Smartphone sowie Business-Hardware des US-Konzerns Cisco.
Kommando-Rechner haben die Kaspersky-Experten an 60 verschiedenen Serverstandorten beobachtet, davon viele in Russland und Deutschland. Mit der Virenfamilie um Flame, Gauss und Duqu, deren Ziele sich vor allem in Iran und im Nahen Osten befinden, hat Rocra aber nichts zu tun, glauben die Kaspersky-Forscher. Man habe keine Verbindungen finden können, Rocra sei wesentlich “personalisierter” als Flame, Duqu und Gauss.
Wer ist betroffen?
Kaspersky schreibt, man habe “mehrere hundert” befallene Rechner weltweit entdeckt. Betroffen seien vor allem Computer und Netzwerke in Regierungsstellen, diplomatischen Vertretungen, Forschungsinstituten, im Nuklearsektor, in der Öl- und Gasindustrie, in Luftfahrtunternehmen und im Militär.
Kaspersky hat zudem über Monate hinweg analysiert, in welchen Staaten die eigene Software Spuren von Rocra-Infektionen findet. So entstand diese Rangliste der Infektionen nach Standort der betroffenen Systeme (in Klammern steht jeweils die Zahl der infizierten Systeme):
Russland (35)
Kasachstan (21)
Aserbaidschan (15)
Belgien (15)
Indien (14)
Afghanistan (10)
Armenien (10)
Iran (7)
Turkmenistan (7)
Außerdem betroffen sind demnach jeweils fünf oder sechs Rechner oder Netzwerke in der Ukraine, den USA, Vietnam, Weißrussland, Griechenland, Italien, Marokko, Pakistan, der Schweiz, Uganda und den Vereinigten Arabischen Emiraten.
Was suchten die Täter?
Laut Kaspersky wurden Dateien in großem Stil von den infizierten Rechnern kopiert. Die Beschreibung klingt eher nach einer breit angelegten Erkundung als nach zielgerichteten Angriffen. Die Täter haben nach Textdateien, Tabellen, Schlüsseln für die Kryptografie-Programme PGP und GnuPG gesucht. Auch E-Mails wurden kopiert, angeschlossene Laufwerke und Smartphones ausgelesen.
Dateiendungen, nach denen Rocra Ausschau hielt, deuten laut Kaspersky auch auf ein besonderes Interesse an Dateien hin, die mit dem von der EU und Nato genutzten Verschlüsselungsprogramm Acid Cryptofiler in Zusammenhang stehen. Die Dateiendung xia könnte ein Hinweis auf die deutsche Verschlüsselungssoftware Chiasmus sein.
Wie wurde der Angriff entdeckt?
Auf den Angriff wurde Kaspersky nach eigenen Angaben von einem Geschäftspartner hingewiesen, der anonym bleiben möchte. Die Analyse des entdeckten Schädlings brachte die Forscher dann auf die Spur weiterer Opfer. Mit einer Art Fallenkonstruktion, einem sogenannten Sinkhole, identifizierte Kaspersky schließlich sechs der 60 Kontrollserver, von denen die befallenen Rechner Befehle empfangen.
Wie gingen die Angreifer vor?
Die Attacken waren offenbar genau auf die jeweiligen Opfer zugeschnitten. So verschickten die Angreifer per E-Mail Dokumente, die für die Opfer interessant zu sein schienen. Als Beispiel präsentiert Kaspersky den Screenshot einer Werbeanzeige für ein gebrauchtes Diplomatenfahrzeug. Spätere Infektions-E-Mails seien offenbar auf Basis früher entwendeter Daten passgenau aufgesetzt worden. Die Dokumente waren mit einem Schadcode kombiniert, der bereits bekannte Sicherheitslücken ausnutzte, und zwar in Microsoft Word und Excel.
Sobald der Empfänger einen solchen Dateianhang öffnete, wurde ein Trojaner in die Rechner eingeschleust, der dann wiederum einen weiteren Schadcode aus einer gewaltigen Bibliothek nachlud. Gesteuert wurden die gekaperten Rechner dann von einer Kaskade von 60 sogenannten Command-&-Control-Servern (C&C). Die seien so hintereinander geschaltet, dass es unmöglich sei, die eigentliche Quelle der Steuerbefehle auszumachen, so Kaspersky.
Die Spionagewerkzeuge, die nachgeladen wurden, sind vielfältig und ausgeklügelt. Über tausend Software-Module habe man gefunden, die 34 verschiedene Funktionen erfüllten. Manche Module erkundeten das befallene Netzwerk, kopierten die Surf-History des installierten Browsers oder prüften, welche Laufwerke angeschlossen waren. Andere waren auf Passwort-Klau spezialisiert oder darauf, gleich den gesamten E-Mail-Verkehr oder ganze Verzeichnisse von dem befallenen Rechner zu kopieren. Andere Module waren auf das Auslesen von angeschlossenen USB-Laufwerken spezialisiert, einige sogar auf das Wiederherstellen gelöschter Daten auf solchen Laufwerken.
Auch an infizierte Rechner angeschlossene Mobiltelefone kann Rocra übernehmen oder zumindest auslesen, die Kontaktliste beispielsweise. Fast schon selbstverständlich, dass die Angreifer auch Hintertüren auf den befallenen Rechnern und Telefonen installierten, um später weitere Befehle ausführen oder Software nachladen zu können. Rocra überträgt die gefundenen Dateien schließlich gepackt und verschlüsselt über das Internet an Steuerungsrechner.
Wer könnte dahinterstecken?
Kaspersky zufolge enthält die Schadsoftware Hinweise auf Entwickler aus mindestens zwei unterschiedlichen Nationen. Die Exploits, also die Teile des Schadcodes, die bestimmte Sicherheitslücken ausnutzen, “scheinen von chinesischen Hackern entwickelt worden zu sein”, schreiben die Autoren des Berichts. Sie seien in der Vergangenheit auch schon bei Cyberangriffen gegen tibetische Aktivisten und Ziele aus dem Energie- und Militärbereich in Asien eingesetzt worden. Solche Exploits könnten auch auf dem Schwarzmarkt eingekauft worden sein. Der Malware-Code selbst aber scheine von “russischsprachigen” Entwicklern zu stammen.
So tauchte im Programmcode beispielsweise der russische Begriff “Zakladka” auf. Es kann Grundstein heißen oder für etwas “Eingebettetes” stehen. Der Begriff könnte aber auch “Lesezeichen” oder einfach “nicht näher definierte Funktion” bedeuten. Damit könnte aber auch ein “in der Wand einer Botschaft verstecktes Mikrofon” gemeint sein, heißt es in dem Kaspersky-Bericht.
…
14. Januar 2013, 18:37 Uhr
Von Konrad Lischka und Christian Stöcker
Find this story at 14 Januar 2013
© SPIEGEL ONLINE 2013
‘Red October’ cyber-attack found by Russian researchers24 januari 2013
A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.
Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.
It was designed to steal encrypted files – and was even able to recover files that had been deleted.
One expert described the attack find as “very significant”.
“It appears to be trying to suck up all the usual things – word documents, PDFs, all the things you’d expect,” said Prof Alan Woodward, from the University of Surrey.
“But a couple of the file extensions it’s going after are very specific encrypted files.”
In a statement, Kaspersky Labs said: “The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.
“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.”
‘Carefully selected’
In an interview with the BBC, the company’s chief malware researcher Vitaly Kamluk said victims had been carefully selected.
“It was discovered in October last year,” Mr Kamluk said.
“We initiated our checks and quite quickly understood that is this a massive cyber-attack campaign.
“There were a quite limited set of targets that were affected – they were carefully selected. They seem to be related to some high-profile organisations.”
Red October – which is named after a Russian submarine featured in the Tom Clancy novel The Hunt For Red October – bears many similarities with Flame, a cyber-attack discovered last year.
Like Flame, Red October is made up of several distinct modules, each with a set objective or function.
“There is a special module for recovering deleted files from USB sticks,” Mr Kamluk said.
“It monitors when a USB stick is plugged in, and it will try to undelete files. We haven’t seen anything like that in a malware before.”
Also unique to Red October was its ability to hide on a machine as if deleted, said Prof Woodward.
“If it’s discovered, it hides.
“When everyone thinks the coast is clear, you just send an email and ‘boof’ it’s back and active again.”
Cracked encryption
Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common.
Prof Woodward explained that while Cryptofiler is no longer used for extremely sensitive documents, it is still used by the likes of Nato for protecting privacy and other information that could be valuable to hackers.
Red October’s targeting of Cryptofiler files could suggest its encryption methods had been “cracked” by the attackers.
Like most malware attacks, there are clues as to its origin – however security experts warn that any calling cards found within the attack’s code could in fact be an attempt to throw investigators off the real scent.
Kaspersky’s Mr Kamluk said the code was littered with broken, Russian-influenced English.
“We’ve seen use of the word ‘proga’ – a slang word common among Russians which means program or application. It’s not used in any other language as far as we know.”
But Prof Woodward added: “In the sneaky old world of espionage, it could be a false flag exercise. You can’t take those things at face value.”
Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses. In simpler terms, this means that large numbers of computers were infected in single locations – possibly government buildings or facilities.
A 100-page report into the malware is to be published later this week, the company said.
14 January 2013 Last updated at 13:26 GMT
By Dave Lee
Technology reporter, BBC News
Find this story at 14 Januar 2013
BBC © 2013 The BBC is not responsible for the content of external sites. Read more.
The hunt for Red October: The astonishing hacking ring that has infiltrated over 1,000 high level government computers around the world24 januari 2013
Researchers say the cyber attack has been in operation since 2007 – and is still running
Operation described as ‘massive’ and has stolen ‘several terabytes’ of data
Security firm which discovered the attacks claims there is ‘strong technical evidence the attackers have Russian-speaking origins’- but say a private firm or rogue nation could be behind the network.
Targets included diplomatic and governmental agencies of various countries across the world, research institutions, energy and nuclear groups, and trade and aerospace firms
A major cyber-attack that has been stealing information from high level government computers around the world since 2007 has been discovered.
Kaspersky Labs, which made the discovery, said in addition to diplomatic and governmental agencies of various countries across the world, Red October also targeted research institutions, energy and nuclear groups, and trade and aerospace targets.
The firm even said the malware was used to infiltrate smartphones of government workers to electronically steal information.
The full extent of the Red October operation is revealed in this infographic, showing how it has hit countries across the globe
WHAT HAS BEEN STOLEN?
The main objective of the attackers was to gather sensitive documents from the compromised organisations.
This included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.
Overall, Kaspersky said over 7 terabytes, or 7,000GB data has been stolen.
The primary focus of the campaign was targeting countries in eastern Europe.
‘Former USSR Republics and countries in Central Asia were targeted, although victims can be found everywhere, including Western Europe and North America’, said Kaspersky Lab, an antivirus software firm which made the discovery.
‘The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,’
Red October, which has been active since at least 2007, appears to collect files encrypted with software used by several entities from the European Union to Nato.
Kaspersky said Red October also infected smartphones, including iPhones, Windows Mobile and Nokia handsets.
It is believed to be still operating, although since the research was published, the attackers are believed to have started dismantling the system to protect their identities.
‘The project started in October 2012, we received a suspicious executable from a partner,’ Vitaly Kamluk, Chief Malware Expert at Kaspersky Lab told MailOnline.
‘We checked and began to understand what we had was quite massive – we found 1,000 different files in a few weeks, each of them a personalised email.’
Mr Kamluk said the attacks were highly customised.
‘There are a very limited number of machines, around 1,000 around the world, but every target is carefully selected.’
‘We extracted language used and found Broken English was used, with Russian words thrown in, such as Proga, commonly used among Russian programmers.
‘However, we are not pointing fingers at Russia – just that Russian language has been spotted.
‘It could be any organisation or country behind this, it could be nation states or a private business or criminal group.
HOW RED OCTOBER WORKS
One of the fake emails used to infect computers
Red October is a malware attack.
Initially the malicious code was delivered via e-mail as attachments (Microsoft Excel, Word and, probably PDF documents) which were rigged with exploit code for known security vulnerabilities in the various applications.
Intended targets received personalised correspondence based on gathered intelligence on individual people (an example is on the right).
These attacks comprised of two major stages:
Initial infection: Right after the victim opens the malicious document on a vulnerable system, the embedded malicious code initiates the setup of the main Red October software on the machine.
This handles further communication with the master servers run by the hackers, and can survive the computer being restarted.
Spying: Next, the system receives a number of additional spy modules from the hacker’s server, including modules to handle infection of smartphones – the team said iPhones, Windows phones and Nokia handsets were seen on the network.
The specific modules are customised for each mobile depending on the infomration the hackers wanted.
The main purpose of the spying modules is to steal information.
All gathered information is packed, encrypted and only then transferred to the Red October command servers.
Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common
The campaign, identified as ‘Rocra’, short for ‘Red October’, is currently still active with data being sent to multiple command-and-control servers, through a configuration which rivals in complexity the infrastructure of the Flame malware.
Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses.
Most infection connections were found coming from Switzerland, followed by Kazakhstan and Greece.
‘There is senstitive geopolitical information being stolen, which is very valuable,’ said Mr Kamluk.
Kaspersky estimate there were 20-30 developers working full time on this, and all were ‘very experienced programmers’.
…
By Mark Prigg
PUBLISHED: 14:39 GMT, 16 January 2013 | UPDATED: 14:56 GMT, 16 January 2013
Find this story at 16 Januar 2013
© Associated Newspapers Ltd
Former U.S. Navy Officer Detained for Attempting to Spy for Russia24 januari 2013
Hoffman, 39, is set to remain in custody until a detention hearing on Tuesday.
A former U.S. Navy officer has been detained for attempting to hand over secret information on tracking U.S. submarines to Russian intelligence.
CNN reported Thursday that submarine specialist Robert Patrick Hoffman II was detained Thursday morning in Virginia Beach, Virginia, while trying to pass classified information to CIA operatives posing as Russian agents.
…
07 December 2012
The Moscow Times
Find this story at 6 December 2012
© Copyright 2013. The Moscow Times. All rights reserved.
Former Navy Sailor Charged with Attempted Espionage24 januari 2013
A former Navy sailor has been arrested and charged with attempting to pass classified information about U.S. submarines to Russian spies.
Robert Patrick Hoffman II was arrested by agents from the FBI and the Naval Criminal Investigative Service (NCIS) this morning at his home in Virginia Beach.
According to the indictment returned by a federal grand jury in Norfolk, Va., Hoffman served in the Navy for 22 years and achieved the rank of petty officer first class. Hoffman worked as a cryptological technician where he had access to classified information about codes and signals intelligence. Hoffman, who served as a submarine warfare specialist, retired from active duty on Nov. 1, 2011.
The indictment alleges that on Oct. 21, 2012 Hoffman attempted to pass information “relating to the national defense of the United States, including information classified as SECRET that revealed and pertained to methods to track U.S. submarines, including the technology and procedures required.”
Hoffman believed he was meeting with representatives from the Russian government but in actuality they were undercover FBI agents.
“The indictment does not allege that the Russian Federation committed any offense under U.S. laws in this case,” the Justice Department noted in the press release announcing the case.
…
Dec 6, 2012 4:43pm
Find this story at 6 December 2012
Copyright © 2013 ABC News
FBI: Retired sailor faces spy charges24 januari 2013
A retired cryptologic technician allegedly attempted to deliver sub-tracking secrets to the Russians, but ended up caught in an FBI sting instead.
A federal grand jury charged retired Cryptologic Technician 1st Class (SS) Robert Patrick Hoffman II on Wednesday with attempted espionage, according to an FBI release. The former sailor earned a top secret security clearance while in the Navy, according to the release, and allegedly offered secret information to the Russians in October.
The “Russians” were actually part of an undercover FBI operation, according to the release. Hoffman, 39, was arrested Thursday morning “without incident” and is scheduled to be in federal court in Norfolk, Va., on Thursday afternoon.
…
He retired Oct. 31, 2011, about a year before his alleged espionage.
By Kevin Lilley – Staff writer
Posted : Thursday Dec 6, 2012 13:52:16 EST
Find this story at 6 December 2012
All content © 2013, Gannett Government Media Corporation
Canadian spy’s guilty plea closes lid on serious breach24 januari 2013
A CANADIAN spy who compromised Australian intelligence information has pleaded guilty to espionage, having reportedly sold secrets to Russia for $3000 a month.
Canadian naval officer Jeffrey Paul Delisle’s guilty plea in Nova Scotia’s supreme court on Wednesday has ensured that the Canadian, United States and Australian governments will not be embarrassed by a jury trial that would have revealed details of one of the worst Western security breaches since the end of the Cold War.
Delisle’s sale of top-secret intelligence to Russian agents was the subject of high-level consultation between the Australian and Canadian governments last January and was discussed at a secret international conference of Western security agencies at Queenstown, New Zealand, in February.
Fairfax Media reported in July that Australian security sources had privately acknowledged the massive security breach compromised Western intelligence information and capabilities.
Advertisement
The Australian Security Intelligence Organisation was also briefed on the case through liaison with the Canadian Security Intelligence Service.
Sub-Lieutenant Delisle worked at the Royal Canadian Navy’s Trinity intelligence and communications centre at Halifax, Nova Scotia. A naval intelligence and security analyst, he had access to a top-secret computer network code-named Stone Ghost that connects the defence intelligence agencies of the US, Britain, Canada, Australia and New Zealand.
Australian security sources say much of the information Delisle sold was top-secret signals intelligence collected by the five agencies.
Delisle’s guilty plea means that few details of the espionage case have or will be made public.
However, newly released information from Delisle’s bail hearing in January has revealed that facing chronic financial difficulties, he began a four-year espionage career by walking into the Russian Embassy in Ottawa in 2007. Wearing civilian clothes, Delisle displayed his Canadian military identification badge and asked to meet someone from GRU, the Russian military intelligence service.
…
October 12, 2012
Philip Dorling
Find this story at 12 October 2012
Copyright © 2013 Fairfax Media
Royal Navy submariner admits meeting ‘Russian spies’24 januari 2013
Petty officer gathered secret coding programs and met two people he thought were Russian agents, court hears
Edward Devenney admitted discussing information relating to the movement of nuclear submarines. Photograph: Gaz Armes/ MoD Crown Copyright/PA
A Royal Navy submariner was caught trying to sell secrets to Russia in a sting operation led by the security services, the Guardian understands.
Edward Devenney, 30, pleaded guilty on Tuesday to collecting secret coding programs used by the British and attempting to pass the classified information on to Moscow.
Devenney, who is formerly from Northern Ireland, was a submariner on HMS Vigilant, a Trident nuclear submarine, when he decided to pass on secrets to the “enemy”, it is understood. The submarine – one of four that make up the UK’s nuclear deterrent – is normally based at Faslane in Scotland but had been refuelling at Devonport dock in Plymouth when Devenney’s activities raised the suspicions of his senior officers.
Devenney’s motivation, it is believed, was unhappiness with his situation and a degree of anger towards his employers after being passed over for promotion, rather than an issue of ideology or money.
A prolific tweeter, his behaviour raised the suspicions of his senior officers and over a period of months an undercover operation was carried out.
This led to Devenney contacting two people he believed were from the Russian secret service and discussing information relating to the movement of nuclear submarines with them. However, he was in fact talking to British agents.
Devenney was arrested and charged under the Official Secrets Act. He appeared at the Old Bailey in London and pleaded guilty to gathering details of encryption programs in breach of the act.
The charge related to collecting information for a purpose prejudicial to the safety of the state between 18 November 2011 and 7 March 2012. The information was described in court as “crypto material” – or codes used to encrypt secret information – which could be useful to an enemy.
Devenney also admitted a charge of misconduct in a public office in relation to a meeting with two people he believed were from the Russian secret service. He admitted meeting the two individuals and discussing the movement of nuclear submarines with them. He denied a further count of communicating information to another person. The Crown Prosecution Service would not pursue this charge, the court heard.
…
Sandra Laville, crime correspondent
guardian.co.uk, Tuesday 13 November 2012 13.15 GMT
Find this story at 13 November 2012
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Eight years for submariner who took secret photos in ‘disgusting’ betrayal24 januari 2013
Threat: Edward Devanney took photographs on board HMS Vigilant
A Royal Navy petty officer was jailed for eight years today after taking mobile phone pictures in the top-secret communications room of a nuclear submarine and planning to pass information to the Russians.
Edward Devanney secretly photographed canisters holding code systems used throughout Britain’s armed forces, which are normally locked in a safe.
Such a security breach could have jeopardised any chance of British submarines operating undetected by the enemy, the Old Bailey heard. Navy chiefs still do not know how he was able to open the safe and take the photos undetected.
Mr Justice Saunders told him: “You were prepared to betray your country and your colleagues. It needs to be understood by those who may be tempted to pass on secrets that long sentences will follow even unsuccessful attempts.”
Devanney rang the Russian embassy 11 times and later made contact with two men called Dimitri and Vladimir he believed to be enemy agents. He told them he was disillusioned with the Navy saying: “I’m just a bit p***** off with them. I know it’s petty but I just want to hurt them.”
…
Paul Cheston
12 December 2012
Find this story at 12 December 2012
© 2012 Evening Standard Limited
Nuclear submariner tried to pass secrets to Russians to ‘hurt’ Royal Navy24 januari 2013
A disillusioned Royal Navy submariner betrayed his country by trying to pass nuclear sub secrets to Russian agents because he wanted to “hurt” the Navy.
Petty Officer Edward Devenney was jailed for eight years yesterday for breaching the official secrets act after being caught in an elaborate MI5 sting operation.
He spent three months in contact with men who he thought were two Russian spies but were actually British agents, the Old Bailey heard.
He continued with his plan, done in revenge for not being promoted, despite having suspicions and even told one: “Your accent sounds remarkably fake, like British intelligence”.
A communications engineer, he offered highly sensitive details of the movements of nuclear submarines and of a previous secret operation.
He also photographed top secret code information that could have caused “substantial damage to the security of the UK”.
The case last night also raised questions over Royal Navy security because Devenney had been able to access the code material from a locked safe.
He was also allowed to remain in his sensitive post despite having problems with drink and depression after being charged with rape, for which he was later acquitted, and had been warned he would be sacked after showing signs of erratic behaviour such as going absent without leave.
Passing sentence, Mr Justice Saunders said: “This is a very serious case. The defendant was prepared to betray his country and his colleagues.”
Devenney, 30, from County Tyrone, had been a “blue-eyed boy” with a promising future in the Royal Navy, which he had served loyally for more than ten years, the court heard.
Lord Carlile QC, defending, said his career went “awry” in 2010 after he was charged with alleged rape, for which he was acquitted.
He began drinking excessively and became depressed and the following year asked to be removed from a promotion training course for 12 months.
However, he later decided he had been treated badly by the Navy and wanted to “hurt” them, Mark Dennis, prosecuting, said.
In November last year he began calling the Russian embassy in London, including 11 calls on one day shortly after a 12 hour binge drinking session.
At the time he was stationed on the nuclear submarine HMS Vigilant, which was in Plymouth undergoing a refit.
The following month he was contacted by a man called “Dima” who claimed to be from the Russian embassy.
A week later another man called Vladimir called claiming to be a colleague of Dima.
A series of phone calls and text messages were exchanged in which Devenney said he was “****** off” with the Royal Navy and that they could “help each other”.
In January, it was arranged he would meet Vladimir at the British Museum in London and the pair then met Dima in a nearby hotel room.
During the secretly filmed meeting, Devenney offered details of a previous secret operation by HMS Trafalgar, a hunter killer submarine, and various movement dates of two nuclear submarines.
Such advance notice could allow an enemy state time to set up equipment to record the sub’s unique signature information which would have meant it could have been tracked anywhere in the world, the court heard.
Two days after first contacting the Russian embassy, Devenney also managed to get into a locked safe on board HMS Vigilant and take three photographs of part of a secret code for encrypted information.
The pictures were placed on his laptop but he never passed them on or even mentioned them during his later meeting with the “Russians”.
Devenney pleaded guilty to breaching the Official Secrets Act by gathering classified information and misconduct by meeting the supposed spies.
The judge said he was passing a deterrent sentence because “those who serve their country loyally must know that those who don’t will receive proper punishment.”
…
By Tom Whitehead, Security Editor
5:15PM GMT 12 Dec 2012
Find this story at 12 December 2012
© Copyright of Telegraph Media Group Limited 2013
MI5 arrests Royal Navy petty officer for trying to spy for Russia24 januari 2013
An member of the British Royal Navy has been arrested in a counterintelligence sting operation, after trying to sell top-secret government documents to people he believed were Russian operatives. Petty Officer Edward Devenney, who has been in the Royal Navy for over a decade, was arrested earlier this week while meeting with two MI5 officers posing as Russian spies. Originally from Northern Ireland, Devenney, 29, appears to have been motivated by disgruntlement against the Navy, after his planned promotion to commissioned officer was halted due to financial austerity measures imposed on the military by the British government. According to the court indictment, Devenney contacted an unnamed “embassy of a foreign country” in London, offering to provide classified information in exchange for money. It is unknown at this point how exactly MI5, the British government’s foremost counterintelligence organization, became privy to the content of Devenney’s communication with officials at the unidentified embassy. What is known is that, after several messages were exchanged between the parties, Devenney arranged to meet two people he believed were Russian government employees. In reality, the two individuals were MI5 officers, who were able to film the clandestine meeting. Devenney was apparently arrested on the spot, having first announced that he wished to “hurt the Navy” because his promotion to a commissioned officer had been “binned” by the British government. He also shared with them classified information, which British government prosecutors say he collected meticulously between November 19, 2011, and March 7 of this year. The information consisted of cryptological material, including encryption codes for British naval communications, operational details about the now decommissioned submarine HMS Trafalgar, as well as “the comings and goings of two nuclear submarines”.
…
November 15, 2012 by Joseph Fitsanakis 5 Comments
By JOSEPH FITSANAKIS | intelNews.org |
Find this story at 15 December 2012
Russian whistleblower: police accused of ignoring evidence16 december 2012
Row over unexplained Surrey death of Alexander Perepilichnyy, a key witness in fraud case of £140m in tax stolen from Russia
A security vehicle at the entrance to St George’s Hill private estate near Weybridge, Surrey in November, where Alexander Perepilichnyy died in mysterious circumstances. Photograph: Olivia Harris/Reuters
Police and anti-fraud agencies have been criticised by the alleged victim of a multimillion-pound international fraud for ignoring dossiers of evidence – including death threats and intimidation – linking the crime with the UK, months before a witness connected to the case was found dead in unexplained circumstances.
The body of Alexander Perepilichnyy, 44, was found outside his Surrey home on 10 November. His cause of death is described as “unexplained” following two postmortems, with further toxicology tests to come.
He was a key witness in a fraud case involving the theft of £140m in tax revenue from the Russian government. The alleged fraudsters are said to have stolen three companies from a UK-based investment firm, Hermitage Capital, and used them to perpetrate the fraud – leaving Hermitage in the frame for the criminal acts.
The case is known as the “Magnitsky case”, after one of Hermitage’s Russian lawyers, Sergei Magnitsky, who was found dead in a Russian prison in 2009 with his body showing signs of torture.
A motion from the parliamentary assembly of the Council of Europe said Magnitsky had been “killed … while in pre-trial detention in Moscow after he refused to change his testimony”.
Bill Browder, the founder of Hermitage Capital, has been trying to secure convictions for the death of Magnitsky, as well as those implicated in the alleged fraud against his company, for four years.
Documents seen by the Guardian show that in January and February Browder’s lawyers passed a criminal complaint to the City of London police, the Serious Fraud Office (SFO), the Financial Services Authority (FSA) and Serious Organised Crime Agency (SOCA).
The complaint alleged Britain had ties to the alleged criminal conspiracy from its earliest stages: a UK citizen, Stephen John Kelly, served as a nominee, or “sham” director, for British Virgin Islands-based offshore companies involved in liquidating the companies used to claim the allegedly fraudulent tax refunds. Separately, a crucial couriered package of evidence, used as a pretext to raid offices in Russia, was sent from UK soil.
And, significantly, the complaint alleged lawyers working in the UK for Hermitage on the case had been subject to death threats made by phone, and intimidation via surveillance of their offices.
Hermitage claim the alleged theft of the companies was carried out using documents taken from their offices during a police raid, then “representatives” of the companies engaged in an elaborate series of steps to secure a tax rebate of about £140m. The three firms, now with no assets and more than £600m of debts, were then sold on and liquidated via the British Virgin Islands.
The Conservative MP Dominic Raab wrote to the same police and anti-fraud agencies again in August also encouraging an investigation, after being contacted by Hermitage with respect to their complaints.
Raab had previously urged action in the House of Commons against individuals allegedly implicated in Magnitsky’s death, mirroring a US bill that was formally passed by the Senate on Thursday evening.
Raab also informed the Home Office last month that one of the alleged leaders of the Russian criminal gang had apparently travelled to the UK on two occasions in 2008, despite having previous convictions in relation to a multimillion-pound fraud, and asked them to investigate. He also passed details of 60 individuals allegedly involved in the plot to UK authorities to assist in monitoring of their movements.
Raab said the lack of information from any UK authorities was troubling.
“The first thing is, we don’t know about Perepilichnyy and his cause of death,” he said. “But we do know there was some sort of hit-list in Russia with his name on it and he’s obviously given evidence in these money-laundering proceedings.
“I think the key thing is the Home Office give the police all the support they can. At the moment, there’s a lack of transparency, it’s very difficult to know. We’ve got no idea if anything’s been actioned, or even how many people linked to the case have been travelling in and out of Britain. We just don’t know.”
City of London police said they had met Hermitage but had found no evidence of UK involvement in the alleged offences.
“Detectives met with the company’s solicitors and having reviewed the complaint concluded there was no evidence of criminality in the UK and would be taking no further action,” said a spokesman”.
The SFO, FSA and SOCA declined to comment, citing policies barring them from confirming or denying the existence of any specific investigations.
A spokesman for the Home Office confirmed they had been contacted by Raab and were looking into his queries, but said they did not comment on individual visa cases.
Surrey police have still been unable to establish a cause of death for Perepilichnyy, who collapsed and died outside his luxury home in Weybridge, Surrey. He had been out jogging, his wife Tatyana said, and was found in the street wearing shorts and trainers.
Perepilichnyy appears to have been part of the alleged criminal group but to have fallen out with other members of the syndicate. He fled to Britain three years ago, taking with him bank documents, details of Credit Suisse accounts and other evidence.
In the UK Perepilichnyy kept a low profile, with few Russians in the capital having heard of him. He passed a bundle of evidence to Hermitage Capital; Hermitage then handed the documents over to the Swiss police. As a result Swiss investigators closed down several accounts allegedly belonging to figures in the criminal gang.
Andrei Pavlov, a Russian lawyer, told Kommersant, Russia’s leading daily, that Perepilichnyy appeared exhausted and frightened during two meetings the men had last year. “He wanted to make peace with [ex-partner Vladlen] Stepanov,” the lawyer said. Pavlov did not respond to repeated requests for comment by the Guardian’s deadline.
Stepanov, and his ex-wife Olga Stepanova, are among those accused by Hermitage of taking part in a complex scheme to illegally funnel Russian taxes from companies once owned by Hermitage. Information released by Hermitage, and uncovered by Magnitsky, shows how Stepanova, the former head of a Moscow tax office, and her husband bought wildly expensive properties in Moscow, Montenegro and Dubai.
In a video interview with Vedomosti, a respected financial daily, in May 2011, Stepanov attempted to explain his personal wealth, which he claims was gained through investing the money he made in the 1990s from tunnel construction and optics. He called Browder’s investigations “fabricated facts”. “With these fabricated facts, they have blamed me for everything – that there is blood on my hands.”
He also said he had fallen out with Perepilichnyy, calling him a man with “many problems”.
“He ran away. He’s not here. He doesn’t answer the phone. He’s hiding. It’s like he doesn’t exist.” Perepilichnyy is believed to have fled to the UK after becoming unable to pay back debts amid the global financial crisis.
…
James Ball, Luke Harding and Miriam Elder
The Guardian, Sunday 9 December 2012 18.35 GMT
Find this story at 9 December 2012
© 2012 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Fourth person involved in Russian fraud scheme found dead in UK16 december 2012
A Russian whistleblower who had been helping authorities in Western Europe investigate a gigantic money-laundering scheme involving Russian government officials, has been found dead in the United Kingdom. Alexander Perepilichnyy, who had been named by Swiss authorities as an indispensible informant in the so-called Hermitage Capital scandal, was found dead outside his home in Weybridge, Surrey, on November 10. The 44-year-old former businessman, who sought refuge in England in 2009, and had been living there ever since, is the fourth person linked to the money-laundering scandal to have died in suspicious circumstances. The company, Hermitage Capital Management, is a UK-based investment fund and asset-management company, which Western prosecutors believe fell victim to a massive $250 million fraud conspiracy perpetrated by Russian Interior Ministry officials who were aided by organized crime gangs. In 2006, the company’s British founders were denied entry to Russia, in what was seen by some as an attempt by the administration of Vladimir Putin to protect its officials involved in the money-laundering scheme. The scandal widened in late 2009, when Hermitage Capital lawyer Sergei Magnitsky, who had been arrested in connection with the case, died while in police custody. According to the coroner’s report, Magnitsky, who was 37 and in good physical health, died suddenly from acute heart failure at a Moscow detention facility. Some observers speculate that the lawyer was killed before he could turn into a whistleblower against some of the perpetrators of the fraud scheme. Following Magnitsky’s death, Alexander Perepilichnyy was elevated as a key witness in the case, after providing Swiss prosecutors with detailed intelligence naming several Russian government officials involved in the money-laundering scheme, as well as their criminal contacts outside Russia. This led to the freezing of numerous assets and bank accounts in several European countries. There is no word yet as to the cause of Perepilichnyy’s death. British investigators said yesterday that the first post-mortem examination had proved inconclusive and that a toxicological examination had been ordered for next week.
November 30, 2012 by Joseph Fitsanakis 3 Comments
By JOSEPH FITSANAKIS | intelNews.org |
Find this story at 30 November 2012
Alexander Litvinenko murder: British evidence ‘shows Russia involved’16 december 2012
Hearing ahead of full inquest also hears Litvinenko was working for MI6 when he was poisoned with polonium-210
Alexander Litvinenki died in a London hospital in November 2006, three weeks after drinking poisoned tea. Photograph: Natasja Weitsz/Getty Images
The government’s evidence relating to the death of Alexander Litvinenko amounts to a “prima facie case” that he was murdered by the Russian government, the coroner investigating his death has been told.
The former KGB officer was a paid MI6 agent at the time of his death in 2006, a pre-inquest hearing also heard, and was also working for the Spanish secret services supplying intelligence on Russian state involvement in organised crime.
Litvinenko died in a London hospital in November 2006, three weeks after drinking tea which had been poisoned with the radioactive isotope polonium-210.
The director of public prosecutions announced in May 2007 that it would seek to charge Andrei Lugovoi, a former KGB officer, with murder, prompting a diplomatic crisis between the UK and Russia, which refused a request for Lugovoi’s extradition. Britain expelled four Russian diplomats, which was met by a tit-for-tat expulsion of four British embassy staff from Moscow. Lugovoi denies murder.
At a preliminary hearing on Thursday in advance of the full inquest into Litvinenko’s death, Hugh Davies, counsel to the inquest, said an assessment of government documents “does establish a prima facie case as to the culpability of the Russian state in the death of Alexander Litvinenko”.
Separately, a lawyer representing the dead man’s widow, Marina, told the coroner, Sir Robert Owen, that Litvinenko had been “a paid agent and employee of MI6” at the time of his death, who was also, at the instigation of British intelligence, working for the Spanish secret service.
“The information that he was involved [in] providing to the Spanish … involved organised crime, that’s the Russian mafia activities in Spain and more widely,” Ben Emmerson QC told the hearing.
Emmerson said the inquest would hear evidence that the murdered man had a dedicated MI6 handler who used the pseudonym Martin.
While he was dying in hospital, Emmerson said, Litvinenko had given Martin’s number to a Metropolitan police officer and, without disclosing his MI6 connection, suggested the police follow up the connection. He said Litvinenko had also had a dedicated phone that he used only for phoning Martin.
“Martin will no doubt be a witness in this inquiry, once his identity has been made known to you,” Emmerson told the coroner.
The inquest would also hear evidence that Lugovoi had been working with Litvinenko in supplying intelligence to Spain, the lawyer said, adding that the murdered man had also had a separate phone used only for his contact with the other Russian.
While he was dying in hospital, Litvinenko had phoned Lugovoi on this phone to tell him he was unwell and would be unable to join him on a planned trip to Spain, Emmerson said. The purpose of the trip was for both men to deliver intelligence about Russian mafia links to the Kremlin and Vladimir Putin.
So advanced were the arrangements for the trip that the conversation “descended to the level of discussing hotels”, Emmerson said.
The case against Lugovoi centres on a meeting he and another Russian, Dmitry Kovtun, had with Litvinenko at the Palm bar at the Millennium hotel in Mayfair on 1 November 2006. It is alleged that Litvinenko’s tea was poisoned with the polonium-210 at that meeting. Kovtun also denies involvement.
At the instigation of MI6, Emmerson said, Litvinenko had been supplying information to a Spanish prosecutor, José Grinda González, under the supervision of a separate Spanish handler who used the pseudonym Uri.
Emmerson cited a US embassy cable published in the 2010 Wikileaks disclosures that detailed a briefing given by Grinda González on 13 January 2010 to US officials in Madrid. At that meeting, the lawyer said, the prosecutor had quoted intelligence from Litvinenko that Russian security and intelligence services “control organised crime in Russia”.
“Grinda stated that he believes this thesis is accurate,” the lawyer quoted.
He said that payments from both the British and Spanish secret services had been deposited directly into the joint account Litvinenko shared with his wife.
Contrary to Davies’s submission, Emmerson said the inquest should consider whether the British government had been culpable in failing to protect Litvinenko, arguing that “the very fact of a relationship between Mr Litvinenko and his employers MI6” placed a duty on the government to ensure his safety when asking him to undertake “dangerous operations”.
“It’s an inevitable inference from all of the evidence that prior to his death MI6 had carried out a detailed risk assessment and that risk assessment must in due course be disclosed.”
Neil Garnham QC, counsel for the Home Office, representing MI6, said the government would not comment on claims that Litvinenko was a British agent. “It is central to Mrs Litvinenko’s case that her husband was an employee of the British intelligence services. That is something about which I cannot or will not comment. I can neither confirm or deny it.”
The Investigative Committee of the Russian Federation has indicated that it would like to be formally designated an “interested party” in the inquest, which would give it the right to make submissions to the coroner and appoint lawyers to cross examine witnesses.
…
Esther Addley
The Guardian, Thursday 13 December 2012 19.00 GMT
Find this story at 13 December 2012
© 2012 Guardian News and Media Limited or its affiliated companies. All rights reserved.
Strange truth of a life caught up with MI6’s ‘Martin’ and the KGB16 december 2012
Inquiry told Alexander Litvinenko was spying for Britain and Spain – and Russia killed him
Secret details of Alexander Litvinenko’s life as a British intelligence agent were revealed yesterday at a preparatory hearing into the poisoned former KGB officer’s death.
The inquiry was told that the 43-year-old not only worked for MI6, but was helping the Spanish intelligence services investigating organised crime in Russia.
Mr Litvinenko died in hospital three weeks after being poisoned with radioactive polonium-210 after meeting fellow former KGB contacts for tea at a Mayfair hotel in 2006. The night before, the High Court judge Sir Robert Owen was told, he met with his MI6 handler “Martin”.
The inquest next May is likely to increase tensions between the UK and Russia, with the British government providing evidence that the foreign state was involved in the murder of its former agent.
Ben Emmerson QC, representing Mr Litvinenko’s widow Marina, claimed the British had failed to protect the former KGB officer: “At the time of his death Mr Litvinenko had been for a number of years a registered and paid agent in the employ of MI6.
“That relationship between Mr Litvinenko and his employers MI6 is sufficient to trigger an enhanced duty by the British government to ensure his safety when tasking him on dangerous operations.”
Paid through a bank account or in cash, Mr Litvinenko had a dedicated telephone to MI6, which tasked him with helping Jose Grinda Gonzalez, the Spanish prosecutor for corruption and organised crime.
A US embassy cable described how Mr Gonzalez had met the Americans and told them he was working on a thesis by Mr Litvinenko that “the Russian intelligence and security services – Grinda cited the Federal Security Service (FSB), the Foreign Intelligence Service (SVR) and military intelligence (GRU) – control organised crime in Russia. Grinda stated that he believes the thesis is accurate”.
As an agent to the Spanish intelligence services through a handler called “Uri”, Mr Litvinenko had been planning a trip to Madrid with Mr Lugovoi – a member of the FSB, and the man suspected of the murder – until he became ill from poisoning.
Mr Emmerson continued: “He made a phone call to Mr Lugovoi in hospital to discuss their planned trip together to Spain to provide intelligence to the Spanish prosecutor investigating Russian mafia links with the Kremlin and Vladimir Putin. He explained he was ill and could no longer go on their planned trip.”
Both Mr Lugovoi and Mr Kovtun – who also met him for tea at the Mayfair hotel – have denied any involvement in the killing but have refused to surrender to the British authorities.
Neil Garnham QC, representing the Government, responded that he could not comment on assertions that Mr Litvinenko was in the pay of MI6: “I can neither confirm nor deny.”
Hugh Davies, the barrister to the inquest, revealed that almost a year after it was invited to participate in the inquest, the Russian government had applied to be represented. On Wednesday, Mr Davies explained a letter was received requesting that the Investigative Committee of the Russian Federation – sometimes compared with the American FBI – be granted “interested-person status” at the inquest in May.
He added that, having examined documents supplied by the British government, the inquiry team had failed to find evidence that supported a wide variety of theories including claims Mr Litvinenko had been murdered by the Russian oligarch Boris Berezovsky, the Spanish mafia, Italian academic Mario Scaramella or Chechen organisations.
However, he added: “Taken in isolation, our assessment is that the government material does establish a prima facie case as to the culpability of the Russian state in the death of Alexander Litvinenko.”
Sir Robert, sitting as Assistant Deputy Coroner, is expected to rule early next year on what will be admissible at the inquest as well as whether there is a case under the European Convention of Human Rights that the British state was culpable in the death “either in itself carrying out, or by its agents, the poisoning or by failing to take reasonable steps to protect Mr Litvinenko from a real risk to his life”.
A tangled web: Litvinenko’s network
*Alexander Litvinenko served in the KGB and its successor the Federal Security Service (FSB) but left in 2000, having been arrested for exceeding the authority of his position, charges which were dismissed.
*In 1998, Mr Litvinenko and other FSB officers accused their superiors of ordering the assassination of the Russian tycoon Boris Berezovsky. He later worked on the oligarch’s security team and the men became friends.
*Having fled to Britain seeking asylum, he began working as an agent of MI6.
…
Terri Judd
Friday, 14 December 2012
Find this story at 14 December 2012
© independent.co.uk
<< oudere artikelen nieuwere artikelen >>