New in SpyWeek
CIA and Moscow terror, Havana Syndrome, rogue diplomat Ric Grenell, Paul Manafort’s return, a creepy Army Psyops recruiting ad & more
Welcome to SpyWeek, our weekly newsletter, where we look at news from the intersection of intelligence, foreign policy, and military operations.
Kremlin Etiquette: The CIA won’t be getting any public thank yous from Russia for the agency’s timely and accurate warning of an imminent terror attack that left more than 140 people dead.
The U.S. Embassy in Moscow on March 7 issued a warning that “extremists” had “imminent plans to target large gatherings in Moscow, to include concerts.” The CIA station in Moscow earlier delivered a private warning to Russian officials that the threat involved an offshoot of the Islamic State known as ISIS-K, The New York Times reported.
“On March the 7th, at 11:15 in the morning, Moscow time, following normal procedures and through established channels that have been employed many times previously, the United States government passed a warning in writing to Russian security services,” White House spokesman John Kirby said Thursday. It was one of many warnings the U.S. government has passed to Russia since September 2023 about various threats.
ISIS-K claimed responsibility for the March 22 attack on a concert hall outside Moscow.
But Russia, a country where the facts don’t matter, now says they had help from Ukraine.
Russian President Vladimir Putin, who earlier dismissed the CIA warnings as “outright blackmail,” pointed a finger at Kyiv. Alexander Bortnikov, head of Russia’s Federal Security Service, or FSB, quickly followed up and said America and Britain also helped.
Kirby called that “nonsense” and said ISIS-K was solely responsible.
So why bother to warn ? Why deliver a tip about a terrorist plot to an adversary who then tblames the United States? We have a “duty to warn,” says former CIA case officer Laura Thomas. It also sends a not-too-subtle message to our adversaries about the CIA’s knowledge and values.
“It may make a foreign intelligence officer from an adversarial country think ‘If they try to protect even those from enemy countries, maybe they really would take care of me and protect me if I were a clandestine source for them,’” Thomas wrote in an insightful thread on X.
Thomas, a former chief of base in Afghanistan, wrote from experience. She previously delivered the CIA’s “duty to warn” messages, which don’t always become public like the one in Moscow. Sometimes, they are intended for a specific person.
When crafting the message, Thomas said she would include as much detail as possible to help an individual or authorities stop the attack without blowing the source. “Russians or other adversaries, for example, would promptly track down and arrest, imprison, and likely execute [the source] if given enough clues,” she wrote. Indeed, the FSB’s Bortnikov complained on Tuesday that the CIA’s information wasn’t specific enough—a twisted Kremlin version of the old joke, “The food’s terrible here, and they don’t give you enough.”
“We responded to this information and took appropriate measures to prevent such things,” Bortnikov said. “Unfortunately, the actions we carried out in relation to specific groups and specific individuals—this information was not confirmed at that time.”
Havana Syndrome: CBS’ 60 Minutes says it’s come across evidence that a U.S. adversary may be behind attacks on American government officials overseas and a condition known as “Havana Syndrome.”
Correspondent Scott Pelley said in a promotional clip that “a car chase in Florida may have provided the vital clue” to the origin of the maladies, which initially befell U.S. diplomats and intelligence officers in Cuba. The story will run simultaneously with reports in Germany’s Der Spiegel and The Insider, a Russia-focused news outlet.
The report appears to contradict the conclusion reached in 2023 by most U.S. intelligence agencies that a foreign adversary was “very unlikely” to be responsible for Havana Syndrome.
SpyTalk’s Jeff Stein reports that the culprit is likely Russia. Moscow beamed microwaves at the U.S. Embassy in Moscow in the 1950s and 1960s, which may well have been the cause of higher rates of cancer and other maladies. The State Department noted that Russia researched the effects of pulsed radio frequencies that could trigger the clicks and buzzing that victims sometimes reported. The first reports of Havana Syndrome coincided with the Obama administration’s resumption of diplomatic relations with Cuba. It’s no stretch to think that a regime run by a former KGB officer with a fondness for poisoning its critics would deploy a weapon to sour the then-budding U.S.-Cuba relations.
Renegade Diplomat: Former acting director of National Intelligence and Trumpian ambassador to Germany Ric Grenell hasn’t met a strongman he doesn’t like.
Grenell was in Guatemala in January to support a right-wing campaign to block the inauguration of the country’s democratically elected new president. Grenell previously traveled to the Balkans to show his support for Serbia’s pro-Russian leaders. What’s in it for him? During the Trump administration, according to news reports, Grenell helped open the door to a Balkans real estate project he is now pursuing with Jared Kushner’s Saudi-seeded investment firm, Affinity Partners. Come for the ideology, stay for the profits.
“From Central America to Eastern Europe and beyond, Grenell has been acting as a kind of shadow secretary of state, meeting with far-right leaders and movements, pledging Trump’s support and, at times, working against the current administration’s policies,” The Washington Post reported.
SpyTalk previously reported on how Grenell buddied up to other strongmen in and out of politics. The openly gay Grenell also helped a young German-Moroccan UFC fighter with a criminal and prison record get a U.S. visa. (So much the criminal aliens Trump railed against in 2016.) He has celebrated Serbia’s president, Aleksandar Vučić, a would-be dictator who’s fallen into Moscow’s orbit (which won him raves from the Russian press). Grenell is also connected to Hungary’s pro-Russian leader Viktor Orban.
The relentless loyalist whom Trump once called “My Envoy” may well get rewarded with a nomination to be secretary of state should Trump return to the White House.
Press 1 for 702 Info: The FBI says a simple database search change eliminated the vast majority of “unintentional” queries made under Section 702, a controversial law.
Section 702 of the Foreign Intelligence Surveillance Act authorizes U.S. counterterrorism agencies to gather communications from U.S.-based tech companies if a foreigner based overseas is on one end of the conversation. Members of both parties in Congress are concerned about abuses of the powerful law.
Before 2021, 702 information was automatically included in search results. Now, the FBI has to opt-in to retrieve the foreign intelligence information. Before the changes were implemented, the FBI conducted about 2.9 million queries of U.S. persons under the authority of Section 702. Last year, that number fell to 57,094 total U.S. person queries—a 98 percent decline.
Every FBI query of raw Section 702 data must be reasonably likely to retrieve evidence of a crime. A review of the FBI queries in 2023 found that more than 1,000 queries didn’t meet the standard. In most cases, the only error involved an FBI investigator’s failure to record whether their query involved a U.S. person.
U.S. intelligence officials say 702 “saves lives” and contributed in 2022 to locating al Qaeda leader Ayman al-Zawahiri in Kabul, who was then eliminated in a U.S. drone strike. Congress wants to revamp the law to add privacy protections.
Eyes on ex-AG Lynch: The Foreign Agents Registration Act requires Americans who lobby for foreigners to register with the U.S. government. But there’s an exception to the rules big enough to ram through a big legal bill.
Take, for example, the case of Loretta Lynch, a former attorney general in the Obama administration.
When the U.S. government scrutinized a Chinese drone company over its alleged ties to China's military, the company turned to Lynch, now a partner at the powerhouse Paul, Weiss law firm in Washington.
Reuters reported that Lynch wrote to a senior Defense Department official last July on behalf of SZ DJI Technology Co Ltd, asking that her client be removed from a list of Chinese military companies on a Pentagon warning list. Lynch’s letter to the Defense Department was labeled "confidential treatment requested.”
Under the 1938 FARA law, attorneys don’t have to register if they’ve been retained to represent a foreign individual, company, or government in a court of law or before an agency of the U.S. government.
Russia, Russia, Russia: If Donald Trump wants to bring Paul Manafort back on his campaign, then Sen. Ron Wyden thinks we should remind everybody about Russia’s favorite campaign consultant.
The Oregon Democrat is on the Senate Intelligence Committee, which concluded that Manafort’s presence on Trump’s 2016 campaign “created opportunities for Russian intelligence services to exert influence over, and acquire confidential information on, the Trump Campaign.” Manafort shared polling data from the Trump campaign with Konstantin Kilimnik, a longtime business associate with suspected ties to Russian intelligence. Manafort’s willingness to share information with Kilimnick represented a “grave counterintelligence threat,” the Senate intelligence committee found.
But there’s still much we don’t know, Wyden says. In a letter to Director of National Intelligence Avril Haines. Wyden noted that evidence connecting Kilimnik and Manafort to Russia’s hack of the Clinton campaign remains classified by the DNI. There are redactions in the Senate’s report on Russia that involve new information regarding Manafort’s? meeting in Madrid during the 2016 campaign with a representative of Oleg Deripaska, a Russian oligarch and a “proxy for Russian intelligence,” Wyden says, who was trying to collect the $10 million he had lent Manafort. Release it now, Wyden says.
Be all you’re not: This is not your dad’s Army recruiting video.
With old black-and-white cartons overlaid over eerie music, a three-and-a-half minute video posted to YouTube by the U.S. Army’s 4th Psychological Operations Group feels more like a trailer for a horror film than the old “Be All You Can Be” recruiting commercials of yore. A headline about it over at Task & Purpose calls it “a master class in psychological operations” itself.
The video was created in-house as a recruitment effort and to show people how clandestine psyops can freak out enemies and alter the fate of a battle or war. Col. Chris Stangle, commander of the 4th PSYOP Group, told Task & Purpose that creating persuasive media is part of psychological operations. And the creepy ad was a demonstration of it.
You may have noticed that Ukraine is pretty good at the information war. It’s no coincidence—they got on-the-job training. “We’ve helped them build their PSYOP force,” Stangle said. “Ukraine has done a masterful job. They’ve taken the training and the work we’ve done with them, as well as their own inherent skill, and have just really blown it up.”
Grim Fun Fact: The Chesapeake 1000, a heavy lift barge crane mobilized to clear wreckage of the Francis Scott Key bridge in Baltimore, has an intriguing Cold War heritage: It debuted in the 1970s as the Sun 800 aboard the Glomar Explorer, commissioned secretly by the CIA to retrieve the remains of a Soviet submarine that had sunk in the Pacific. (Engineering News-Record)
Pocket Litter:
The United States and the United Kingdom are reviewing more than $20 billion of cryptocurrency transactions that passed through Garantex, a Russia-based virtual exchange, as part of allied efforts to crack down on the sanctions evasion that’s supporting Vladimir Putin’s war in Ukraine. (Bloomberg)
The latest episode of the CIA’s podcast, The Langley Files, explores the promise and peril of AI at the agency. (The Langley Files)
There’s a booming black market for SpaceX’s Starlink kits, which offer Internet access anywhere. The kits are being illegally activated in Sudan, Yemen, Kazakhstan, and South Africa, the birthplace of SpaceX’s chairman and CEO Elon Musk. Starlink is also reportedly being used in Russian-occupied areas of Ukraine, where front-line Ukrainian troops say they are experiencing connection problems with the vital Starlink used to run Kyiv’s fleet of attack drones. (Bloomberg, CNN)
The biggest “counterintelligence coup” of World War I—the publication of the contents of a German attache’s stolen briefcase—appears to have been one of the most successful, long-lasting, and elaborate cover-ups of a British propaganda plot. (Studies in Intelligence)
Seven Chinese government hackers have been indicted in Washington, D.C. for their roles in a group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials. The APT31 Group was part of a cyber espionage program run by the Ministry of State Security’s Hubei State Security Department in Wuhan. (DOJ)
U.S. Cyber Command and the National Security Agency will not identify the latest leaders of their joint elections security task force, in part to shield them from the threats and harassment other election officials have received for merely being associated with such work. That’s a departure from the past. Timothy Haugh, the new head of the NSA and. Cyber Command, was co-head of the Russia Small Group, tasked with thwarting Russia’s attempts to interfere in the 2018 U.S. Midterm elections. (The Record)
In its annual report on “Zero Days,” Google said it detected 97 of the hard-to-find vulnerabilities in software being exploited by non-government hackers in 2023. That’s more than 50 percent more than in 2022 but still shy of the record of 106 vulnerabilities exploited in 2021. (Google)
Is there something we missed? Or something you would like to see more of? Send your tips, corrections, and thoughts to SpyTalk@protonmail.com.
Thanks for your substack. You provide a cornucopia of information. The Psyops Army Ad even though I'm over 70, I can see it working, and hopefully smart youth join (and make careers off it).
Love the news. Please keep it up.