New in SpyWeek: Moscow Massacre
ISIS in Moscow, Elon’s classified satellite contract, Boogaloo leakers, drone swarms, Cuban counterspies, and a new study on Havana Syndrome lead this week’s roundup
Welcome to SpyWeek, our weekly newsletter, where we look at news from the intersection of intelligence, foreign policy, and military operations.
Duty to Warn: U.S. intelligence warnings about a terrorist attack in Moscow that Russia dismissed proved accurate when gunmen opened fire at a concert venue on the outskirts of Moscow on Friday night, killing at least 40 people and wounding more than 100.
ISIS claimed responsibility for the attack on Crocus City Hall in a short statement published by ISIS-affiliated news agency Amaq on Telegram on Friday. U.S. officials confirmed the claim.
The U.S. Embassy in Moscow warned on March 7 that “extremists” had “imminent plans to target large gatherings in Moscow, to include concerts.” U.S. citizens were advised to avoid large gatherings over the next 48 hours. U.S. officials said they also briefed Russian officials in private about the intelligence pointing to an impending attack.
Recent intelligence reporting indicated that Islamic State-Khorasan, known as ISIS-K, a branch of the group that operated in Afghanistan, Pakistan, and Iran, was active inside Russia, two U.S. officials told The Washington Post.
The attack, which unfolded before a scheduled rock concert, represents a massive security failure by the Kremlin. Russian President Vladimir Putin publicly dismissed U.S. warnings about an imminent attack on “large gatherings in Moscow, to include concerts” as “obvious blackmail” made with “the intention to intimidate and destabilize our society.”
U.S. intelligence has a duty to warn regarding threats to specific individuals or groups of intentional killing, serious bodily injury, and kidnapping. U.S. officials followed that policy when it secretly provided Iran with “actionable intelligence” about ISIS-K’s plans to carry out a terrorist attack. An attack on Jan. 3 in Kerman, Iran, killed more than 80 people. In December 2019, Putin thanked President Trump for sharing intelligence that helped the Kremlin thwart a plot in St. Petersburg.
Classified Leaks and Extremism: In the latest report of secrets leaking from U.S. military installations via social media, an active duty member of the Air Force active in a group for online extremists posted classified information he likely obtained from the National Security Agency.
Airman Jason T. Gray, sentenced last month to five years in prison, participated in several channels on the social media site Discord for online extremists known as the “Boogaloo Bois,” according to a 2022 FBI affidavit obtained by The Daily Beast. The affidavit was unsealed by a judge earlier this month.
While searching Gray’s Discord account, investigators found an image that appeared to be classified and was likely obtained from NSA intelligence. Gray, 28, was assigned to the 301st Intelligence Squadron with duty at the National Security Agency’s facility in Anchorage, Alaska, located at Joint Base Elmendorf–Richardson.
“Based on Gray utilizing Discord to communicate with other Boogaloo members, there is potential the image shared was in furtherance of the Boogaloo ideology,” an agent with the FBI’s Joint Terrorism Task Force wrote. Adherents of the loosely organized, anti-government movement say they are planning for or seek to incite a civil war or revolution they call the Boogaloo, the FBI says.
Gray is part of a troubling trend in the U.S. intelligence community. SpyTalk’s Jeff Stein was the first to report on how classified chat rooms used by intelligence personnel in various agencies, including the NSA, had become a “dumpster fire” of hate speech around 2019, during the Trump administration.
The desire to impress strangers on Discord also motivated Jack Teixeira, a 22-year-old active duty airman in Massachusetts, who leaked top-secret documents onto the site. He has agreed to plead guilty to six counts he faced under the Espionage Act and faces 16 years in prison.
Gray admitted to creating the “CNN Journalist Support Group,” a private Facebook page for the Boogaloo movement, because he was frustrated with his transfer to Alaska.
A day before 17-year-old Kyle Rittenhouse shot and killed two men in 2020 in Kenosha, Wisconsin, a post on the CNN Journalist Support Group said “bois of the movement” would be “making their presence felt” in the city, wearing “regular clothes” or combat apparel instead of “luau” shirts, The Associated Press reported.
Investigators also found child sexual abuse material on Gray’s phone and computer. Gray pleaded guilty to the distribution of child pornography. The government agreed not to charge him with the classified leaks in exchange.
Drone Swarms: In December, mysterious drone swarms were reported at Langley Air Force Base in Virginia, prompting NASA to launch a high-flying research plane to investigate.
The U.S. Air Force said last week that Langley AFB first observed drone activity on December 6 and “experienced multiple incursions throughout the month of December,” according to a statement provided to The War Zone. "None of the incursions appeared to exhibit hostile intent, but anything flying in our restricted airspace can pose a threat to flight safety.” The number of drones observed fluctuated and varied in size and configuration.
Langley is one of a small handful of domestic Air Force bases that house the F-22 Raptor stealth fighter jet. A Pentagon spokesman said the Defense Department was monitoring the situation.
It’s not the first time the U.S. military has reported mysterious drone swarms. Over several days in July 2019, as many as a half-dozen drones pursued U.S. Navy ships around California’s Channel Islands. There have been sightings of drones flying at altitudes up to 36,000 feet and as fast as Mach 0.75 around Arizona's military air combat training ranges since January 2020.
High Spying: The U.S. intelligence community has awarded a $1.8 billion classified satellite contract to a company owned and run by a mercurial billionaire who is reported to be fond of taking ketamine.
Elon Musk’s SpaceX is building a network of hundreds of spy satellites under a classified contract signed in 2021 with the National Reconnaissance Office, Reuters reported.
The satellites would enable the U.S. government to quickly capture continuous imagery of activities on the ground nearly anywhere.
The contract signals growing trust by the intelligence establishment of a company whose owner has “sparked controversy,” as Reuters put it. No kidding.
Musk is known for embracing unhinged conspiracies like Pizzagate and antics like challenging Facebook founder Mark Zuckerberg to a cage match. More problematic, however, is his reported drug use, which could put his stewardship of contracts like the spy satellite network into jeopardy.
The Wall Street Journal has detailed the SpaceX CEO and president’s use of LSD, cocaine, ecstasy, and psychedelic mushrooms over the past decade and his ongoing use of the hallucinatory drug ketamine. Illegal drug use would violate the rules governing SpaceX's more than $14 billion in government contracts for civilian, military, and intelligence missions.
After smoking weed on Joe Rogan’s podcast in 2018, Musk says he agreed to three years of random drug testing at NASA's request and never failed a test. (NASA is a SpaceX contractor.) “@WSJ is not fit to line a parrot cage for bird 💩,” Musk wrote on X.
65-Junk: If Cuba’s stunning penetrations of the U.S. government seem like a plot line of The Americans, America’s efforts to spy on Havana are more Inspector Clouseau.
Havana’s spymasters focused intently on the United States and cultivated long-term agents like former U.S. ambassador Manuel Rocha and the Defense Intelligence Agency’s top Cuban analyst Ana Montes. America’s spy catchers are focused elsewhere.
In the early 2000s, U.S. counterintelligence services knew of more than 100 actual or potential Cuban agents in the U.S., according to Lapp. “Their tradecraft was very, very good,” retired former FBI counterintelligence chief Harry B. “Skip” Brandon, an expert on Cuban intelligence, told SpyTalk in December. “They were well trained.”
The FBI’s New York field office recently had 12 counterintelligence squads dedicated to Russia, but just one for Cuba. None of the FBI’s counterintelligence agents wanted to work on Cuba. The FBI’s label for Cuban spy cases was 65J. Agents called it “65-Junk,” according to the Wall Street Journal.
In 1987, a Cuban military officer defected and told his stunned American handlers that all but one of the four dozen spies the CIA was running in Cuba was a double agent, secretly reporting back to Havana. Cuban media reported that one of the doubles had received a CIA award. By the mid-1980s, the Cubans had acquired so much information on CIA operations on the island that they broadcast a six-part TV series on their counterintelligence triumphs, which included videos of American operatives.
Havana Syndrome: People suffering from “Havana syndrome” showed problems with balance, fatigue, post-traumatic stress disorder, and depression but no brain damage, according to a new study.
The National Institutes of Health tested 86 U.S. government employees and family members who reported intrusive sounds and head pressure associated with sudden onset of dizziness, pain, visual problems, and cognitive dysfunction. This constellation of symptoms initially reported in 2016 in Cuba, became known as “Havana Syndrome.” The government calls them “Anomalous Health Incidents” (AHIs).
The study did find that those suffering from AHIs performed significantly worse on self-reported and objective measures of balance and had significantly increased symptoms of fatigue, posttraumatic stress disorder, and depression compared with 30 control participants. More than a quarter of those with AHIs had “functional neurological disorders.”
“These symptoms are real, and they feel it, and we acknowledge it,” the lead author of one of the papers told The Washington Post.
In 2023, most U.S. intelligence agencies concluded that a foreign adversary was “very unlikely” to be responsible for Havana Syndrome. However, they said the findings did not question the “very real” symptoms, which have been described as “head-crushing pressure” and “massive ear pain.” A former CIA officer who was left blind in one eye and incapacitated called the IC’s findings “a knife in the back.”
Russian Stunt of the Week: The U.S. Treasury Department sanctioned two Russians who ran a Kremlin disinformation campaign using copycat versions of legitimate newspaper websites.
According to the Treasury, Ilya Gambashidze and Nikolai Tupikin were behind a network of more than 60 websites that impersonated legitimate European media outlets and amplified their content using fake social media accounts.
Except for a subtle change in the web address, the “Doppelgänger” network's sites looked nearly identical to France’s Le Monde, The Guardian of London, and Germany’s Bild. The spoofed sites posted articles critiquing Ukraine and Ukrainian refugees, praising Russia, and arguing that Western sanctions on Russia would backfire. The Recent Real News site (formerly Recent Russian News) is part of the network.
In 2022, the network targeted France, Germany, and Ukraine and later expanded to the United Kingdom, Italy, the United States, and Israel. Meta, the parent company of social media giants Facebook and Instagram, called Doppelgänger “the largest and the most aggressively persistent Russian-origin operation we’ve taken down since 2017.” The European Union sanctioned Gambashidze in 2023.
Authorities in France said Doppelgänger spread anti-Semitic images of Stars of David that were spray-painted around Paris in November at the behest of Russian intelligence.
That same month, the U.S. State Department named Gambashidze, Tupikin, and their companies as part of a Kremlin-funded disinformation campaign across Latin America. The State Department noted that Gambashidze’s company, Social Design Agency, and Tupiki’s Structura are “influence-for-hire” firms with “deep technical capability, experience in exploiting open information environments, and a history of proliferating disinformation and propaganda to further Russia’s foreign influence objectives.”
The operation primarily sought to persuade Latin American audiences that “Russia’s war against Ukraine is just” and that they can unite with Russia to defeat neocolonialism, the State Department reported.
It’s going to get harder to detect Kremlin operations. The U.S. intelligence community’s Annual Threat Assessment, released this month, reported that the Kremlin’s disinformationists are getting better at hiding their hands. They may use generative AI to improve their capabilities and reach Western audiences.
Pocket Litter:
The U.S. Justice Department is considering whether to allow Julian Assange to plead guilty to a reduced misdemeanor charge of mishandling classified information. The founder of WikiLeaks has been jailed in London since 2019 while fighting to avoid extradition to the United States. Assange was indicted on charges under the Espionage Act for obtaining and publishing secret military and diplomatic documents in 2010 that exposed the identities of U.S. intelligence agents. (Wall Street Journal)
The New York City Police Department fired an officer who was accused of spying for China, even though the charges were later dropped. Commissioner Edward Caban ordered the immediate firing of Baimadajie Angwang on Jan. 29, saying he disobeyed an order to submit to questioning by internal affairs investigators about the spying case. Angwang, 37, was charged with providing information about New York’s Tibetan community to the Chinese consulate in New York. Prosecutors dropped the charges in January and did not fully explain why. (AP)
The late British master of spy fiction, John Le Carré, had a dozen known mistresses, and his biographer says that’s “just the tip of the iceberg.” Adam Sisman revealed details of Le Carré’s extramarital affairs in a book published last year and said more women have come forward since. Le Carré, born David Cornwall, worked for MI5 and MI6 in the 1950s and 1960s. (The Telegraph)
A decorated former member of the U.S. Army’s Delta Force has been charged with stealing grenades and other military equipment for a second time. Retired Master Sgt. Parker Gibson was accused in 2022 of stealing two $250,000 Puma drones used by the clandestine special operations unit for intelligence reconnaissance and other tasks. The latest charges filed by prosecutors in North Carolina include one count of removing classified documents from January to June 2020. Gibson medically retired from the military in 2021 with a traumatic brain injury. (The Assembly, Court Watch)
The House of Representatives on Wednesday unanimously passed a bill that would prevent data brokers from selling Americans’ sensitive data to foreign adversaries like China, Russia, North Korea, and Iran. The bill defines sensitive information as anything detailing users’ health, location, finances, genetics, and more—data Americans give away daily without a second thought. The bill’s passage follows a White House executive order issued last month that’s designed to prevent “countries of concern” from accessing Americans’ bulk sensitive personal data. (The Record)
Biden administration officials are scrambling to retain a U.S. military presence in Niger after the military junta declared the presence of American troops in the West African nation to be “illegal.” There are roughly 1,000 U.S. troops stationed at a drone base in the north of the country that have been part of efforts to counter Islamist militants. (The Washington Post)
The U.S. government is “not done with efforts to uncover or eradicate” the threats created by the Chinese hacking group “Volt Typhoon,” said Rob Joyce, the outgoing director of the NSA’s Cybersecurity Directorate. (The Record)
According to the US intelligence community's Annual Threat Assessment, 74 countries—more than a third of all countries—contracted with private companies to obtain commercial spyware between 2011 and 2023. (ODNI)
Georgia Tech has won the NSA’s Codebreaker Challenge for the third straight year. The students had to locate and analyze what produced a signal with an unknown origin identified by the U.S. Coast Guard, discover an active collection operation tasked by a rogue server, and subvert the rogue server to stop the collection. (NSA)
Is there something we missed? Or something you would like to see more of? Send your tips, corrections, and thoughts to SpyTalk@protonmail.com.
So much happened this week that I guess you didn't have room for the final implosion of the GOP's impeachment investigation of Biden. Giuliani side-kick Lev Parnas testified that:
"In my travels, I found precisely zero proof of the Bidens’ criminality. Instead, what I learned in that time frame was the true nature of the conspiracy that the Kremlin was forcing through Russian, Ukrainian, American and other channels to interfere in our elections. Ultimately, this was meant to benefit Trump’s re-election, which would in turn benefit Vladimir Putin.”
https://eu.palmbeachpost.com/story/news/politics/2024/03/22/what-jared-moskowitz-lev-parnas-said-about-biden-impeachment-probe/73050847007/