Discover more from SpyTalk
SpyTalk Behind the Lines: Vault-7 and More
CIA losses, Russian suicides, counterterror blowbacks, Kabul debacle, etc.
Did CIA Fail to Grasp Security Threat in Joshua Schulte?
Pro tip for CIA supervisors: Next time you transfer an already troublesome employee out of a job they love, you had better keep a very close watch on what they’re up to next. That’s just one of the upshots from the case of former CIA programmer Joshua Schulte, who was convicted Wednesday on nine charges, including illegally gathering and transmitting national defense information to WikiLeaks in 2016. You’d think somebody at CIA would’ve seen it coming: Coworkers had nicknamed Schulte “The Nuclear Option” for his explosive temperament. It was only a matter of time, it would seem, before the smoldering hacking genius, then 25, became a security liability.
Schulte’s leak of materials, known as Vault-7, delivered the hacking arsenal of the CIA’s Center for CyberIntelligence—the folks who break into foreign computers—to Wikileaks. The heist included custom-made techniques that agency hackers had used to compromise Wi-Fi networks, Skype, antivirus software, and Apple Devices.
The leak was not just a devastating blow to the agency’s cyber capacities, but a dangerous development for CIA cyber operations, because adversaries would be able to forensically identify when and where their systems were breached, experts said.
Unlike Edward Snowden and Chelsea Manning, who maintain they leaked classified information for ideological reasons, Schulte seems to have acted only out of spite for his employer. As a recent deep-dive profile by Patrick Radden Keefe in The New Yorker makes clear, Schulte stole the Vault-7 files because he was enraged that his superiors transferred him to another office after constant squabbling with a co-worker and a superior. His acting out will now cost him up to 80 years in prison, not counting pending charges he faces for possession of child pornography. What the security breach cost the CIA remains to be seen—or unseen.
Another Russian Oligarch Swallows a Pistol
It’s getting hard to keep track of the number of Russian oligarchs committing suicide, especially among the Gazprom elites. The latest is Yuri Voronov, head of a transport and logistics company that had “lucrative contracts with the gas behemoth in the Arctic,” according to the U.K. tabloid The Sun. The 61-year old’s corpse was found July 4 floating in the pool behind his St. Petersburg mansion. He had a bullet in his head, police said. Probably a suicide. A semi-automatic Grand Power pistol was found nearby, The Sun said, while “several spent cartridges,” according to police, were located at the bottom of the pool.
Seems to be an epidemic of suicides among Gazprom big shots. Newsweek helpfully added them up last week. “Several other Russians have been found dead since late January, all but one since Vladimir Putin launched his attack on Ukraine on February 24,” the magazine said. “Voronov's death comes amid speculation about whether murders of top businessmen are being staged to look like suicides.”
Bill Browder, the prominent former American investor in Russia who’s long been a very big thorn in Vladimir Putin’s side, said last month that the sanctions against Moscow, imposed because of the Ukraine war, meant "the pie has shrunk," according to Newsweek.
"Whenever there's limited resources and very powerful people, people start getting killed," he told Secrets of the Oligarch Wives, a recently released documentary.
Russian White Supremacists Want U.S. Beachhead
In March SpyTalk reported that terrorists in the Russian Imperial Movement (RIM) had leaned heavily into an international holy war—fighting for white Christian power around the world, in an effort they call The Last Crusade. The State Department designated RIM as a terrorist group in 2020.
Nonetheless, one of the group’s leaders, Stansilav Vorobyev, told Verified, the investigative podcast of the Scripps news organization, that he was still in touch with unnamed like-minded Americans. Verified’s Mark Greenblatt, the Scripps Washington Bureau’s senior national investigative correspondent, pressed the Bureau of Counterterrorism at the State Department about why they were not doing more to counter this rising global movement. He noted that two neo-Nazis who returned from a RIM training camp had launched a series of bombings of immigrant and leftist targets in Sweden
Accountability journalism paid off. Last month State added three RIM members to a list of “specially designated global terrorists.” One has raised millions to support pro-Russian fighters in Ukraine. Another visited the United States in 2017 seeking to build a RIM network here. A third was one of the Swedish bombers. The designations are far more than just words. They authorize law enforcement intelligence agencies to monitor these terrorist facilitators more closely.
Abe and the Moonies
Some long-in-the-tooth SpyTalk readers may dimly recall “Koreagate,” the 1970’s scandal in which agents of South Korea’s KCIA spy service, reacting to President Jimmy Carter’s plan to withdraw U.S. troops from the peninsula, covertly shoveled money and favors to U.S. politicians to block the move. Congressional hearings laid bare how not just the KCIA, but agents of Rev. Sun Myung Moon's right-wing Unification Church, used a prominent Georgetown socialite and nightclub impresario, Tongsun Park, to spread the largesse to some 30 members of Congress
We’re moved to take this stroll down memory lane because the church’s history played a background role in the July 8 assassination of Japanese Prime Minister Shinzo Abe. Turns out Abe had some ties to the church via an affiliate, the Universal Peace Federation, which jointly sponsored a Sept. 2021 “Rally of Hope” and launch ceremony for “Think Tank 2022: Toward Peaceful Reunification of the Korean Peninsula,” where the former P.M. delivered a speech. It further turns out that Abe’s assassin, Tetsuya Yamagami told police he was motivated to shoot Abe because his mother gave “large” sums to the church and went bankrupt 20 years ago. The Unification Church denied it figured in the assassin’s motive. But there was no denying Abe’s connection to the self-proclaimed Korean messiah ran deep. Abe’s late grandfather, Nobusuke Kishi, the Japanese prime minister from 1957 to 1960, had been friendly with Moon, whose church opened its branch in Japan in 1959.
A Terrorist Disposal Problem Haunting British Intelligence
“Don’t forget that we have a disposal problem,” CIA director Allen Dulles told President John F. Kennedy in early 1961, a warning about the possible consequences of cutting loose what the CIA knew to be a volatile and potentially vengeful asset, the exile force it had trained to invade Cuba at the Bay of Pigs. As Joan Didion reported in her classic book Miami, the disposal problem haunted south Florida for decades, as the defeated Cuban fighters turned to drug trafficking and violent vendettas in the 1970s and 1980s.
Now Britain faces a reckoning with its own disposal problem, involving Salman Abedi, the suicide bomber who killed 23 people including himself at pop music concert in Manchester, England in May 2017. A recent investigation by the independent investigative news site Declassified UK, concluded that, “The Manchester bomber and his closest family were part of Islamist militia forces covertly supported by the British military and Nato in the Libyan war of 2011.”
With an official inquiry into the Manchester bombing due to report later this year, Declassified UK asks. “Did innocent citizens pay a blood price for British foreign policy?”
The web site found that Abedi, his father Ramadan and brothers, Ismail and Hashem, were allowed to freely operate in the war zone of Libya for years before the 2017 atrocity. Salman Abedi was never subject to controls on his movements to Libya despite a stream of intelligence showing his contacts with extremists.
Abedi’s father and brother were stopped by UK security officers in 2011 and 2015 respectively. The officers downloaded jihadist material from their mobile devices. Nonetheless, they were allow to travel back and forth to Libya where Ramadan Abedi actively supported of the Libyan Islamic Fighting Group (LIFG), an al-Qaeda linked organization at war with the government of Muammar Gaddafi
An investigation by Middle East Eye found the U.K. government operated an “open door, no questions asked” policy toward Libyan exiles who wanted to fight Gaddafi. Yet the Manchester inquiry did not call anyone from MI6, the British foreign intelligence service, a decision UK Declassified called “bewildering.”
MI5, Britain’s counterintelligence and counterterrorism service, told the inquiry that “there was a range of reasons for such travel” to Libya, “many of which were entirely legitimate,” adding it did not have intelligence to indicate that Salman Abedi was engaged in fighting or was attending training camps or affiliating with Islamic State.
The inquiry’s expert on Islamic extremism, Matthew Wilkinson, countered that “There’s a lot of evidence from 2011 onwards—2012, 2014, 2017 in particular … [that] Salman was surrounded by people that had heavy weaponry, heavy machine guns”. Pete Weatherby, a lawyer for the bombing victims, told the inquiry, “It is highly likely that [Salman Abedi] had a baptism of violence by exposure to the 2011 uprising.”
Shabaab Counterspies Outwitting the US?
Are Somalia’s al-Shabaab spooks beating the West at their own game? According to a new paper in the prestige journal Intelligence and National Security, the Somali-based offshoot of Al-Qaeda “has not only survived, but has also challenged more powerful multinational forces for more than a decade.” The key to their success, according to author Zakarie Ahmed nor Kheyre, is Shabaab’s creation of a powerful intelligence division, known as Amniyat, which focuses on “ tactical efficiency, targeting, counterintelligence (CI), and communication,” and has proven capable of fending off diverse threats.
While three heads of the Amniyat were killed by U.S. airstrikes in the past decade, Ahmed writes, none have been killed in the last four years. When the Islamic State of Iraq and Syria (ISIS) launched an affiliate in Mogadishu, the Somali capital, al-Shabaab identified their supporters and dismantled their organization within two weeks. Based on interviews with jailed operatives and officials of Somalia’s National Intelligence and Security Agency (NISA), Ahmed concludes the Amniyat is “far more effective” than NISA and other state intelligence services.
Biden Braces for Spotlight on Kabul Debacle
NBC reports that the Biden administration is shuddering at the prospect of multiple critical reviews of its handling of the collapse in Afghanistan last August. The administration's own ”comprehensive review of the withdrawal, which the White House vowed to undertake nearly a year ago, is still not complete,” officials told NBC’s Carol E. Lee and Courtney Kube.
“While the intelligence community’s review is close to finished, much of that report is expected to be classified,” they said, adding that the president’s aides “plan to emphasize” that the exit “was a successful operation to evacuate tens of thousands of people from Afghanistan after the administration was caught flat-footed by the swift fall of Kabul.”
Translation: Expect the White House to scapegoat the CIA and DoD for not better predicting the regime’s swift collapse. Expect the agencies to argue that policymakers didn’t listen to them.
The ghost of the Afghan exit, lost in the shadows of Russia’s invasion of Ukraine, mass shootings in the U.S. and the twin specters of global inflation and starvation, will increasingly haunt Biden as the elections approach, fueled by Republican campaign ads and media commemorations of the tragedy. On Aug. 1, PRX and Project Brazen kick off the coverage with “Kabul Falling,” an eight-part podcast “chronicling first hand accounts in Afghanistan as the Taliban gained control. One of the interviewees is an Afghan CIA asset.
U.S. Spies Backed Out of Bid for Pegasus Spyware, Firm Says
Not long after The New York Times reported that unnamed U.S. intelligence officials were backing a bid by defense contractor L3Harris to buy NSO, the Israeli firm whose Pegasus spyware has been used to harass hundreds of journalists and political activists worldwide, the Israeli newspaper Haaretz reported the possible deal was dead. Asked about the reports, a spokesman for L3Harris told SpyTalk he had “nothing to share.”
Last month, the White House released a statement outlining the administration's concerns about L3Harris' acquisition of NSO's spyware, saying it would "pose a serious counterintelligence and security risk to U.S. personnel and systems."
Forensic Architecture, a British multidisciplinary research group, maps Russia’s March 1 attack on Kyiv’s TV tower over the site of infamous1941 Nazi Babyn Yar massacre which took place nearby.
ODNI has partially released the classified version of its groundbreaking June 2021 UFO report, “Preliminary Assessment: Unidentified Aerial Phenomena.”
Pigskin Espionage: In a new book out this September, former Defense Department Special Agent Thomas Bryant details the black ops practiced by the New England Patriots and virtually everyone else in the NFL.
Summer Break: At USA Today, national security reporter Josh Meyer offers 17 tips on how to think like a spy and stay safe on summer vacation, based on a CIA advisory.