This LinkedIn Blog post makes perfect sense.
Not only are the Russians putting out information in a wide variety of mass media, engaging in conversations as trolls, hosting events designed to persuade, and paying scholars to write pro-Russian articles, but they are also engaging in good old-fashioned spying.
That person who just sent you a LinkedIn request, who appears legitimate, might not be. That woman (or man, depending on your preference), did you ignore their good looks and really examine their credentials?
Most of you know the story of Robin Sage, a little experiment which fooled a lot of my friends. I recognized the name as the graduation exercise in Phase III of the Special Forces Qualification Course, so I knew something was amiss. I received a phone call from a friend in the Pentagon to watch out for her, but quite a few days later. When the story broke, it was the talk of Washington DC. Nobody mentioned any names of who was fooled, but friends admitted to me they had been hornswoggled.
A friend, a now retired Army Colonel, had his information borrowed (perhaps you might say stolen) on LinkedIn. The new profile was magnificent. This person had all the credentials of someone with whom I would connect with. The profile was fake. My only clue was the picture was of my friend. I immediately called him up and told him to look at the fake profile, change his password and contact LinkedIn about the fake profile. He did and the profile was removed. I received another phone call from my friend in the Pentagon, cautioning against this profile. I just thanked him and hung up the phone, he never knew I had initially identified the fake.
I receive LinkedIn requests every day. Today I received one which was highly suspicious. A senior individual with absolutely no job history, works in a high tech company as a human resources manager, but has well over 500 connections. I accepted the invitation and am now sending him an email to verify his credentials. I might even call him, he’s local.
The point is: be careful out there. I know I deal with some very unsavory characters in less than ideal conditions. I interact with Russians in multiple forums (I know, technically fora), I trade notes with bad guys in China, I have questionable friends in multiple former Soviet Republics, and I treat them all with caution. I also have established good relationships with people all over the world, through LinkedIn, Facebook and other fora.
Be careful out there. The bad guys are definitely gunning for you. Yes, you.
by Alan Malcher MA, Social-Cultural Analysis
In my recent post, ‘Russian’s Increasing Intelligence Activities’, I listed 14 countries in western and eastern Europe where Russia’s intelligence services are making a concerted effort to obtain information. The official threat assessments from these countries clearly shows Russian intelligence officers working under diplomatic cover, illegals or NCO’s (non-official cover) and sleepers continue to operate at a level not seen since the height of the Cold War. Other well-placed commentators also suggest the number of Russian intelligence operations and the resources used to support of these operations far exceed the Soviet Union’s Cold War activities.
According to John Schindler, a retired intelligence analyst with the National Security Agency, the recent FBI success in arresting a Russian spy ring based in New York, “… is the tip of the iceberg…Since the demise of the Soviet Union Russian intelligence services have rebuilt {their} overseas networks, partly to wage economic war against the west…” (CNN Politics, 28 January 2015
The Russian Federation, even more so under President Putin, aspires to be a great power, not only through its possession of nuclear arms, but also being among the largest economies in the world. Recognition as a leading scientific nation also supports the claim of great power status.
Apart from those countries listed in my previous post (“Russia’s increasing Intelligence Activities”), in 2007 the British government announced that Russian and Chinese intelligence activities in Great Britain was forcing intelligence resources to be diverted away from fighting terrorism.
During the Cold War era the Soviet Union’s intelligence services supported large-scale efforts to obtain scientific, technological know-how through overseas operations, and this continues to this day. In order to compete with the west this search for technology is equally matched by Russia’s use of extensive intelligence sources and tools for long-term industrial espionage. Anything providing a military, scientific, political, technological or economic advantage over the western nations is firmly in the sights of Russia’s three main intelligence agencies which often work collectively to achieve this aim.
Russia’s attempt to win the information war by dominating the internet and controlling their domestic news corporations; their army of trolls who work 24/7 (See my post ‘Puppet and Puppeteers’) and various reports describing Russia’s aggressive intelligence initiatives, further support claims of an unprecedented level of Russian intelligence activities throughout the world.
After examining official reports and statements from various security services who have identified hostile Russian activities, which have greatly increased since Russia invaded Ukraine, we can clearly identify what information Moscow is seeking to obtain. For instance, all fourteen countries have reported attempts to target information on companies and research institutions that deal with energy, finance, media, dual-use technology and defence. There have also been accounts of Russian intelligence attempting to obtain information on military formations, military-civil infrastructures, and other information which may be used to undermine a countries political stability, defence and security; and other prime targets for sabotage in the event of hostilities.
Apart from career agents from the SVR (overseas intelligence), FSB (Security service) and GRU (military intelligence) directing operations and acting as agent handlers, success depends on the calibre and large numbers of willing, unwilling and often unaware participants for their operations. The recruitment of ‘clean skins’, individuals who are native to the target country; have no criminal record and are unknown to the authorities, continue to be a priority simply because they are extremely difficult for counter-intelligence officers to detect.
From what we know about those responsible for recruiting overseas assets and agent handlers, they are intelligent, sociable, extrovert, find it easy to build relationships and winning trust before turning their targets into informants. If using ‘natural charm’ is unsuccessful they revert to a more aggressive approach- blackmail, financial arm-twisting, threats and false promises. As we have seen in the case of Anna Chapman the ‘honey trap’ is still an effective tool! Although the procedures and resources are in place to recruit and ‘persuade’ suitable individuals, they first have to identify potential agents and then establish what can be used to make them spy against their country. The internet, and in particular social media, has made this easier than it was during the Cold War era.
Have you ever wondered who those anonymous viewers of your profile are? The majority may be quite innocent: legitimate recruitment agencies or other members who just want to see if you have the required skills and experience before sending an invitation to connect. Others may have more sinister intentions, ranging from troll activities to recruiting intelligence assets. For instance, over two year ago a LinkedIn member openly looked at my profile on several occasions. This was at a time when Russia ‘was not’ invading Ukraine and I was posting real-time information and breaking news on LinkedIn. This information was originating from Twitter contacts inside eastern Ukraine at the time. The profile of this member claimed he was an IT specialist based in Moscow and he spoke fluent English.
During this period, when I was relatively new to LinkedIn and my network security was not as effective as it is now, my malware software detected an attempted attack which had been blocked. According to the report generated by this software the attack was from an IP address in Saint Petersburg! It would appear the IRS (internet Research Centre) were not using or had inadequate proxy servers. Several months later, whilst researching the internet for information on current Spetsnaz operations, I came across the photograph of a FSB officer who looked very familiar. According to the accompanying news reports he was a communications specialist who had recently been killed whilst operating with a small group of Spetsnaz troops in eastern Ukraine. Although still inconclusive, I immediately saw a resemblance to the profile picture of the Moscow based LinkedIn member who had looked at my profile several times.
Another example of ‘questionable’ LinkedIn activity occurred whilst writing this post. I was emailed by a contact in the USA who is known for their extensive activities against Russian trolls. This ‘troll slayer’ expressed concerns regarding the profile of someone who claimed to be living in England and was not sure whether to accept their connection request. After agreeing to look at this profile it became immediately apparent they had failed to do their research: this individual claims to be serving in the Royal Air force (RAF) but their profile picture is the cap badge of the British army’s Royal Engineers! Apart from having no military connections there are also several inconsistencies in his/her profile. Due to some of the expressions and terminology used, there is also the strong possibility this person is not British.
Due to LinkedIn being an extremely diverse professional network which spans almost every country, profiles and other open data relating to the usefulness and activities of members can be examined and, if considered relevant, may be recorded or acted upon. For example, what appears to be an innocent request to link to you may result in you pressing the accept button. Once connected, this new contact is in a position to poach your useful contacts, thus increasing their number of contacts which also results in increased credibility and influence across your network.
According to Bob O’Neill of ZDNet (6 May 2015) an organisation which claims to be actively investigating ‘surveillance and human rights Issues’ have developed a piece of software called ‘Transparency Tool kit’ which mines LinkedIn by searching for useful information contained within profiles. According to O’Neill, “people post all sorts of interesting information in their resumes on LinkedIn… This LinkedIn crawler automatically collects public profiles which are matched to various search requirements… It also collects information from ‘people also viewed lists’.”
Also, according to his article, “Over 27,000 people working in the US intelligence community… are listed within a database which has been created simply through ‘mining LinkedIn’.” O’Neill also claims this database, using open data, includes the resumes of people working for intelligence contractors, the military and intelligence agencies. It’s a sure bet this database also contains information about individuals from other countries. Although he does not suggest any Russian involvement, these allegations are interesting because they support many earlier claims that Moscow uses similar software tools to examine Facebook. Consequently, it appears extremely unlikely that Moscow has not recognised the plethora of useful information available on LinkedIn.
Apart from potential targets working for government and private industries, there are also undergraduates studying various disciples ranging from history to the sciences, who may be identified as potential long-term assets (see Russia’s Increasing Intelligence Activities).
As Russia continues to devote massive resources to support their information war and their army of trolls, it is also likely the FSB are interested in the LinkedIn ‘troll slayers’ in order to see how they may counter their comments and activities. Unlike Facebook and other social media platforms, the trolls using LinkedIn continue to fight a losing battle.
‘Illegals’ arrested in the United States (Anna Chapman- top row third from the left)
Profiles
Many of us now recognise the tell-tale signs of the many bogus profiles appearing on LinkedIn and a quick internet search often confirms our suspicions. This is particularly true when it comes to identifying Russian propagandists.
The problems starts when you come across profiles which pass close scrutiny and that individual wishes to connect to you and your network. For instance, I don’t see anything wrong with the following profile. He has locked his contacts so we can’t see his connections, that’s fair enough. He does not have a profile picture of himself, again that’s not a problem; many members, including myself don’t have a personal profile picture and I don’t consider this to be a problem.
If you work in banking or an industry associated with this member’s skills and experience, would you accept his connection request?
As we can see from the above screen shot, Evgeny Buryakov states he is the Deputy Representative of Vnesheconombank (VNE). After completing an internet search I confirmed this information was correct. He works at 777 Third Avenue, New York City, NY 10017, and his direct telephone number is also listed on the company website. Consequently, if you work in the banking and finance industry and received an invitation to connect, you are likely to regard him as a good business contact- but you would be wrong!
Although this is a legitimate profile; Buryakov, also known as Zhenya, was arrested by the FBI and accused of being part of a Russian spy ring operating in the United States.
Two SVR officers, Igor Sporyshev and Victor Podobnyy, were also arrested after being identified as agent handlers for the network.Unlike their agents, they had been operating under diplomatic cover and this provided the safety net of diplomatic immunity from prosecution. These officers are believed to have returned to Russia. The same old story, the career agents escape prosecution and the ‘illegal’ is left to their own fate – another disposable asset, but I guess they have many more!
In the case of Russia’s quest for science and technology (S&T), the following extracts form an official US document provides a thumb-nail sketch of Russian intelligence activities in the United States; activities which may be mirrored in other countries and yet to be detected by the relevant authorities.
“U.S. Attorney’s OfficeOctober 03, 2012
Eastern District of New York
BROOKLYN, NY—An indictment was unsealed today in U.S. District Court for the Eastern District of New York charging 11 members of a Russian military procurement network operating in the United States and Russia, as well as a Texas-based export company and a Russia-based procurement firm, with illegally exporting high-tech microelectronics from the United States to Russian military and intelligence agencies.
Alexander Fishenko, an owner and executive of the American and Russian companies, is also charged with operating as an unregistered agent of the Russian government inside the United States by illegally procuring the high-tech microelectronics on behalf of the Russian government. The microelectronics allegedly exported to Russia are subject to strict government controls due to their potential use in a wide range of military systems, including radar and surveillance systems, weapons guidance systems, and detonation triggers.
The charges were announced by Loretta E. Lynch, U.S. Attorney for the Eastern District of New York; Lisa Monaco, Assistant Attorney General for National Security; Stephen L. Morris, Special Agent in Charge, FBI, Houston Field Office; Under Secretary of Commerce Eric L. Hirschhorn, Department of Commerce; and Timothy W. Reeves, Special Agent in Charge, Naval Criminal Investigative Service, Central Field Office.
The defendants arrested yesterday and today will be arraigned this afternoon before U.S. States Magistrate Judge George C. Hanks, Jr., at the U.S. Courthouse in Houston, where the government will seek their removal to the Eastern District of New York.
In addition to the unsealing of the charges, search warrants were executed today at seven residences and business locations associated with the defendants, and seizure warrants were executed on five bank accounts held by Fishenko and defendant Arc Electronics Inc., the Texas-based export company. In conjunction with the unsealing of these charges, the Department of Commerce has added 165 foreign persons and companies who received, transshipped, or otherwise facilitated the export of controlled commodities by the defendants to its “Entity List.” This designation imposes a license requirement before any commodities can be exported from the United States to these persons or companies and establishes a presumption that no such license will be granted.
As alleged in the indictment, between approximately October 2008 and the present, Fishenko and the other defendants engaged in a surreptitious and systematic conspiracy to obtain advanced, technologically cutting-edge microelectronics from manufacturers and suppliers located within the United States and to export those high-tech goods to Russia, while carefully evading the government licensing system set up to control such exports. The microelectronics shipped to Russia included analog-to-digital converters, static random access memory chips, microcontrollers, and microprocessors. These commodities have applications and are frequently used in a wide range of military systems, including radar and surveillance systems, missile guidance systems, and detonation triggers. Russia does not produce many of these sophisticated goods domestically.
According to the indictment and a detention motion filed by the government today, defendant Alexander Fishenko was born in what was, at the time, the Soviet Republic of Kazakhstan, and graduated from the Leningrad Electro-Technical Institute in St. Petersburg, Russia. He immigrated to the United States in 1994 and became a naturalized citizen of the United States in 2003. In 1998, he founded defendant Arc Electronics Inc. in Houston. Between 2002 and the present, Arc has shipped approximately $50,000,000 worth of microelectronics and other technologies to Russia. Fishenko and his wife are the sole owners of Arc, and Fishenko serves as the company’s president and chief executive officer. Fishenko is also a part owner and executive of defendant Apex System LLC, a Moscow, Russia-based procurement firm. Apex, working through subsidiaries, served as a certified supplier of military equipment for the Russian government. Between 1996 and the present, Fishenko has regularly traveled back and forth between the United States and Russia. Defendant Alexander Posobilov entered the United States from Russia in 2001 and became a naturalized citizen in 2008. He joined Arc in 2004 and serves as its director of procurement. Posobilov was arrested at George Bush Intercontinental Airport in Houston on his way to Singapore and Moscow.
The defendants allegedly exported many of these high-tech goods, frequently through intermediary procurement firms, to Russian end users, including Russian military and intelligence agencies. To induce manufacturers and suppliers to sell them these high-tech goods and to evade applicable export controls, the defendants often provided false end-user information in connection with the purchase of the goods, concealed the fact that they were exporters, and falsely classified the goods they exported on export records submitted to the Department of Commerce. For example, in order to obtain microelectronics containing controlled, sensitive technologies, Arc claimed to American suppliers that, rather than exporting goods to Russia, it merely manufactured benign products such as traffic lights. Arc also falsely claimed to be a traffic light manufacturer on its website. In fact, Arc manufactured no goods and operated exclusively as an exporter.
According to the court documents, the defendants went to great lengths to conceal their procurement activities for the Russian military. For example, on one occasion, defendants Posobilov and Yuri Savin, the director of marketing at another Russian procurement firm, discussed how best to conceal the fact that certain goods Savin had purchased from Arc were intended for the Russian military. Savin asked Posobilov, “What can we do if a client is military all over?” Posobilov replied, “We can’t be the ones making things up. You should be the ones.” Similarly, on another occasion, defendant Fishenko directed a Russian procurement company that, when the company provided false end-user information, to “make it up pretty, correctly, and make sure it looks good.” On yet another occasion, Posobilov instructed a Russian procurement company to “make sure that” the end-use certificate indicated “fishing boats and not fishing/anti-submarine ones….Then we’ll be able to start working.”
Despite this subterfuge, according to the documents, the investigation revealed that the defendants were supplying Russian government agencies with sophisticated microelectronics. For example, the investigation uncovered a Russian Ministry of Defense document designating an Apex subsidiary as a company “certified” to procure and deliver military equipment and electronics. The FBI recovered a letter sent by a specialized electronics laboratory of Russia’s Federal Security Service (FSB), Russia’s primary domestic intelligence agency, to an Apex affiliate regarding certain microchips obtained for the FSB by Arc. The letter stated that the microchips were faulty and demanded that the defendants supply replacement parts.
In addition, in anticipation of an inquiry by the Department of Commerce regarding the export of certain controlled microelectronics, defendants Fishenko, Posobilov, and Arc salesperson Viktoria Klebanova allegedly directed Apex executives Sergey Klinov and Dmitriy Shegurov, as well as other Apex employees, to alter Apex’s website and forge documents regarding certain transactions to hide Apex’s connections to the Russian military. In connection with the cover-up, Apex removed images of Russian military aircraft and missiles and other links to the Russian Ministry of Defense from its website.
In addition to Fishenko, Posobilov, and Klebanova, the indictment charges Arc salespersons Lyudmila Bagdikian, Anastasia Diatlova, Sevinj Taghiyeva, and Svetalina Zagon, as well as Arc shipping manager Shavkat Abdullaev, with one count of conspiring to violate and 21 counts of violating the International Emergency Economic Powers Act (IEEPA) and the Arms Export Control Act (AECA) and with conspiring to commit wire fraud. According to the indictment, these defendants obtained controlled microelectronics by lying and submitting false information regarding the true nature, users, and intended uses of the high-tech goods, then exporting the goods, without the required licenses, to procurement firms in Russia. The defendants’ principal port of export for these goods was John F. Kennedy International Airport in the Eastern District of New York.
According to the indictment, in addition to owning and controlling Arc, Fishenko is also a controlling principal of the Russian procurement firm Apex, the defendant Sergey Klinov is the chief executive officer of Apex, and the defendant Dmitriy Shegurov is an employee of Apex. Apex and its affiliates supplied microelectronics to Russian government agencies, including Russian military and intelligence agencies. The defendant Yuri Savin was the director of marketing at Atrilor Ltd., another Russian procurement firm. Klinov, Shegurov, and Savin conspired with Fishenko and the Arc defendants to obtain controlled U.S.-origin microelectronics and to export those technologically sensitive goods to Russia without the required export licenses by falsifying information to hide the true nature, users, and intended uses of the goods. In addition, Fishenko, Posobilov, Klebanova, Klinov, and Shegurov were charged with obstruction of justice, and Fishenko and Arc were charged with conspiring to commit money laundering.
The individual defendants face maximum terms of incarceration of five years for the conspiracy charge, 20 years for each of the substantive IEEPA and AECA charges, and 20 years for the obstruction of justice charge. In addition, Fishenko faces a maximum term of incarceration of 20 years for conspiring to commit money laundering and 10 years for acting as an unregistered agent of the Russian government. The corporate defendants face fines of up to $500,000 for the conspiracy count and $1 million for each of the substantive IEEPA and AECA counts.
“As alleged in the indictment, the defendants spun an elaborate web of lies to evade the laws that protect our national security. The defendants tried to take advantage of America’s free markets to steal American technologies for the Russian government. But U.S. law enforcement detected, disrupted, and dismantled the defendants’ network,” stated United States Attorney Loretta E. Lynch. “We will not rest in our efforts to protect the technological advantage produced by American ingenuity. And, we will expose and hold responsible all who break our counter-proliferation laws, particularly those, like Fishenko, who serve foreign governments.” Ms. Lynch thanked the United States Attorney’s Office for the Southern District of Texas for its assistance in this matter.
“Today’s case underscores the importance of safeguarding America’s sensitive technology and our commitment to disrupt and prosecute networks that attempt to illegally export these goods,” said Lisa Monaco, Assistant Attorney General for National Security. “I applaud the many agents, analysts, and prosecutors who worked on this extensive investigation.”
“In this day and time, the ability of foreign countries to illegally acquire sensitive and sophisticated U.S. technology poses a significant threat to both the economic and national security of our nation,” said Houston FBI Special Agent in Charge Stephen L. Morris. “While some countries may leverage our technology for financial gain, many countries hostile to the United States seek to improve their defense capabilities and to modernize their weapons systems at the expense of U.S. taxpayers. The FBI will continue to work aggressively with our partners in the U.S. Intelligence Community to protect this technology and hold accountable those companies that willfully choose to violate our U.S. export laws.”
“Today’s action is a perfect example of two of the core benefits of the administration’s export control reform effort—higher enforcement walls around controlled items and extensive coordination and cooperation among the enforcement agencies. I applaud our special agents who worked with the Justice Department in the interagency effort that led to today’s actions,” said Under Secretary of Commerce Eric L. Hirschhorn.
“The receipt of U.S.-made, cutting-edge microelectronics has advanced Russia’s military technological capabilities. NCIS and the Department of the Navy have worked closely with the FBI, the Department of Justice, and the Department of Commerce in this investigation due to the potential for significant enhancement of Russian naval weapons systems that would result from the illegal acquisition of these export-controlled technologies,” said Special Agent in Charge Timothy W. Reeves, NCIS Central Field Office.
As a result of this case, there may be victims and witnesses who need to contact the agencies involved in the investigation. If your business has been approached by one of the defendants or by someone trying to obtain export-protected, sensitive technology who appeared not to be legitimate, please report that information to businessoutreach@leo.gov. The information will remain confidential and will be handled by the appropriate authorities.
The government’s case is being prosecuted by Assistant U.S. Attorneys Daniel Silver, Hilary Jager, and Claire Kedeshian, as well as Trial Attorney David Recker of the Counterespionage Section of the Justice Department’s National Security Division.
The charges contained in the indictment are merely allegations, and the defendants have not yet been convicted of these offenses.
The Defendants:
Arc Electronics Inc.
Principal Place of Business: Houston, Texas
Apex System LLC
Principal Place of Business: Moscow, Russia
Alexander Fishenko, age 46
Shavkat Abdullaev, age 34
Lyudmila Bagdikian, age 58
Anastasia Diatlova, age 38
Viktoria Klebanova, age 37
Sergey Klinov, age 44
Alexander Posobilov, age 58
Yuri Savin, age 36
Dmitriy Shegurov, age unknown
Sevinj Taghiyeva, age 32
Svetalina Zagon, age 31”
A message to the Russian trolls who are likely to post comments. This post briefly examines Russian intelligence. If you wish to make comments about western intelligence organisations I suggest you publish a post on the subject, as this will allow your research to be judged by other members. Also, ‘whatisms’, circular logic, and comments intended to drive debate off topic will be ignored.
Source: https://www.linkedin.com/pulse/russian-intelligence-have-sent-you-linkedin-alan-malcher-ma
Filed under: Information operations Tagged: Alexander Fishenko, Alexander Posobilov, intelligence, LinkedIn, Russian intelligence
