Revenge is a dish best served cold: how the White House has prepared the farewell gift for the Kremlin
Revenge is a dish best served cold: how the White House has prepared the farewell gift for the Kremlin
Washington intends to introduce new sanctions against Russia at January 29 because of its meddling in the presidential elections in the USA in 2016. Such a formulation shows only one thing: it is obvious for the American elites that the Kremlin special services are involved in hybrid, hacker, information and other destabilizing campaigns in the territory of the United States before and during the presidential race.
For this reason the Congress almost unanimously approved (and Trump signed) the law H.R.3364 - "Countering America's Adversaries through Sanctions Act" (CAATSA) in August last year. According to this document, the USA should use strict penal measures against the Russian defense industry, energy sector, and financial sector. The thirty-three companies - leaders of the defense industry of Russia will suffer; almost all energy projects (gas flows) in Asia and in Europe will be completely frozen; the term of refinancing of large banks will be reduced to a minimum.
However, the worst thing for Russia is not sectoral sanctions, but those penalty lists against individuals that will be published by the US profile agencies - the Department of the Treasury and the State Department. In fact, two documents have been developed - public and classified, and no one knows whose surnames will be in these lists. It is very clear that people from Putin's inner circle will get on this list. And now, we are talking not only about oligarchs, but also about the security officials, who in the conditions of the Kremlin system are much more important than oligarchs because the future of the Putin regime depends on the generals.
It seems that the Americans have been preparing the Kremlin officials to the most significant and severe blow - to sanctions for several weeks. In the information space of the United States almost daily information appears about the failures of Russian special services in this or that point of the globe. The White House openly talks about the Kremlin's destructive activities, its attempts to influence the domestic policy of foreign states.
So, on January 17, US President Donald Trump said in an interview with the British news agency Reuters that Russia is helping the North Korean government to shy away from international sanctions.
"Russia does not help us with North Korea at all. Russia reduces to zero the way in which China helps us. In other words, it compensates for what has limited by China", - Trump said.
At the same time, the American leader added that the leadership of the Russian Federation is helping Pyongyang develop long-range missiles which can reach the territory of the United States.
We add that all this happened amid of reports by American and European media about the reloading of oil products from Russian tankers to North Korean ships. Earlier, it was said about deliveries of Russian arms to the DPRK.
Further, on January 23, US Secretary of State Rex Tillerson issued a statement, in which he called Russia responsible for the continuing chemical attacks in Syria against civilians, while staying in Paris. He said that Moscow, which has assumed legal obligations to eliminate chemical weapons in the SAR, turns a blind eye to the unlawful actions of Assad and his armed forces.
"Russia, defending its Syrian ally, simply unconditionally violated its own obligations to the US as the main guarantor. The inability of the Russian Federation to solve the chemical weapons problem in Syria casts doubt on the conformity of its participation in the settlement of the general crisis”,- the diplomat said.
We have to recall that the so-called government forces, attacking the positions of opposition forces in East Gut (one of the four zones of de-escalation), used chemical weapons once again on January 13. As a result of the attack, twenty civilians were injured, including women and children.
However, the most interesting happened on January 26. First, a meeting with the US Special Representative for Ukraine Kurt Volker and Russian presidential aide Vladislav Surkov was held in Dubai.
It is clear that the parties discussed not so much about Ukraine as about the sanctions that will be imposed against Russian officials, security officials and oligarchs there. Apparently, Surkov and his superiors were so surprised by the pressure of the Americans that they decided to give in and agree to the stage-by-stage deployment of the UN mission in the Donbass in exchange for the same phased implementation of the political part of the Minsk agreements.
Either, the Americans did not believe Russian admonitions, or they decided to encourage the Kremlin team, and they imposed additional sanctions against individuals and legal entities in connection with the violation of the Minsk agreements for some reason. And, most interesting, all this happened during the meeting between Volker and Surkov.
Thus, measures were taken against the company "Surgutneftegas" and its subsidiaries. This structure has belonged to Putin and his organized crime group - "Cooperative Ozero". Also the citizens included in the list who oversaw the supply of Siemens gas turbines to the Crimea.
But this did not end there either. Late in the evening, it became known about the speech of Olga Litvinenko in the Lithuanian Saeima, the daughter of the likely head of the electoral headquarters of Putin Vladimir Litvinenko. She urged the Lithuanian parliament to add her father to the sanctions list.
"First, he is connected with crimes against human rights. My father led the election campaign of Putin three times and he is on the list of proxies of the Russian president now. We know perfectly well, the institution of human rights was completely destroyed in Russia under Putin", -Olga says. "Therefore, my father is an ally of Putin and an accomplice of Putin's gang against freedom of speech and human rights".
Let us note that Litvinenko himself headed Putin's election headquarters in 2000, 2004 and 2012 years. He is also a major shareholder of the company "PhosAgro" and the owner of the elite real estate. His financial condition is estimated at one billion dollars, which gave the media a reason to call him "the richest principal of Russia".
According to the publication of Radio Liberty, Litvinenko received the first shares during the YUKOS case. The main asset of PhosAgro was the company Apatit, which was controlled by the Menatep group of Mikhail Khodorkovsky.
However, we deliberately missed one, probably, the most important event in this entire information chain - the publication about the role of the Dutch intelligence service AIVD in disclosing the activities of the Russian hacker group Cozy Bear during the presidential election in 2016 by the Dutch media. And we'll talk about this later.
Cave of the Russian bear
So, on January 26, Dutch journalists of the Nieuwsuur (News Hour) and of the de Volkskrant newspaper reported that representatives of the Dutch AIVD (General Intelligence and Security Service) and MIVD (Military Intelligence and Security Service) had established the united cyber group.
The report says that as early as the summer of 2014, Dutch agents got inside the computer network of a university building near Moscow's Red Square, where the headquarters of the Cozy Bear group was stationed, and monitored each step of the criminals using web cameras.
We add that the group is suspected of hacking the servers of the Democratic Party of the United States during the presidential election campaign in 2016. Hacked information was published by the pro-Kremlin organization "Wikileaks". This led to aggressive attacks against Clinton from the Trump headquarters, as well as to an intensified assault in the American segment of social networks from the "Russian trolls".
What did the Dutch intel services find out? They received information about the activities and plans of hackers, as well as photos and personal data of people who were sitting at the computers. So, the Dutch found that active cybercriminals do not have more than ten people. But most importantly, they managed to find an initiator. It turned out that the leadership of the group is carried out by the Russian special services. And when the Dutch media talk about the representatives of the Kremlin's special services, it means that they are identified as well as the foot soldiers.
For three years - from 2014 to 2017 - a special cyber unit looked after Russian plotters and passed the information to American counterparts from the CIA and the NSA.
"The specialists from AIVD tracked the attack on Clinton headquarters almost live stream," writes de Volkskrant.
Moreover, AIVD and MIVD leaders Rob Bertoli and Peter Bindt personally discussed the group's data with NSA head Michael Rogers and US National Intelligence Director Mike Dempsey in 2016.
US intelligence agencies were able to prevent another attack of "Cozy Bear" on the servers of the US State Department in November of last year, and again thanks to their Dutch counterparts.
Considering the fact that the press secretary of the Russian president Dmitry Peskov decided to comment on this incident - the declassification of Russian hackers and their curators by the Dutch - we can say with all certainty: it is reliable information, despite the Russians' assurance in the opposite.
And even the quirky Peskov could not answer anything, but only indicated that the Dutch special services had not notified his leadership about the operation. All he had to do was blame the Dutch media for dishonesty: "Let's just say that if Dutch newspapers want to throw coal into the furnace of anti-Russian hysteria that takes place in America, this is not the noblest work". However, this is not so important.
In general, it is not surprising that it was the Dutch who were able to reach the Russian group of hackers and their employers. Since the moment when the Russians knocked down the Malaysian plane near the Ukrainian Torez (Donetsk region), the Russian special services and their cyber-detachments constantly tried to penetrate into those Dutch bases and departments where information about the investigation was stored.
A group of hackers "Pawn Storm" (also known as "Fancy Bear") attacked the information systems of the Security Council Netherlands immediately after the presentation of the report of the Security Council of the Netherlands about the air crash of MH17 in September and October 2015.
The aim of the attack was to get unauthorized access to confidential materials about the Boeing 777 plane crash investigation conducted by an international investigation team.
In advance, we say that Fancy Bear is another group of Russian hackers, which also influenced on the course of the elections in the United States. But, they were coordinated by representatives of the RF General Staff Main Intelligence Directorate.
The hackers from Fancy Bear also claimed responsibility for hacking the US Democratic Party and the World Anti-Doping Agency (WADA) in 2016. They attacked the German Bundestag and the French television network TV5Monde.
The company Trend Micro, the developer of software for cybersecurity, indicated in a recent report that this group has created a whole network of web pages that completely copy the US Senate's internal mail system. With the help of this network, hackers intended to deceive the employees of the department and gain access to internal correspondence with help of the physhing messages.
However, let us return to the Boeing case. The site of the group of investigative journalists "Bellingcat" was attacked by hackers after the publication of a new report on the crash of the plane in late February 2016.
Journalists reported that the ADMS Buk, which shot down a civilian plane in the sky over the Donbas, was deployed by servicemen of the 2nd battalion of the 53rd anti-aircraft missile brigade to the Ukrainian border from Kursk. In total, Bellingcat published the names of 20 Russian soldiers.
It is interesting that one year later, in July 2017, all the same journalists of the Dutch broadcast "Nieuwsuur" (apparently, with the help of national special services) found the home of one of the suspects in the commission of the crime - Major General of the Russian Federation Sergey Dubinsky, call sign "Gloomy".
Meanwhile, not only the case of the crushed Boeing could lead the intelligence community of the Netherlands to Russian hackers and their employers - the special services of the Russian Federation. The Russians actively meddled in the electoral system of the Netherlands during the plebiscite about the advisability of ratifying the Association Agreement between Ukraine and the EU. Moreover, they were active during the parliamentary elections in the Netherlands.
We have to recall that the pro-Russian forces created a website for collecting signatures before the referendum. After the announcement of disappointing for Ukraine results, the Dutch RTL television channel asked the Ministry of Internal Affairs of the country, after which it became clear that more than 400,000 signatures collected by activists for the referendum were not checked by anyone.
Then, , the head of the Dutch intelligence Rob Bertole stated in February 2017that hackers from Russia, China and Iran carried out hundreds of attacks on the website of the Government of the Netherlands. According to Bertole, they intended to gain access to the secret documents of the Dutch authorities.
"I regard this as a threat to our democracy. The danger is that they (hackers) will be able to influence on the work of our parliament and the decisions that the government makes", -he said in an interview with the Dutch television.
Further, elections were held in the country, before which (according to the instructions of the special services) the government decided to temporarily abandon computer processing of votes.
Well, it remains only to wait when the Dutch special services will disclose information about Russia's interference in the elections and about the crimes of the Russian military, connected with the air crash of Boeing. The latter will prove the fact of the Kremlin aggression. There is a high probability that the Dutch will publish their report immediately after the end of the investigation in the United States.
The US intelligence service submitted a report in January 2017 stating that the Russian General Staff Main Intelligence Directorate was behind the hacking of the Democratic Party servers. This was written by The Bell newspaper, which was created by former editor-in-chief of Vedomosti newspaper Elizaveta Osetinskaya.
Journalists of the online project talked to two secret sources who told that they helped US intelligence agencies get evidence of the involvement of Russian hackers in cyberattacks in the USA. They told about the FSB colonel Sergey Mikhailov and three of his comrades - a former employee of Kaspersky Lab, Ruslan Stoyanov, and the Internet -enterprise Georgy Fomchenkov and FSB major Dmitry Dokuchaev.
And, we come to the most interesting here.
At the end of January - beginning of February 2017, information about the arrests of the hackers of the Humpty Dumpty group and the officers of the FSB, who were called their curators, was leaked to the Russian press. Among the "hackers" were the surnames of the founder of the group Vladimir Anikeev, his accomplice Alexander Filinov and Alexander Glazastikov, who managed to escape to Estonia. By the way, he was clever and immediately came into contact with the foreign press, intending to save his life in this way.
During the court session, the hackers confessed that Mikhailov, which contacted with them in 2016, was the curator of the group from the FSB.
In fact, the latter was just an ordinary extortionist. He forced them to collect secret information and then sold it for good money.
However, such activities could not be called harmless, because among the victims of these criminals and their curators was even the Russian Prime Minister Medvedev and Yevgeny Prigozhin, the main supplier of food for the Russian President's affair department and curator of the "Troll Factory" in St. Petersburg.
Defense Minister Shoigu suffered from Mikhailov's group most of all. Back in August 2015, the group "Anonymous International" (the same "Humpty Dumpty") sent a complaint about the "incompetence of the Defense Ministry's employees" to the FSB. This paper was placed on the table to Putin.
Another war began between the Russian Federation's security agencies - the FSB and the GRU after that. Representatives of the latter made every effort to put Mikhailov, his accomplices and hackers in jail.
And all would be normal if Mikhailov's arrest did not coincide with the accusations of the Russian leadership in organizing cyber-attacks against the headquarters of the Democratic Party.
First, they wanted to announce that the Humpty Dumpty group and Cozy Bear were the same people. However, as pointed out by The Bell, Mikhailov and Co. were accused of high treason in favor of the United States then.
In other words, someone wanted to hang on the state treason on the FSB's representatives, creating the appearance that the Americans had themselves imitated Russian penetration in order to impose sanctions against Russia. And, as Kremlin special services try to show, traitors from the FSB were involved in it.
It is curious that hacker-fugitive Alexander Glazastikov expressed his fears earlier that they could be blamed for hacking the servers of the Democratic Party of the United States. At the same time, he admitted that those who "coordinate the entire operation" may need such an assessment in the world media.
And then the Russian FSB began to work actively on this scenario.
First in August 2017, "interlocutors" of the television channel "Dozhd" told that Mikhailov was giving secret information about Russian hackers to Americans. According to the information of "Dozhd", Roman Seleznev, the son of a State Duma deputy from the LDPR Valery Seleznev, was detained in the Maldives thanks to Mikhailov's information in 2014. Seleznev is found guilty of cyber-fraud for $ 170 million and sentenced to 27 years in prison in the United States now.
Then, the article of Herman Alexandrov "Who handed over the Russian hackers to USA" was published on the Russian website "Rosbalt" on October 25 last year. The author points out in it that the capture of Russian hackers abroad (for example, Peter Levashov, who worked for the GRU) is connected with the activities of Mikhailov's accomplices.
So, the author reports that the employee of Kaspersky Lab Ruslan Stoyanov (arrested in the same case) cooperated with a number of Western companies that helped US special services to find out Russian hackers and document their activities. According to the author, Stoyanov helped the Americans to obtain secret information. He directly received it from his superiors - Sergei Mikhailov and the operative Dmitri Dokuchaev.
"Further, information was sent through Stoyanov to Western companies and US special services. It cannot be said that FSB officers directly "handed over" hackers. However, their information filled in the gaps in investigations of intelligence services and allowed not only to establish the identity of hackers, but also to obtain evidence on them. Did the Americans know from whom the information comes? Of course, they knew. Did Mikhailov and Dokuchaev understand whom the information was for? I think that they guessed it", - one of Rosbalt sources said.
Then, the sensational information appeared at the beginning of December 2017 (launched by the same The Bell newspaper). It turns out that on August 15, a resident of Yekaterinburg Konstantin Kozlovsky, accused of case about the hacker group "Lurk", said at a meeting of the Moscow City Court that "he participated in the hacking of the National Committee of the Democratic Party of the United States and the correspondence of Hillary Clinton under the supervision of FSB officers".
In August, the day before the court session, a copy of the letter was published in Kozlovsky's Facebook account dated November 1. Kozlovsky states in a letter that he committed attacks on the National Committee on behalf of an FSB officer, whom he calls "Ilya." He stated that there was a FSB major, Dmitry Dokuchaev under the pseudonym "Ilya". The latter now rejects such accusations.
Finally, the Russians prepared a real "masterpiece" - the article of the special correspondent of "Medusa" Ilya Zhegulyov "The Orcs who defeated the engineering experts. How the security officials infiltrated into Kaspersky Lab”. The author tells in article how the Russian FSB gradually displaced all engineering experts from the company-developer antivirus products and replaced them with their operatives.
Zhegulyov also told how the arrested Ruslan Stoyanov detained hacker groups together with the security representatives, among which was the same "Lurk".
Then, it was the story (referring to the same "The Bell") about Mikhailov and Stoyanov, which shared information about Russian hackers with American intelligence services. The sources say that the information about the attacks on the servers of the Democratic Party, which were supervised by the Main Directorate of the Ministry of Defense of the Russian Federation, USA also got from Mikhailov and Stoyanov.
But the Dutch media have spoiled everything, publishing (in agreement with the special services of the Netherlands) material about who really stands behind the activities of the Cozy Bear group. At the same time, there is a possibility that the Dutch (read - the Americans) are aware of who controls the hackers from "Fancy Bear".
In general, the Dutch have disorganized the espionage mosaic that was collected so long and scrupulously by the Kremlin. Now, the case of Mikhailov and Co state treason is falling apart. The appeared information confirms that the extortionists became victims of the war of special services for money and for influence.
Moreover, the appearance of Dutch intelligence agents on the field eliminates the version launched by the Russians about the imitation hacker attacks form US side for further accusations Russia in this.
Conclusion is coming
All of this reminds the time of the war in Afghanistan, when the KGB and the GRU were finking on each other in order to secure additional profits and influence on the Kremlin top. When the sanctions broke out against the Soviet Union, the battle between the agencies did not end. It became tougher after all, because they had to compete for the minimum cash receipts. In the end, the security officials knocked down the regime themselves which they built.
Now, we are talking about rather tough sanctions - sectoral and personal, and this is only the beginning of an interesting process to disarm the Russian Federation.
We must not forget about the hackers that the US authorities have already caught or agreed (as was the case with Levashov) about their extradition. Many of them have already told American security officers about their crimes and about who led them.
The active work is conducted by the office of the special prosecutor Robert Mueller. Separately, an investigation is being carried out in the relevant Senate committees. Experts of Internet companies successfully find traces of Russian hackers (special services) - purchased advertising, created groups, false accounts.
Even the “Russian Trolls" are speaking on television and talking about the plan of Russian intelligence agencies to undermine the political system in the United States by meddling in its election campaign.
Moreover, the countries of Europe also began to speak in unison with the Americans: the British, the Dutch, the French, the Germans and the Spaniards. Their governments are waiting for Washington to launch its attack with aim to join it, surrounding the enemy. And, apparently, this time has come.