Practically Speaking |

Secret Intelligence Service

The Art of Spying

Qui Decipitur

________________________________________________________________________

Practically Speaking : Spies

US and Holland uncover a suspected network of Russian spies

In Russia, the new charges are referred to as mere Western spymania

Updated : 07 10 2018

Image : Equipment taken from the Russians (Netherlands Ministry of Defence)

Image : Vehicle belonging to the Russian officers, where was found the hacker equipment (Netherlands Ministry of Defence)

Image : Equipment belonging to the Russians found in the car

Image : Antenna hidden under clothes (Netherlands Ministry of Defence)

See below for more images

Practically Speaking. The Art of Spying

The United States indicted seven Russians on charges of conducting cyber-attacks.

The US Department of Justice claimed that all of them are officers of the Russian army, namely, employees of the Main Directorate of the General Staff of Russia (GU GS, former GRU). They are accused of hacking computers, using fraudulent schemes, stealing personal data and money laundering. It is indicated that they conducted illegal activities approximately from December 2014 and at least until May 2018.

The suspects have already come to the attention of the special services of the Netherlands.

US Department of Justice referred to the names of the suspects. These being; Dmitry Badin, Artem Malyshev, Alexey Minin, Alexey Morenets, Yevgeny Serebryakov, Oleg Sotnikov and Ivan Ermakov.

It is specified that five of the men serve in one military unit – 26165.

The Netherlands stated earlier on October 4 2018 that four Russians – Minin, Morenets, Serebryakov and Sotnikov – were attempting to commit a cyber attack on the Organisation for the Prohibition of Chemical Weapons (OPCW). The remaining three received in July from the United States an absentee accusation of interference in the elections of the American president in 2016.

The United States described the scheme by which the GRU officers worked and their goals.
Yermakov, Malyshev, Badin and other unidentified conspirators allegedly used pseudonyms and proxy servers to get to the victims. They also sent them phishing emails or created fake websites that copied the real ones. If suddenly the hacking attempt failed or the necessary data was not found on the computer or server, then Morenets, Serebryakov, Sotnikov and Minin began to act.

The men personally traveled to the site (including Brazilian Rio de Janeiro and Swiss Lausanne) and, using specialised equipment, hacked the networks used by the victims, including Wi-Fi in hotels. Already through them, they received the necessary access and passed it on to their colleagues in Russia. To disseminate information, they pretended to be a Fancy Bear hacker group.

According to the American side, the Russians conspired and conducted constant cyber attacks against individuals and legal entities in the United States, as well as companies and international organisations around the world. As a consequence, the stolen data was used in publications for disinformation and discredit ‘in the interests of the Russian government.’

The main targets of Russian hackers are sports organisations.
Among the victims of hacks are the US Anti-Doping Agency (USADA), the International Anti-Doping Agency (WADA), the Canadian Centre for Ethics in Sport (CCES), the International Association of Athletics Federations (IAAF), Sports Arbitration Court (TAS / CAS), the International Football Federation (FIFA ). The Justice Ministry stated that the doping data, laboratory results, medical reports were stolen, and about 250 athletes in about 30 countries were affected by the actions of the accused.

Apparently, the group of Russians was not limited to this :

The Westinghouse Electric Company, which deals with atomic energy (in 2014) and the chemical laboratory in The Hague (in 2018), they also tried to crack. It is indicated that the men after their visit to the Netherlands were going to go to the Swiss chemical laboratory in the city of Spitz, which analysed the substance, which poisoned the former GRU employee Sergey Skripal here in the U.K. However, it was at that moment that the Dutch police arrested them.

The men arrived in the Netherlands on diplomatic passports.

On the prevention of Russian cyber attacks on the OPCW, was told on 4 October at the Netherlands Defence Ministry. The head of department, Ank Beyveveld, also reported that Russia attempted to steal files about the investigation into the crash of the Malaysian Boeing over the Donbas.

The Dutch side stated that four Russians (Minin, Morents, Serebryakov and Sotnikov) were arrested on April 13 near the headquarters of the OPCW in The Hague. They were in a parked car, filled with tracking equipment. It was indicated that the men arrived in the country on Russian diplomatic passports. They were later deported.

According to the Ministry of Defence, Morenets and Serebryakov were directly cyber specialists, and Sotnikov and Minin provided them with intelligence support. The agency also distributed photos of Russians, their equipment and documents, including a receipt for paying a taxi from Nesvizhsky Lane to Sheremetyevo Airport. It was noted that the street is located next to the part that is called the division of the GRU.

One of the Russians, probably worked in the Ministry of Defence.

Radio Liberty discovered that the 37-year-old Yevgeny Serebryakov worked at the Centre for Special Developments of the Ministry of Defence, which is engaged in organizing and conducting research activities in the field of information and communication systems security problems. Journalists found this information after finding an article in the journal Applied Discrete Mathematics for February 2014. Serebryakov was on the list of authors, and his place of work was indicated there.

The radio also noticed that the diplomatic passports of Serebryakov and Morents were issued on the same day, April 17, 2017, exactly one year before the trip to The Hague. In addition, the documents differed by only one digit.

Attention is also drawn to the fact that in the database of the traffic police, which was leaked, one can find information regarding 41-year-old Alexey Morerents and his car. In this case, the work place of the man indicated military unit 26165, also has a mobile phone number and passport. It is noted that a total of 305 cars are registered to the address of the same part.

The West threatened Russia with retaliation for cyber attacks.

US Secretary of Defence James Mattis believes that a burglary attempt shows Russia’s disregard for international norms. He added that all the states involved in the incident could, in response, take various measures against Moscow.

The head of the British Foreign Office, Jeremy Hunt, stated that the Russian authorities would face the consequences of their actions. “They will be exposed, and people will see the Russian authorities, as they are, an organisation that is trying to increase instability in the world,” he stated. He added that the data on the intention to attack the OPCW “dispel all doubts” regarding Russia’s involvement in Skripal’s poisoning.

A source in the Russian Foreign Ministry explained that Moscow is included in all structures of the OPCW, it has access to the necessary documents, so there is no need to hack the organisation’s networks. “This is complete nonsense, a red flag event – a set up.” he pointed out.

“There were no attacks and there can not be. This has nothing at all to do with the Chemical Weapons Convention or the organisation. This is related to a common, extreme, obscurantism policy on the part of certain Western states,” said a source.

Further Images :