An Intelligence Crisis In Moscow

Uploaded on 2017-02-15 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, NEWS-News Analysis

Amid the political and diplomatic chaos in the US since Donald Trump assumed the presidency, the Russian leadership has been experiencing its own turmoil, until recently kept under wraps, but now emerging into the open.

Russian President Vladimir Putin is still firmly in power, as evidenced by his hour-long conversation recently with Trump and by Putin’s high ratings in opinion polls (which far surpass Trump’s). Yet we have now learned that, since the US election, there has been an unprecedented, and perhaps still continuing shakeup of top officials in Putin’s main security agency, the FSB, and that a top former intelligence official in Putin’s entourage died recently in suspicious circumstances.

Recent reports in the Russian press have connected the upheaval at the FSB to Kremlin-sponsored hacking of the US electoral process, and with the now infamous dossier about Donald Trump’s ties with Russian government officials compiled by former British MI6 operative Christopher Steele.

It appears that the Kremlin has been conducting an intensive hunt for moles within its security apparatus who might have leaked information about Russian efforts to influence the US presidential election.

In mid-December 2016, following public assertions by leading US intelligence officials that Russia had intervened in the election, two high-level FSB officers, Sergei Mikhailov, deputy chief of the FSB’s Center for Information Security, which oversees cyber-intelligence, and his subordinate, Dmitry Dokuchayev, were arrested. (Russian authorities reportedly took Mikhailov away from a meeting of the FSB top brass after placing a black bag on his head.)

The two men, along with Ruslan Stoyanov, who headed the Kaspersky Lab, a private company that assists the FSB in internet security, were charged with state treason.

Russian independent media reported that the men had been responsible for leaks to Western sources, including US intelligence, about Russian cyber-attacks against the US and also about Russian covert efforts to blackmail Donald Trump.

Referring to Mikhailov, The New York Times noted: “If confirmed, the arrest would be one of the highest-profile detentions for treason within the FSB since the breakup of the Soviet Union.”

In addition to these arrests, the respected RFE/RL (Radio Free Europe/Radio Liberty) analysis group reported that at least one other high-level FSB official has been detained, along with possibly three other suspects. According to RFE/RL: “The news, [while] unverified and uncorroborated, is the latest in a growing number of remarkable leaks that hint at possible struggles and hidden agendas inside Russia’s formidable security apparatus.”

Also, the authoritative independent Russian business daily Kommersant reported two weeks ago that Andrei Gerasimov, chief of the FSB’s cyber-intelligence department, and Mikhailov’s boss, would be fired, although Gerasimov’s dismissal has yet to be officially confirmed.

According to Russian security expert Andrei Soldatov, the upheaval in the FSB amounts to a purge of the entire Russian state security team dealing with cyber intelligence and cyber-security.

The extent to which this crisis has reached the upper echelons of the Kremlin itself is suggested by the sudden death, on December 26, 2016, of Oleg Erovinkin, a top adviser to Igor Sechin, the CEO of the Russian oil giant Rosneft. Sechin is a central figure in the Steele dossier about Trump and is said to be the most powerful member of Putin’s team. Erovinkin’s body was found in his black Lexus near his home in Moscow on December 26; his death was officially reported as a heart attack, but the notoriously secretive Russian police authorities have not permitted a further investigation.

In fact, Erovinkin had played an important part in Russian intelligence matters for years. He worked for the KGB and its successor organizations for almost two decades before joining the staff of the Yeltsin administration, monitoring the compliance of government personnel with the laws on state secrets, a job he continued under the Putin administration.

In 2008, he became the head of the office of then Deputy Prime Minister Sechin, presumably using his unparalleled expertise as the keeper of the Kremlin’s secrets. Throughout his career, in other words, his job was to prevent leaks of highly sensitive information of the kind that apparently happened with the Trump dossier, and to make sure that leakers were punished.

Erovinkin would have known about Sechin’s contacts with Americans. Trump’s new secretary of state, Rex Tillerson, who has just resigned as CEO of ExxonMobil, has long been on close terms with Sechin, as the two have partnered on oil deals. Sechin has famously complained that US sanctions that have targeted him and other top Russian officials have prevented him from coming to the US to “ride the roads…on motorcycles with Tillerson.”

The Steele dossier also mentions that Carter Page, a member of Trump’s foreign policy team during his campaign, had a secret meeting with Sechin in Moscow in July 2016, in which the two reportedly discussed the possible lifting US sanctions against Russia, in exchange for a 19 percent stake in Rosneft.

It is not clear from the memo who would get the stake, but apparently it would have been the Trump campaign.

Steele says that he was given the information on the Sechin-Page meeting in October 2016 by a “close associate” of Sechin and that “the secret meeting had been confirmed to [this source] by a senior member of Sechin’s staff, in addition to by the Rosneft President.” Could Steele’s source have been the now dead Oleg Erovinkin?

According to an expert on Russian security matters, cited by the British Telegraph: “I have no doubt that at the time Erovinkin died, Mr. Putin had Mr. Steele’s Trump dossier on his desk. He would, arguably, have known whether the alleged… story is based on fact or fiction. Whichever is true, he would have had a motive to seek, and find the mole.”

At the time of the FSB arrests, memos from the Steele dossier had been circulating in the US intelligence community, and among members of Congress, for months. The Putin leadership was doubtless aware of the memos and furious that the material contained in them, including a possible Kremlin plan to use kompromat against Trump, had been leaked.

If the information in the dossier is accurate, it could have been intended for various uses, including to exert pressure on Trump to cancel US sanctions against Russia. It is worth noting that the December arrests of FSB officials were not revealed publicly in Russia for several weeks, indicating that the Kremlin was trying to keep the purge under wraps.

The Steele dossier went into considerable detail about Russian hacking of both the Democratic and Republican National committees, along with other reports about contacts between Trump people and Russian officials before the US elections and Trump’s alleged sexual exploits in Moscow and St. Petersburg.

The dossier is admittedly “raw intelligence,” and cannot be verified because Steele himself is in hiding. There are a lot of inconsistencies in what it says, including the assertion that Dmitry Peskov, Putin’s press secretary, has been in charge of the Trump file. It is doubtful that Peskov’s position in the Kremlin would give him that portfolio.

Yet Steele, who is well known in British intelligence circles for his expertise on Russia, seems to have based his information on high-level sources in Moscow and some of the material has been corroborated or deemed plausible by other experts. The allegations of Trump’s sexual adventures at the Ritz Carleton hotel in Moscow when he was there for the Miss Universe pageant in November 2013, and his earlier alleged escapades in St. Petersburg, should not be dismissed out of hand.

The FSB is notorious for compiling sexual kompromat. Indeed, Putin gained support for his presidency to succeed President Boris Yeltsin in the spring of 1999, when, as FSB chief, he had his agency plant cameras in a hotel room to film the Russian prosecutor-general, Yuri Skuratov, engaged in sex with two women.

The film was shown on Russian television and forced Skuratov, who was at the time pursuing a high-profile investigation into corruption on the part of Yeltsin and his family, to resign. The Kremlin used a similar tactic with former Russian prime minister Mikhail Kasyanov, now a leader of the Russian democratic opposition.

Kasyanov was filmed having sex with a woman who was not his wife shortly before Russian parliamentary elections last year and it greatly damaged his reputation. According to former Duma deputy Gennady Gudkov, who did not get elected to the parliament last year when he ran in opposition to Putin’s United Russia Party: “Without a doubt, we gather [such] kompromat….In the Kremlin, there’s piles of it, as there are in all the security agencies.”

The Kremlin likely still has other material on Trump that hasn’t yet come out. Speaking at a mid-January news conference in response to a question about Steele’s allegations that the Russian security services had blackmail on Trump with a sex video, Putin dismissed the dossier as an “absolute fake.”

But he then went on to elaborate, unnecessarily: “He arrived here and immediately ran off to meet Moscow prostitutes? This is an adult and, moreover, a man who for many years has organised beauty contests. He socialized with the most beautiful women in the world. I can hardly imagine he rushed to the hotel to meet our girls of lower social responsibility—even though they are the best in the world, of course.” One wonders whether Putin was giving Trump a subtle reminder that the Kremlin still had the goods on him.

The motives of the leakers to Steele, as yet unclear, could well reflect a power struggle within Russia’s intelligence and security apparatus. Numerous western and Russian media reports, dating back to last summer, have documented a rivalry between the FSB and other of Putin’s security agencies. Sechin, although not officially a member of the Russian intelligence community, is a former KGB officer and still has deep connections there.

Clearly, if such a conflict exists within the Kremlin, Sechin would be a central figure in it, and the leaks may be part of an attempt to discredit him. Whatever the case, the upheaval in the Kremlin should come as a warning to the Trump camp that the Putin regime, its volatile centers of power, and its larger intentions toward the United States, will in the coming months be nothing if not hard to read.

How will the Trump administration address, for example, the tragic news that Vladimir Kara-Murza, a young, courageous Russian democrat, repeatedly threatened by the Kremlin, has again been poisoned after an earlier attempt on his life and is in a coma?

Any attempt by the Trump administration to use personal friendships to affect a rapprochement with Russia may soon need to take account of what is really happening in Putin’s Kremlin.

NYBooks:             Fallout In Russia : One Suspicious Death & Three Cyber Spies Arrested:

Electoral Influence: 40yrs Of Kremlin Interference:

 

 

 

« EU Tools Up For Cyber War
Norway Says Cyber Attacks Came From Russia »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

BCS Financial

BCS Financial

BCS Financial delivers financial and insurance solutions. Specialty risk products include Cyber and Privacy Liability insurance.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Mako Networks

Mako Networks

The Mako System is an award winning networking and security service designed specifically for SMEs and branch offices of larger organisations.

RIPS Technologies

RIPS Technologies

RIPS Technologies delivers automated security analysis for PHP applications as platform independent software or highly scalable cloud service.

Cyber Security Austria (CSA)

Cyber Security Austria (CSA)

Cyber Security Austria (CSA) is an independent non-profit association with the aim to address security issues in the area of IT/cyber security of critical/strategic infrastructures in Austria.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

NetBlocks

NetBlocks

NetBlocks is a global internet monitor working at the intersection of digital rights, cyber-security and internet governance.

Cyber Unit

Cyber Unit

Cyber Unit offer next level protection from cyber attacks in packages and pricing options that are accessible to smaller organizations.

Infinavate

Infinavate

Infinavate Fort CyberVault offers end-to-end services that comprehensively responds to the organization’s information security and privacy needs.

Dynamic Networks

Dynamic Networks

Dynamic Networks provide Managed Cloud Services; Unified Communications; Security & Compliance Services and Network & Infrastructure Services for both Public Sector and Private sector businesses.