DOCSLIB.ORG

Doc 35: GRU Messages

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Doc 35: GRU Messages DOCID: 4129962 · From rlbensl Mon Aug 5 15: 50: 29 1996 To: wpcrowe@nsa Subject: gru messages Cc: rllerne@nsa,~'pcav~@nsa Classification: c""'S'R~ent-Length: 2204 X-Lines: 33 Content-Length: 2 07 X-Lines: 57 Bill, This morning I did quick review of the London KGB and London GRU which GCHQ redacted and sent to Rona for simultaneous release (part of our 5th release) • ;(b)(S) The KGB translations look the same as those we hold. GRU material sent to us is greatly different from what we held. We hold 65 GRU London <--> Moscow translations of 1940-41 messages. GCHQ sent us Cmy quick count) 159 messages on that lane and those years. Most of the translations re-translations that we do not have seem to have been made c. 1967 However, mmessages we did not have at all or have incomplete versions show: + GRU spy ring called the "X Network", apparently in the British armed forces + A u/i GRU radio-equipped personality covername STANLEY (same c/n as Kim Philby but this is not Philby -- I think a message describes this STANLEY as being from a Canadian working class family. I might have a guess at the ident). · + GRU interview of Klaus Fuchs in the UK and his description•of early atomic bomb research + The X Network learned that UK had broken a Soviet code (nfi) + A u/i source doing technical work in a UK intelligence organization (NFI) + A British Colonel clandestinely working with GRU + Discussion of the crypto systems being used by GRU London + Several other apprently important u/i sources and more info abt GRU using clandestine comms. [the London GRU of 1945-47 looks approx like what we hold, but I did not study carefully] At least two 1945 KGB messages (and these we do have in file) have information about apparently important but u/i U.S. connected agents. Another 1945 KGB msg mentions the work of the u/i female agent TINA who is providing valuable documents re the atomic bomb. @'pproved for Release by NSA on 07-03-2014, FOIA Case# 4277) DOCID: 4129962 (truenames in text and footnotes). Their call. Their footnotes do contain the idents STANLEY = Philby and HICKS = Guy Burgess. We will put a couple UK messages in the book for the Oct conference. Lou .
Load more

Recommended publications
  • Annual Report and Accounts 2018-19
    National Crime Agency Annual Report and Accounts 2018-19 HC 2397 National Crime Agency Annual Report and Accounts 2018-19 Annual Report presented to Parliament pursuant to paragraph 8(2) of Schedule 2 to the Crime and Courts Act 2013. Accounts presented to the House of Commons pursuant to Section 6(4) of the Government Resources and Accounts Act 2000. Accounts presented to the House of Lords by Command of Her Majesty. Ordered by the House of Commons to be printed on 22 July 2019. HC 2397 © Crown copyright 2019 This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3. Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned. This publication is available at www.gov.uk/official-documents. Any enquiries regarding this publication should be sent to National Crime Agency, Command Suite, Unit 1, Spring Gardens, Tinworth Street, London, SE11 5EN. ISBN 978-1-5286-1296-8 CCS0519221654 07/19 Printed on paper containing 75% recycled fibre content minimum. Printed in the UK by the APS Group on behalf of the Controller of Her Majesty’s Stationery Office. Contents Foreword by the Home Secretary 7 Part Two – Accountability Report Part One – Performance Report Corporate Governance Report 43 Directors’ Report 43 Statement by the Director General 9 Statement of Accounting Officer’s Who we are and what we do 10 responsibilities 44 How
    [Show full text]
  • Inside Russia's Intelligence Agencies
    EUROPEAN COUNCIL ON FOREIGN BRIEF POLICY RELATIONS ecfr.eu PUTIN’S HYDRA: INSIDE RUSSIA’S INTELLIGENCE SERVICES Mark Galeotti For his birthday in 2014, Russian President Vladimir Putin was treated to an exhibition of faux Greek friezes showing SUMMARY him in the guise of Hercules. In one, he was slaying the • Russia’s intelligence agencies are engaged in an “hydra of sanctions”.1 active and aggressive campaign in support of the Kremlin’s wider geopolitical agenda. The image of the hydra – a voracious and vicious multi- headed beast, guided by a single mind, and which grows • As well as espionage, Moscow’s “special services” new heads as soon as one is lopped off – crops up frequently conduct active measures aimed at subverting in discussions of Russia’s intelligence and security services. and destabilising European governments, Murdered dissident Alexander Litvinenko and his co-author operations in support of Russian economic Yuri Felshtinsky wrote of the way “the old KGB, like some interests, and attacks on political enemies. multi-headed hydra, split into four new structures” after 1991.2 More recently, a British counterintelligence officer • Moscow has developed an array of overlapping described Russia’s Foreign Intelligence Service (SVR) as and competitive security and spy services. The a hydra because of the way that, for every plot foiled or aim is to encourage risk-taking and multiple operative expelled, more quickly appear. sources, but it also leads to turf wars and a tendency to play to Kremlin prejudices. The West finds itself in a new “hot peace” in which many consider Russia not just as an irritant or challenge, but • While much useful intelligence is collected, as an outright threat.
    [Show full text]
  • The Right to Privacy and the Future of Mass Surveillance’
    ‘The Right to Privacy and the Future of Mass Surveillance’ ABSTRACT This article considers the feasibility of the adoption by the Council of Europe Member States of a multilateral binding treaty, called the Intelligence Codex (the Codex), aimed at regulating the working methods of state intelligence agencies. The Codex is the result of deep concerns about mass surveillance practices conducted by the United States’ National Security Agency (NSA) and the United Kingdom Government Communications Headquarters (GCHQ). The article explores the reasons for such a treaty. To that end, it identifies the discriminatory nature of the United States’ and the United Kingdom’s domestic legislation, pursuant to which foreign cyber surveillance programmes are operated, which reinforces the need to broaden the scope of extraterritorial application of the human rights treaties. Furthermore, it demonstrates that the US and UK foreign mass surveillance se practices interferes with the right to privacy of communications and cannot be justified under Article 17 ICCPR and Article 8 ECHR. As mass surveillance seems set to continue unabated, the article supports the calls from the Council of Europe to ban cyber espionage and mass untargeted cyber surveillance. The response to the proposal of a legally binding Intelligence Codexhard law solution to mass surveillance problem from the 47 Council of Europe governments has been so far muted, however a soft law option may be a viable way forward. Key Words: privacy, cyber surveillance, non-discrimination, Intelligence Codex, soft law. Introduction Peacetime espionage is by no means a new phenomenon in international relations.1 It has always been a prevalent method of gathering intelligence from afar, including through electronic means.2 However, foreign cyber surveillance on the scale revealed by Edward Snowden performed by the United States National Security Agency (NSA), the United Kingdom Government Communications Headquarters (GCHQ) and their Five Eyes partners3 1 Geoffrey B.
    [Show full text]
  • Mass Surveillance
    Thematic factsheet1 Update: July 2018 MASS SURVEILLANCE The highly complex forms of terrorism require States to take effective measures to defend themselves, including mass monitoring of communications. Unlike “targeted” surveillance (covert collection of conversations, telecommunications and metadata by technical means – “bugging”), “strategic” surveillance (or mass surveillance) does not necessarily start with a suspicion against a particular person or persons. It has a proactive element, aimed at identifying a danger rather than investigating a known threat. Herein lay both the value it can have for security operations, and the risks it can pose for individual rights. Nevertheless, Member States do not have unlimited powers in this area. Mass surveillance of citizens is tolerable under the Convention only if it is strictly necessary for safeguarding democratic institutions. Taking into account considerable potential to infringe fundamental rights to privacy and to freedom of expression enshrined by the Convention, Member States must ensure that the development of surveillance methods resulting in mass data collection is accompanied by the simultaneous development of legal safeguards securing respect for citizens’ human rights. According to the case-law of the European Court of Human Rights, it would be counter to governments’ efforts to keep terrorism at bay if the terrorist threat were substituted with a perceived threat of unfettered executive power intruding into citizens’ private lives. It is of the utmost importance that the domestic legislation authorizing far-reaching surveillance techniques and prerogatives provides for adequate and sufficient safeguards in order to minimize the risks for the freedom of expression and the right to privacy which the “indiscriminate capturing of vast amounts of communications” enables.
    [Show full text]
  • Offensive Capabilities
    GCHQ and UK Mass Surveillance Chapter 5 5 Beyond signals intelligence: Offensive capabilities 5.1 Introduction Documents released by German magazine Der Spiegel provide a much richer picture of the offensive activities of the NSA and its allies, including the UK’s GCHQ.i The global surveillance infrastructure and hacking tools described in the previous chapters are not only used for obtaining information to be fed into intelligence reports and tracking terrorists. The agencies are also developing cyber-warfare capabilities, with the NSA taking the lead within the US armed forces. This militarisation of the internet saw U.S. intelligence services carried out 231 offensive cyber-operations in 2011ii. The UK's National Strategic Defence and Security Review from 2010 made hostile attacks upon UK cyberspace a major priorityiii. It is fair to assume that many countries are following suit and building cyber-warfare capabilities. Der Spiegel terms the development of these aggressive hacking tools as Digital Weapons. In their view D weapons which should join the ABC (Atomic, Biological and Chemical) weapons of the 20th century because of their indiscriminate nature. Here lies a fundamental problem. The modern world with connected global communications networks means that non-state actors such as civilians and businesses are now affected by the agencies’ activities much more frequently than before. The internet is used by everyone – cyberspace is mainly a civilian space – and the opportunity for collateral damage is huge. The papers leaked to Der Spiegel appear to show that signal agencies have little regard for the security and wellbeing of anyone who gets caught in the path of their operations.
    [Show full text]
  • RUSSIA INTELLIGENCE Politics & Government
    N°66 - November 22 2007 Published every two weeks / International Edition CONTENTS KREMLIN P. 1-4 Politics & Government c KREMLIN The highly-orchestrated launching into orbit cThe highly-orchestrated launching into orbit of of the «national leader» the «national leader» Only a few days away from the legislative elections, the political climate in Russia grew particu- STORCHAK AFFAIR larly heavy with the announcement of the arrest of the assistant to the Finance minister Alexey Ku- c Kudrin in the line of fire of drin (read page 2). Sergey Storchak is accused of attempting to divert several dozen million dol- the Patrushev-Sechin clan lars in connection with the settlement of the Algerian debt to Russia. The clan wars in the close DUMA guard of Vladimir Putin which confront the Igor Sechin/Nikolay Patrushev duo against a compet- cUnited Russia, electoral ing «Petersburg» group based around Viktor Cherkesov, overflows the limits of the «power struc- home for Russia’s big ture» where it was contained up until now to affect the entire Russian political power complex. business WAR OF THE SERVICES The electoral campaign itself is unfolding without too much tension, involving men, parties, fac- cThe KGB old guard appeals for calm tions that support President Putin. They are no longer legislative elections but a sort of plebicite campaign, to which the Russian president lends himself without excessive good humour. The objec- PROFILE cValentina Matvienko, the tive is not even to know if the presidential party United Russia will be victorious, but if the final score “czarina” of Saint Petersburg passes the 60% threshhold.
    [Show full text]
  • Mass Surveillance
    Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof.
    [Show full text]
  • THREAT BULLETINS Joint Cybersecurity Advisory on Russian
    THREAT BULLETINS Joint Cybersecurity Advisory on Russian GRU Kubernetes Brute Force Campaign TLP:WHITE Jul 06, 2021 On July 1, 2021, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) released a Joint Cybersecurity Advisory regarding Russian General Staff Main Intelligence Directorate’s (GRU) 85th Main Special Service Center (GTsSS), Unit 26165. The joint advisory outlines Russia’s malicious use of Kubernetes clusters cloaked by various virtual private network (VPN) providers and The Onion Router (TOR) to conduct widespread, distributed, and anonymized brute force access attempts against several government and private sector targets globally. Kubernetes is an open-source system for orchestrating the deployment and management of software containers. This advisory is being shared to prevent a disruption of your network posture as these efforts are almost certainly still ongoing according to the Joint Cybersecurity Advisory. The malicious cyber activity has previously been attributed to threat groups identified as Fancy Bear, APT28, Strontium, and a variety of others by the private sector. A significant amount of malicious activity was directed at organizations using Microsoft Office 365 cloud services in addition to targeting other service providers and on-premises email servers using a variety of different protocols. This brute force capability allows the 85th GTsSS actors to access protected data, including email, and identify valid account credentials. Those credentials may then be used for a variety of purposes, including initial access, persistence, privilege escalation, and defense evasion. The actors have used identified account credentials in conjunction with exploiting publicly known vulnerabilities, such as exploiting Microsoft Exchange servers using CVE 2020-0688 and CVE 2020-17144, for remote code execution and further access to target networks.
    [Show full text]
  • GCHQ Accommodation Procurement: a Case Study
    Intelligence and Security Committee of Parliament GCHQ accommodation procurement: a case study HC 991 Intelligence and Security Committee of Parliament GCHQ accommodation procurement: a case study Presented to Parliament pursuant to sections 2 and 3 of the Justice and Security Act 2013 Ordered by the House of Commons to be printed on 19 November 2020 HC 991 © Intelligence and Security Committee of Parliament copyright 2020 The material must be acknowledged as Intelligence and Security Committee of Parliament copyright and the document title specified. Where third party material has been identified, permission from the respective copyright holder must be sought. This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 Any enquiries regarding this publication should be sent to us via our webform at isc.independent.gov.uk/contact This publication is also available on our website at: isc.independent.gov.uk ISBN 978-1-5286-2203-5 CCS0920245852 11/20 Printed on paper containing 75% recycled fibre content minimum Printed in the UK by the APS Group on behalf of the Controller of Her Majesty’s Stationery Office THE INTELLIGENCE AND SECURITY COMMITTEE OF PARLIAMENT The Rt Hon. Dr Julian Lewis MP The Rt Hon. Sir John Hayes CBE MP Mark Pritchard MP Stewart Hosie MP Colonel Bob Stewart DSO MP Dame Diana Johnson DBE MP The Rt Hon. Theresa Villiers MP The Rt Hon. Kevan Jones MP The Rt Hon. Admiral Lord West of Spithead GCB DSC This Report reflects the work of the previous Committee, which sat from November 2017 to November 2019: The Rt.
    [Show full text]
  • Macron Leaks” Operation: a Post-Mortem
    Atlantic Council The “Macron Leaks” Operation: A Post-Mortem Jean-Baptiste Jeangène Vilmer The “Macron Leaks” Operation: A Post-Mortem Jean-Baptiste Jeangène Vilmer ISBN-13: 978-1-61977-588-6 This report is written and published in accordance with the Atlantic Council Policy on Intellectual Indepen- dence. The author is solely responsible for its analysis and recommendations. The Atlantic Council and its donors do not determine, nor do they necessarily endorse or advocate for, any of this report’s conclusions. June 2019 Contents Acknowledgments iv Abstract v Introduction 1 I- WHAT HAPPENED 4 1. The Disinformation Campaign 4 a) By the Kremlin media 4 b) By the American alt-right 6 2. The Aperitif: #MacronGate 9 3. The Hack 10 4. The Leak 11 5. In Summary, a Classic “Hack and Leak” Information Operation 14 6. Epilogue: One and Two Years Later 15 II- WHO DID IT? 17 1. The Disinformation Campaign 17 2. The Hack 18 3. The Leak 21 4. Conclusion: a combination of Russian intelligence and American alt-right 23 III- WHY DID IT FAIL AND WHAT LESSONS CAN BE LEARNED? 26 1. Structural Reasons 26 2. Luck 28 3. Anticipation 29 Lesson 1: Learn from others 29 Lesson 2: Use the right administrative tools 31 Lesson 3: Raise awareness 32 Lesson 4: Show resolve and determination 32 Lesson 5: Take (technical) precautions 33 Lesson 6: Put pressure on digital platforms 33 4. Reaction 34 Lesson 7: Make all hacking attempts public 34 Lesson 8: Gain control over the leaked information 34 Lesson 9: Stay focused and strike back 35 Lesson 10: Use humor 35 Lesson 11: Alert law enforcement 36 Lesson 12: Undermine propaganda outlets 36 Lesson 13: Trivialize the leaked content 37 Lesson 14: Compartmentalize communication 37 Lesson 15: Call on the media to behave responsibly 37 5.
    [Show full text]
  • Skripal Novichok Poisoning: Kremlin on Hunt for Russian 'Traitor' Who Helped Identify Hitmen
    Skripal Novichok poisoning: Kremlin on hunt for Russian 'traitor... https://www.mirror.co.uk/news/uk-news/skripal-novichok-poiso... ADVERTISEMENT IN ASSOCIATION WITH ANIMAL HERO AWARDS 2018 NEWS Skripal Novichok poisoning: Kremlin on hunt for Russian 'traitor' who helped identify hitmen EXCLUSIVE: Search is on for the source of GRU leak who aided MI5 and they may be among GRU military intelligence officers still serving By Chris Hughes Defence And Security SHARE Editor & Adam Aspinall 22:20, 14 SEP 2018 UPDATED 22:23, 14 SEP 2018 1 of 14 15/09/2018, 17:44 Skripal Novichok poisoning: Kremlin on hunt for Russian 'traitor... https://www.mirror.co.uk/news/uk-news/skripal-novichok-poiso... Russian nationals Ruslan Boshirov and Alexander Petrov on Fisherton Road, Salisbury on the day the Skripals were poisoned (Image: PA) Get Daily News updates directly to your inbox Enter your email Subscribe See our privacy notice More newsletters Kremlin spy chiefs have launched an international manhunt for Putin’s new number one target - the Russian “traitor” who helped ID the Novichok hitmen. Russia intelligence was shocked by MI5’s identifying of Alexander Petrov and Ruslan Boshirov as GRU military intelligence officers as they had assumed they were unknowns. And yesterday British sources told the Daily Mirror there are suspicions the pair are from a ruthless “Spetsnaz” special forces unit, which is part of the GRU and trained in assassinations. The Kremlin is desperate to “lock-down” the leak - thought to be either a GRU man who has already defected to the west or even more devastating an insider, still 2 of 14 15/09/2018, 17:44 Skripal Novichok poisoning: Kremlin on hunt for Russian 'traitor..
    [Show full text]
  • Russian GRU 85Th Gtsss Deploys Previously Undisclosed Drovorub Malware
    National Security Agency Federal Bureau of Investigation Cybersecurity Advisory Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware August 2020 Rev 1.0 U/OO/160679-20 PP-20-0714 Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware Notices and history Disclaimer of Warranties and Endorsement The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government. This guidance shall not be used for advertising or product endorsement purposes. Sources and Methods NSA and FBI use a variety of sources, methods, and partnerships to acquire information about foreign cyber threats. This advisory contains the information NSA and FBI have concluded can be publicly released, consistent with the protection of sources and methods and the public interest. Publication Information Purpose This advisory was developed as a joint effort between NSA and FBI in support of each agency’s respective missions. The release of this advisory furthers NSA’s cybersecurity missions, including its responsibilities to identify and disseminate threats to National Security Systems, Department of Defense information systems, and the Defense Industrial Base, and to develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders. Contact Information Client Requirements / General Cybersecurity Inquiries: Cybersecurity Requirements Center, 410-854-4200, [email protected] Media Inquiries / Press Desk: Media Relations, 443-634-0721, [email protected] Trademark Recognition Linux® is a registered trademark of Linus Torvalds.
    [Show full text]