Category: Spooks

Sergey Kislyak Timeline

Sergey Kislyak

Sergey Kislyak, Russian ambassador to the United States, is emerging as a key point of contact for members for the Trump campaign and Russia, and a reminder of the president’s ties to Vladimir Putin.

CNN reports that Kislyak is known to US intelligence officials as a spy recruiter. And that’s why he’s a touchy subject for Trump’s people.

Here’s a timeline of what we know about contacts between the Trump campaign and Kislyak:


Trump Dossier Timeline

screen-shot-2017-01-11-at-102210For sourcing click following link:

Jun 18, 2013: Donald Trump tweets: “Do you think Putin will be going to The Miss Universe Pageant in November in Moscow – if so, will he become my new best friend?”

Nov 9, 2013 Trump visits Moscow for Miss Universe pageant.

Nov. 9, 2013 Interviewed in Moscow, Trump is asked by MSNBC whether he has a relationship with Vladimir Putin. “I do have a relationship, and I can tell you that he’s very interested in what we’re doing here today.”

Nov. 9, 2013 Trump tells Tass news service that he plans to build a Trump Tower in Moscow and was in negotiations with billionaire Aras Agalarov’s Crocus Group. During his Moscow visit, Trump also meets with Herman Gref, CEO of state-controlled Sberbank PJSC, Russia’s biggest bank, which is under US sanctions. Sberbank and Crocus sponsor the beauty contest.

Nov 12, 2013 Trump tells Real Estate Weekly that the pageant was a good networking opportunity. “The Russian market is attracted to me. I have a great relationship with many Russians, and almost all of the oligarchs were in the room.”

May 27, 2014 At National Press Club lunch, Trump says, “I was in Moscow recently and I spoke, indirectly and directly, with President Putin, who could not have been nicer.”

June 2016: Fusion GPS, a Washington research firm run by former journalists, hires Christopher Steele, a respected former MI6 officer who once served in Moscow, to gather opposition material on Donald Trump’s ties to Russia. Steele reportedly paid 200,000 pounds for his work.

June 20, 2016: Steele reports that Russian intelligence has videotapes of “perverted conduct” of Trump and prostitutes recorded in a Moscow hotel suite in 2013 during Miss Universe pageant. Trump’s behavior in Russia has “compromised him sufficiently to blackmail him.” Steele reports that Russian authorities have been “cultivating, supporting and assisting” Trump for years and he has accepted a regular flow of intelligence on his Democratic rivals.

Early July 2016: Steele, the former MI6 officer, acting on his own initiative, sends material he has gathered on Trump to the FBI.

July 7, 2016: Trump campaign adviser Carter Page travels to Moscow to give speech critical of U.S. policy. According to Reuters, Page declines to say whether he was planning to meet anyone from the Kremlin, the Russian government or Foreign Ministry during his visit.

July 19, 2016: Steele reports that Carter Page had held a secret meeting with Igor Sechin, head of the Rosneft state-owned oil company who is considered Vladimir Putin’s “defacto deputy.” Sechin and Page discuss lifting US sanctions against Russia. Sechin offered Page the “brokerage” on a 19 percent stake in Rosneft if sanctions lifted. According to Steele, Page also met Igor Divyekin, an internal affairs official with a background in intelligence, who warns Page that Moscow had kompromat on Trump

August, 2016: FBI asks Christopher Steele, the former MI6 officer, for all information in his possession and asked him to explain how the material had been gathered and to identify his sources.

August, 2016: A retired spy tells the BBC’s Paul Wood that he had been informed of videotapes of compromising material on Trump by the head of an East European intelligence agency.

Aug. 5, 2016: Steele’s memo identifies Dmitry Peskov, Kremlin spokesman, as the “chief protagonist” in Russia’s campaign to aid Trump and harm Clinton. Chief of staff Sergei Ivanov, longtime friend and top Putin lieutenant, said to be angry that Peskov’s team had gone too far.

Sept. 25, 2016: Carter Page sends letter to FBI Director James Comey saying that he is subject of a “witch hunt” and has not met with any “sanctioned official” in Russia in the past year.

Oct. 30, 2016 Sen. Harry Reid reveals in public letter that FBI Director James Comey possesses “explosive information of close ties and coordination between Donald Trump, his top advisors and the Russian government” and urges him to share it with the American people.

Oct. 31, 2016: Mother Jones interviews Christopher Steele, and publishes article, without naming him, that reveals existence of Steele’s memos, reporting in vague terms that Russian intelligence had “compromised” Trump during his visits to Moscow and could “blackmail him.”

Nov. 4, 2016: Newsweek reports that the Kremlin has both video and audio recordings of Trump in a kompromat file.

Nov. 8, 2016: Donald Trump elected president

Nov. 18, 2016: Sir Andrew Wood, a British ambassador to Russia, speaks with Sen. John McCain at a conference in Halifax, Canada. Wood tells McCain “how Mr Trump may find himself in a position where there could be an attempt to blackmail him with Kompromat and claims that there were audio and video tapes in existence.”

Dec. 7, 2016: Rosneft sells 19.5 percent ($11B) stake to Glencore Plc and Singapore’s sovereign wealth fund

Dec. 8, 2016: Carter Page revisits Moscow

Dec. 9, 2016: Sen. John McCain, who had also acquired Steele’s memos, turns them over to FBI Director James Comey.

Dec. 26, 2016: Oleg Erovinkin, a former general in the KGB and its successor the FSB, described as a key aide to Igor Sechin, found dead in the back of his car in Moscow.

Jan. 6, 2017: Heads of US intelligence agencies brief PEOTUS and POTUS and leaders of House and Senate intelligence committees on Steele’s kompromat material on Trump. Kompromat material not included in public portion of report.

Jan. 10, 2017: CNN reveals that PEOTUS and POTUS were briefed on kompromat material and were given a two-page summary of allegations.

Jan. 10, 2017: publishes 35 pages of Steele’s dossier. Included are allegations that Trump had a golden shower party with prostitutes in the Ritz Carlton hotel in 2013. Steele’s sources also say that Russia has an alliance with Trump that goes back several years.

Jan. 10, 2017: Donald Trump derides kompromat dossier as “FAKE NEWS!”

Jan. 11, 2017: DNI James Clapper says the U.S. Intelligence Community “has not made any judgement that the information in the document is reliable, and we did not rely on it in any way for our conclusions. However, part of our obligation is to ensure that policymakers are provided with the fullest possible picture of any matters that might affect national security.”

Jan. 11, 2017: Trump tweets, “Intelligence agencies should never have allowed this fake news to ‘leak’ into the public. One last shot at me. Are we living in Nazi Germany?”

Jan. 11, 2017: Former MI6 agent Christopher Steele, author of the Trump kompromat memos, goes into hiding.

Jan. 12, 2017: Yedioth Ahranoth reports that at post-election meeting US intelligence officials warned Israeli counterparts that Russia had “levers of pressure” on Donald Trump and that information passed to the White House could be relayed to Russia and Iran.

Jan. 15, 2017: The Guardian reports that UK intelligence officials have sought assurances from the CIA that the identity of British agents in Russia will be protected because of the Trump team’s closeness to Russia.

Jan. 17, 2017: At news conference, Vladimir Putin says kompromat file was a fake used to smear Trump. “Why would he run to a hotel to meet up with our girls of limited social responsibility? Although they are, of course, the best in the world. But I doubt that Trump fell for it.”

Jan. 20, 2017: Trump inaugurated as 45th US president

Jan. 23, 2017: Steve Hall, retired CIA chief of Russia operations, tells NPR that there is a “live question” now at the CIA about what to do if President Trump asks for the source of information on something that puts Vladimir Putin in a bad light.

Jan. 24, 2017: The Wall Street Journal identifies Sergei Millian, a Trump associate and supporter, as an indirect source for Christopher Steele’s dossier, including existence of compromising videotapes

Feb. 10, 2017: CNN reports that, for the first time, US investigators say they have corroborated some of the communications detailed in Steele’s kompromat dossier. Confirmations were made with SIGINT (foreign intercepts) and relate to conversations with foreign nationals, not the the salacious “golden showers” allegations in the dossier. Confirmations give intelligence officials “greater confidence” in Steele dossier.

Report: FSB Helped CIA Pinpoint Election Hacks

Two Russian FSB officers recently arrested on treason charges helped US intelligence agents pinpoint Russian hacking during the presidential election and spied for the CIA for seven years, according to a story on the Russian Rosbalt news agency.

Sergei Mikhailov, deputy director FSB’s Centre for Information Security (see my previous post), and Dmitri Dokuchayev, said to be an ex-hacker named “Forb” who joined the FSB under threat of prosecution, were paid to pass secret data, Rosbalt reported.

Ruslan Stoyanov (via

Ruslan Stoyanov (via

The FSB officers relayed their secrets to Ruslan Stoyanov, a manager from the cybersecurity and anti-virus company Kaspersky Lab and an unnamed representative of another cybersecurity company. The information was then transferred to “acquaintances abroad who worked closely with foreign special service.”

“This is not a one-off story, this activity was carried out for a minimum of seven years and caused substantial harm to the interests of the Russian Federation,” the source told Rosbalt.

Rosbalt reportedly has good connections to Russian intelligence. Its editor in chief,  Natalia Cherkesova, is the wife of Viktor Cherkesov, a former KGB operative who served under Vladimir Putin in the FSB. Sunday’s report in Rosbalt was picked up today by the reputable Times of London.

Stoyanov, Mikhailov, and Dokuchayev all face 20 year prison terms for treason.

The question of how this allegedly long-running spy operation was exposed remains unclear, and the timing of the arrests raises troubling questions given the Trump administration’s ties to Russia.

As noted in an earlier post, the U.S. Director of National Intelligence reported Jan. 6 that “further information has come to light since Election Day” that helped increase the U.S. intelligence community’s assessments of Russia’s motivations and goals in the election hacking.

One month later, Mikhailov was led out of an FSB with a bag over his head.  Again we ask: Is there a mole in the White House?

Rosbalt also reported that in an unrelated case, Mikhailov also gave a representative of the foreign intelligence services “counterintelligence materials.”


What Is Russia’s Centre for Information Security?

The New York Times reports on a series of arrests involving Russia’s FSB, the successor agency to the KGB that may be connected to the hacking of the 2016 U.S. Election.

According to the Times, one of those arrested, Sergei Mikhailov, was serving as deputy director FSB’s Centre for Information Security. He was arrested on a charge of treason. Earlier in the month, the head of the Centre, Andrei Gerasimov, was dismissed.

What is the FSB’s Centre for Information Security?

Some answers come from Jeffrey Carr, a security consultant out of Seattle who runs the consulting firm TAIA Global and published Inside Cyber Warfare. Carr describes the FSB’s Centre for Information Security (also known as Military Unit 64829) as the organization in charge of protecting Russia’s Internet.

“In sum, any Internet operation originating in Russia are almost certainly monitored and probably overseen by the FSB ISC,” Carr wrote in this analysis. “Current Russian press covers Russian intentions to implement further restrictions on RuNet to counter foreign attempts to wage “information warfare” against Russian and ideologically subvert the Russian population. Whatever final form the new restrictions take, the FSB ISC will be heavily involved.”

In his book, Inside Cyber War, Carr goes a bit further.  The Centre not only defends the Russian Internet (RuNet) it can also attack.
Also arrested was Dmitry Dokuchayev, a former hacker going by the pseudonym Forb who agreed to work for the FSB in exchange for dropping charges of credit card fraud. In an interview with a Russian newspaper, (or here in the original Russian) Dokuchayev/Forb said he had carried out a successful cyberattack on the US government.

I would be wary of any reports that claim the Centre hacked the U.S. election. Cyberwarfare like conventional warfare is a confusing picture, with many different groups carrying out different but overlapping missions.

Different FSB components are responsible for attacks outside Russia. One is the FSB’s 16th Center, also known by the Orwellian name of the FSB Center for Electronic Surveillance of Communications, according to TAIA Global Another is the FSB’s 18th Center. Another is the FSB’s Fifth Directorate. All three were blamed for cyberattacks and propaganda during the Russian invasion of the Crimean Peninsula.

And President Obama’s executive order imposing sanctions in response to the hacking of the 2016 U.S. Election names both the FSB and the GRU, the main intelligence directorate. It’s believed that the GRU hacks were passed along to Wikileaks and other media outlets during the election.

There’s no evidence yet that the Centre for Information Security had a hand in the 2016 U.S. election hacking, but with their complete command of the Russian Internet they almost certainly would have known about it.



San Diego’s Spook Shop

Along Interstate 5 in San Diego just south of the airport, lies a hulking building with blacked out windows and a roof that looks like a long silver saw blade. The site of a former B-24 factory during World War II, this giant piece of corrugated metal is the home of the Space and Naval Warfare Systems Command or SPAWAR.

I’ve long been interested in SPAWAR (pronounced spā-wôr) mostly because exactly what it does is a bit of a mystery. Its mission is “enabling information warfare superiority” for our Naval and military forces. Operating with a $2.5 billion budget, SPAWAR employs more than 2,000 scientists, specializing in areas such as cyberwarfare, information warfare and space systems. SPAWAR’s chief technology officer holds over 100 patents. I have no idea what that all means, but it sounds like they do some very interesting stuff.

About three years ago, in the midst of Edward Snowden’s revelations about the National Security Agency, I learned that the Defense Department’s Inspector General had conducted a Top Secret investigation into allegations involving SPAWAR’s “access to U.S. persons data.”

That phrase “U.S. persons data” caught my eye. Under federal law, our intelligence agencies cannot spy on U.S. persons, i.e. American citizens. The misuse of “U.S. persons data” is intelspeak for spying on Americans so I filed a request under the Freedom of Information Act for the report.

The 37-page heavily redacted report I received began as a whistleblower complaint filed in December 2006 by an unnamed government employee. This employee claimed he was mistreated and ultimately reassigned after reporting that SPAWAR had misused classified information involving U.S. persons, which is forbidden under U.S. law.

Of the two main allegations cited in the report, one remains classified under a FOIA b(1) exemption, which involves matters of national security. The whistleblower’s second allegation was that SPAWAR personnel had been in the words of the report “photographing U.S. persons.”

There are several allegations involving misuse of imagery at SPAWAR in the report, most of which are completely or partially redacted.

The only one that is readable is a charge that SPAWAR had been collecting data without notice, warrant or authority “on U.S. persons in federal parks located at Point Loma,” a hilly peninsula in San Diego.

This allegation involved a camera is mounted on a tower at SPAWAR’s command HQ, located on the southern tip of Point Loma, adjacent to Cabrillo National Monument, which is operated by the National Parks Service. The camera, which can be rotated 360 degrees, is used for calibration purposes by pointing it at different government radars, the IG’s investigation found. The video feed from the camera goes to a laboratory and is not stored.

The IG also looked for inappropriate images on another imagery system, details of which remain classified on national security grounds. The system was tested at a site on Point Loma overlooking San Diego Harbor on the USS Dolphin, a research submarine, after it had been repaired for fire damage.

Other allegations involving satellite imagery or other technologies are heavily redacted.

The investigation by the DoD’s Inspector General did not substantiate the whistleblower’s complaints that SPAWAR was mishandling intelligence and possibly compromising U.S. persons information. The Inspector General did, however, partially substantiate the allegation that SPAWAR had failed to move quickly to correct deficiencies in its handling of intelligence information. The whistleblower had not been subject to reprisals, the IG’s investigation found.

What the report makes clear is that SPAWAR is a spook shop. It does R&D work for various components of the U.S. intelligence community. Some of the imagery allegations involved an R&D project for the Office of Naval Intelligence. Officials with the National Geospatial-Intelligence Agency (NGA), the National Reconnaissance Agency (NRO), which runs spy satellites, and one agency whose name was blacked out were interview for the IG’s report.