Tuesday, June 29, 2010

Large SVR Spy Ring Arrested in the U.S.

On June 27, 2010, ten individuals were arrested in a ten-year joint operation between the FBI and the counterespionage Section and the Office of Intelligence within the Justice Department’s National Security Division. The FBI used a wide range of counterintelligence and investigation techniques to observe the Illegals and collect evidence. The arrest were announced at the U.S. Department of Justice Briefing Room.

All ten individuals allegedly carried out long-term deep-cover operations on US soil on behalf of the Russian foreign intelligence agency SVR (Sluzhba Vneshney Razvedki). Goal was to recruit sources in policy-making circles and collect Intel to send back to Russia. The court documents (see below) read as a real Cold War thriller. The perfect stuff for books and movies! Another example of how the Cold War still lives on as a Cold Peace.

FBI Mugshots of the arrested illegals (names with & are real couples)
Donald Heatfield & Tracey Ann Foley, Juan Lazaro & Vicky Peláez, Anna Chapman,
Michael Zottoli & Patricia Mills, Richard & Cynthia Murphy, Mikhail Semenko.
Their real names:
Andrey Bezrukov & Elena Vavilova, Mikhail Vasenkov & Vicky Peláez, Anya Kushchenko
Mikhail Kutsik & Nataliya Pereverzeva, Vladimir & Lidiya Guryev, Mikhail Semenko.

The court complaint documents reveal numerous details on the espionage activities and a range of true spy craft methods to communicate. Moscow Center (SVR Headquarters) used non-commercial steganographic software to insert text messages in images, located on publicly available websites. During surreptitious searches, the FBI discovered and copied sets of computer disks containing steganographic software and found a hidden paper with a 27 characters key. Website links, retrieved from their hard-drives, directed to website images that contained well over 100 hidden messages, communications between the Illegals and Moscow. These so-called Internet Messages contained all kinds of operational instructions.

The Illegals also received encrypted radio messages by burst transmission (sending data on high speed). During another surreptitious search, the FBI also found a short-wave radio and photographed notebooks with columns of seemingly random numbers . These are typically used to receive encrypted numbers messages. During audio surveillance (bugging) of the suspects house, the FBI heard the sounds of receiving a burst transmission. Surveillance of conversations in their house also revealed the use of invisible ink to convey messages to Russian government officials.

To enable clandestine payments from the SVR to the Illegals, they travelled to South American countries to receive money and returned to the U.S. with the money hidden in the luggage. Back in the US, they exchanged bags with money in various city parks. Several of these exchanges were recorded during FBI video surveillance.

The FBI searched bank safe deposit boxes containing documents, photos and U.S. and Canadian birth certificates, to create the false identities of the Illegals. The Illegals also received false British and Irish passports to travel via Europe to Russia. The required false passports were provided by brush-passes in Europe. On one occasion, an Illegal was ordered to buy a laptop in the U.S. and bring it along to Moscow. When he returned to the U.S. with the - probably SVR customized - laptop, he received instruction on how to use it for communications with Moscow.

Christopher Metsos, a secret SVR agent, assisted the spy network but was based outside the Unites States. He was arrested on 29 June in Cyprus. He had several meetings with the network members. These meetings were recorded on video by the FBI. Metsos also received money from a Russian diplomat. One part of the money was given to other Illegals and another part was buried in New York. Two years later, another conspirator dug it up. Several other money exchanges were done by a so-called brush-pass, where they swapped bags when passing each other on the train station stairs. Several other brush-passes between Russian government officials and the Illegals to exchange cash and a memory stick were observed by the FBI.

Anna Kushchenko
a.k.a. Anya Chapman
Private wireless networks to connect Laptops by LAN (Local Area Network) within a limited distance. were another method of covert communications. Russian citizen Anna Chapman, née Anya Kushchenko, the red haired spy vamp and one of the illegal SVR agents, was observed ten Wednesdays in the vicinity of a Russian government official.

In one occasion, she used her laptop in a coffee shop while a black minivan stopped along the coffee shop. FBI registered a network connection between their two PC MAC addresses. Other LAN connections were established between the Chapman in a book story and the Russian official across the street and between Illegal agent Mikhail Semenko in a restaurant and a car with diplomatic licence plate on the parking.

Last Saturday, after having problems with her wireless network exchanges, Anna Chapman was lures into a sting operation by an FBI undercover agent. Pretending to be a Russian official, he asked her help to deliver a false passport to a supposedly illegal agent. Surveillance right after the meeting showed that Chapman bought a cellphone and pre-payed card under a false name, apparently to contact SVR after she got suspicious. She did not appear on the sting meeting on Sunday.

A similar sting operation ran against Mikhail Semenko on that same Saturday. An FBI undercover agent met with Semenko and discussed with him about his network communications. Semenko was asked to deliver money by dead-drop (a hidden cache) in a park on Sunday. He was observed carrying out the assignment last Sunday, the day that the complete network was arrested.

All alleged spies, or at least illegals having contact with Russian intelligence, are charged with conspiring to act as unregistered foreign agents and eight of them with money laundering. They are currently not charged with espionage and it is unclear if and what information they sent to Russia and whether this information damaged U.S. national interest.

You can find the criminal complaints with the results of the FBI investigation on the U.S. Department of Justice website or you can read or download them direct from the following links: Complaint1 (pdf 1.2 Mb) The United states vs Anna Chapman and Mikhail Semenko and Complaint2 (pdf 2.3 MB) The United states vs Christopher R. Metsos, Richard Murphy, Cynthia Murphy, Donald Howard Heathfield , Tracey Lee Ann Foley, Michael Zottoli, Patricia Mills , Juan Lazaro and Vicky Pelaez. Finally, here are the Deparment of Justice Metsos and Mills, Zottoli and Semenko bail letters.

This case is another example of how difficult these covert communications are in today's digital world, and why it is a very bad idea to combine normal personal computers with cryptography and espionage. Modern covert communications are countered with just as modern surveillance and interception, and old-school espionage communications still depend on human success and failure. The Cold Peace hasn't changed that much since the Cold War. More about FBI successes on catching Cuban spies at my Cuban Agent Communications blog and paper.

Update July 3, 2010: until now, three suspects have admitted the use of a false identity. Michael Zottoli told investigators he is a Russian citizen and that his real name is Mikhail Kutzik. Patricia Mills confessed that her name is Natalia Pereverzeva and all her family and relatives live in Russia (see Detention Letter). Juan Lazaro admitted working for the SVR under a false name but refuses to give his true identity. Anna Chapman, nee Anya Kushchenko, is identified as the daughter of Vasily Kushchenko, a high-ranked MID (Ministry of Foreign Affairs) official and, according to her ex-husband, a former senior KGB officer (see Telegraph UK). Christopher Metsos, who was arrested in Cyprus, disappeared withing 24 hour of being bailed. Therefore, the Department Of Justice requested the Judge to refuse any bail for the other suspects.

Update July 9, 2010: the 10 suspects are exchanged with 4 Russian individuals that served sentences in Russia for alleged cooperation with Western intelligence services. More at US - Russian Spy Exchange blog post.

Update November 12, 2010: Four months after uncovering this spy ring, the true reason of its failiure surfaces: the 10 agents were betrayed from the inside. More to read in U.S. Spy Ring betrayed by Defecting SVR Colonel.

Update November 3, 2011: The FBI release a large number of documents, photos and videos from operation Ghost stories, the investigation and arrests of the ten illegal SVR agents. All information is released through the FBI records webpage The Vault.

A follow up with numerous articles is published on the CI Centre news and more will follow. Some media on this case: Spies in the suburbs on BBC News. Anna Chapman on Mail Online and on ABC News. Background info on Richard and Cynthia Murphy on CI Centre and the New Jersey Star. Spy ring financial intel on CNN Fortune. Donald Heatfield on the New York Times. Michael Zottoli and Patricia Mills on The Seattle Times. Vicky Pelaez on NY Daily News. Juan Lazaro on CBS News. Why Russia and the US still Spy by Peter Earnest. Dismanteling Russian operation at STRATFOR. Richard and Cynthia Murphy on Telegraph UK. The Illegals Program on Wikipedia.

2 comments:

Gabriel said...

I was wondering how long it would be before you did a post on this :)

Dirk Rijmenants said...

Hi Gabriel. Better to wait a few days and post the details instead of picking up the headlines only, although I'm sure that more interesting stuff will keep on surfacing.