Ignatius: Western spy agencies strike back

Ignatius: Western spy agencies strike back

October 14th, 2018 by David Ignatius/Washington Post Writers Group in Opinion Times Commentary

This file combination photo made available by the Metropolitan Police on Sept. 5 shows men identified as Alexander Petrov, left, and Ruslan Boshirov. Investigative group Bellingcat reported on Oct. 8 on its website that the man British authorities identified as Alexander Petrov is actually Alexander Mishkin, a doctor working for the Russian military intelligence unit known as GRU. (Metropolitan Police via AP)

Photo by Contributed Photo /Times Free Press.

WASHINGTON — One of the most satisfying moments in any spy thriller is when the bad guy — the black-hat operative who has been killing and tormenting his adversaries — does something dumb and gets caught. That's essentially what's been happening recently with Russian President Vladimir Putin's pet spy agency, the GRU.

What's fascinating about the GRU revelations is that they seem to reflect an aggressive pushback after several years in which Putin (chiefly through the GRU) launched recklessly aggressive covert actions against the West. The West is retaliating (at least in part) with public information that blows GRU covers and operating methods and, frankly, makes them look clumsy and incompetent.

Those disclosures are the latest in a string of disasters for the GRU, a military spy service known for its panache and daring. Now, we should add sloppiness to that list of operational trademarks. The GRU's spycraft occasionally looks closer to TV's Maxwell Smart than John le Carre's vaunted fictional spymaster, Karla.

David Ignatius

David Ignatius

Photo by Contributed Photo /Times Free Press.

The latest expose of the GRU's not-so-secret tradecraft came last Tuesday, when a British investigative group shredded a layer of the lies surrounding Russia's attempt to poison former agent Sergei Skripal in March. It was the equivalent of the tough guy in the trench coat getting caught with his undershorts around his ankles.

Bellingcat, as the group calls itself, presented photographic evidence showing that a suspect in the Skripal attack, who the Russians had claimed was a tourist named Petrov who worked in the sports nutrition business, is really a GRU doctor named Alexander Mishkin. Last month, Bellingcat had exposed another suspect, whose cover identity was "Ruslan Boshirov," as GRU Col. Anatoliy Chepiga.

The most detailed exposures of GRU tradecraft came in a Justice Department indictment that was unsealed Oct. 4, in tandem with supporting statements from Britain and the Netherlands. The indictment, which named seven GRU officers, included details about Russian spy operations that could only have been collected by the CIA and National Security Agency and its foreign partners.

The dry pages of the indictment reveal tradecraft secrets that could animate a half-dozen spy novels. The GRU operatives used spoof websites to "spearphish" victims into revealing login information (creating a "westinqhousenuclear.com" site, with the misspelled "q," for example). They made payments in Bitcoin and other cryptocurrencies. (Weren't those supposed to be untraceable?) They used malware tools with names like "Gamefish," "Chopstick" and "X-tunnel." They dumped their hacked information by sending direct messages on Twitter to 116 reporters and exchanging emails with 70 journalists.

For the last few years, the CIA, NSA and FBI have watched as hackers and whistleblowers (perhaps with a helping hand from Moscow) revealed the agencies' hacking techniques. For U.S. intelligence officials, revenge is a dish best eaten cold.

The implicit message in all of this: If you hit us, one of the ways we will retaliate is by exposing your operatives, sources and methods. There are other reprisals underway, but these public disclosures undermine the GRU's operational capabilities. And they must make the Russian spy service wonder: What else do the Americans and their allies know? If agent A is blown, then what about his colleagues B, C, and D.

The CIA and its foreign allies don't normally like to reveal secrets like these, because they reveal how much they know about their adversary. The revelations are a public warning to Putin: Knock it off, you're more vulnerable than you think.

Washington Post Writers Group

Getting Started/Comments Policy

Getting started

  1. 1. If you frequently comment on news websites then you may already have a Disqus account. If so, click the "Login" button at the top right of the comment widget and choose whether you'd rather log in with Facebook, Twitter, Google, or a Disqus account.
  2. 2. If you've forgotten your password, Disqus will email you a link that will allow you to create a new one. Easy!
  3. 3. If you're not a member yet, Disqus will go ahead and register you. It's seamless and takes about 10 seconds.
  4. 4. To register, either go through the login process or just click in the box that says "join the discussion," type your comment, and either choose a social media platform to log you in or create a Disqus account with your email address.
  5. 5. If you use Twitter, Facebook or Google to log in, you will need to stay logged into that platform in order to comment. If you create a Disqus account instead, you'll need to remember your Disqus password. Either way, you can change your display name if you'd rather not show off your real name.
  6. 6. Don't be a huge jerk or do anything illegal, and you'll be fine.

Chattanooga Times Free Press Comments Policy

The Chattanooga Times Free Press web sites include interactive areas in which users can express opinions and share ideas and information. We cannot and do not monitor all of the material submitted to the website. Additionally, we do not control, and are not responsible for, content submitted by users. By using the web sites, you may be exposed to content that you may find offensive, indecent, inaccurate, misleading, or otherwise objectionable. You agree that you must evaluate, and bear all risks associated with, the use of the Times Free Press web sites and any content on the Times Free Press web sites, including, but not limited to, whether you should rely on such content. Notwithstanding the foregoing, you acknowledge that we shall have the right (but not the obligation) to review any content that you have submitted to the Times Free Press, and to reject, delete, disable, or remove any content that we determine, in our sole discretion, (a) does not comply with the terms and conditions of this agreement; (b) might violate any law, infringe upon the rights of third parties, or subject us to liability for any reason; or (c) might adversely affect our public image, reputation or goodwill. Moreover, we reserve the right to reject, delete, disable, or remove any content at any time, for the reasons set forth above, for any other reason, or for no reason. If you believe that any content on any of the Times Free Press websites infringes upon any copyrights that you own, please contact us pursuant to the procedures outlined in the Digital Millennium Copyright Act (Title 17 U.S.C. § 512) at the following address:

Copyright Agent
The Chattanooga Times Free Press
400 East 11th Street
Chattanooga, TN 37403
Phone: 423-757-6315
Email: webeditor@timesfreepress.com