Tinker Tailor Hacker Spook

Tinker Tailor Hacker Spook


Brian Whitmore

  When the hackers met the spooks.

When the hackers met the spooks.


It’s an espionage case. It’s a byzantine struggle among clans inside Moscow’s security services. It’s a window into Russian cyberattacks on the United States. It’s a glimpse at how officials monetize their positions and run protection rackets.

It’s all of the above. It’s some of the above. Or it’s none of the above.

In many ways, reports about the arrest of two FSB officers, a cybersecurity expert, and the founder of a notorious hacking group offer up a classic Russian tale replete with multiple layers of subterfuge, deception, diversion, and embedded meaning.

It’s a tale told through leaks, rumors, innuendo, and speculation — albeit without the benefit of many officially verified facts.

At the simplest level, two FSB officers working in cyberdefense, Sergei Mikhailov and Dmitry Dokuchaev, as well as Ruslan Stoyanov, a former Interior Ministry official who works for the cyber security company Kaspersky Lab, are reportedly being charged with espionage.

According to Russian media reports, Mikhailov is suspected of alerting U.S. intelligence to the FSB’s connection to a Russian server-rental company called King Servers.

Last year, the U.S.-based cybersecurity firm ThreatConnect had identified King Servers as the nexus for hacking attacks against the United States.

If U.S. intelligence did indeed have a highly placed source like Mikhailov, it would explain why it was able to conclude with such a high degree of confidence that Russia was behind the cyberattacks during the election campaign.

The timing of the arrests and the timing of the decision by former U.S. president Barack Obama to declassify and make public parts of the U.S. intelligence report on the alleged Russian hacking also makes sense.

Mikhailov was arrested in December. And the U.S. released the intelligence report a month later, in January.

If Mikhailov was indeed a source, then Washington would have been reluctant to declassify its intelligence for fear of compromising him.

After he was arrested, this, of course, would no longer be an issue.

So far, so straightforward. Until it isn’t.

Leaks to the Russian media have also connected Mikhailov and his subordinate Dokuchaev to a hacker group known as Shaltai Boltai, or Humpty Dumpty, which in the past has released embarrassing material about top Russian officials.

Vladimir Anikeev, the founder of Shaltai Boltai, has also been arrested, but is not being charged with espionage.

Moreover, Russian media reports claim that Dokuchaev is actually a former hacker known as Forb, who was serving a prison sentence for credit card theft when he was recruited by the FSB where he held the rank of major.

As Leonid Bershidsky notes in his column for Bloomberg, “parallel to their official duties, officers often run private security operations involving blackmail and protection. If Mikhailov ran such a business out of the FSB’s Information Security Center, he wouldn’t stand out among his colleagues.”

And it’s also not unusual for the FSB to recruit former hackers. In fact, it’s pretty much standard practice.

This is where the story diverts into the murky world of FSB officers and their civilian collaborators monetizing their positions and forming protection rackets.

“An FSB officer, recruited from the hacking community, can use his rank and position to obtain compromising material and sell it to wealthy clients. A team profiting from these opportunities can include both officers and civilians,” Bershidsky writes.

“The Russian government can hire such a team through intermediaries if it needs something sensitive done — but so can foreign intelligence services. It’s a murky world in which actors are both predator and prey. The Kremlin enjoys access to brilliant and unscrupulous people; the downside, of course, is that they may be hard to control.”

If you follow this line of logic, then it’s easy to imagine that Mikhailov and Dokuchaev inadvertently or unwittingly sold information exposing King Server’s FSB connections to a front for U.S. intelligence.

But the fact of the matter is we simply don’t know.

And if things aren’t confusing enough yet, there is also the matter of the bitter personal and clan rivalries in the shadow world of the Russian security services.

In a recent post on his blog KrebsOnSecurity, Brian Krebs, author of the book Spam Nation: The Inside Story Of Organized Cybercrime, suggested the whole affair might be traced to a personal rivalry between Mikhailov and Pavel Vrublevsky, an Internet businessman whose partner owns King Servers.

Mark Galeotti, an expert on Russia’s security services and a senior research fellow at the Institute of International Relations in Prague, notes that the FSB’s Information Security Center, which Mikhailov headed and where Dokuchaev was his subordinate, has emerged as “a pivotal agency” and “a source of power.”

And this makes it a prime arena for fierce rivalries and power plays.

“This is probably an intelligence leak that is being cleared up. But the question is: why now? And I wonder if domestic politics explains the leaking of the information now. It could be a rebuke to the FSB for having messed up,” Galeotti said on last week’s Power Vertical Podcast.

The views expressed in this blog post do not necessarily reflect the views of RFE/RL.

Trump Dead Serious About American Jobs…NAFTA May Be Renegotiated

[Trump to Sign Executive Order on Plan to Renegotiate NAFTA With Mexico, Canada]

Trump makes it official: He will renegotiate NAFTA



After signing an order Monday abandoning the proposed Trans-Pacific Partnership, President Trump has set his sights on renegotiation of the North American Free Trade Agreement, a prospect that worries the automotive industry.

Trump laid out his strategy after being sworn in last week. In a post on the White House website, the administration pledges in a statement to negotiate “tough and fair” trade agreements with the goal of creating more U.S. jobs as a top goal.

“This strategy starts by withdrawing from the Trans-Pacific Partnership and making certain that any new trade deals are in the interests of American workers,” the statement says. “President Trump is committed to renegotiating NAFTA. If our partners refuse a renegotiation that gives American workers a fair deal, then the President will give notice of the United States’ intent to withdraw from NAFTA.”

Detroit’s Big 3 automakers — Fiat Chrysler Automobiles, General Motors, and Ford all either declined to comment or did not respond to e-mails seeking comment. The Auto Alliance, a lobbying organization for the industry, also didn’t offer a comment.

Automakers also have been racing in recent weeks to pull any plans they have for U.S. investments and job creation off the shelf and announce them in an effort to blunt criticism from Trump for investing in Mexico.

NAFTA, the free trade agreement between the U.S., Canada and Mexico, has contributed to a decline in U.S. manufacturing jobs, but it has led to massive automotive industry investment in Mexico and the growth of a supplier network there.

Nearly every automaker — both foreign and domestic — has built new plants in Mexico in recent years. Mexico has surpassed Canada in annual vehicle production.

Reversing those investments to build new plants in the U.S. would take years. Meanwhile, a large border tax, such as the 35% tariff that Trump has threatened, would cause the price of many cars and trucks sold in the U.S. to soar. It could lead to a decline in industry sales and lead a steep decline in profits for automakers.

“The new administration is suggesting a reversal in trade policy of a magnitude that hasn’t been seen in decades, possibly since the 1920s,” said Hoyt Bleakley, an associate professor of economics at the University of Michigan. “A sudden increase in trade costs is a recipe for a slowdown, maybe a recession, as the higher costs disrupt the supply chain.”

Last week, the Center for Automotive Research in Ann Arbor issued a study that suggested scuttling NAFTA or imposing a massive border tariff could lead to U.S. job losses and could cause automakers to move to other low-cost countries for vehicle production rather than building new plants in the U.S.

The Ann Arbor-based research organization estimates that a 35% tariff on light vehicles imported from Mexico would quickly lead to a decline of 450,000 cars and trucks in the U.S. because of higher prices, hurting U.S. dealers and automakers.

It also would lead to the loss of at least 31,000 U.S. jobs because of the volume of parts that are made in the U.S. and shipped into Mexico.

“If the U.S. leaves NAFTA, companies in Mexico and Canada may seek alternate, more affordable places to purchase these goods, such as China, India, and other regions with large, international U.S. competitors,” the Center for Automotive Research said.

Fiat Chrysler CEO Sergio Marchionne said last week that a 35% border tariff could force the automaker to stop producing cars in Mexico..

“It’s possible that if economic tariffs are imposed … and are sufficiently large, it will make production of anything in Mexico uneconomical and we would have to withdraw,” Marchionne said. “It’s quite possible.”

Marchionne also added that the automotive industry needs clarity from the Trump administration on what its official trade policy and trade agreements will be.

“I think we will adjust whenever the rules get changed, if they get changed. We have no choice in this. We are not policy setters,” Marchionne said during a news conference at the North American International Auto Show in Detroit. “I am not sure exactly what the rules are. Let’s wait.”

Scott Keogh, president of Audi of America, said last week that a border tariff would not hurt the German automaker as much as some other automakers.

Audi decided five years ago to build a $1.3-billion factory in the south-central Mexico town of San Jose Chiapa to make its Q5 SUV.

“This plant … is a global plant. It makes cars for the entire world,” Keogh said. “So, there is only one place to get a Q5 and that’s (a Q5) made in Mexico. And it goes to Africa, and South America and Europe and all over the world. The car used to be made in Germany, in fact, and now it’s made in Mexico.”

Revealed last week at the Detroit auto show, the new Q5 is scheduled to go on sale in the U.S. by spring.