US president Donald Trump is facing legal challenges to his “extreme vetting” order, which freezes immigration from seven Muslim-majority countries and temporarily bans refugees. Elsewhere, a lesser publicised but highly significant drama is taking place. And it could undermine the legitimacy of Trump’s presidency.
In December, the Russian security service arrested four senior cybersecurity experts as a result of an investigation into the hacking of US Democratic Party emails. The arrests could see further evidence revealed that explains how that hacking helped Trump to win the presidency. It could also provide Russian President Vladimir Putin with another ‘blackmail’ lever to use against Trump.
Meanwhile, a former KGB chief has been found dead under mysterious circumstances.
The four men arrested are no lightweights. They include [Russian] Sergei Mikhailov, the most senior cybersecurity officer in Russia’s Federal Security Bureau (FSB, formerly KGB). Mikhailov is accused of treason – specifically, of taking bribes from an unspecified foreign organisation, so as to share data on Russian hacking.
Others arrested include Dmitry Dokuchaev (also of the FSB) and Ruslan Stoyanov [LinkedIn], the lead cybercrime investigator at Kaspersky Labs. Kaspersky is one of the largest cybersecurity firms in Europe. An unidentified man has also been arrested.
According to The Moscow Times, a report in Novaya Gazeta claims Mikhailov implicated Vladimir Fomenko and his server rental company King Servers. In September 2016, ThreatConnect (a US cyber investigations agency) accused King Servers of involvement in the hacking of the Arizona and Illinois voting systems. And according to The New York Times, Fomenko claims he was unaware that this had happened until ThreatConnect released its findings.
Stoyanov was in charge of investigating the alleged hacking for Kaspersky Labs. He has been charged with treason. There is speculation that he passed on details of the hacking to US intelligence agents investigating alleged Russian interference in the US elections. But according to Forbes, Stoyanov’s arrest is in connection with the bribery allegations levelled against Mikhailov.
Teddy bears picnicking or hacking?
Then there are the teddy bear hackers.
ThreatConnect has accused the FSB of being the base for hacking group ‘Cozy Bear’. The GRU (Russia’s equivalent of the America’s National Security Agency (NSA)) is accused of being the base for hackers at ‘Fancy Bear‘ (aka APT 28, Strontium, and the Sofacy Group). German intelligence has agreed [German pdf] with ThreatConnect’s assessments.
On 16 January, The Canary published an article about the so-called dossier on Trump, authored by former MI6 agent Christopher Steele. After summarising the history of that dossier, I concluded:
If Steele’s allegations are genuine, he should come in from the cold, face off his critics, and provide back-up evidence. If only 10% of his claims are shown to be true, there would be grounds for Trump’s impeachment.
To date, that has not happened.
The arrests of cybersecurity specialists in Russia could be interpreted as an attempt by the Kremlin to prevent further information about the alleged hacking being released. Information that could damage Putin’s relationship with Trump. And possibly damage even further the legitimacy of the US elections – and Trump’s victory.
Meanwhile, linked to the Steele dossier case is the unexplained death [Russian] of a former KGB chief. Oleg Erovinkin was found dead in his Lexus on Boxing Day 2016. That was only days before the Steele dossier was made public.
According to one Kremlin watcher, after leaving the FSB, Erovinkin was appointed deputy to Igor Sechin of state-owned oil giant Rosneft. In his dossier, Christopher Steele referred to Sechin and an alleged meeting with Trump’s foreign affairs adviser, Carter Page.
Steele also added:
“A source close to Rosneft President, Putin close associate and US-sanctioned Igor Sechin, confided details of a recent secret meeting between him and visiting Foreign Affairs Adviser to Donald TRUMP, Carter Page.”
This story is still evolving and may well take centre stage again. We will be following the situation closely as it develops.