31 May 2015

Hacked Emails of Russian Official Show Covert Russian Military Acquisition of Sensitive Technology

Sharon Weinberger
May 28, 2015

Hacked Emails Reveal Russian Plans to Obtain Sensitive Western Tech

In April 2014, Viktor Tarasov wrote to the head of Ruselectronics, a Russian state-owned holding company, about a critical shortage of military equipment. The Russian military lacked thermal imaging systems — devices commonly used to detect people and vehicles — and Tarasov believed that technology might be needed soon because of the “increasingly complex situation in the southeast of Ukraine and the possible participation of Russian forces” to stabilize the region.

Tarasov, in charge of Ruselectronics’ optical tech subsidiary, was hoping that the head of Ruselectronics would write to the minister of defense for armaments to advance his company 150 million rubles, then about $4 million, to buy 500 microbolometer arrays, a critical component of thermal imaging devices. The money, Tarasov wrote, would allow the company to buy the equipment under a current contract from a French company without the need for signing a new “end-use certificate,” which requires the buyer to disclose the final recipient.

Time was of the essence, he warned, because the West was preparing another round of sanctions against Russia that would slow the purchases and increase costs. Tarasov also claimed that the United States was already providing similar equipment to Ukrainian forces. (Pentagon spokesperson Eileen Lainez confirmed that the Department of Defense had provided thermal imaging devices and night-vision goggles to Ukraine in 2014, along with a variety of other military equipment).

From the “Business plan for commercialization of infrared photodetectors,” whose goal it is to supply vision systems for “the Ministry of Defense and other security agencies of the Russian Federation.”

The letter is a rare direct acknowledgment of Russia’s military involvement in Ukraine, yet even more uniquely, it’s a window into Russia’s evasion of Western sanctions, at least according to the U.S. cybersecurity firm Taia Global, which acquired a copy of the text. The correspondence is part of a larger cache of more than 9,000 emails obtained from the account of Alexey Beseda, a key figure involved in the plan and the son of a prominent official in the FSB, Russia’s security service and successor to the Soviet-era KGB.

In an email, Beseda insisted that his emails showed no wrongdoing. He declined to comment further on the record.

Russians sympathetic to Ukraine hacked Beseda’s email, according to Jeffrey Carr, the founder and president of Taia Global, a four-year-old consulting firm. Taia has provided advice to multinational corporations and to the U.S. government, which has been critical of Russia’s actions in Ukraine.

Carr, a longtime author and lecturer on cybersecurity and cyberwarfare, said he was given the emails by the hackers.

The emails cover the years 2006 to 2014 and include a number of messages among key Russian business people that detail their plans to obtain the thermal imaging production equipment from foreign sources. Taia’s report based on those emails was provided to The Intercept — along with the emails themselves. The report says the messages show the Russian government is able to obtain “foreign technology critical to Russian defense industries by bypassing foreign sanctions.”

Taia believes that efforts by Tarasov’s optical tech operation, Central Research Institute Cyclone, date back to 2013, when Dmitry Rogozin, deputy prime minister in charge of Russia’s defense industry, warned of a critical lack of thermal imaging devices. “At present, the Russian Army only has a few hundred individual imagers and no sighting systems and machine vision systems with advanced performance,” Rogozin wrote to the chairman of the Russian Bank for Development and Foreign Affairs in a communication obtained through Beseda’s email account. “On the other hand, our potential enemy troops — NATO, are equipped with hundreds of thousands of thermal imaging sights, sighting and vision systems.”

The reason for the shortfall was Russia’s inability to produce a critical component — microbolometer arrays — which can capture images without requiring cooling, reducing the size and complexity of thermal imaging systems.

Shortly after Rogozin’s letter, the email correspondence shows that Cyclone established a new company, called Cyclone-IR, whose job was to acquire the technology needed for domestic production of thermal imaging systems. The company was set up as a joint venture of Cyclone and a new company called Rayfast, which was registered in Cyprus. Rayfast, in turn, was owned by three other companies.

Taia alleges that Cyclone-IR then tried to hide its military links — since Cyclone is known as a military supplier — by changing its name to Photoelectric Devices LLC, whose website prominently features civilian applications for thermal sights, like firefighting.

Several Western companies listed in the email cache as potential suppliers of sensitive technology to Russia denied doing any business with Cyclone or the companies believed to be associated with it. Ulis, the French maker of microbolometer arrays mentioned in Tarasov’s 2014 letter, said that it had not made any sales to Cyclone or associated companies. A spokesperson for Ulis said that Cyclone “is not a customer. On top of that, it’s not the type of company they wish to be associated with either.”

Oxford Instruments, another company mentioned in the documents and correspondence as a potential supplier of photodetector equipment also denied doing business with Cyclone. “Oxford Instruments’ Plasma Technology business is aware of Cyclone and to the best of its knowledge, it has not sold any products or services to Cyclone or any of the subsidiaries you mention, and definitely not since the imposition of sanctions,” Rachel Hirst, the company’s managing director, wrote in an email. (One email to Tarasov from a Russian supplier refers to ways to deal with customs descriptions for Oxford Instruments’ equipment that is “for Cyclone.” The email is from 2013, prior to the imposition of sanctions.)

Santa Barbara Infrared, an American company listed in the documents as a potential supplier, did not return email or phone messages.

If Taia’s claims are accurate, it wouldn’t be the first time that Russia has been implicated in efforts to obtain sensitive imaging equipment from Western suppliers. Last year, Russian national Dmitry Ustinov was charged by the U.S. Department of Justice with using a front company, also based in Cyprus, to buy a variety of night-vision scopes and related equipment from the United States. (In one email with the subject line “related,” Tarasov sent Beseda a link to the article about Ustinov’s indictment.)

Ustinov, a Russian national, was arrested in Lithuania and then extradited to the United States to face charges of violating U.S. arms-export laws. According to the indictment, Ustinov arranged to purchase night-vision equipment using the e-commerce hub eBay. Although it is not necessarily against the law to buy or sell night-vision equipment on websites like eBay, many of the items are illegal to export without a license. (The U.S. military also has been investigating some of the online sales, as The Intercept has previously reported.)

Ustinov pled guilty, and was immediately deported back to Russia. The Russian government criticized what it called the U.S. government’s “hunt” for Russian citizens abroad.

In the case of Cyclone, Taia’s analysis concludes the company was working with the FSB and that the “Alexey Sergeyvich Beseda is almost certainly an FSB officer.” That charge, Taia’s Carr concedes, is difficult to prove, and there is nothing in the emails that identifies Alexey Beseda as an FSB officer.

Alexey Beseda’s father, Sergey Beseda is an acknowledged senior FSB officer, and has been accused by the current Ukrainian government of being involved in the deadly crackdown during last year’s Euromaidan protests. The elder Beseda is currently on the list of persons sanctioned by the U.S. government.

It was Sergey Beseda’s involvement in Ukraine that motivated the hackers to target his son Alexey Besedov, according to Carr.

Tarasov, the head of Cyclone, did not return an email seeking comment, and a spokesperson for the Russian embassy in Washington, D.C. declined to comment on Taia’s report.

Karen Dawisha, a professor of political science at the University of Miami, said she wasn’t surprised by Taia’s report, or its findings. “We’re talking about shell companies — shells within shells of shells,” she said. “You can’t unravel that ball of yarn, and you can’t figure it out, because it’s all connected.”

The type of front operation that Taia alleges is typical of how the KGB operated in the 1980s, when spies based in East Germany would use shell companies to obtain military technology from the West, says Dawisha, whose recent book, Putin’s Kleptocracy, details the close links between Russian power brokers and private industry.

“It was Germany before, it’s Cyprus now,” she said.

No comments: