Open in app

Sign in

Write

Sign in

The organisational mess of the GRU spy story

Rudolf Van Der Berg
6 min readOct 5, 2018

This is far outside my usual comfort zone. I am not a spy or expert on Russia. That said, the haste those spies had struck me in the presentation of the Dutch military intelligence MIVD on the Russian GRU spies of the Sandworm unit, they encountered hacking into Organisation for the Prohibition of Chemical Weapons. That and the lack of strategic value of some of the targets. It suggests there is something more fundamental wrong in Russia. If Putin’s personal hackers don’t have the time to do things properly, what does that say about the boss?

The Russian spy SEREBRIAKOV apparently flew quite a bit around the world. He was in Brazil, Malaysia and likely some other locations. He is linked to every major political headache Putin has; Skripal, MH17 and doping. At the same time it appears he was often in the dark about where his next assignment was. It was only the night before he landed in the Netherlands that he googled his intended target OPCW. He looked up the hotel next door and Google Maps. This indicates that the planning and surveillance of the OPCW was a rush job. Now he might be a low level operative, who only had to go when his more capable colleagues couldn’t do something remotely. The set up he had surely suggests that someone in Russia dialed in through a VPN with a smartphone. Still a well prepared job, would have seen someone else providing a briefing package instead of the operative googling data himself.

The diplomatic passports and flying in through Amsterdam suggest rush jobs too. Diplomatic passports are suspicious as can be, as are late purchased tickets and coming with four men, with a hotel quite far from the Hague, where the embassy is. Why not fly in through Denmark or Vienna, using a fake identity? According to the USA DOJ they did on other jobs. Well, likely because visa take time and these men didn’t have time. No time to worry about a cover story. Let’s go.

They even had to buy some gear in the Netherlands to make this work. A battery to smoothen out the car battery of their rental is what they needed. A friend suggested that they couldn’t hack from the hotel as the signal of the OPCW doesn’t carry far, the hotel itself is full of signals and the windows might not open far enough and have a sun blocking coating (blocks wifi too!). They chose a bit of an odd vehicle for it. A campervan would’ve been more practical, it would have also provided power. They bought a boat battery to fix the power issue in the vehicle, which is again shows improvisation, not planning.

After the Netherlands the spies had to travel to Switzerland and perform the same trick there on a lab that works for the OPCW. Again this shows they were in a bit of a hurry. Russians on diplomatic passports don’t travel by train from the Netherlands normally. The train is easy and quick and requires minimal registration. They had self-printed out copies of what their embassies and consulates looked like. Again why? Doesn’t Moneypenny help them plan their trips?

A look at this guys other jobs is also revealing. He worked on the Malaysian Airlines MH17 that was shot down by a Russian Buk rocket in the Ukrain, which Russia denies. He worked on the doping case and he works on OPCW (Skripal and Syrian chemical warfare). That is every major political headache the Russians have. Who is this James Bond? But even 007 had more colleagues active in the field. On top, he works for GRU, which is military, not SVR which is the Russian MI6 , aimed at foreign inteligence.

This all reeks of too few men, who sometimes have to do this, but not too often. They are sent everywhere on quite some timestress, with little or no proper planning. This is not a Mossad operation for sure. This and all the tradecraft errors say that the Sandworm unit of the GRU is overworked and understaffed and that haste makes waste.

That haste makes waste also appears to be clear from Russia’s foreign policy objectives. It may sound odd, but hacking the OPCW was strategically completely unimportant to Russia. Yes, the Skripal poisoning and the Chemical Warfare in Syria cases were investigated, but all the fingers had already pointed to Russia. Russia knew it had done both things. All they would figure out is that the OPCW is competent at its job and found traces of Russia’s wrong doing. Of course spies want to know everything, for example the (confidential) sources of data. However why this warranted an attack on such short notice, with such great risk is unclear. When you already know the answer to the question of the researchers and the timing of publication is quite clear, why send four guys with haste and diplomatic passports? It is so undiplomatic. To me it shows the clique around Putin is extremely unsure about themselves and their position. They need to know ahead what the outcome of the OPCW research is, otherwise they fear for their position.

The WADA/IOC hacking shows some spy tradecraft and to some extent it is understable, that Russia wants to know which delegates compromised themselves while online at these events. It may help Russia’s case (and it appears it did, as Russia can play again) However, you also have to wonder why this is a case for high ranking hackers from the most serious Russian intelligence agency. I mean, stealing the plans of a new USA missile seems a far better use of military intelligence. Really this is what you spent your time on? Why? It shows the insecurities of Russian leaders. Instead of sitting it out and bribing some people, they have to use spies to create a situation that could backfire.

MH 17 feels like the only mission that was done, that had some relevance to Russian military intelligence. At least it was about the Russian military. Even there the main goal looks to be strategic for Putin, instead of aimed at hard military intelligence. Again a sign of weakness, when you use a fork to tear a steak apart, it generally means you don’t have a knife.

All three cases show that Russian leaders are not interested in hard military intelligence. Instead they fear their position so much that they use military intelligence to discover the opinions of those that have no real power to hurt them, except in the court of public opinion.

To me it shows the clique around Putin is scared of anything that suggests their position might fail. As a result they use GRU to hunt down and find any snippet of gossip, any official having an affair and just in general any gossip they could use to create a compromise. This is far outside the realm of what GRU is supposed to achieve. The SVR would be a much better match one would expect.

In addition, there is a skeleton crew on this job of providing close and local support to remote hackers. This suggests that a huge organisation has a staffing or organisational structure problem. All in all it suggest the Russian government isn’t really in charge of affairs at home.

The fact that they are sent out without planning or preparation suggest the Russian military intelligence is freaking out over some of the assignments they get and the timeframe they have. That also again points to incompetent leadership at the top.

So what do you think of this brainwave?

(08–10–2018 I changed the title)

Russia
Espionage
Putin
Revolution

--

--

Rudolf Van Der Berg

Written by Rudolf Van Der Berg

92 Followers

Accomplished management consultant with 20 years of experience in Internet, telecom, privacy, online content, standardisation and peripheral topics.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams