This article was first published in August 2016 but remains relevant.
Iran has become the first country to outright ban Pokémon GO outright. Despite restrictions on internet usage in Iran the BBC says, “there have been a number of discussion on social media about the game.”
They then added, “The Iranian High Council of Virtual Spaces, which is the official body overseeing online activity took the decision to ban the game after having tried to see to what extent the game’s creators would co-operate with them.” It is not known what cooperation was requested.
What’s on Dubai says Pokémon GO “is slowly beginning to take over.” However, Pokémon GO from developer Niantic has only been released officially in the US, UK and Australia. For those not in the know, it is a craze to catch virtual monsters in real world settings. As well as safety concerns of people playing it in dangerous areas, there seems to be a very real number of security concerns.
So what are the issues and potential threats associated with this growing craze? Philip Ingram MBE takes a look.
In the terms and conditions for the game it clearly states that the data used by the game, and this is personal data, locational data and with the option for the user to photograph themselves with their captured Pokémon character, photo data, could be moved to USA based servers; essentially bypassing any home country security or privacy laws given the option to capture local images. This will “almost certainly have concerned the Iranians”, James Abernethy a former British Intelligence officer told Security News Desk.
Thomas Rid, Professor of Security Studies with King’s College Londonhas said guidelines for US military and government workers when using Pokémon Gowere shared with him by a US government officer. They discuss Operational Security (OPSEC) best practices and include “avoiding playing the game anywhere that shouldn’t be geo-tagged, not using a personal Gmail account with the game or a username associated with your social media accounts, exercising caution when taking pictures of Pokémon with the in-game augmented reality camera, and staying aware of your surroundings.” Rid then notes this is, “generally good advice even if you aren’t an intelligence officer.” The Indonesian police have banned its use whilst on duty.
The issue with Gmail was identified by the blogger Adam Reeve who wrote, “To play the game you need an account. Weirdly, Niantic won’t let you just create one – you need to sign in with an existing account from one of two services – the pokemon.com website or Google. Now the Pokémonsite is for some reason not accepting new signups right now so if you’re not already registered there you’ll need to use a Google account – and that’s where the fun begins.”
He went on to highlight how logging in via your google account gave Pokémon Go full access to all of your Google account services, ie they could see and modify anything to do with your account.
Niantic quickly released a statement on their website saying, “We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected. Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.”
It seems the developers of the game got it out to market before all of the security implications around the app had been considered. If that wasn’t enough a leading cyber security company has commented on potential issues where the game is available on BYOD in the workplace.
Devin Jones, SVP of Product Management at Cyber adapt said, “The release and popularity of Pokémon Go came out of the blue for everyone except the 40 million teenagers in the United States. This application provides an interesting case study that illustrates the risks of BYOD in the enterprise. Businesses can’t prevent users from downloading apps on their personal devices and those apps will drive traffic to and from the corporate network. How does a business maintain control and visibility of their corporate traffic when users are hunting down virtual monsters and sharing GPS coordinates directly with other users? More importantly, how do you know that GPS tracking packets aren’t exfiltrating your financials?”
Vladimir Kuskov, Security expert at Kaspersky Lab outlined another flaw, that could cause the BYOD problem when working on android devices: “The Android version of the Pokémon Go app has been affected with malware called the “HEUR:Trojan-Spy.AndroidOS.Sandr.a” and there has been a lot of advice online about how to get the app early if it has not been made available in a certain country.”
Kuskov concluded, “The use of popular online games as a vehicle for installing malware is well known, and the best way to protect yourself and your device is to only install apps from official app stores and to complement this with an appropriate security solution. Don’t take short cuts, disable device security or download software from an unverified source; it’s just not worth it.”
This article was first published in August 2016 but remains relevant – for further comment from Philip Ingram please visit the contact us page.
Santa hacked again – Grey Hare spies investigate the latest.
In the run up to Christmas there are always incidents that bring joy, bring concern and bring worry. HMS Big Lizzie returned to her home port after successful sea and air trials started last year just before Christmas when she was used as a to secret FOB for Santa, as reported by the Grey Hare Media team here: https://greyharemedia.com/top-secret-mission-for-hms-queen-elizabeth/
However, in the year the new General Data Protection Regulation came into force, we were reminded of Santa’s vulnerability given the amount of data he has in his databases. He knows the name and address of every child across the globe. He has details of who has been good and who has been naughty, his naughty list is one of the most comprehensive global databases, and it was hacked!
Now there are a few things that we need to know about Santa and the Grey Hare spies have been hunting to bring them to you. He has 31 hours of Christmas to work with thanks to the different time zones and the rotation of the earth and according to observations from the International Space Station he travels east to west.
The North American Aerospace Defense Command (NORAD)have a special SANTA tracking facility that is made ready once a year to ensure that SANTA is kept safe and should there be any mishaps, then the right help can be provided quickly.
This joint US/ Canadian facility will not be affected by President Trump’s government shutdown. It is a vital global service ensuring the safety of happiness and joy.
What NORAD have conferment is that Santa makes 822.6 visits per second allowing him 1/1000th of a second to park, hop out of the sleigh, jump down the chimney, fill the stockings, distribute the remaining presents under the tree, eat whatever snacks have been left, get back up the chimney, get back into the sleigh and move on to the next house….. phew…..
So, the chances of children seeing him are very remote, however, he has specialist stealth technologies that keep him invisible, but that seems to have been compromised.
Santa’s sleigh moves at 650 miles per second, 3,000 times the speed of sound. This makes Rudolf a very special type of reindeer as a conventional reindeer can run at a maximum of about 15 miles per hour. His defining feature is his red nose but at 650 miles per second and with special stealth technologies, only Santa and the other reindeers should be able to see it.
However, the Grey Hare spies’ team have been informed that Santa’s stealth technology was hacked at the same time his naughty list was. This has only just come to light when Gatwick Airport was brought to a standstill over drone incursion incidents. What people don’t realise is that just before Christmas each year Santa has a series of practice runs to let his reindeers stretch their legs and confirm they still remember where to go. Part of their emergency plans are landing (covertly) for quick repairs so present delivery can continue. The Grey Hare spies saw HMS Big Lizzie being used last year, however, a regular conventional stop is Gatwick Airport amongst other global airports.
This is not widely publicised as at 650 miles per second, using Santa and Rudolf’s specialist anti-collision device (the red Nose) he is usually in and out between flights without being noticed. This year was different, something clearly blocked the red nose stealth tech making it visible and concerned staff will have reported it as a possible drone incursion. Santa’s security team believe this may have been a deliberate act by the GRU to say “Bah Humbug” for embarrassments they have suffered this year.
Severely embarrassed at disrupting flights for his adoring fans coming to the North Pole to visit him, as well as those off on holiday, Santa has refused to comment on this latest embarrassment. Luckily, under his beard, and with his red suit, no one had noticed the gentle flush of his face going red.
What is critical is that his operations on 24thDec delivering presents goes ahead – so appeals have been made to Elisabeth Denholm the Information Commissioner and the EU GDPR regulators not to investigate Santa too closely and to the Gatwick authorities, to realise he is really, really sorry! He also appeals to the GRU and President Trump just to let him get on with his job and deliver joy not angst.
The Skripal Files by Mark Urban, a review by Philip Ingram MBE
I am an intelligence and counter intelligence expert and have commanded a unit which had a specialist capability trained and deployed to monitor Russian (KGB and GRU) activities as well as others. I know how the Russian intelligence agencies work and have been fortunate to speak with former Russian Intelligence Officers who have defected to the West. I too was a Colonel in Military Intelligence, but British Military Intelligence.
I am also for my sins a CBRN expert having studied chemical defence at degree and masters level. Since the 4th March I have been writing in my blog about the Skripal incident, commenting in the national and international press in all its formats, print, radio and TV on what was going on and my assessment.
I was the first to directly blame the Russian, the first to suggest a thickened Nerve Agent, one of the first to suggest Novichok and the lone voice until Teresa May said it in Parliament and Mark Urban mentioned it in this outstanding book, that said the attack on Sergei Skripal was to send a message.
What Mark Urban has done which is unique is to bring Sergei Skripals character, history and thinking to life because he spent time with him, I never met him, but I feel I know him a little better. Mark has been careful to outline fact and caveat assessment – he makes a call on what probably happened at times, but this is the real world and is how real-world intelligence works and he clearly distinguishes where he has made an assessment.
The Skripal files bring to life in such a realistic way how undeclared intelligence officers operate around the world, no matter what country they are from. His description of the research process and recruitment processes are very accurate, his analysis of the motivations that turned Sergei, fit with what was going on at the time and his description of wider case management is spot on. I have a distinct feeling I know some of the characters he has described, and some quite well.
What is fascinating is the interplay between different spy rings and how easy it is for an agent to be compromised and what happened after Sergei was arrested in a gem of an insight. It would have broken most mortals, and this shows the real strength of character Sergei must have.
I can see the accuracy and analysis in this book has struck a raw nerve with some and Marks description of the Information War is not turning into some ‘individuals’ reviewing his book very negatively. That there is an information war being raged against him and is a sign of how embarrassed the GRU and Russian intelligence organisations are.
Simply put, I can’t recommend this book more highly – my only disappointment is he had a publishing deadline as there is much more to this story that has yet to come, but I can look forward to the sequel.
Note: This review is written by Philip Ingram MBE, a former Colonel in British Military Intelligence, who was based near Salisbury and has assessed Russian activity for many years. If you would like any further comment from Philip, please contact him by clicking HERE
At one-minute past midnight on 4thOctober 2018 a statement came out from the British Government saying that the National Cyber Security Centre (NCSC) had “identified that a number of cyber actors widely known to have been conducting cyber-attacks around the world are, in fact, the GRU.”
The GRU is the Russian Military Intelligence organisation also known as the Main Intelligence Directorate who have been accused of being responsible for the assassination attempt on Sergei Skripal in Salisbury in March this year.
Since then, the British Prime Minister Teresa May has openly accused the GRU of their involvement in the attack, saying the two attackers, Alexander Petrov and Ruslan Boshirov had flown into Gatwick on 02 March and out of Heathrow on 04 March and these names were almost certainly pseudonyms.
The investigative journalism website Bellingcat went on to expose the real identity of the man who travelled under the name Ruslan Boshirov as Colonel Anatoliy Chepiga, a highly decorated GRU Officer who had received the Hero of the Russian Federation award in 2014.
In what Philip Ingram MBE a former British Colonel in British Military Intelligence believes is a swipe at the GRU the head of the Russian Foreign Intelligence Service, Sergey Naryshkin, when he said the Salisbury attack was “unprofessionally done.”
Almost sensing the GRU is ‘on the ropes’, openly outed for the Skripal attack, embarrassed by the ease with which investigative journalists with Bellingcat managed to expose serious flaws in the administration of their secret agents and expose the real identity of one of their highly decorated agents, linking him to Salisbury, for the first time, the UK authorities have come out fighting.
What is the GRU accused of this time?
The NCSC has attributed a number of recent attacks to the GRU. The October 2017, BadRabbit ransomware attack encrypted hard drives and rendered IT inoperable. This caused disruption including to the Kyiv metro, Odessa airport, but was almost an own goal as it also caused disruption at Russia’s central bank and two Russian media outlets. NCSC assess with high confidence that the GRU was almost certainly responsible.
In August 2017, confidential medical files relating to a number of international athletes, including the cyclist Sir Bradley Wiggins were released. WADA stated publicly that this data came from a hack of its Anti-Doping Administration and Management system. NCSC assess with high confidence that the GRU was almost certainly responsible.
In 2016, the Democratic National Committee (DNC) was hacked and documents were subsequently published online. NCSC assess with high confidence that the GRU was almost certainly responsible.
Of interest in July 2018 the team of special investigator Robert Mueller named 12 apparent GRU officers over the alleged hacking and leaking of Democratic party emails.
Between July and August 2015, multiple email accounts belonging to a small UK-based TV station were accessed and content stolen. NCSC assess with high confidence that the GRU was almost certainly responsible.
This is not the first time the GRU has been accused.
In June 2017 a destructive cyber attack targeted the Ukrainian financial, energy and government sectors but spread further affecting other European and Russian businesses. The UK Government attributed this attack to the GRU in February 2018. NCSC assess with high confidence that the GRU was almost certainly responsible.
In October 2017, VPNFILTER malware infected thousands of home and small business routers and network devices worldwide. The infection potentially allowed attackers to control infected devices, render them inoperable and intercept or block network traffic
In April 2018, the NCSC, FBI and Department for Homeland Security issued a joint Technical Alert about this activity by Russian state-sponsored actors.
The Foreign Secretary, Jeremy Hunt said:
“These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport.
“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens. This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.
“Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”
The UK is not alone with accusing the GRU and last night the Australians came out to support the UK statement. Of note, the Australians are part of the 5 eyes community. This is an intelligence-sharing community of the US, UK, Canadians, Australians and New Zealand.
Timing is of interest as it is almost certainly a swipe at President Putin, waning him off interfering with the US midterm elections due on 6thNovember 2018.
The UK Prime Minister said in Parliament on 5 September 2018, the UK will work with our allies to shine a light on the activities of the GRU and expose their methods. Her dancing queen speech in Birmingham is turning into her Rocky Balboa attack on the GRU, for the first time she is taking the fight to the Russians.
The announcement this morning by the Major General Onno Eichelsheim from the Dutch MIVD intelligence service regarding the expulsion of 4 GRU agents who were targeting the OPCW in the Netherlands is significant in it shows the international community joining Teresa May in ‘the ring’ helping with the fight against the Russians in an unprecedented way. Of significance, what is being exposed are some very bad ‘drills’ by the GRU operatives and this reinforces Sergey Naryshkin comments that the Skripal attack was ‘unprofessionally done.’
Note: This blog is written by Philip Ingram MBE, a former Colonel in British Military Intelligence, who was based near Salisbury and has assessed Russian activity for many years. If you would like any further comment from Philip, please contact him by clicking HERE
It is not every day that a quiet little English city is caught in the grips of a story that would be a page-turner in any spy novel, where the readers would be sceptical that what was being written about could actually happen. Well, it did, with the tragic death of Dawn Sturgess and the hospitalisation of Charlie Rowley, Nick Bailey, Yulia Skripal and her father, the intended target of a nerve agent attack, former Russian GRU Colonel, Sergei Skripal.
I am someone who has commanded an intelligence unit with a capability to covertly monitor Russian national intelligence operations, has studied organic chemistry and nuclear science related to defence against chemical, biological, radiological and nuclear weapons, at both degree and master’s degree level. Having been a military intelligence officer and also a Colonel, I have the experience and knowledge of all aspects of the decision-making process leading up to the attack on Sergei Skripal, how it would be planned, executed and the actions the Russian government has taken since then. It is classic spy story stuff and I am pretty certain my assessments of what happened, why it happened, and more, are accurate.
Having been asked for my opinion on Salisbury by press outlets ranging from Japanese newspapers, to European, Canadian and Australian TV and radio, as well as the usual CNN, BBC, mainstream UK newspapers and bizarrely by several Russian broadcasters, I thought I would put the key points into one blog, bringing together the threads of my previous blogs. Please feel free to scroll back and read them.
Why Sergei Skripal?
The most important point to start with is the reason for the attack on Sergei Skripal. It was not done first and foremost to kill him. If that was the motivation then he would have been shot, stabbed or had a car accident. Sergei Skripal was a vehicle used to send a message to any Putin dissenters across the globe that he could get them anywhere, any time and in a horrible way. Prime Minister May hinted to this in an answer to a question after her statement in the House of Commons on 5thSep 2018.
The second reason was to stir a nationalistic fervour into his Presidential campaign domestically by having a reason to say the west was attacking poor Russia. Remember the attack happened exactly 14 days before the Russian Presidential election and opposition parties and oligarchs were becoming more threatening to Mr Putin’s position and his desire for an increased majority.
Sergei Skripal was chosen because Salisbury in next to DSTL Porton Down, the UK’s chemical defence laboratory and this allowed an element of plausible deniability where President Putin could claim that this was set up to undermine him in the eyes of the international community.
Of note, this is exactly the messaging that came out in the immediate aftermath of the attack. The Russians have a doctrine called маскировка (maskirovka) which is all about ‘masking’ or deception and is central to all they do. The Russian people have an unhealthy belief in conspiracy theories and that the west is out to get them no matter what and this played into President Putin’s domestic messaging.
How did Petrov and Boshirov do what they did?
Alexander Petrov and Ruslan Boshirov (almost certainly not their real names) are alleged to have carried out a nerve agent attack in Salisbury in March, which poisoned Sergei and Yulia Skripal and have been charged by the Crown Prosecution Service, resulting in an INTERPOL Red notice being issued alongside a European Arrest Warrant.
Assistant Commissioner Neil Basu from the MET police counter-terrorism unit, said the suspects were in the UK only briefly, flying in from Moscow on Friday 2ndMarch, staying for two nights at the City Stay Hotel on Bow Road in East London, and flew back to Moscow on Sunday 4thMarch, the day they carried out the attack on Sergei Skripal’s house.
The men took a train to Salisbury on Saturday 3rdMarch “for reconnaissance of the Salisbury area.” They then returned the next day to carry out the poisoning. The police said closed-circuit television recordings showed the men near Sergei Skripal’s house and have found minute traces of Novichok in their Bow Road hotel room. It is worth noting that big chunks of their time have not been accounted for.
Prime Minister May firmly stated that the two suspects belonged to the Russian military intelligence organisation, the GRU (or Main Intelligence Directorate). Her choice of words, clearly stating that they were GRU agents, after stating that their names were probably false, strongly suggests that the UK Intelligence agencies know their real identities and therefore links to the GRU.
How would this operation have been planned and executed?
Under a 2006 Russian Federation law, extrajudicial assassinations by agents of the Kremlin need be approved only by the Russian head of state, without reference to others and the GRU will keep an up to date list of those they believe should be targeted including Western spies, political dissenters and others.
Colonel General Igor Valentinovich Korobov, head of the GRU will be no stranger to President Putin, appointed in 2016 by him and made a Hero of the Russian Federation in 2017 he will be a regular advising President Putin on difficult and delicate matters such as Eastern Ukraine, Crimea, Syria and will almost certainly be someone President Putin will use for advice and options in dealing with concerns.
President Putin will have been concerned that his dealing with Alexei Navalny, the Russian opposition leader, ensuring his criminal conviction meant he couldn’t run against him, had stirred up further dissent but this time in more powerful and wealthy oligarchs who until then had remained silent. Putin will have asked Korobov to look at options to send dissenters a clear message.
Messaging is a clear tactic used by Russia and the Alexander Litvinenko case will have shown the GRU the wider messaging impact of using novel assassination methods. GRU scientists will have been trialling many different methods of assassination in their labs that resemble those of Q in the James Bond movies, including the use of nerve agents. The use of a Nerve Agent as an assassination method was demonstrated by 2 alleged North Korean women in Kuala Lumpur Airport in 2016 when Kim Jong Nam, half-brother to the North Korean leader Kim Jong Un, was assassinated with an agent identified as VX and the assassins remained safe. This methodology could have been Russian inspired as a ‘field trial’ as there are some unexplained links between Russia and North Korea!
Novichok, a more potent, safer to handle, less detectable and more persistent agent than VX, works in the same way. It poisons the nervous systems ‘off’ switch and is absorbed slowly through the skin. Immediate treatment is using Atropine and similar drugs widely available in any hospital A&E. Its slow action and dramatic effect was the perfect choice to send a message that this was from the Russians but with plausible deniability using маскировка (maskirovka) by choosing a target near to a Western chemical defence establishment. Hence why Sergei Skripal came to the fore.
Once he had been identified as the vehicle to be used to send the message, his electronic life will have been hacked as well as that of his daughter Yulia so they could be constantly watched and a pattern of life study carried out. The Foreign Intelligence Service (SVR) station in the Russian embassy in London will have been tasked to carry out a reconnaissance of Sergei Skripal to update national records and monitor his movements over at least a week-long period at the end of February. That report will have been passed to the GRU and formed the basis of Alexander Petrov and Ruslan Boshirov’s trip to Salisbury on 3rdMarch for them to confirm the detail prior to the assassination attempt trip on 4thMarch.
Prior to flying to the UK, Alexander Petrov and Ruslan Boshirov will have been practising the application of Novichok to a door handle and the removal of protective gloves with the live agent, they will have been learning how to administer the anti-nerve agent drug, Atropine, to themselves should they become accidentally contaminated. They will have been rehearsing their assassination attempt. They will likely have brought the Novichok, already sealed in the modified fake Nina Ricci ‘Premier Jour’ perfume bottle in a Russian chemical warfare laboratory, into the country in their hand luggage.
Their trip to Salisbury on 3rdMarch will have been to check aspects of the SVR pattern of life study and possibly get briefed by the SVR team themselves. So that they could return alone on 4thMarch and apply the deadly Novichok to Sergei Skripals front door.
After they applied the Novichok they will have removed their protective gloves but accidentally dropped the fake Nina Ricci ‘Premier Jour’ perfume bottle with a specially made poison applicator, as they put it back into its cover. Knowing just how deadly the substance was they left, hoping no one would find it. This act was simply a cock up. Their gloves and other contaminated items will have been put into a bin in Salisbury, taken to landfill by unwitting council workers the next day. It was that accidentally dropped bottle that Charlie Rowley found and took home to his girlfriend Dawn.
Putin and the GRU will have been surprised at the tenacity of the UK’s counter-terror police and Security Services investigation and the level of detail they have managed to ascertain. The public exposure of Alexander Petrov and Ruslan Boshirov and the strong indications that the UK Government knows their real identities has forced the Russians into what was an embarrassing interview with the Russian state-funded RT network.
The reason for the interview is not to appease the international community or provide a credible story but it is a standard tactic as part of the маскировка (maskirovka) campaign, this time aimed at the Russian domestic audience who are becoming wary of Putin’s performance. The Russians have a word, враньё(vranyo), which means to tell a lie without expecting to be believed. the lie is told purely to save face knowing they won’t be challenged. This tactic unsurprisingly was common practice in the Soviet era.
What are we missing?
However, there are subtilty’s in the investigation and what has been released and what hasn’t been released that allows what I will caveat as speculation, but argue it is informed speculation.
There has been just enough information, including CCTV stills shown to the general public to back the Crown Prosecution Service charges and the statement by the Prime Minister in the House of Commons. It is almost certain there is a lot more information not yet released.
There will be a lot more CCTV from both the Saturday 3rdMarch and Sun 4thMarch trips that will give a greater insight to Petrov and Boshirov’s movements around Salisbury that hasn’t been released. The police will have made an assessment as to what happened to the protective clothing, as a minimum, pairs of gloves Petrov and Boshirov would have worn to carry out the attack. These will be contaminated.
There is no statement as to where the fake Nina Ricci ‘Premier Jour’ perfume bottle was found by Charlie Rowley and how it remained unaccounted for, for so long. There is no statement to Petrov and Boshirov’s movements in London and how the Bow hotel was identified, or why traces of Novichok from a sealed container would have been found there? There has been no assessment as to the hours unaccounted for on both 3rdand 4thMarch as Petrov and Boshirov walked around Salisbury.
Why is this being kept from us? The basic answer is, we don’t need to know. I would speculate that the SVR team who carried out the pattern of life study on Sergei Skripal have possibly been identified by the UK intelligence agencies and there is a distinct possibility at least one of them lives in the Salisbury area. If that is the case, they will be running an operation to target individuals and turn them to become double agents for the UK. This I know sounds very James Bond like, but is the day to day role of counterintelligence officers in MI5 and Intelligence officers in MI6. I have seen these types of operation.
Who are the GRU?
They are Russia’s military intelligence service and one of three of Russia’s intelligence agencies whose activities often overlap – the others are the Federal Security Services (FSB) and the Foreign Intelligence Services (SVR). The FSB has a broader remit, including counter-terrorism, border control and domestic surveillance, but all the agencies are in competition for resources and funding.
The GRU came back in favour with Russia’s annexation of Crimea in 2014, activities in Eastern Ukraine and in Syria as they own a special forces element called the Spetsnaz. They also have historically been responsible for assassinations, espionage and cyber warfare around the world.
The GRU also have a direct-action special forces capability in their ranks called Spetsnaz GRU. It is individuals from these unite we have almost certainly seen in Crimea, Eastern Ukraine and in Syria.
What is Novichok?
Novichok (новичок meaning “newcomer” or “newbie”) are a series of organophosphate-based nerve agents. They were designed by the Russians in the 1970’s and 80’s as they sought to produce a binary chemical warfare agent whose constituent parts would fall out with the chemicals that were to be banned in the International Probation of Chemical Weapons Convention, that was in its diplomatic infancy at the time.
A binary device consists of two ‘safe’ compounds that when mixed together form the nerve agent but on their own are little or no danger. An organophosphate nerve agent is one that works on attacking the chemical switch inside every nerve cell in your body that turns the nerve cell off after being stimulated. That chemical switch is an enzyme called acetylcholinesterase and nerve agents to destroy the body’s ability to synthesise that enzyme.
Nerve agents fall into 3 persistence categories, non-persistent, eg Sarin (used by Assad in Syria), which has the consistency of petrol and evaporates relatively quickly; persistent agents eg Vx (used to assassinate Kim Jong Nam (Kim Jong Un’s half-brother) in Kuala Lumpur airport last year and has the consistency of engine oil; and very persistent such as Novichok that can be in a solid, powder or treacle level of consistency.
Aside from Sarin, the primary method of absorption for nerve agents into the body is through the skin, so it is unlikely that you would know that you have been contaminated with this the colourless, odourless substance until you start to exhibit symptoms.
The symptoms can build slowly for low exposure or come on rapidly for high dose exposure and include: Runny nose and eyes, small pupils or blurry vision, coughing, chest tightness, wheezing, or shortness of breath, nausea and vomiting, abdominal pain or diarrhoea, fatigue, headache, or sweating, muscle twitching or a seizure, leading to collapse, respiratory failure and death.
Nerve agents are designed to cause casualties first and foremost to overwhelm evacuation and medical facilities on the battlefield and to deny ground through a sort of chemical minefield.
What will happen next?
In reality very little – the sabre rattling will continue, if there is sufficient international support then the only way Putin can be hurt is by freezing the assets of his oligarch supporters and aiding Russian opposition parties; play them at their own game but do it within the international rule of law.
Will it happen? Unlikely, as the Russian influence into western governments is much greater than we realise. The Mueller enquiry in the US will expose some but closer to home the Nord Stream 2 gas pipeline providing Russian Gas to Germany shows the economic interdependence that politicians won’t want to destabilise.
President Putin is currently sitting behind his grand desk in Moscow, with a very large glass of the best vodka on ice, stroking a white cat on his knee, knowing he has won yet again.
Note: This blog is written by Philip Ingram MBE, a former British Army Intelligence Officer and Colonel, who was based near Salisbury in the past. If you would like any further comment from Philip, please contact him by clicking HERE
I am in a unique position to review this book for several reasons. I was part of the NATO planning team preparing to take over from the United Nations in Bosnia and then deploying to do just that when Aimen was cutting his teeth in jihad.
As a senior British army intelligence officer with access to the highest levels of intelligence I would often read CX reports, CX reports are highly classified MI6 reports, but they never give away the true identity of the source and I would often speculate where they had come from. The description Aimen has given regarding what he gave to his MI6 handlers now fills many of those speculative blanks.
The final reason is I know Aimen personally and knew him before he went public about his past and I am proud and privileged to see him as a friend. We have talked on many occasions about some of the events and stories so well-articulated in this fantastic book, Nine Lives by Aimen Dean, Paul Cruickshank, and Tim Lister. It also explains why there were times when Aimen went ‘off grid’ and I couldnt contact him.
Nine Lives gives an essential reading insight to the various paths people take to extremism and gives a frightening insight to the coordination that goes on across a globally linked network that is almost delivering terror by franchise.
I have seen some of the training manuals and other plans that Aimen refers to and know they sit in centralised hidden libraries in the dark web and elsewhere, easy for franchised extremist groups and individuals to request access to and learn their horrific trade from. Given their proliferation, it is near impossible for the authorities to remove every source of this extremist material from our ever-connected world.
We should remain concerned and recognise that it is everyone collectively who has a role to play in helping defeat extremism by reporting unusual activity. Remember, the extremists have only to be successful once, but the intelligence services have to be successful all of the time, and they have lost a real asset in the middle of the extremist networks when Aimen was compromised.
I know the pressures an agent and an agent handler go through as I have been there. If anything, Aimen doesn’t do his mental resilience enough justice as the stress of what he was doing to help keep us safe would have been unmeasurably large. I am not surprised he became ill on several occasions.
I know intelligence, I know spying and there is only one word that can describe this book – outstanding. For anyone who wants to know how extremist networks work this is a must-read. If it were a novel it is a page-turner, but the frightening fact is it is a true story. Aimen, Paul, and Tim, I salute you, but Aimen, for the countless lives you have saved, your contribution to humanity is truly awe-inspiring, thank you. This books contribution to understanding the sewer pit of extremism and the role of intelligence agencies is seminal.