The Stena Impero, what next?

The Stena Impero, what next?

The Stena Imperio, what next?

With the UK flagged tanker Stena Impero being seized by the Iranian Revolutionary Guard in the Strait of Hormuz, reportedly in Omani Territorial waters according to the UK Defence Secretary Penny Mordaunt, what can be done next?

Whatever the next step is, it will by default be seen by the Iranians as escalatory. We are entering a very dangerous phase that would tax the most experienced and hardened of Prime Ministers never mind a new one starting next week. 

The Foreign Office has summoned Iran’s charge d’affaires in London, in the first step of what will be a fraught period of diplomacy where every word counts.  Penny Mordaunt has already declared it as a ‘Hostile Act,’ a significant choice of words in the diplomatic world as it is one associated with the easing of a military’s rules of engagement and a precursor to greater military deployments.

Once severe displeasure has been lodged with the Iranian charge d’affaires it is likely that Teresa May and Jeremy Hunt, the Foreign Secretary will be on the phone to allied to ask them to pass their condemnation onto Iran’s representatives in their capitals. We should start to see statements of condemnation and concern from allies coming out.

The next formal step will likely be an emergency meeting of the United Nations Security Council early in the week, to pass a resolution ordering Iran to release the Stena Impero and her crew and to stop all aggressive behaviour in the region. If the phrase ‘hostile act’ gets into the UNSCR the next phrase to watch for is “by all means necessary” when it comes to enforcing the resolution. That is in effect a UN authorisation to go to war if necessary. Words are important!

Given Iran’s links to Syria and therefore Russian activity in Syria they would probably hope that Russia would veto any resolution worded too strongly.  However, given there is a Russian citizen amongst the crew and there is already pressure on Russia elsewhere, this is less likely.

Iran is angry at the UK’s seizure of an Iranian oil tankerthe Grace 1in Gibraltar’s waters, for operating against EU sanctions on Syria.  Iranian TV’s Channel Two, broadcast part of an interview with Mr Abbas Mousavi, an Iranian Foreign Ministry spokesman who said the seizure was “a form of piracy” 

The issue is however much bigger and Iran’s beef with the UK goes far back in history with recent disputed over undelivered tanks, ordered during the Shar’s reign and partially paid for but not delivered due to the Iranian Revolution.  The initial payments were never refunded, and Iran has taken the UK Govt owned company who brokered the deal, to court.

Iran is concerned about current sanctions and sees the UK as a bedfellow of their arch enemy the US. President Trumps recent withdrawal from the Iran nuclear treaty has enflamed tensions.  Those tensions are further enflamed by the continuing proxy wars in Syria and Yemen where British weapons and supplied military capabilities are being used against Iranian backed rebels.

The one conclusion form all of this is it is a mess and will be very difficult to unpick, it is likely the Stena Impero will be in Iranian waters for quite some time to come.  Any next step is likely to enflame tensions further and I suspect activity in Portsmouth will be increasing rapidly to prepare more ships for sea. Not a good time for RN personnel if they have annual leave booked.

Note: This blog is written by Philip Ingram MBE, a former British Military Intelligence Officer and now journalist who has served in the Gulf. If you would like any further comment from Philip, please contact him by clicking HERE

Related Article:

The Gulf of Oman shipping attacks, the Intelligence Game

The Gulf of Oman shipping attacks, the Intelligence Game

In the streets of Tehran, for many years Israel’s Mossad, Germany’s MRD, Americas CIA, France’s DGSE and of course the UK’s MI6 with many others will have been playing the potentially deadly game of HUMINT. Human Intelligence, recruiting individuals with access to pass on secrets from the organisations they have access to. If they are caught, they will almost certainly be tortured and killed, it is probable that their families will disappear, and that access will be lost. This is part of the intelligence game.

One of the key targets of the international intelligence community will be the Iranian Revolutionary Guard Quds force. Their special operations division, the part of the revolutionary guard that infiltrates other states, that carries out guerrilla and terrorist type attacks, that carries out ‘black’ operations, that is currently being blamed by the US and UK for the spate of attacks on oil tankers in the Gulf of Oman.

If one of the intelligence agencies has recruited an agent inside the Quds Force then their intelligence, their presence and their access will only be known by a very very small number of people; their identity by even fewer. Their reports will be unlikely to be shared, but assessments utilising intelligence provided may be shared with allies. 

Luckily, HUMAN intelligence is the icing on the cake and not needed in all cases to form an intelligence assessment.  It is highly unlikely to have formed part of the picture that allowed the US Secretary of State Mike Pompeo to blame the Iranians for the attacks on Thursday on two tankersin the Gulf of Oman, just a month after four others were targeted off the coast of the United Arab Emirates.  The British Foreign Minister Jeremy Hunt said that the Iranian regime was “almost certainly” behind it, but how would they know?

The key is knowing exactly what happened and when and that is very easy in this case. It is easy because the exact time and location is known and the ships at 06:12 (02:12 GMT) the Norwegian-owned Front Altair followed at 07:00 the Japanese-owned Kokuka Courageous sent distress calls following explosions and these were picked up by US naval forces in the region.  

The US has already released video from an unmanned drone flying in the region, this is one of the most highly surveilled regions in the world. The drone reportedly showed Iranian Revolutionary Guards boats evacuating crew from one of the distressed ships whilst surreptitiously removing an unexploded limpet mine.  Some commentators have questioned its validity especially as the owners of the Kokuka Courageous claim that the crew saw a flying object just before the explosion. 

One thing that people should recognise is the drone was not alone! There are layers of intelligence collection systems all watching and listening to target areas of interest, which the Gulf of Oman is. These systems have the ability to monitor the whole electromagnetic spectrum passively through satellites, drones, aircraft, ships and land based capabilities and also actively through land based, sea borne and airborne radar. 

So, what would be looked for? We have boat movement, the 2 ships that were attacked and any smaller craft that approached them through their journey. Small craft present a problem for intelligence systems as they can often get lost in the background clutter in images, or radar returns and that clutter can be caused by atmospherics, sea states and geography. This means that unless they are being actively looked for, they can often hide. Boats no matter what size leave a wake, a temperature difference in the sea as they travel, a radar and an acoustic signature, a thermal signature and if they use radar and/or radio, an electromagnetic signature. If crew members are carrying mobile phones, those too leave a unique signature in the electromagnetic spectrum. 

For limpet mines to be attached, this is either done in port or on the journey from a surface or sub surface vessel.  The location of the explosion and the alleged limpet mine that was removed can rule out a sub-surface approach. But what of the flying object?

The ships were over 50 km off shore, for anyone with experience at sea, that is a long way! Any ‘flying object’ would have to be launched from Land, the Air or the Sea. It would also have to be guided to the target either actively or using passive on board guidance systems. We are talking about a very sophisticated system to get a warhead to a ship. At that range any land launched system would have been spotted immediately through its thermal signature, the US would have called it out immediately. Again, if launched from the air, aircraft type, course, time of flight are all being recorded, not just by civil air traffic control but also military assets across the region. The USS Bainbridge, a US Arleigh Burke-class guided missile destroyer, over 500 feet long and weighing in at 9,200 tons, has some of the most sophisticated radar and other sensors and it was operating in the area. 

So, a close in missile launch would see the need for a small boat to get within a few km of the tankers, leaving its own signature and once a missile is launched, leaving another trail of ways of identifying it.  I would assess it as unlikely that a missile system was used to attack the tankers.

Will we ever know for sure? Well if samples of the explosive residue left around the site of the explosion and the size and shape of the damage to the ship’s hull can be gained – the type of explosive can be determined and the exact weapon system used therefore determined with a very high probability, if it is a manufactured weapon and not a home-made IED, even then the residue will indicate where the explosive substance came from.

So, for all the doubters out there who want to immediately counter the state narrative. Realise, it is certainly based on much more than will ever or should ever be in the public domain. Meanwhile, the attempts to recruit human assets in Tehran and elsewhere will continue.

This blog was written by Philip Ingram MBE a former Colonel in British Military Intelligence who has worked in the Gulf region. Please go to contact us if you want further comment from him.

The GRU is on the Ropes

The GRU is on the Ropes

The GRU is on the Ropes

****Updated 1230 on 04 Oct 18*****

At one-minute past midnight on 4thOctober 2018 a statement came out from the British Government saying that the National Cyber Security Centre (NCSC) had “identified that a number of cyber actors widely known to have been conducting cyber-attacks around the world are, in fact, the GRU.”

The GRU is the Russian Military Intelligence organisation also known as the Main Intelligence Directorate who have been accused of being responsible for the assassination attempt on Sergei Skripal in Salisbury in March this year.

Since then, the British Prime Minister Teresa May has openly accused the GRU of their involvement in the attack, saying the two attackers, Alexander Petrov and Ruslan Boshirov had flown into Gatwick on 02 March and out of Heathrow on 04 March and these names were almost certainly pseudonyms.

The investigative journalism website Bellingcat went on to expose the real identity of the man who travelled under the name Ruslan Boshirov as Colonel Anatoliy Chepiga, a highly decorated GRU Officer who had received the Hero of the Russian Federation award in 2014.

In what Philip Ingram MBE a former British Colonel in British Military Intelligence believes is a swipe at the GRU the head of the Russian Foreign Intelligence Service, Sergey Naryshkin, when he said the Salisbury attack was “unprofessionally done.”

Almost sensing the GRU is ‘on the ropes’, openly outed for the Skripal attack, embarrassed by the ease with which investigative journalists with Bellingcat managed to expose serious flaws in the administration of their secret agents and expose the real identity of one of their highly decorated agents, linking him to Salisbury, for the first time, the UK authorities have come out fighting.

What is the GRU accused of this time?

The NCSC has attributed a number of recent attacks to the GRU.  The October 2017, BadRabbit ransomware attack encrypted hard drives and rendered IT inoperable.  This caused disruption including to the Kyiv metro, Odessa airport, but was almost an own goal as it also caused disruption at Russia’s central bank and two Russian media outlets. NCSC assess with high confidence that the GRU was almost certainly responsible.

In August 2017, confidential medical files relating to a number of international athletes, including the cyclist Sir Bradley Wiggins were released.  WADA stated publicly that this data came from a hack of its Anti-Doping Administration and Management system. NCSC assess with high confidence that the GRU was almost certainly responsible.

In 2016, the Democratic National Committee (DNC) was hacked and documents were subsequently published online. NCSC assess with high confidence that the GRU was almost certainly responsible.

Of interest in July 2018 the team of special investigator Robert Mueller named 12 apparent GRU officers over the alleged hacking and leaking of Democratic party emails.

Between July and August 2015, multiple email accounts belonging to a small UK-based TV station were accessed and content stolen. NCSC assess with high confidence that the GRU was almost certainly responsible.

This is not the first time the GRU has been accused.

In June 2017 a destructive cyber attack targeted the Ukrainian financial, energy and government sectors but spread further affecting other European and Russian businesses. The UK Government attributed this attack to the GRU in February 2018.  NCSC assess with high confidence that the GRU was almost certainly responsible.

In October 2017, VPNFILTER malware infected thousands of home and small business routers and network devices worldwide.  The infection potentially allowed attackers to control infected devices, render them inoperable and intercept or block network traffic

In April 2018, the NCSC, FBI and Department for Homeland Security issued a joint Technical Alert about this activity by Russian state-sponsored actors.

The Foreign Secretary, Jeremy Hunt said:

“These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport.

“The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens.  This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.

“Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.”

The UK is not alone with accusing the GRU and last night the Australians came out to support the UK statement. Of note, the Australians are part of the 5 eyes community.  This is an intelligence-sharing community of the US, UK, Canadians, Australians and New Zealand.

Timing is of interest as it is almost certainly a swipe at President Putin, waning him off interfering with the US midterm elections due on 6thNovember 2018.

The UK Prime Minister said in Parliament on 5 September 2018, the UK will work with our allies to shine a light on the activities of the GRU and expose their methods.  Her dancing queen speech in Birmingham is turning into her Rocky Balboa attack on the GRU, for the first time she is taking the fight to the Russians.

The announcement this morning by the Major General Onno Eichelsheim from the Dutch MIVD intelligence service regarding the expulsion of 4 GRU agents who were targeting the OPCW in the Netherlands is significant in it shows the international community joining Teresa May in ‘the ring’  helping with the fight against the Russians in an unprecedented way.  Of significance, what is being exposed are some very bad ‘drills’ by the GRU operatives  and this reinforces Sergey Naryshkin comments that the Skripal attack was ‘unprofessionally done.’

Note: This blog is written by Philip Ingram MBE, a former Colonel in British Military Intelligence, who was based near Salisbury and has assessed Russian activity for many years. If you would like any further comment from Philip, please contact him by clicking HERE