In December 2016, two high-ranked Russian federal security agency (FSB) officers were rather dramatically arrested and charged with treason. Speculation in the Western press relates these arrests to the hacking and disinformation campaign in the US in the run-up to Trump being installed as president. There is also some speculation that the arrested people may have been involved with international hacking groups or even with a Western intelligence service. There also are suggestions that the arrests are a part of the coverup of the 2016 US election hack. Below I present a digest of what has been reported in the Russian independent press (what little is left of it) regarding the events.
Primary sources.
Here I follow the scoop of tsargrad.tv, a site belonging to Tsargrad (Царьград) analytics group (actually, it’s a “think” tank with some seriously questionable ideology, but not entirely residing in an #alternativefacts universe and reportedly linked to FSB insider sources), and of meduza.io, the independent Russian-language news site and aggregator run by Galina Timchenko, former CEO of a hugely successful Russian news portal Lenta.ru. Finally, I also used some work from Novaya Gazeta (NG), one of the last surviving independent newspapers in Moscow. While Tsargrad is fishy to the point of being odious (but well-connected), Meduza and NG set the standard of Russian independent journalism.
Who and how got arrested.
General Sergey Mikhailov, the deputy director of the FSB IT security center (Центр информационной безопасности ФСБ), was arrested in December 2016 in the middle of a meeting and escorted out with a black cloth bag over his head. The second FSB officer to be arrested is Dmitry Dokuchaev, a former hacker (nickname Forb) recruited by FSB and at the moment of his arrest having the rank of a major. Finally, a recent arrest of Ruslan Stoyanov, cybercrime division head at Kaspersky Lab software company, is also reported to be connected to the case.
What are the charges?
The charge is reportedly treason. Nothing more solid has been said on record.
What are the rumors?
Tsargrad claims that…
- The arrested people were connected with Shaltay-Boltay (Russian Anonymous) and responsible for several embarrassing leaks of emails of senior Russian government officials in the recent years;
- Shaltay-Boltay hacker group itself has a connection with CIA.
From a much more trustworthy source (NG)…
- FSB is investigating a bribe to an officer or officers of its IT security center from a “foreign organization;”
- The third person arrested, Stoyanov, coordinated the collaboration between Kaspersky Lab and FSB on cybercrime;
- NG sources claim that Mikhailov was the FSB curator of the Shaltay-Boltay hacking group, while Dokuchaev was in charge of the actual hacks.
From Meduza…
- Kaspersky Lab was supposedly the intermediary between the “international organizations” and the rogue FSB officers;
- Shaltay-Boltay hacking group was involved in the high-profile hacks (and leaks) of the emails of several government officials and oligarchs close to Putin, including one of the email accounts of prime-minister Medvedev, media magnate Gabrelyanov, and, interestingly, the owner of record of Tsargrad.tv Malofeev.
- A Meduza reporter met in Bangkok with a person claiming to represent Anonymous, who said that Shaltay-Boltay mostly does work for hire, and leaks of emails are a side effect of “the main work” of that group, whatever it may be.
How to interpret this?
The context of interpretation here is provided by the claim originally made by Josh Marshall of TPM, who used the above-referenced NG report as one of his sources. Regarding Mikhailov’s arrest and the possibility that he indeed was a US intelligence asset, Marshall wrote (bolding mine)…
According to the independent newspaper Novaya Gazeta, the FSB believes Sergei Mikhailov tipped off U.S. officials to information about Vladimir Fomenko and his server rental company “King Servers,” which the American cybersecurity company ThreatConnect identified last September as “an information nexus” that was used by hackers suspected of working for Russian state security in cyberattacks.
[...]
Did the information put out by US intelligence somehow lead to his exposure? Without putting too fine a point on it, a number of close advisors to President Trump are being scrutinized for ties to Russia. Some of them participated in the intelligence briefings the President receives.
Do we have a very big problem?
I also must give credit to our own xajaxsingerx for a recent diary titled “Did the Trump White House out our top asset in Russia?” The title says it rather succinctly.
Based on the information from the open Russian-language sources, in my opinion, this chilling possibility indeed cannot be ruled out, although it is not the only feasible explanation for the events. Other plausible scenarios include internal power struggles within FSB, and possibly even buyer’s remorse over help rendered to Trump.
The strongest feeling that I get from reading all this is that some gnarly hobnailed size 16 shoe is still about to drop.