Russian espionage in the United States has occurred since at least the Cold War (as the Soviet Union), and likely well before. According to the United States government, by 2007 it had reached Cold War levels.[1]
The KGB was the main security agency for the Soviet Union from 1954 until its break-up in 1991. The main duties of the KGB were to gather intelligence in other nations, conduct counterintelligence, maintain the secret police, KGB military corps and the border guards, suppress internal resistance, and conduct electronic espionage. According to former KGB Major General Oleg Kalugin, who was head of the KGB's operations in the United States, the "heart and soul" of Soviet intelligence was "not intelligence collection, but subversion: active measures to weaken the West, to drive wedges in the Western community alliances of all sorts, particularly NATO, to sow discord among allies, to weaken the United States in the eyes of the people of Europe, Asia, Africa, Latin America, and thus to prepare ground in case the war really occurs."[2][3]
In 1991, the Soviet Union collapsed, and the KGB was reorganized into multiple subsidiary organizations including the FSB (Federal Security Service).[4][5] The Soviet Union formed two other well known agencies: The GRU (The Main Directorate of the General Staff of the Armed Forces of the Russian Federation) and the SVR (Foreign Intelligence Service).
The GRU (The Main Directorate of the General Staff of the Armed Forces of the Russian Federation) is Russia's military intelligence. The GRU remained intact when the KGB partitioned into the FSB and SVR, and keeps the same abbreviation as the Soviet-era GRU.[6] According to the Federation of American Scientists, the GRU focuses on "gathering human intelligence (HUMINT) through military attachés and foreign agents". Other than gathering human intelligence, the GRU also maintains "significant signals intelligence (SIGINT) and imagery reconnaissance along with satellite imagery (IMINT) capabilities".[7] The modern GRU has been connected to multiple crises and interference actions, and the U.S. has charged it for major cyberattacks, related to disruption of the Ukrainian power grid, targeting organizations investigating the poisoning of Sergei Skripal, and hacking the DNC in 2016 as part of election interference.[8][6]
The SVR (Foreign Intelligence Service) was formed in December 1991 after the fragmentation of the KGB. The SVR replaced the KGB's overseas arm. According to former SVR defector Sergei Tretyakov, in the 1990s, SVR agents were secretly scattered across New York City to gather intelligence for the Kremlin in Russia.[9]
After the transition from the Soviet Union to the Russian Federation, new discoveries were made about Soviet-era espionage. The Venona project, declassified in 1995 by the Moynihan Commission, contained extensive evidence of the activities of Soviet spy networks in America,[10] as did the Mitrokhin Archive revealed from 1992-1999.[11]
Active measures
Active measures have continued in the post-Soviet era in the Russian Federation and are in many ways based on Cold War schematics.[2][12] Active measures, as first formulated in the Soviet KGB, were a form of political warfare, offensive programs such as disinformation, propaganda, deception, sabotage, destabilization and espionage.[2]
According to the Mitrokhin Archives, active measures were taught in the Andropov Institute of the KGB situated at SVR (Foreign Intelligence Service) headquarters in Yasenevo District of Moscow. The head of the "active measures department" was Yuri Modin, former controller of the Cambridge Five spy ring.[13][14] The former Andropov Institute became the Academy of Foreign Intelligence and is now operated by the SVR.[15]
The improvement of technology and the world's interconnectivity has made it easier for Russian intelligence to interfere.[14][16] However traditional tactics of human espionage persist.[16]
Comrade J
Colonel Sergei Tretyakov, otherwise known as Comrade J, was a Russian SVR officer who defected to the United States in October 2000.[9] Tretyakov grew up aware of the KGB in Russia, due to his mother's and grandmothers' involvement. As Tretyakov grew up in the Soviet Union, he worshiped the idea of being a part of the KGB. While he was a young man in the KGB, he was given the responsibility to be the leader of the young communist lead for nearly three years. Tretyakov spent many years in the KGB until the Soviet Union collapsed in 1991, and he became a colonel in the SVR. From 1995 to 2000, Tretyakov was responsible for all Russian covert operations in New York City and at the United Nations. According to Pete Earley, in 1997, Tretyakov might have begun supplying United States officials with Russian information. Either at this point or after his official defection, Tretyakov explained to the United States how Russia was spying throughout New York City and the rest of the United States, as well as how Russian intelligence spread throughout Manhattan and the rest of America. Tretyakov became a US citizen in 2007 and then three years later died at the age of 53.[9]
Espionage
From the end of the 1980s, KGB and later SVR began to create "a second echelon" of "auxiliary agents in addition to our main weapons, illegals and special agents", according to former SVR officer Kouzminov.[17] These agents are legal immigrants, including scientists and other professionals. Another SVR officer, Vasili Mitrokhin, who defected to Britain in 1992, described details about thousands of Russian agents and intelligence officers, some of them "illegals" who live under deep cover abroad.[11]
In 2000, the FBI learned of multiple sets of Russian spies in the U.S.[18] In 2010, the FBI arrested 10 Russian agents, whose deep cover operation was named the Illegals Program by the Department of Justice. Posing as ordinary American citizens, the Russian agents tried to build contacts with academics, industrialists, and policymakers to gain access to intelligence. They were the target of a multi-year FBI investigation called Operation Ghost Stories, which culminated at the end of June 2010 with the arrest of ten people in the U.S. and an eleventh in Cyprus.[19] The ten sleeper agents were charged with "carrying out long-term, 'deep-cover' assignments in the United States on behalf of the Russian Federation."[20][21][22][23][18]
Former CIA officer Harold James Nicholson was twice convicted[clarification needed] as a spy for Russia's Foreign Intelligence Service (SVR).[24] A combination of events in the 90s began the FBI's investigation into Nicholson. He met with SVR officials away from the embassy and what followed was a $12,000 transfer to his bank account. He failed three polygraphs that noted questions like "are you hiding involvement with a foreign intelligence service?" This limited his access to Russian intelligence officials and by 1996, the FBI were able to arrest him inside Dulles Airport.[25] On him was a computer disc containing classified CIA files and ten rolls of film showing top secret documents. Nicholson admitted to the passing of classified information to the SVR from 1994 to 1996 and was convicted of espionage.[25]
In February 2020, U.S. officials charged Hector Alejandro Cabrera Fuentes, a Mexican citizen, in Miami for allegedly acting on behalf of a Russian agent who recruited him to collect information about the US government. The two met repeatedly in Moscow.[32][33]
In May 2021, the U.S. sentenced former Army Green BeretPeter Debbins to 188 months in jail for conspiring with Russian intelligence operatives to illegally provide them with U.S. national defense information.[34]
In July 2022, U.S. officials arrested couple Walter Glenn Primrose (alias Bobby Edward Fort) and Gwynn Darle Morrison (alias Julie Lyn Montague), charging them with identity theft and conspiring against the government. Like the Illegals, both had assumed the identities of deceased U.S. children (Fort and Montague), though the couple appeared to have genuinely been born in and resided in the United States as Primrose and Morrison. As Fort, Primrose served in the Coast Guard as an avionics technician before becoming a defense contractor; he held a secret security clearance. In its complaint against the couple, the U.S. provided two images of them in KGB uniforms.[35][36]
The Mueller Report consists mostly of the Trump administration's involvement and evidence of Russia's involvement. According to the Mueller Report there was no collusion with Russia. Mueller notes that there was a social media propaganda operation called the "troll farm," in which Russia's Internet Research Agency created fake accounts online that "favored candidate Trump and disparaged candidate Clinton."[37] Russia targeted Clinton's emails after word from President Trump in which he's quoted saying, "Russia, if you're listening, I hope you're able to find the 30,000 missing emails that are missing." Five hours later, Mueller reports, members of a key Russian intelligence unit targeted for the first time Clinton's personal office. There was also what Mueller called "Russian hacking and dumping operations" in which Russian intelligence officers hacked into the accounts of the Clinton campaign and Democratic party organizations. The material was then posted online by Russia themselves, and the other information was distributed by WikiLeaks. Russia repeatedly reached out to the Trump campaign to establish a connection to the Kremlin. Mueller writes, "The Russian contacts consisted of business connections, offers of assistance to the campaign, invitations for campaign officials and representatives of Russian government to meet, and policy positions seeking improved US-Russian relations.”[37]
According to Mueller, Russia's foreign election interference “wasn’t a single attempt. They’re doing it as we sit here.”[38]
Ex-spy Yuri Shvets, who was a partner of the assassinated Alexander Litvinenko, believes that the KGB cultivated Trump as an asset for over 40 years.[39] Yuri Shvets, a source for journalist Craig Unger, compared the former president to the Cambridge Five who passed secrets to Moscow. Shvets believes that Semyon Kislin was a "spotter agent" who identified Trump as an asset in 1980. Among other things Shvets highlights Trump's visit to the Soviet Union in 1987.[40] Yuri Shvets believes Trump was fed KGB talking points. For example, after Trump's return to New York, Trump took out full-page ads in major newspapers criticizing American allies and spending on NATO. Yuri Shvets claims that at the chief KGB directorate in Yasenevo, he received a cable celebrating the ad as a successful "active measure".[40] Shvets described the Mueller Report as a "big disappointment" because it focused only on "crime-related issues" rather than "counterintelligence aspects".[40]
Journalist Luke Harding argued that Trump's visit to the Soviet Union in 1987 was arranged by the KGB as part of KGB overtures to recruit a wider variety of agents.[41]
Expulsion of agents
In March 2018, the Trump administration ordered the expulsion of 60 alleged Russian spies from the United States following the poisoning of Sergei and Yulia Skripal, as part of a joint effort with European allies who also expelled 50 alleged spies. The White House also ordered the closure of the Russian consulate in Seattle, based on the belief that the consulate was serving as a key base of operations for the Russian intelligence operations in the U.S.[42] U.S. officials at the time estimated over 100 Russian spies posing as diplomats in the United States prior to the order.[43]
Cyber espionage has been more widely used after the Cold War.
During the Illegals Program up to 2010, Russian agents used steganography to exchange information, where concealed messages were inserted into otherwise innocuous files.[44]
In April 2015, CNN reported that "Russian hackers" had "penetrated sensitive parts of the White House" computers in "recent months." It was said that the FBI, the Secret Service, and other US intelligence agencies categorized the attacks "among the most sophisticated attacks ever launched against US government systems."[45]
The 2020 United States federal government data breach has been blamed on Russian state-backed hacker groups by most sources.[46][47][48] The cyberattack and data breach were reported to be among the worst cyber-espionage incidents ever suffered by the U.S., due to the sensitivity and high profile of the targets and the long duration (eight to nine months) in which the hackers had access.[54] Within days of its discovery, at least 200 organizations around the world had been reported to be affected by the attack, and some of these may also have suffered data breaches.[46][55][56] Affected organizations worldwide included NATO, the U.K. government, the European Parliament, Microsoft and others.[55]
On July 1, 2021 a cybersecurity advisory from the NSA, FBI, CISA, and British NCSC warned of a GRUbrute-force cyberattack campaign against American government and private sector organizations, as well as foreign and global organizations (particularly those in Europe), aimed at stealing data. Primary targets included the American government and military; defense, energy, and logistics industries; and political organizations. As of the July 2021 advisory, the campaign, which started in mid-2019, is still ongoing.[57]
According to a declassified DNI report released on March 16, 2021, there was evidence of broad efforts by Russia (and Iran) to shape the 2020 U.S. presidential election's outcome. However, there was no evidence that any votes, ballots, or voter registrations were directly changed. Russia's efforts had been aimed at "denigrating President Biden's candidacy and the Democratic Party, supporting former President Trump, undermining public confidence in the electoral process, and exacerbating sociopolitical divisions in the US", central to Moscow's interference effort having been reliance on Russian intelligence agencies′ proxies “to launder influence narratives” by using media organizations, U.S. officials and people close to Trump to push “misleading or unsubstantiated” allegations against Biden.[58][59][60][61]
The report specifically identified individuals controlled by the Russian government as having been involved in Russia's interference efforts, such as Konstantin Kilimnik and Andrii Derkach.[62] The report said that Putin was likely to have had "purview" over the activities of Andrii Derkach.[58] According to the report, Putin had authorized the Russian influence operations.[58][63] Following the publication of the DNI report, House Intelligence Committee Chairman Adam Schiff issued a statement that said, "Through proxies, Russia ran a successful intelligence operation that penetrated the former president’s inner circle."[64]
According to a report by Oxford researchers including sociologist Philip N. Howard, social media played a major role in political polarization in the United States, due to computational propaganda -- "the use of automation, algorithms, and big-data analytics to manipulate public life"—such as the spread of fake news and conspiracy theories. The researchers highlighted the role of the Russian Internet Research Agency in attempts to undermine democracy in the US and exacerbate existing political divisions. The most prominent methods of misinformation were "organic posting, not advertisements", and influence operation activity increased after the 2016 election and was not limited to the election.[65][66] Examples of efforts included "campaigning for African American voters to boycott elections or follow the wrong voting procedures in 2016", "encouraging extreme right-wing voters to be more confrontational", and "spreading sensationalist, conspiratorial, and other forms of junk political news and misinformation to voters across the political spectrum."[65]
^Weiss, Michael (December 27, 2017). "Revealed: The Secret KGB Manual for Recruiting Spies". The Daily Beast. Retrieved January 2, 2018. The foreign arm is today known as the SVR, which is the actual successor of the First Chief Directorate; the Andropov Red Banner Institute, in fact, is now called the SVR Academy.
^Evan Perez; Shimon Prokupecz (8 April 2015). "How the US thinks Russians hacked the White House". CNN. Retrieved 17 December 2016. Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system, according to U.S. officials briefed on the investigation.