A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.

Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.

It was designed to steal encrypted files – and was even able to recover files that had been deleted.

One expert described the attack find as “very significant”.

“It appears to be trying to suck up all the usual things – word documents, PDFs, all the things you’d expect,” said Prof Alan Woodward, from the University of Surrey.

“But a couple of the file extensions it’s going after are very specific encrypted files.”

In a statement, Kaspersky Labs said: “The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.

“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.”
‘Carefully selected’

In an interview with the BBC, the company’s chief malware researcher Vitaly Kamluk said victims had been carefully selected.

“It was discovered in October last year,” Mr Kamluk said.

“We initiated our checks and quite quickly understood that is this a massive cyber-attack campaign.

“There were a quite limited set of targets that were affected – they were carefully selected. They seem to be related to some high-profile organisations.”

Red October – which is named after a Russian submarine featured in the Tom Clancy novel The Hunt For Red October – bears many similarities with Flame, a cyber-attack discovered last year.

Like Flame, Red October is made up of several distinct modules, each with a set objective or function.

“There is a special module for recovering deleted files from USB sticks,” Mr Kamluk said.

“It monitors when a USB stick is plugged in, and it will try to undelete files. We haven’t seen anything like that in a malware before.”

Also unique to Red October was its ability to hide on a machine as if deleted, said Prof Woodward.

“If it’s discovered, it hides.

“When everyone thinks the coast is clear, you just send an email and ‘boof’ it’s back and active again.”
Cracked encryption

Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common.

Prof Woodward explained that while Cryptofiler is no longer used for extremely sensitive documents, it is still used by the likes of Nato for protecting privacy and other information that could be valuable to hackers.

Red October’s targeting of Cryptofiler files could suggest its encryption methods had been “cracked” by the attackers.

Like most malware attacks, there are clues as to its origin – however security experts warn that any calling cards found within the attack’s code could in fact be an attempt to throw investigators off the real scent.

Kaspersky’s Mr Kamluk said the code was littered with broken, Russian-influenced English.

“We’ve seen use of the word ‘proga’ – a slang word common among Russians which means program or application. It’s not used in any other language as far as we know.”

But Prof Woodward added: “In the sneaky old world of espionage, it could be a false flag exercise. You can’t take those things at face value.”

Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses. In simpler terms, this means that large numbers of computers were infected in single locations – possibly government buildings or facilities.

A 100-page report into the malware is to be published later this week, the company said.

14 January 2013 Last updated at 13:26 GMT
By Dave Lee
Technology reporter, BBC News

Find this story at 14 Januar 2013

BBC © 2013 The BBC is not responsible for the content of external sites. Read more.

Researchers say the cyber attack has been in operation since 2007 – and is still running
Operation described as ‘massive’ and has stolen ‘several terabytes’ of data
Security firm which discovered the attacks claims there is ‘strong technical evidence the attackers have Russian-speaking origins’- but say a private firm or rogue nation could be behind the network.
Targets included diplomatic and governmental agencies of various countries across the world, research institutions, energy and nuclear groups, and trade and aerospace firms

A major cyber-attack that has been stealing information from high level government computers around the world since 2007 has been discovered.

Kaspersky Labs, which made the discovery, said in addition to diplomatic and governmental agencies of various countries across the world, Red October also targeted research institutions, energy and nuclear groups, and trade and aerospace targets.

The firm even said the malware was used to infiltrate smartphones of government workers to electronically steal information.

The full extent of the Red October operation is revealed in this infographic, showing how it has hit countries across the globe

WHAT HAS BEEN STOLEN?

The main objective of the attackers was to gather sensitive documents from the compromised organisations.

This included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment.

Overall, Kaspersky said over 7 terabytes, or 7,000GB data has been stolen.

The primary focus of the campaign was targeting countries in eastern Europe.

‘Former USSR Republics and countries in Central Asia were targeted, although victims can be found everywhere, including Western Europe and North America’, said Kaspersky Lab, an antivirus software firm which made the discovery.

‘The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,’

Red October, which has been active since at least 2007, appears to collect files encrypted with software used by several entities from the European Union to Nato.

Kaspersky said Red October also infected smartphones, including iPhones, Windows Mobile and Nokia handsets.

It is believed to be still operating, although since the research was published, the attackers are believed to have started dismantling the system to protect their identities.

‘The project started in October 2012, we received a suspicious executable from a partner,’ Vitaly Kamluk, Chief Malware Expert at Kaspersky Lab told MailOnline.

‘We checked and began to understand what we had was quite massive – we found 1,000 different files in a few weeks, each of them a personalised email.’

Mr Kamluk said the attacks were highly customised.

‘There are a very limited number of machines, around 1,000 around the world, but every target is carefully selected.’

‘We extracted language used and found Broken English was used, with Russian words thrown in, such as Proga, commonly used among Russian programmers.

‘However, we are not pointing fingers at Russia – just that Russian language has been spotted.

‘It could be any organisation or country behind this, it could be nation states or a private business or criminal group.

HOW RED OCTOBER WORKS

One of the fake emails used to infect computers

Red October is a malware attack.

Initially the malicious code was delivered via e-mail as attachments (Microsoft Excel, Word and, probably PDF documents) which were rigged with exploit code for known security vulnerabilities in the various applications.

Intended targets received personalised correspondence based on gathered intelligence on individual people (an example is on the right).

These attacks comprised of two major stages:

Initial infection: Right after the victim opens the malicious document on a vulnerable system, the embedded malicious code initiates the setup of the main Red October software on the machine.

This handles further communication with the master servers run by the hackers, and can survive the computer being restarted.

Spying: Next, the system receives a number of additional spy modules from the hacker’s server, including modules to handle infection of smartphones – the team said iPhones, Windows phones and Nokia handsets were seen on the network.

The specific modules are customised for each mobile depending on the infomration the hackers wanted.

The main purpose of the spying modules is to steal information.

All gathered information is packed, encrypted and only then transferred to the Red October command servers.

Other modules were designed to target files encrypted using a system known as Cryptofiler – an encryption standard that used to be in widespread use by intelligence agencies but is now less common

The campaign, identified as ‘Rocra’, short for ‘Red October’, is currently still active with data being sent to multiple command-and-control servers, through a configuration which rivals in complexity the infrastructure of the Flame malware.

Kaspersky’s research indicated there were 55,000 connection targets within 250 different IP addresses.

Most infection connections were found coming from Switzerland, followed by Kazakhstan and Greece.

‘There is senstitive geopolitical information being stolen, which is very valuable,’ said Mr Kamluk.

Kaspersky estimate there were 20-30 developers working full time on this, and all were ‘very experienced programmers’.

…

By Mark Prigg

PUBLISHED: 14:39 GMT, 16 January 2013 | UPDATED: 14:56 GMT, 16 January 2013

Find this story at 16 Januar 2013
© Associated Newspapers Ltd

Hoffman, 39, is set to remain in custody until a detention hearing on Tuesday.

A former U.S. Navy officer has been detained for attempting to hand over secret information on tracking U.S. submarines to Russian intelligence.

CNN reported Thursday that submarine specialist Robert Patrick Hoffman II was detained Thursday morning in Virginia Beach, Virginia, while trying to pass classified information to CIA operatives posing as Russian agents.

…

07 December 2012
The Moscow Times

Find this story at 6 December 2012

© Copyright 2013. The Moscow Times. All rights reserved.

A former Navy sailor has been arrested and charged with attempting to pass classified information about U.S. submarines to Russian spies.

Robert Patrick Hoffman II was arrested by agents from the FBI and the Naval Criminal Investigative Service (NCIS) this morning at his home in Virginia Beach.

According to the indictment returned by a federal grand jury in Norfolk, Va., Hoffman served in the Navy for 22 years and achieved the rank of petty officer first class. Hoffman worked as a cryptological technician where he had access to classified information about codes and signals intelligence. Hoffman, who served as a submarine warfare specialist, retired from active duty on Nov. 1, 2011.

The indictment alleges that on Oct. 21, 2012 Hoffman attempted to pass information “relating to the national defense of the United States, including information classified as SECRET that revealed and pertained to methods to track U.S. submarines, including the technology and procedures required.”

Hoffman believed he was meeting with representatives from the Russian government but in actuality they were undercover FBI agents.

“The indictment does not allege that the Russian Federation committed any offense under U.S. laws in this case,” the Justice Department noted in the press release announcing the case.

…

Dec 6, 2012 4:43pm

Find this story at 6 December 2012

Copyright © 2013 ABC News

A retired cryptologic technician allegedly attempted to deliver sub-tracking secrets to the Russians, but ended up caught in an FBI sting instead.

A federal grand jury charged retired Cryptologic Technician 1st Class (SS) Robert Patrick Hoffman II on Wednesday with attempted espionage, according to an FBI release. The former sailor earned a top secret security clearance while in the Navy, according to the release, and allegedly offered secret information to the Russians in October.

The “Russians” were actually part of an undercover FBI operation, according to the release. Hoffman, 39, was arrested Thursday morning “without incident” and is scheduled to be in federal court in Norfolk, Va., on Thursday afternoon.

…

He retired Oct. 31, 2011, about a year before his alleged espionage.

By Kevin Lilley – Staff writer
Posted : Thursday Dec 6, 2012 13:52:16 EST

Find this story at 6 December 2012

All content © 2013, Gannett Government Media Corporation

A CANADIAN spy who compromised Australian intelligence information has pleaded guilty to espionage, having reportedly sold secrets to Russia for $3000 a month.

Canadian naval officer Jeffrey Paul Delisle’s guilty plea in Nova Scotia’s supreme court on Wednesday has ensured that the Canadian, United States and Australian governments will not be embarrassed by a jury trial that would have revealed details of one of the worst Western security breaches since the end of the Cold War.

Delisle’s sale of top-secret intelligence to Russian agents was the subject of high-level consultation between the Australian and Canadian governments last January and was discussed at a secret international conference of Western security agencies at Queenstown, New Zealand, in February.

Fairfax Media reported in July that Australian security sources had privately acknowledged the massive security breach compromised Western intelligence information and capabilities.
Advertisement

The Australian Security Intelligence Organisation was also briefed on the case through liaison with the Canadian Security Intelligence Service.

Sub-Lieutenant Delisle worked at the Royal Canadian Navy’s Trinity intelligence and communications centre at Halifax, Nova Scotia. A naval intelligence and security analyst, he had access to a top-secret computer network code-named Stone Ghost that connects the defence intelligence agencies of the US, Britain, Canada, Australia and New Zealand.

Australian security sources say much of the information Delisle sold was top-secret signals intelligence collected by the five agencies.

Delisle’s guilty plea means that few details of the espionage case have or will be made public.

However, newly released information from Delisle’s bail hearing in January has revealed that facing chronic financial difficulties, he began a four-year espionage career by walking into the Russian Embassy in Ottawa in 2007. Wearing civilian clothes, Delisle displayed his Canadian military identification badge and asked to meet someone from GRU, the Russian military intelligence service.

…

October 12, 2012
Philip Dorling

Find this story at 12 October 2012

Copyright © 2013 Fairfax Media

Petty officer gathered secret coding programs and met two people he thought were Russian agents, court hears

Edward Devenney admitted discussing information relating to the movement of nuclear submarines. Photograph: Gaz Armes/ MoD Crown Copyright/PA

A Royal Navy submariner was caught trying to sell secrets to Russia in a sting operation led by the security services, the Guardian understands.

Edward Devenney, 30, pleaded guilty on Tuesday to collecting secret coding programs used by the British and attempting to pass the classified information on to Moscow.

Devenney, who is formerly from Northern Ireland, was a submariner on HMS Vigilant, a Trident nuclear submarine, when he decided to pass on secrets to the “enemy”, it is understood. The submarine – one of four that make up the UK’s nuclear deterrent – is normally based at Faslane in Scotland but had been refuelling at Devonport dock in Plymouth when Devenney’s activities raised the suspicions of his senior officers.

Devenney’s motivation, it is believed, was unhappiness with his situation and a degree of anger towards his employers after being passed over for promotion, rather than an issue of ideology or money.

A prolific tweeter, his behaviour raised the suspicions of his senior officers and over a period of months an undercover operation was carried out.

This led to Devenney contacting two people he believed were from the Russian secret service and discussing information relating to the movement of nuclear submarines with them. However, he was in fact talking to British agents.

Devenney was arrested and charged under the Official Secrets Act. He appeared at the Old Bailey in London and pleaded guilty to gathering details of encryption programs in breach of the act.

The charge related to collecting information for a purpose prejudicial to the safety of the state between 18 November 2011 and 7 March 2012. The information was described in court as “crypto material” – or codes used to encrypt secret information – which could be useful to an enemy.

Devenney also admitted a charge of misconduct in a public office in relation to a meeting with two people he believed were from the Russian secret service. He admitted meeting the two individuals and discussing the movement of nuclear submarines with them. He denied a further count of communicating information to another person. The Crown Prosecution Service would not pursue this charge, the court heard.

…

Sandra Laville, crime correspondent
guardian.co.uk, Tuesday 13 November 2012 13.15 GMT

Find this story at 13 November 2012
© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Threat: Edward Devanney took photographs on board HMS Vigilant

A Royal Navy petty officer was jailed for eight years today after taking mobile phone pictures in the top-secret communications room of a nuclear submarine and planning to pass information to the Russians.

Edward Devanney secretly photographed canisters holding code systems used throughout Britain’s armed forces, which are normally locked in a safe.

Such a security breach could have jeopardised any chance of British submarines operating undetected by the enemy, the Old Bailey heard. Navy chiefs still do not know how he was able to open the safe and take the photos undetected.

Mr Justice Saunders told him: “You were prepared to betray your country and your colleagues. It needs to be understood by those who may be tempted to pass on secrets that long sentences will follow even unsuccessful attempts.”

Devanney rang the Russian embassy 11 times and later made contact with two men called Dimitri and Vladimir he believed to be enemy agents. He told them he was disillusioned with the Navy saying: “I’m just a bit p***** off with them. I know it’s petty but I just want to hurt them.”

…

Paul Cheston

12 December 2012

Find this story at 12 December 2012

© 2012 Evening Standard Limited

A disillusioned Royal Navy submariner betrayed his country by trying to pass nuclear sub secrets to Russian agents because he wanted to “hurt” the Navy.

Petty Officer Edward Devenney was jailed for eight years yesterday for breaching the official secrets act after being caught in an elaborate MI5 sting operation.

He spent three months in contact with men who he thought were two Russian spies but were actually British agents, the Old Bailey heard.

He continued with his plan, done in revenge for not being promoted, despite having suspicions and even told one: “Your accent sounds remarkably fake, like British intelligence”.

A communications engineer, he offered highly sensitive details of the movements of nuclear submarines and of a previous secret operation.

He also photographed top secret code information that could have caused “substantial damage to the security of the UK”.
The case last night also raised questions over Royal Navy security because Devenney had been able to access the code material from a locked safe.

He was also allowed to remain in his sensitive post despite having problems with drink and depression after being charged with rape, for which he was later acquitted, and had been warned he would be sacked after showing signs of erratic behaviour such as going absent without leave.

Passing sentence, Mr Justice Saunders said: “This is a very serious case. The defendant was prepared to betray his country and his colleagues.”

Devenney, 30, from County Tyrone, had been a “blue-eyed boy” with a promising future in the Royal Navy, which he had served loyally for more than ten years, the court heard.

Lord Carlile QC, defending, said his career went “awry” in 2010 after he was charged with alleged rape, for which he was acquitted.

He began drinking excessively and became depressed and the following year asked to be removed from a promotion training course for 12 months.

However, he later decided he had been treated badly by the Navy and wanted to “hurt” them, Mark Dennis, prosecuting, said.

In November last year he began calling the Russian embassy in London, including 11 calls on one day shortly after a 12 hour binge drinking session.

At the time he was stationed on the nuclear submarine HMS Vigilant, which was in Plymouth undergoing a refit.

The following month he was contacted by a man called “Dima” who claimed to be from the Russian embassy.

A week later another man called Vladimir called claiming to be a colleague of Dima.

A series of phone calls and text messages were exchanged in which Devenney said he was “****** off” with the Royal Navy and that they could “help each other”.

In January, it was arranged he would meet Vladimir at the British Museum in London and the pair then met Dima in a nearby hotel room.

During the secretly filmed meeting, Devenney offered details of a previous secret operation by HMS Trafalgar, a hunter killer submarine, and various movement dates of two nuclear submarines.

Such advance notice could allow an enemy state time to set up equipment to record the sub’s unique signature information which would have meant it could have been tracked anywhere in the world, the court heard.

Two days after first contacting the Russian embassy, Devenney also managed to get into a locked safe on board HMS Vigilant and take three photographs of part of a secret code for encrypted information.

The pictures were placed on his laptop but he never passed them on or even mentioned them during his later meeting with the “Russians”.

Devenney pleaded guilty to breaching the Official Secrets Act by gathering classified information and misconduct by meeting the supposed spies.

The judge said he was passing a deterrent sentence because “those who serve their country loyally must know that those who don’t will receive proper punishment.”

…

By Tom Whitehead, Security Editor

5:15PM GMT 12 Dec 2012

Find this story at 12 December 2012

© Copyright of Telegraph Media Group Limited 2013

An member of the British Royal Navy has been arrested in a counterintelligence sting operation, after trying to sell top-secret government documents to people he believed were Russian operatives. Petty Officer Edward Devenney, who has been in the Royal Navy for over a decade, was arrested earlier this week while meeting with two MI5 officers posing as Russian spies. Originally from Northern Ireland, Devenney, 29, appears to have been motivated by disgruntlement against the Navy, after his planned promotion to commissioned officer was halted due to financial austerity measures imposed on the military by the British government. According to the court indictment, Devenney contacted an unnamed “embassy of a foreign country” in London, offering to provide classified information in exchange for money. It is unknown at this point how exactly MI5, the British government’s foremost counterintelligence organization, became privy to the content of Devenney’s communication with officials at the unidentified embassy. What is known is that, after several messages were exchanged between the parties, Devenney arranged to meet two people he believed were Russian government employees. In reality, the two individuals were MI5 officers, who were able to film the clandestine meeting. Devenney was apparently arrested on the spot, having first announced that he wished to “hurt the Navy” because his promotion to a commissioned officer had been “binned” by the British government. He also shared with them classified information, which British government prosecutors say he collected meticulously between November 19, 2011, and March 7 of this year. The information consisted of cryptological material, including encryption codes for British naval communications, operational details about the now decommissioned submarine HMS Trafalgar, as well as “the comings and goings of two nuclear submarines”.

…

November 15, 2012 by Joseph Fitsanakis 5 Comments

By JOSEPH FITSANAKIS | intelNews.org |

Find this story at 15 December 2012

Vijfhonderdduizend euro zwijggeld heeft het ministerie van Defensie geboden aan ex-agent I.A. (42) van de militaire inlichtingendienst MIVD. Op geheime bandopnamen – in bezit van De Telegraaf – biedt mr. Marc Gazenbeek, directeur juridische zaken bij het ministerie van Defensie, duidelijk hoorbaar het ’ongelooflijk mooie’ geldbedrag aan, zoals hij zelf zegt.

In ruil moet de ex-agent alle juridische procedures staken tegen de ministeries van Defensie en van Buitenlandse Zaken. Bij de onderhandelingen tussen de ex-agent en Defensie waren ook landsadvocaat Eric Daalder aanwezig en I.A.’s advocaat Michael Ruperti.

…

door Bart Olmer en Charles Sanders

vr 18 jan 2013, 05:30

Find this story at 18 Januar 2013

© 1996-2013 TMG Online Media B.V., Amsterdam.

Willi Voss started as a petty criminal in Germany’s industrial Ruhr Valley. Before long, though, he found himself helping the PLO, even playing a minor role in the 1972 Munich Olympics attack. He went on to become a valuable CIA informant, and has now written a book about his life in the shadows. By SPIEGEL Staff

In the summer of 1975, Willi Voss was left with few alternatives: prison, suicide or betrayal. He chose betrayal. After all, he had just been betrayed by the two men whom he had trusted, and whose struggle had forced him to lead a clandestine existence.

It was Palestinian leader Yasser Arafat’s closest advisers who had used him and jeopardized his life: Abu Daoud, the mastermind behind the terror attack on Israeli athletes at the 1972 Summer Olympics in Munich, and Abu Iyad, head of the PLO intelligence service Razd.

Voss, a petty criminal from West Germany’s industrial Ruhr region, in cahoots with Palestinian leaders who were feared around the world? It took a number of coincidences and twists of fate in Voss’ life before he found himself in such a position, but here he was on a mission for the Palestinians — in a Mercedes-Benz, traveling from Beirut to Belgrade, together with his girlfriend Ellen, so it would all look like a vacation trip.

His job was to deliver the car, Iyad and Daoud had said. But they had neglected to mention that the Mercedes contained automatic weapons, a sniper rifle and explosives, which were hidden in a secret compartment and consisted of a number of packages, each weighing 20 kilos (44 pounds) — complete with fully assembled detonators made of mercury fulminate, a highly unstable substance. If Voss had gotten into an accident or hit a deep pothole, he, the car and his girlfriend would have been blown to pieces.

Voss only found out about his dangerous cargo when Romanian customs officials tore the vehicle apart. The only thing that saved the 31-year-old and his companion from ending up behind bars was the fact that the PLO maintained excellent ties with the Romanian regime. Romanian officials placed the two Germans in a car driven by a couple of pensioners from the Rhineland region, who were on their way back home to Germany after a vacation. Voss and his girlfriend hopped out in Belgrade. This was the end of the road for them — and, as Voss recalls today, the day when they had to make a fateful decision: prison, suicide or betrayal?

Becoming a Defector

Prison: In Germany there was a warrant for Voss’ arrest. A few years earlier, he had been taken into custody during a raid at the Munich home of a former SS officer who was in league with neo-Nazis. Investigators had secured weapons and explosives from the PLO along with plans for terror attacks and hostage-taking missions in Cologne and Vienna.

Suicide: Voss and his companion spent three days and nights in a tawdry hotel in Belgrade, where they continuously debated whether they should put an end to their lives. But they decided against this option as well.

That left only betrayal. Voss and his girlfriend went to the American embassy, demanded to speak to a diplomat and made the statements that would add yet another twist to his already eventful life: “I am an officer of Fatah. This is my wife. I’m in a position to make an interesting offer to your intelligence agency.”

Voss became a defector. He went from being an accomplice of Palestinian terrorists to a member of the US intelligence agency — from a handmaiden of terror to a CIA spy. As if his first life were not eventful enough, Voss opted for a second life: as a CIA spook with the codename “Ganymede,” named after the kidnapped lover of Zeus, the father of the gods in Greek mythology.

His career as an undercover agent took him from Milan and Madrid back to Beirut and the headquarters of the PLO intelligence service. “Ganymede” provided information and documents that helped thwart attacks in the Middle East and Europe. Duane Clarridge, the legendary and infamous founder of the CIA Counterterrorist Center, even gave him the mission of catching top terrorist Carlos, “The Jackal.”

Today, as he sits in a Berlin café and talks about his life, the gray-haired man clad in a black leather jacket appears at times bitingly ironic, at times shy and prone to depression — making it all the more difficult to reconcile him with the daredevil who lived through this lunacy.

‘Naked Fury’

Voss, who was called Pohl until he adopted the name of his first wife, often says: “That’s exactly how it was, but nobody believes it anyway” — as if he himself had trouble tying together all the loose ends of his life to create a coherent biography. He is 68 years old and wants to get one thing straight: He has never been a neo-Nazi, he insists. “I was a stray dog — one that had been kicked so often that it wanted to bite back, no matter how,” says Voss. “If I had met Andreas Baader at the time,” he contends, “I would have presumably ended up with the Red Army Faction.”

It’s a statement that only becomes plausible when one considers the other formative experiences of his life. He recounts that his childhood was marred by violence, sexual abuse and other humiliations. “As a child, I constantly faced situations in which I was completely powerless,” says Voss, “and that triggered a naked fury, utter shame and the feeling that I was the most worthless thing in the world.”

As a teenager, he sought to escape this world by joining a clique of young rowdies whose dares including stealing mopeds for joy rides. That got him a year in juvenile detention.

This could have led to a small, or even substantial, career as a criminal in the industrial Ruhr region. But in 1960, Voss met Udo Albrecht in prison, who later became a major figurehead in the German neo-Nazi scene. Albrecht fascinated his fellow prisoners with his dream of using mini submarines to smuggle in diamonds from the beaches of southwest Africa.

Yes, he actually believed this nonsense at the time, admits Voss. Politics didn’t come into the picture until later on, he says, when the two jailbirds met in another prison in 1968. This time Voss was doing time for breaking and entering. “Albrecht talked and acted then like an unabashed Nazi,” says Voss. But he says that this did nothing to diminish his friendship with the self-proclaimed leader of the “People’s Liberation Front of Germany.”

Hooking Up with the Palestinians

Voss’ connection with the PLO began when he helped smuggle his buddy Albrecht out of prison in a container. The neo-Nazi slipped away to Jordan, where he hooked up with the Palestinians. When Daoud, the architect of the Munich massacre, asked him if he knew a reliable man in Germany, Albrecht recommended his prison pal from the Ruhr region.

Voss made himself useful. In Dortmund he purchased a number of Mercedes sedans for Daoud — and he established contact to a passport forger in his circle of acquaintances. Today, Voss believes that he was even involved in the preparations for the Munich attack. For a number of weeks, he says, he drove the leader of Black September, a terrorist group with ties to the PLO, “all across Germany, where he met with Palestinians in various cities.”

The Palestinians used him to handle other jobs, as well: “I was to hold a press conference in Vienna, in which I would comment on a mission that I would only find out about once it was successfully completed,” as the PLO chief of intelligence Iyad had told him. When Voss saw the images on TV, he realized that the “mission” was the massacre at the 1972 Summer Olympics. Instead of securing the release of hundreds of Palestinian prisoners, as the hostage-takers had demanded, it ended in a bloodbath: Nine Israeli hostages, five Palestinian terrorists and one German policeman died.

Six weeks later, Voss was arrested in Germany. He had machine guns and hand grenades that stemmed from the same source as the weapons used by the Palestinian hostage-takers in Munich. This marked the beginning of wild negotiations initiated by Voss’ lawyer Wilhelm Schöttler, who sent a letter with a “classified” offer to Federal Minister for Special Affairs Egon Bahr.

The offer was simple: Release Voss to allow for negotiations with Black September. The objective was to prevent further attacks on German soil. Today, it is known that high-ranking officials at the Foreign Ministry met with the lawyer, who was considered a right-wing radical, and discussed an ongoing series of demands until March 1974, when then-Interior Minister Hans-Dietrich Genscher decided to end the negotiations.

Looking for Carlos
Six days later, a court in Munich handed Voss a relatively mild prison sentence of 26 months for contravening the War Weapons Control Act.

In December of 1974, his sentence was suspended despite the fact that he was still under investigation on suspicion of being a member of Black September. In Feb. 1975, he slipped out of Germany and headed back to Beirut, where he was soon serving the Palestinian cause again — right up until that big turning point in his life when he drove a car packed with weapons and explosives to the Romanian border in the summer of 1975.

Even today, one can sense the enormous respect that CIA veterans still have for their former German agent. “I’ve often wondered if he made it,” says Terrence Douglas, “although we are trained to keep our distance and to forget everything after the job is done and move on.”

Douglas, codename “Gordon,” was Voss’ commanding officer at the CIA. He has a very high opinion of his operative “Ganymede”: “Willi was a very cool guy. He was creative and a bit crazy — we spent a very, very intense time together.”

It takes a healthy dose of courage to secretly photograph documents at the PLO intelligence service headquarters. “Ganymede” foiled attacks in Sweden and Israel, identified terror cells in diverse countries and supplied information on collaborations between the neo-Nazi Albrecht and his accomplices with Arafat’s Fatah. And, as if all that were not enough, Voss lived next door to top terrorist Abu Nidal.

Surprisingly, though, the CIA agents stationed in Belgrade and Zagreb who Voss first met were not particularly thrilled with the young German. “They thought he was too boring,” says Douglas with a laugh. “But they had no clue. They didn’t know about the Black September list of people to be released with the hostage-taking at the Saudi Arabian embassy in Sudan in March 1973.”

Refusing to Tell the Truth

Members of the terror organization had also sought the release of a German during their operation in Sudan: Willi Voss. “That was his reference,” says Douglas. “That’s the reason why we were excited by him.”

The CIA made sure that Voss no longer had to fear being arrested in Germany. “It was clear to him that he couldn’t continue with his previous lifestyle,” says Douglas. “He wanted to survive and someday be able to settle again undisturbed in Germany,” he recalls. “After all, he had a wife, and she had a 10-year-old kid. It was a package deal, I took care of them.”

“As always in such situations, we informed the CIA office in Bonn, and they arranged everything with the BND or the BKA, depending on the situation,” says spymaster Clarridge, referring to Germany’s foreign intelligence agency and domestic criminal investigation agency respectively. Only a few weeks after the first meeting, the German arrest warrant had been rescinded.

Today, German authorities still refuse to tell the truth about these events. In the wake of revelations published in a June 2012 SPIEGEL article on the Munich massacre, Bavarian state parliamentarians Susanna Tausendfreund and Sepp Dürr of the Green Party demanded that the state government reveal “what documents from what Bavarian government agencies responsible at the time (exist) … on Willi Voss.”

In late August 2012, the Bavarian Interior Ministry responded — and it had a surprise. Ministry officials said that Voss had submitted a plea for clemency, which had received a positive response. “The content of this plea for clemency,” they noted, however, was “classified.” This is demonstrably false. Voss has never submitted a plea for clemency.

On the Terrace of an Athens Hotel

In any case, the deal certainly paid off for the Americans: Voss didn’t disappoint them, even at risk of life and limb. In the fall of 1975, the Christian Phalange militia in Lebanon held him captive because they thought he was what he pretended to be — a German member of Black September.

For weeks, Voss endured torture and mock executions without blowing his cover. For the CIA, this was a recommendation for an even riskier job. When Voss was released, he was told to hunt down Carlos, “The Jackal,” who, as a terror mercenary employed by Libyan revolutionary leader Moammar Gadhafi, had stormed OPEC headquarters in Vienna, and was committing murders for Palestinian terror groups.

Voss traveled to Athens. On the terrace of a hotel with a view of the Acropolis, not only Douglas, but also Clarridge — who had specially flown in from Washington — were waiting to meet the daring German operative. In his memoirs, Clarridge described the meeting as follows: “Just hours before I had left headquarters at Langley on this trip, a very senior clandestine service officer asked to see me alone in his office on the seventh floor. He could be excruciatingly elliptical when he desired — and this was such an occasion. Referring to my meeting with this agent in Athens, he hinted that if the agent could set up Carlos to be taken by a security service, it would be a boon for mankind and worth a bonus. I recall ten thousand dollars being mentioned. If Carlos were killed in the process, so be it. I acknowledged that I understood and left for Athens.”

Voss’ job was to find out where the Jackal was staying. But “Ganymede” lost his nerve this time. “Abu Daoud had told me that Carlos had a place in Damascus, not far from his own apartment,” Voss recalls today. “If something had happened to him, the people at the PLO intelligence service would have automatically suspected me. I found that too risky.”

‘CIA Beats Nazi’

In retrospect, his CIA contact Douglas was extremely happy about this decision. On December 6, 2012, after meeting with SPIEGEL, he sent an e-mail to his former agent: “I was delighted to hear that you are ageing gracefully — the alternative would have been unthinkable for me. … Let me say, I hold you in deep respect for your courage, quickness, wry humor, dedication and trustworthiness.” Douglas had written a book before he found out that Voss had survived his adventurous life. It’s a novel about a “plot in the Middle East” entitled: “Ganymede”.

Voss is also writing books; his third life. He specializes in crime thrillers and screenplays, having completed some 30 works since the late 1970s. But the author has never dared to tackle the most thrilling material of all — his complete life story.

Now, he’s telling the story for the first time. The German title of his book is “UnterGrund” (“Under Ground”) and, according to the preface, readers should not expect “a written confession seeking forgiveness.” Instead, he notes that “this is an account of events that, for security reasons, I thought I would have to keep secret forever.” Voss intends to save his honor and provide an explanation for his actions. In order to report on the 1972 Munich massacre, last spring SPIEGEL had applied for the release of classified files and written two articles mentioning Voss’ role in the attack. Afterwards, at least in the author’s eyes, his reputation was in tatters.

…

BY KARIN ASSMANN, FELIX BOHR, GUNTHER LATSCH and KLAUS WIEGREFE

01/02/2013 06:07 PM

Find this story at 2 January 2013

© SPIEGEL ONLINE 2013

A German far-right militant, whose animosity against Jews led him to aid Palestinians kill Israeli athletes in the 1972 Munich massacre, says he was later recruited by the United States Central Intelligence Agency. Willi Pohl, also known as Willi Voss, 68, was arrested by German authorities a few weeks after Palestinian terrorist group Black September stormed the Olympic village in Munich and took hostage 11 Israeli athletes. All of them were eventually killed by their captors during a botched escape attempt at the nearby Fürstenfeldbruck airport. Voss, who was a known neo-Nazi activist at the time, was charged with possession of weapons and providing logistical support to the Black September militants. However, after his sentence was suspended, Voss managed to secretly emigrate to Beirut, Lebanon, where he was recruited as an agent of Jihaz el-Razd, the intelligence service of the Fatah, the main group in the Palestine Liberation Organization. But in 1975, while on a PLO mission in Belgrade, Yugoslavia, he decided to switch sides. He made the decision after discovering that the car he and his girlfriend were transporting on behalf of the PLO from Beirut to Belgrade contained weapons and highly unstable explosives. He says that the PLO had apparently failed to mention the existence of the hidden items when they asked him to transport the car to Europe. According to Voss’ new book, which has just been published in Germany under the title UnterGrund (Underground), the guns and explosives were discovered by customs officers in Romania (then Rumania); but because at that time the communist country was an ally of the PLO, Voss and his girlfriend were allowed to travel to Belgrade, minus the car and the weapons. Once in the Yugoslav capital, they made the decision to walk in the US embassy, identify themselves as agents of the Jihaz el-Razd and offer their services to Washington. In an interview with German newsmagazine Der Spiegel, published this week, Voss claims he was recruited by the CIA and given the operational codename GANYMEDE. The interview in Der Spiegel includes confirmation of Voss’ CIA role by his intelligence handler CIA officer Terrence Douglas. Douglas says he instructed Voss to return to the service of the PLO and Black September, which was a separate group, and provide the US with information about the activities of leading Palestinian militants from various factions, including Abu Daoud, Abu Nidal, and Abu Jihad, who led the Jihaz el-Razd.

…

January 4, 2013 by intelNews 5 Comments

By JOSEPH FITSANAKIS | intelNews.org |

Find this story at 4 January 2013

Explicit warnings that a terrorist attack might take place at the 1972 Munich Olympics were ignored by German officials, according to previously classified documents seen by SPIEGEL. The new details also reveal efforts to cover up the extent of their failure to stop the brutal murders of Israeli athletes.

It is no secret that the German authorities’ handling of the massacre of Israeli athletes during the 1972 Munich Olympics was characterized by bumbling and cover-ups. But new documents seen by SPIEGEL reveal that officials concealed even more — and more blatant — errors than previously thought. Indeed, there were even several warnings prior to the Games that an attack was imminent.

ANZEIGE

Previously classified documents from investigative officials, embassy dispatches, and cabinet protocols released to SPIEGEL by the Chancellery, Foreign Office and state and federal intelligence agencies have revealed the lengths to which officials went to hide their mistakes.

In the attack on Sept. 5, 1972, Palestinian terrorists killed 11 members of Israel’s Olympic delegation, along with one German police officer. Five of the eight terrorists from the Palestine Liberation Organization (PLO) terrorist group called “Black September” were also killed during the botched rescue attempt by German police at the Fürstenfeldbruck military airport, where the hostages were being held in two helicopters.

‘No Self-Criticism’

Already on Sept. 7, just one day after the memorial ceremony for the victims took place in Munich’s Olympic Stadium, a Foreign Ministry official told a special sitting of the federal cabinet what would ultimately become the maxim for both Bavarian and West German officials. “Mutual incriminations must be avoided,” a protocol for the meeting reads. “Also, no self-criticism.”

Just how closely this advice was followed can be seen in documentation from both the federal government and the Bavarian state government, which falsely described the “precision” with which the terrorists carried out their attack. In reality, officials knew that the “Black September” members were actually so poorly prepared that they even had trouble finding hotel rooms in Munich before their attack.

On the day of the attack, the Palestinians were even known to have gone right past the Israelis’ apartments in the Olympic village, encountering athletes from Hong Kong on an upper level of the building instead. An “analytic evaluation” of the attack by the Munich criminal police later explicitly determined that the terrorists had “conducted no precise reconnaissance” ahead of time.

But none of these details were revealed to the public. The fact that Bavarian state prosecutors in Munich were pursuing an investigation against police president Manfred Schreiber and his chief of operation on suspicion of negligent manslaughter also wasn’t mentioned in the document.

Clear Warnings

Concrete warnings of a potential attack also went unmentioned, despite the fact that they were so clear that their dismissal remains difficult to comprehend. On Aug. 14, 1972, a German embassy officer in Beirut heard that “an incident would be staged by from the Palestinian side during the Olympic Games in Munich.” Four days later, the Foreign Office forwarded the warning to the state intelligence agency in Bavaria, along with the recommendation to “take all possible available security measures” against such an attack.

Security agencies didn’t even register warnings that appeared in the press. On Sept. 2, three days ahead of the deadly hostage-taking, the Italian publication Gente wrote that terrorists from Black September were planning a “sensational act during the Olympic Games.” Only later — two days after the bloodbath in Munich — was the warning put on record through a tip-off from the Hamburg criminal police.

…

Released: July 23, 2012 | 12:20 PM

Find this story at 23 July 2012

© SPIEGEL ONLINE 2012

A classified file released by the FBI shows how the agency tracked Marilyn Monroe’s suspected ties to communism in 1956.

The agency documented an anonymous phone call to the New York Daily News that year warning that playwright Arthur Miller was a communist and Monroe had ‘drifted into the communist orbit’ after her marriage to him earlier that year.

The file is just one piece of the puzzle about what the FBI knew about the actress when she died in August 1962.

The Associated Press waging an ongoing campaign to have more of the FBI documents released by the agency, coinciding with the 50th anniversary Monroe’s death.

Being watched: Marilyn Monroe and her husband, playwright Arthur Miller were both suspected of communist activities by the FBI

The redacted document reveals that on July 11, 1956, the agency got a tip that an anonymous male caller phoned the Daily News to report that the actress’s company, Marilyn Monroe Productions, was ‘filled with communists’ and that money from the company was being used to finance communist activities.

The caller said Miller’s marriage to Monroe during a Jewish ceremony less than a months earlier was a ‘coverup.’

Miller, the man said, ‘was still a member of the CP (communist party) and was their cultural front man.’

The FBI has long made portions of its documents about Monroe public, but most of them are heavily redacted.

Surveillance: This FBI file documented an anonymous call to the New York Daily News. It’s unknown how the agency found out about it

However, the FBI claims it has lost its files on the actress and cannot release them.

Finding out precisely when the records were moved – as the FBI says has happened – required the filing of yet another, still-pending Freedom of Information Act request.

The most recent version of the files is publicly available on the bureau’s website, The Vault, which periodically posts FBI records on celebrities, government officials, spies and criminals.

The AP appealed the FBI’s continued censorship of its Monroe files, noting the agency has not given ‘any legal or factual analysis of the foreseeable harm that might result from the release of the full records.’

Marilyn Monroe is seen here with Jean Pierre Piquet, manager of Continental Hilton Hotel. The FBI has released a new version of files it kept on Monroe that reveal the names of some of her acquaintances who had drawn concern from the FBI

The star’s death was ruled likely drug overdose, but questions still remain about the FBI’s role in her life

Monroe’s star power and fears she might be recruited by the Communist Party during the tenure of longtime FBI Director J. Edgar Hoover led to reports being taken on her activities and relationships, including her marriage to playwright Arthur Miller.

Monroe’s file begins in 1955 and mostly focuses on her travels and associations, searching for signs of leftist views and possible ties to communism. The file continues up until the months before her death, and also includes several news stories and references to Norman Mailer’s biography of the actress, which focused on questions about whether Monroe was killed by the government.

…

By Daily Mail Reporter and Associated Press

PUBLISHED: 06:03 GMT, 28 December 2012 | UPDATED: 11:08 GMT, 28 December 2012

Find this story at 28 December 2012

© Associated Newspapers Ltd