Last Friday, Dutch officials revealed that they had arrested and expelled two alleged Russian intelligence agents who were caught attempting to hack into the Spiez Laboratory, a Swiss national laboratory that is home to the Swiss Federal Institute for NBC (Nuclear, Biological, and Chemical) Protection.
The Spiez lab was testing two sets of samples that were of interest to the Russian government on behalf of the Organization for the Prohibition of Chemical Weapons (OPCW): the "Novichok" agent used in an attack in the UK against former Russian spy Sergei Skripal and his daughter Yulia and samples from a poison gas attack in Syria. The OPCW's headquarters is in The Hague in the Netherlands, which may explain why the attack on the Spiez lab was launched from there.
The incident, reported both by Joep Dohmen of the Dutch newspaper NRC Handelsblad and by Thomas Knellwolf and Titis Plattner of the Swiss newspaper Tages Anzeiger, occurred this spring. The circumstances of the arrests were not shared. An investigation carried out jointly by the two papers found that the pair were arrested as the result of a joint operation by multiple European intelligence services in Europe, including the Dutch Military Intelligence and Security Service (MIVD). The Swiss intelligence service, the NDB, issued a statement confirming a "case of Russian spies discovered in The Hague and then expelled."
The timing coincides with the announcement by Netherlands Prime Minister Mark Rutte on March 26 that his government was expelling two Russian diplomats. In April, Russian foreign minister Sergei Lavrov claimed to have received the analysis report from the Spiez Laboratory in the Skripal study "from a confidential source." Since the OPCW does not share data from laboratories with member states, the data Lavrov cited was either stolen or manufactured.
A spokesperson for the Spiez Laboratory, Andreas Bucher, said that he could not comment on the statement by the NDB but did confirm there was an attempt to breach the lab's network. "We can confirm that the Spiez laboratory was targeted for hacker attacks," Bucher told Tages Anzeiger. "We are prepared for that. Data did not leak."
In June, it was revealed that the lab had been targeted in a spear-phishing attack—a fake invitation had been sent for a Spiez Laboratory conference with a malicious attachment.
This is not the first time Russian spies have been accused of hacking international labs, obviously. In 2016, the International Olympic Committee and the World Anti-Doping Agency were targeted in another spear-phishing attack by a group using tools and infrastructure tied to previous GRU hacking operations. As with the DNC hack before it—which also used a similar spear-phishing campaign—the organization behind the attack (alleged to be tied to the GRU, Russia's military intelligence agency) dumped data stolen from WADA and, in some cases, altered documents to make them appear to be scandalous.
In the case of the Spiez data, the Russian government has claimed that the analysis they had seen had been distorted. Lavrov claimed that Spiez had told the OPCW that the sample from the Skripal poisoning had contained a nerve agent called "BZ," (3-quinuclidinyl benzilate) "manufactured in the West."
BZ was originally invented by the Swiss pharmaceutical company Hoffman-Laroche in 1951 and tested as a "psycho-chemical" agent by the US Army between 1955 and 1975. It was also allegedly used by the Russian government to end the Nord-Ost hostage crisis in 2002—in an attempt to incapacitate the Chechen militants holding 912 hostages in a theater but instead killed as many as 100 of the hostages. It was also alleged to have been used by the Syrian military in 2013 attacks on Homs and Ghouta.
But the official conclusion of the OPCW was that the agent used against the Skripals was Novichok, a chemical weapon class manufactured only in Russia. The British government has accused two Russian nationals, alleged GRU agents, of undertaking the attack in Salisbury and presented video and photo evidence showing them traveling to Salisbury near the scene of the attack in March. Two men claiming to be the two Russians accused were interviewed on Russian television and said they were fitness instructors who were in Salisbury sightseeing.
reader comments
82