CONFIDENTIAL /SENSITIVE SOURCE COMPANY INTELLIGENCE REPORT 2016/080 US PRESIDENTIAL ELECTION: REPUBLICAN CANDIDATE DONALD TRUMP’S ACTIVITIES IN RUSSIA AND COMPROMISING RELATIONSHIP WITH THE KREMLIN Summary = Adossier of compromising material on Hillary CLINTON has been collated by the Russian Intelligence Services over many years and mainly comprises bugged conversations she had on various visits to Russia and intercepted phone calls rather than any embarrassing conduct. The orders. However it has To ee aS abroad, in TRUMP. Russian intentions for its deployment still unclear Detail 1. Speaking to a trusted compatriot in June 2016 sources A and B, a senior Russian Foreign Ministry figure and a former top level Russian intelligence officer still active inside the Kremlin respectively, the Russian asserted that the TRUMP operation was both supported and directed by Russian President Vladimir PUTIN. Its aim was to sow discord and CONFIDENTIAL/SENSITIVE SOURCE5, CONFIDENTIAL/SENSITIVE SOURCE hin the US itself, but more especially within the Transatlantic alliance which was viewed as inimical to Russia’s interests. Source C, a senior Russian financial official said the TRUMP operation should be seen in terms of PUTIN’s desire to return to Nineteenth Century ‘Great Power’ politics anchored upon countries’ interests rather than the ideals-based international order established after World War Two. $/he had overheard PUTIN talking in this way to close associates on several occasions. disunity both wit cs, Source A confided that th In terms of specifi D : (see more below). This was confirmed by Source D, a close associate 0} TRUMP who had organized and managed his recent trips to Moscow, and who reported, also in June 2016, that thi: ssian intelligence had been “very helpful”. Th The Moscow Ritz Carlt j involving TRUMP reported above was confirmed by Source rr who said that s/he and several of the staff were aware of it at the time and subsequently. S/he believed it had happened in 2013. Source E provided an introduction for a company ethnic Russian operative to Source F, a female staffer at the hotel when TRUMP had stayed there, who also confirmed the story. Speaking separately in June 2016, Source B (the former top level Russian intelligence officer) asserted that TRUMP's Asked about the Kremlin's reported intelligence feed to TRUMP over recent years and rumours about a Russian dossier of ‘kompromat’ on CONFIDENTIAL/SENSITIVE SOURCECONFIDENTIAL/SENSITIVE SOURCE Hillary CLINTON (being circulated), Source B confirmed the file's Uistonce. S/he confided in a trusted compatriot that it had been collated by Department K of the FSB for many years, dating back to her husband i's presidency, and comprised mainly eavesdropped conversations of various sorts rather than details/evidence of unorthodox or embarrassing behavior. Some of the conversations were from bugged EBmments CLINTON had made on her various trips to Russia and focused on things she had said which contradicted her current position on various issues, Others were most probably from phone intercepts. cemlin official, confided 6. Continuing on this theme, Source G, a senior Kr -emlin that the CLINTON dossier was controlled exclusively by chief Kr spokesman, Dmitriy PESKOV, who was responsible for compiling/handling it on the explicit instructions of PUTIN himself. The dossier however had notas yet been made available abroad, including to "TRUMP or his campaign team. At present it was unclear what PUTIN’s intentions were in this regard. 20 June 2016 CONFIDENTIAL/SENSITIVE SOURCECONFIDENTIAL/SENSITIVE SOURCE COMPANY INTELLIGENCE REPORT 2016/086 RUSSIA/CYBER CRIME: A SYNOPSIS OF RUSSIAN STATE SPONSORED AND OTHER CYBER OFFENSIVE (CRIMINAL) OPERATIONS Summary _ Russia has extensive programme of state-sponsored offensive cyber operations. External targets include foreign governments and big corporations, especially banks. FSB leads on cyber within Russian apparatus. Limited success in attacking top foreign targets like G7 governments, security services and IFls but much more on second Her nes through IT back doors, using corporate and other visitors to Russia = FSBoften uses coercion and blackmail to recruit most capable cyber operatives in Russia into its state-sponsored programmes. Heavy use also, both wittingly and unwittingly, of CIS emigres working in western corporations and ethnic Russians employed by neighbouring governments e.g. Latvia - Example cited of successful Russian cyber operation targeting senior Western business visitor. Provided back door into important Western institutions. _ Example given of US citizen of Russian origin approached by FSB and offered incentive of “investment” in his business when visiting Moscow. _ Problems however for Russian authorities themselves in countering local hackers and cyber criminals, operating outside state control, Central Bank claims there were over 20 serious attacks on correspondent accounts held by CBR in 2015, comprising Roubles several billion in fraud ~ Some details given of leading non-state Russian cyber criminal groups Details 1. Speaking in June 2016, a number of Russian figures with a detailed knowledge of national cyber crime, both state-sponsored and otherwise, outlined the current situation in this area. A former senior intelligence officer divided Russian state-sponsored offensive cyber operations into four categories (in order of priority):- targeting foreign, especially CONFIDENTIAL/SENSITIVE SOURCECONFIDENTIAL/SENSITIVE SOURCE ern governments; penetrating leading foreign business corporations, ks; domestic monitoring of the elite; and attacking political ‘opponents both at home and abroad. The former intelligence officer reported that the Federal Security Service (FSB) was the lead organization within the Russian state apparatus for cyber operations. west especially ban! In terms of the success of Russian offensive cyber operations to date, a senior government figure reported that there had been only limited “first tier” foreign targets. These comprised security and intelligence te for this shortfall, 3s, in attacking success in penetrating the western (especially G7 and NATO) governments, services and central banks, and the IFls. To compensat massive effort had been invested, with much greater succes: the “secondary targets’, particularly western private banks and the governments of smaller states allied to the West. S/he mentioned Latvia in this regard. Hundreds of agents, either consciously cooperating with the FSB or whose personal and professional IT systems had been unwittingly compromised, were recruited. Many were people who had ethnic and family ties to Russia and/or had been incentivized financially to cooperate. Such people often would receive monetary inducements or contractual favours from the Russian state or its agents in return. This had created difficulties for parts of the Russian state apparatus in obliging/indulging them eg. the Central Bank of Russia knowingly having to cover up for such agents’ money laundering operations through the Russian financial system. In terms of the FSB's recruitment of capable cyber operatives to carry out its, ideally deniable, offensive cyber operations, a Russian IT specialist with direct knowledge reported in June 2016 that this was often done using coercion and blackmail. In terms of foreign’ agents, the FSB was approaching US citizens of Russian (Jewish) origin on business trips to Russia, In one case a US citizen of Russian ethnicity had been visiting Moscow to attract investors in his new information technology program. ‘The FSB clearly knew this and had offered to provide seed capital to this person in return for them being able to access and modify his IP, with a view to targeting priority foreign targets by planting a Trojan virus in the software. The US visitor was told this was common practice. The FSB also had implied significant operational success as a result of installing cheap Russian IT games containing their own malware unwittingly by targets on their PCs and other platforms. Ina more advanced and successful FSB operation, an IT operator inside a leading Russian SOE, who previously had been employed on conventional (defensive) IT work there, had been under instruction for the last year to conduct an offensive cyber operation against a foreign director of the company. Although the latter was apparently an infrequent visitor to Russia, the FSB now successfully had penetrated his personal IT and through this had managed to access various important institutions in the West through the back door. CONFIDENTIAL/SENSITIVE SOURCE