Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Horkos @ the Centre for Unilateral Analysis Profile picture
@WylieNewmark
Sep 6, 2018 14 tweets 4 min read Twitter logo Read on Twitter
In furtherance of the #counterintelligence discussion around the GRU and its competency, I want to address some recent reporting and analysis. Two articles - and one shared question - come to mind. /1
The 1st article takes the kind of argument I've made - the GRU has been sloppy resulting even successes generating some effects one would associate with qualified failures - and runs with it to the extreme. /2 bloomberg.com/view/articles/…
I have done my best to put as much nuance into my threads on this. I don't think so much that the GRU is incompetent (they have achieved numerous significant mission objectives) as that their tradecraft and OPSEC leaves much to desired, with that likely hurting them w/ Putin. /3
The 2nd article emphasizes this idea of not underestimating the GRU, particularly b/c since the Skripal op was "likely as much about sending a message to London as killing one traitor, the furor may even be considered a feature rather than a bug." /4 foreignpolicy.com/2018/09/06/rus…
I believe that the brazenness of this operation clearly was a feature, incorporated in its design and may be related what appears to have been a lack of concentrated counter-CCTV efforts by the GRU in the Skripal op. /5
That brings me to the question I've been thinking and talking to others about: why wasn't the GRU more careful with their tradecraft in the UK, especially after the other tradecraft/OPSEC-related blunders in the last few years? /6
I've felt my views evolve over the last day or so & two tweets I think reflect this best. The 1st is on the idea that this is a case (in the words of @jckichen) of "uneven application of tradecraft" justified by op planners by the brazenness of the op. /7
The 2nd is that the Kremlin - for whatever reason - did not push for the GRU to take something this more seriously when the final version of the operation went up to Putin & co. for approval. I can think of a few reasons. /8
One is that Putin just didn't care at all and made that clear, in line with the theme of the operation's brazenness and its intent to be as blatant as possible while still being a clandestine operation while it was executed. /9
Another is that the Kremlin didn't realize it needed to be pressing GRU to be more careful than it was in execution. Could be the op plans submitted were fuzzed or didn't even address it. Or that the the Kremlin assumed GRU knew it needed to be cool on this. Who knows. /10
One thing I still don't think the Kremlin expected, in any case, was the significant blowback the Skripal attack has caused them: degradation of intelligence capacities & capabilities abroad, sanctions, furtherance of political isolation. /11
I'm not saying that better tradecraft would've reduced these impacts; the fact that Russian signed the attack so bluntly guaranteed impacts like that. But it's possible that improved tradecraft could have delayed these consequences by prolonging the investigation. Maybe? /12
At the end of the day, the dog Putin is going to kick in the ribs and blame for consequences here remains the GRU. And the FSB, with the SVR quietly supporting it, is more than happy to egg Putin on in that regard. /13~
Somehow the Bloomberg link in this thread got scrambled. This is the correct link to the article that I don't agree with. bloomberg.com/view/articles/…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Horkos @ the Centre for Unilateral Analysis

Horkos @ the Centre for Unilateral Analysis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WylieNewmark

Horkos @ the Centre for Unilateral Analysis Profile picture
Sep 15, 2018
John is right: if the intent of this disrupted black-bag job against the Spiez lab really was sabotage as opposed to espionage, it raises some curious potentialities about Russian motives. In a midnight analysis, it feels to me vaguely like some kind of desperation. 1/9
In my mind, the question is: what would make the increasing aggressive Russian services - in this case (apparently) the GRU - feel its necessary to engage in this particularly high-risk type of operation against a very hard target like a leading government CBRN facility? 2/9
I cannot overstate that deploying operators equipped with cyber sabotage tools to get physical/close, access to the networks of a Swiss chemical weapons laboratory when your service is already under scrutiny after a failed operation = just about all the moving parts. 3/9
Read 9 tweets
Horkos @ the Centre for Unilateral Analysis Profile picture
Sep 6, 2018
To be very clear: I think that the “GRU are clowns” narrative is that is emerging is counterproductive and ill-informed. But I believe GRU’s aggressive “can do at all costs” attitude appears to have had a trending negative impact on the quality of its tradecraft. /1
Major data points that I think support this argument include the failed coup in Montenegro, the activity covered in the Mueller indictments, and the Skripal attack. Each presents it’s own examples of some subpar tradecraft and each has created substantive blowback. /2
As @jckichen has noted, tradecraft is not monolithic & should not be expected to applied equally/evenly throughout a given operation or across multiple operations. But I think these cases each had instances of subpar tradecraft that have since proven to be consequential. /3
Read 6 tweets
Horkos @ the Centre for Unilateral Analysis Profile picture
Sep 5, 2018
In today's edition of "The GRU don't need no stinkin' tradecraft", which is becoming a #counterintelligence tradition, we have the UK charging of the 2 GRU officers who carried out the Skripal attack. Here's the timeline assembled by Scotland Yard. /1 news.met.police.uk/news/counter-t…
This thread by @BBCDomC lays out the movements and footage described the Met in a very digestible thread. I highly recommend taking a look at it for reference alongside the Met's dry recitation of same. /2
The amount of detail and evidence the Met amassed about these officers' (Petrov & Boshirov) movements recalls the exposure of the Mossad operation that killed Mahmoud Al-Mabhouh in Dubai. This feels very much like that, which should embarrass the GRU. /3 spiegel.de/international/…
Read 13 tweets
Horkos @ the Centre for Unilateral Analysis Profile picture
Sep 5, 2018
A #counterintelligence thread in the sense that I'm analyzing a foreign intelligence situation: I've been reading some very interesting analyses on the #Zakharchenko assassination and it's gotten me thinking about how this incident may or may not relate to FSB's role in Donbas /1
The first analysis I found useful was from @MarkGaleotti, and it emphasizes that it is doubtful that #Zakharchenko's death is move the situation towards peace. He mentions Dmitry Trapeznikov and Denis Pushilin as possible successors. /2
themoscowtimes.com/articles/war-p…
This article mentioned the thread I'm going to be pulling on here: the fact that #Zakharchenko and Alexander Timofeev, Z's tax minister sidekick who was injured in the blast, orchestrated the takeover of major illegal economies in Donbas - putting targets on their backs. /3
Read 20 tweets
Horkos @ the Centre for Unilateral Analysis Profile picture
Aug 21, 2018
Active measures pivot: Microsoft indicates that the APT28/GRU has tried to spoof the websites of conservative think tanks known for advocating democracy promotion, examining corruption, and/or criticism of Trump. My #counterintelligence commentary /1
nytimes.com/2018/08/21/us/…
NYT has this right "The shift to attacking conservative think tanks underscores the Russian intelligence agency’s goals: to disrupt any institutions challenging Moscow and President Vladimir V. Putin of Russia." Russia doesn't care about our partisanship except to exploit it. /2
GRU needs to be doing something different to earn favor in the Kremlin right now. I recently explored how they are definitely not on Putin's good side these days (see included thread), and while this isn't "new" it is still a change of tact. /3
Read 18 tweets
Horkos @ the Centre for Unilateral Analysis Profile picture
Aug 9, 2018
So I tried to make dankness while the sun shown about the newest sanctions that are going to hit Russia (delayed as they might be), but I'd like to take a moment to seriously address just how bad this all is for the GRU. #counterintelligence /1 nytimes.com/2018/08/09/wor…
The GRU's poor OPSEC has been a consistent driver among the naming-&-shaming and sanctions against Russia lately. Going all the way back to 2014, GRU - which has never been the most OPSEC conscious outfit - has been in the spotlight as Russia's primary meddling instrument. /2
Let's leave aside the ~2014 stuff about Crimea and Donbas because I have other work to do and focus on the more recent stuff. First, the identification of GRU as behind the Novichok attack in the UK was a double-edged sword for them. On one hand, it creates fear (Putin likey) /3
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(