Site icon The Daily Signal

US Fighter Pilots on the Front Lines of Russia’s Spy Games

In 2015, a U.S. Army Stryker convoy passes through Estonia, sending a message of deterrence to Russia. (Photo: Nolan Peterson/The Daily Signal)

TALLINN, Estonia—The night of Friday, Feb. 10, was frigid and snowy in Estonia’s capital city. The kind of winter weather one expects in this Baltic country, which lies at roughly the same geographic latitude as southern Alaska.

Inside the lobby bar of Tallinn’s Swissotel, however, the temperature was warm and the atmosphere bustled with people enjoying drinks and conversation—presumably the typical Friday night scene at this fashionable, modern hotel in the city center.

Yet, if you knew what to look for, subtle clues proliferated as to the ongoing shadow war between Russia and the West.

At the lobby bar on this night, a group of off-duty U.S. Air National Guard F-16 pilots sipped on draft beers at one end of the bar counter. Their demeanor was casual, yet guarded.

The men spoke among each other in voices inaudible over the background din of other conversations. Their haircuts, of course, were all neat and short. However, there was nothing that overtly identified these men as American fighter pilots deployed to Estonia as part of an ongoing mission to deter Russian aggression in Eastern Europe.

Down the bar from the pilots, a group of four men in business suits spoke loudly in Russian. They told the woman working behind the bar they were “businessmen” from Moscow.

At a nearby table, four men—also speaking Russian—sat with glasses of beer and spirits spread before them. From time to time, they subtly yet curiously regarded the Americans at the bar.

“We are definitely cognizant of what we say and where we go and who may be around us,” said a U.S. F-16 pilot deployed to Estonia in February named Garrick, explaining the threat of Russian espionage activity.

“Sometimes,” Garrick added, “you even raise an eyebrow when you see some people sitting nearby, and you think, ‘Did I see that guy before?’”

Due to security concerns, the pilot asked that his full name not be published.

The Russian Embassy in Tallinn. (Photos: Nolan Peterson/The Daily Signal)

As part of a “theater security package” mission, from Jan. 14 to March 7, the Ohio Air National Guard’s 180th Fighter Wing deployed 12 F-16 fighter jets and nearly 300 personnel to the Ämari Air Base in Estonia.

While deployed, the F-16 unit was known as the 112th Expeditionary Fighter Squadron; its mission in Estonia was part of an ongoing initiative meant to deter Russian aggression against NATO sovereign territory.

Estonia borders Russia. So there’s nothing necessarily nefarious about the simultaneous presence of Russian-speaking visitors and American fighter pilots under the roof of one hotel in central Tallinn.

Still, security experts agree that there is an unseen world of espionage that permeates NATO’s post-Soviet members countries in the Baltics—Estonia, Latvia, and Lithuania—all three of which share a land border with Russian territory.

“Russia still keeps all KGB practices and approaches, but at the same time, under the regime of [Russian President Vladimir Putin], the Russians have expanded,” Valentyn Nalyvaichenko, former head of the Security Service of Ukraine, or SBU, Ukraine’s main security agency, told The Daily Signal.

“Today [the Russians] are more dangerous and hostile to Western democracy,” Nalyvaichenko said.

The SBU is Ukraine’s successor agency to the Ukrainian Soviet Socialist Republic’s branch of the KGB, the Soviet Union’s main security agency. Nalyvaichenko, now a political reformer in Ukraine, studied at the then-named Andropov Institute of KGB in Russia in the early 1990s.

However, Nalyvaichenko refused a diploma from the Soviet-era spy academy—Putin’s alma mater—which is now known as the Academy of Foreign Intelligence and educates the Russian Federation’s modern spies.

Bridge of Spies

Underscoring the ubiquity of Russia’s espionage activity in Estonia, on the morning of Saturday, Feb. 10, Estonian and Russian officials carried out a cross-border spy swap.

Artem Zinchenko, a convicted spy for Russia living in Estonia, and Estonian businessman Raivo Susi were each released on opposite sides of a bridge spanning the Estonia-Russia border in a scene worthy of a John le Carré novel.

Russian officials arrested Susi for espionage at a Moscow airport in December, later sentencing him to 12 years in prison.

Estonian internal security agents arrested Zinchenko for spying for Russia’s foreign military intelligence agency, the Main Intelligence Directorate, or GRU. In May, an Estonian court sentenced Zinchenko to five years in prison; he was the 10th Russian spy to be convicted in Estonia in nine years.

Russia has targeted Estonia, a country of just 1.3 million people, for decades using cyberattacks, disinformation campaigns, and espionage operations. In 2007, for example, Russia hit Estonia with crippling cyberattacks in retaliation for the removal of a Soviet-era monument.

“Russia has an extensive army of cyber-warriors deployed both domestically and internationally, so indeed pilots stationed in Estonia are likely monitored both physically and virtually by Russian agents,” Lindsay Moran, a former Central Intelligence Agency operations officer and an expert on espionage and tradecraft, told The Daily Signal in an interview.

“Look,” Moran continued, “Russia is capable of spying and interference within the U.S. itself, so naturally the threat is even larger in a former Soviet state.”

Watch the author’s video report on a convoy of U.S. Army Stryker armored fighting vehicles that passed through Estonia in 2015:

Amid this shadow conflict, the individual security threats facing deployed U.S. military personnel in Estonia differ from those of counterinsurgency deployments in the post-9/11 era.

“Under the Putin regime, the Russian secret services—FSB, GRU, SVR—have their own division to target military personnel, especially of the United States,” Nalyvaichenko, the former Ukrainian spy chief, said.

While deployed in Estonia, the Ohio Air National Guard’s F-16 pilots and their support personnel were not secluded in military bases behind barbed-wire fences. Instead, they lived in hotels, frequented local restaurants, and even performed volunteer activities with local nationals on the weekends.

“We’re scattered around a few hotels, and no matter where you go, there’s probably somebody that’s paying attention to what you’re saying, and they can start piecing stuff together,” Lt. Col. Greg Barasch, commander of the 112th Expeditionary Fighter Squadron, told The Daily Signal during an interview in Tallinn.

The deployment of U.S. F-16s to Estonia this winter was not a combat operation. Yet, those pilots and support personnel were on the front lines of an ongoing, non-shooting conflict between Russia and the West, in which battles are not fought by combat pilots and soldiers—but by spies, hackers, and propaganda spin doctors.

“Just because we’re in a post-Cold War era does not mean that the threat against U.S. servicemen and women deployed to Europe today has significantly lessened, let alone disappeared,” Moran said. “To the contrary, I would say that approaches by foreign intelligence, especially Russia and its affiliates, has become easier, more sophisticated, and quite frankly, ubiquitous.”

For their part, U.S. pilots deployed in Estonia told The Daily Signal that the Russian espionage threat was a concern, as was the potential for Russian attempts to accumulate “kompromat”—compromising material that could be used for blackmail.

“Hyperaware is probably not the right term­, but as a unit, we have a lot of these discussions and we have some pretty good reporting channels of any things we see that are out of the ordinary or out of the norm,” Barasch said.

Crossroads

Estonia is on the front lines of the current conflict between Russia and the West.

Underscoring the competing geopolitical interests interwoven over this small country, on a street called Pikk in Tallinn’s historic center, you pass, in the span of a little more than 100 yards, from the old Soviet KGB prison cells (which are now a museum) to the Texas Honky Tonk & Cantina where an American and a Texas flag hang out front.

A bit further down that same street, a Russian flag hangs outside the Russian Embassy.

In the nearby skies, U.S. F-16 fighters fly from a former Soviet air base, conducting training missions meant to reassure Estonia that the U.S. and its NATO allies are willing to defend it against Russia.

Relations between Russia and the West are worse than they have ever been in the post-Cold War era, many security experts say.

For one, Russia’s ongoing, four-year-old proxy war in eastern Ukraine—Europe’s only ongoing land war—still comprises daily shelling and small arms gun battles. And people are still dying.

Russia’s brinkmanship against the West spans the gamut—aggressive warplane flybys of NATO aircraft and ships, global cyberattacks and disinformation campaigns, as well as meddling in European and American elections.

Most recently, Russian relations with the West hit a new post-Cold War nadir following the attempted nerve gas murder of a former Russian spy and his daughter on British soil.

U.K. Prime Minister Theresa May said Monday that Russia was likely behind the attack, threatening retaliation for what she called an “indiscriminate and reckless act.” May followed through on Wednesday, booting 23 Russian diplomats suspected of being undeclared intelligence operatives from the U.K. in the single biggest expulsion of that kind in more than 30 years.

May said the move will “fundamentally degrade Russian intelligence capability in the U.K. for years to come.”

For its part, the Kremlin threatened retaliation.

“The reaction will be such that the U.K. will regret their actions,” Sergey Kislyak, former Russian ambassador to the U.S., reportedly said, according to Russian agencies.

‘Part of Something Bigger’

On Thursday, the Trump administration levied fresh sanctions on Russia for its meddling in the 2016 presidential election, as well as other cyberattacks, including a Russian attempt to penetrate the U.S. energy grid.

Against this background of world events, U.S. personnel deployed to Eastern Europe to deter Russian aggression recognize that their very presence is a shot across the bow to a militarily revanchist Russia.

Just down the street from the Russian Embassy in Tallinn is the Texas Honky Tonk & Cantina.

“Sometimes we take a step back to realize we’re a part of something bigger than we even realize or even know,” said Garrick, one of the U.S. F-16 pilots deployed to Estonia this winter.

In many ways, the U.S. military is returning to a Cold War mindset—both in its combat training as well as the individual security posture of its deployed personnel.

Yet, in today’s digital age, maintaining operational security, or OPSEC—the military’s catchphrase for safeguarding critical information—is vastly more complicated and challenging than during the Cold War.

The ubiquitous use of social media and electronic communications by U.S. service members makes them more vulnerable to Russian espionage activity, experts say.

For his part, Nalyvaichenko “strongly recommends” that the U.S. military prohibit social media use among its deployed service members in Eastern Europe.

Nalyvaichenko took over at the SBU in the immediate aftermath of Ukraine’s 2014 revolution.

He was in command during Russia’s 2014 invasion and annexation of Ukraine’s Crimean Peninsula, as well as during the outbreak of Russia’s proxy war in eastern Ukraine in April 2014—a war that remains ongoing.

During that time, Nalyvaichenko said he banned the use of Russian email accounts among his personnel. Also, while he was in charge of the SBU, Nalyvaichenko said the Ukrainian security agency paralleled Russian tactics, exploiting the social media profiles of Russian and pro-Russian separatist troops to Ukraine’s military advantage.

Social media, smartphones, text messages—none of those things were around when the Cold War ended. The World Wide Web, after all, only became publicly available in 1991—the same year the Soviet Union collapsed.

“Post-Cold War openness combined with the explosion of social media has made Russian intelligence targeting of U.S. military personnel—particularly a generation of servicemen and women who did not grow up under the Cold War spectre—easier,” Moran said.

Spy Games

U.S. military personnel deployed to Eastern Europe assume their every move is likely under Russian intelligence scrutiny, including what they say in public spaces like taxis and restaurants, or hotel lobbies. Their hotel rooms and phone lines could be tapped, experts and military personnel said.

The digital footprints of deployed U.S. servicemen and women are also likely under constant scrutiny by Russian spy agencies. Everything from emails, text messages, and the websites they visit—it’s all likely to be in Russia’s espionage crosshairs, U.S. security officials believe.

“I’ve had a couple of commander’s calls (unit-wide briefings) to have these discussions with the entire unit,” said Barasch, the F-16 squadron commander. “I’ll say it’s at least a serious discussion on OPSEC and your surroundings, what you’re doing online, what you’re doing in your car, and in your hotel—all those things.”

Russia maintains a prolific espionage presence in former Soviet countries like Estonia, security experts say.

Air Force security guidance documents reviewed by The Daily Signal include commonsense suggestions for deploying service members, such as limiting the amount of personal information they publish online, bolstering the security settings on their computers and online accounts, turning off geolocation functions for social media photos and posts, and avoiding online interactions with unknown people.

Also, the Air Force warns against using public Wi-Fi, visiting foreign websites, and downloading mobile applications that could be Trojan horses for viruses or other malware.

In the end, an Air Force counterintelligence document suggested, “Permanently deleting your profile is ultimately the best way to prevent information from being collected on you, your friends, and your family.”

Yet, the U.S. armed forces’ ranks comprise generations for whom social media is an integral part of daily life. Thus, an outright ban on the use of such online platforms by U.S. military personnel is not likely, no matter how big of a security threat it poses.

“The military is probably engaged in a bit of a internal culture war,” Moran said. “The millennial generation and the one coming after it grew up texting non-stop, oversharing across a number of online platforms. It’s a way of life for them.”

According to Defense Department data, the average age of Air Force personnel is 30. That number is 29 for the Army and the Navy, and 25 for the Marine Corps.

According to a Pew Research Center poll, 88 percent of U.S. 18- to 29-year-olds indicated that they use some form of social media. That number is 78 percent for 30- to 49-year-olds.

Overall, 68 percent of U.S. adults are now Facebook users.

For her part, Moran called social media an “absolute game-changer for everyone in the spy trade.”

“Highly personal information that used to take months or even years of source cultivation and agent development to collect is now out there for all and sundry to see, analyze, and eventually exploit,” the former CIA operations officer said.

Always on Parade

Russia’s 2014 invasion and seizure of Ukraine’s Crimean Peninsula and subsequent, ongoing proxy war in Ukraine’s eastern Donbas region has spurred the Baltic countries of Estonia, Latvia and Lithuania—all former Soviet states and now members of NATO—to take the threat of Russian military aggression with deadly earnestness.

“The aggressive Russian stance in Ukraine has certainly resulted in renewed attention to the defense of NATO territory,” retired Lt. Gen. Ton van Loon of the Dutch army wrote in a report for the Joint Air Power Competence Center, a NATO-sponsored think tank.

To counter the Russian military threat, in 2016, NATO began rotating four battalion-size, combat-ready battlegroups throughout the Baltic region. Of those forces, the U.S. has about 800 troops stationed in Poland, including a squadron of Stryker armored fighting vehicles with towed artillery.

A Soviet-era monument to a killed Red Air Force pilot outside Ämari Air Base, Estonia.

NATO has also sent military units to the Black Sea region, another hot spot of tensions with Russia.

On its website, NATO calls its rotations of military forces in Eastern and Southeastern Europe “the biggest reinforcement of Alliance collective defence in a generation.”

The deployment of U.S. F-16 fighters to Estonia this winter was part of a separate U.S. program meant to deter Russian aggression.

For its part, Moscow paints the beefed-up U.S. and NATO presence in countries like Estonia as a security threat to Russia. Consequently, deployed U.S. service members are likely under constant surveillance by Russian intelligence agencies looking to cast a negative propaganda spin on the Americans’ presence.

“We’re here for what I think is a good mission and a good reason, but there’s always somebody who’s trying to twist it,” Barasch said.

The F-16 squadron commander added, “And I think we can prevent that by having a good understanding of what’s going on around us and having good situational awareness, and not being out there blabbing about, ‘Hey, I did this today,’ to people who could be overhearing those things.”

Field-Tested

Many of Russia’s contemporary military and espionage tactics have been honed and tested on the battlefields of Ukraine.

Russian military forces in the eastern Ukrainian warzone have targeted their artillery by zeroing in on Ukrainian soldiers’ cellphone signals. Also, Russian forces have sent out mass text messages to Ukrainian troops, threatening them to surrender.

Consequently, Ukrainian military commanders have restricted the use of cellphones by front-line troops.

Nalyvaichenko said Russian intelligence agencies had planted moles across practically ever lever of Ukrainian government, including parliament, the SBU, and the Ministry of Defense, prior to the outbreak of hostilities in 2014. Once the war began, Russian military forces exploited cellphone networks and other communications platforms for their military advantage.

“One of the first targets during the Russian invasion was cellphone companies, with offices in Luhansk, Donetsk, and Crimea, along with the seizure of TV stations,” Nalyvaichenko recalled of Russia’s 2014 invasions of Ukraine’s Crimea and Donbas regions.

“They took all data from cellphone companies and replaced it with Russian companies—so that the Russian special services can control the data and communications,” Nalyvaichenko said.

Russia has already hacked the smartphones of some NATO military personnel deployed throughout the Baltics in a manner similar to what Russian forces have done in Ukraine.

Former KGB prison cells in central Tallinn.

The U.S. military has, therefore, provided guidance to its ranks, cautioning personnel to restrict their mobile device use while deployed.

“I think the military likely does a good job of scaring the bejesus out of its personnel with regard to the very real counterintelligence threat, as well it should,” Moran said.

Modern dating habits are another vulnerability for deployed U.S. service members when it comes to Russian spy operations.

According to the Pew Research Center, the share of 18- to 24-year-olds who use online dating services roughly tripled from 10 percent to 27 percent in the period from 2013 to 2016. Moreover, 22 percent of that demographic reported using mobile dating apps in 2016; a fourfold increase in the span of three years.

Thus, as with social media and cellphone usage, the rising popularity of the internet and mobile apps for dating among younger Americans has given new life to one of the Soviet Union’s trademark espionage collection techniques known as the “honeypot,” in which intelligence operatives lure victims into illicit sexual encounters, which can be exploited for blackmail.

“The honeypot, and I use that word in a gender-neutral sense, is a tactic that worked and continues to work before, during, and after the Cold War,” Moran said, referring to Russia’s use of the Soviet-era tactic.

“Humans are humans, and hence the never-ending power of HUMINT collection,” Moran added, using an acronym for intelligence gathered by means of interpersonal contact, known as human intelligence, or HUMINT.

The Air Force cautions its personnel against online sexual activities, although it’s unclear whether an outright ban on popular mobile dating apps like Tinder has been seriously considered for deployed personnel.

“You can educate people on it, you can restrict certain things, but people just have to be smart about what they choose to say and do and when they do it,” Barasch said of the use of mobile dating apps like Tinder among U.S. personnel deployed to Eastern Europe.

Social Engineering

Russia’s hybrid warfare campaign against Ukraine has included cyberattacks using computer viruses that target particular individuals based on their social media profiles.

“Russia recruits psychiatrists, scientists, and neurologists, who construct these things to target particular individuals,” said Dmytro Shymkiv, deputy head of the Presidential Administration of Ukraine on administrative, social, and economic reforms.

According to Ukrainian security officials, Russian agents build a psychological profile of their mark through his or her social media footprint. Then, using that information, the Russians can make personalized computer viruses or run a social media influence operation specifically crafted with one person in mind.

This is known in the cybersecurity world as “social engineering”—a form of cyberattack in which people are psychologically manipulated into performing actions or divulging confidential information.

A winter’s day in Estonia’s capital city of Tallinn.

The U.S. military is on guard for this type of precision-strike cyberattack against its personnel.

“Fictitious online profiles controlled by foreign adversaries have successfully targeted hundreds of [Department of Defense] members, including USAF personnel,” said the U.S. Air Force Office of Special Investigations, a federal law enforcement agency that conducts counterintelligence for the Air Force, in a security document for deploying personnel.

Foreign adversaries have targeted more than 2,000 DOD personnel and defense contractors, using false personas on multiple social networking sites, the document said, citing a report by a U.S. information security company.

While the Air Force would not discuss the specific training it gives its deployed personnel in countering cyber or espionage collection threats, current and former military members say that such training has become more prevalent in recent years as the U.S. armed forces reorient toward countering conventional, “near-peer” state adversaries like Russia and China.

“It’s definitely something that was highlighted before we left and more on our mind than previous deployments,” said Garrick, a deployed F-16 pilot, referring to the threat of Russian espionage.

Exit mobile version