Russian Spying is Privatized and Competitive. Counterespionage Should Be Too | Opinion

Six years ago, a bunch of us at Bellingcat began timidly dipping our feet into open-source investigations. The trigger was the downing of Malaysian Airlines flight MH17 over Ukraine, but soon we found ourselves at the forefront of open-source investigation of transnational crime—state-sponsored or not. While we had no preconceived idea of who our main subject would be—and our targets have ranged through US bombings of civilians in Aleppo through the far-right in Ukraine, through the Saudi execution of a Wall Street Journal columnist in Istanbul, to the Iranian shoot-down of a passenger aircraft—one "bad actor" became a recurring theme for us. It was Putin's Russia: a wannabe villainous super-hero whose special powers included an unending supply of spies, a few troll armies, and a worldview based on conspiracy and paranoia.

Our encounters with Russia moved from the downing of MH17 to the ensuing factory of fakery it launched to cover its tracks, to a botched-up coup in Montenegro, artillery shelling of civilians in Ukraine, Novichok poisonings in London and Sofia, hacking the OPCW and other international organizations, covert disinformation and influencing operations, and execution-style murders in European capitals.

In the early days, we were certain that our disclosures were a pitiful fraction of the knowledge base Western law enforcement and intel agencies had at their fingertips. As time went on, we realized that is not necessarily the case. We discovered Russian spies—some wanted for murder or war crimes—roaming freely, for years on end, on multi-entry European visas. We found the FSB had been tracking global movements of Brexit's largest backer. And if Western intel knew about these plots, they were being very tight-lipped, as the public was never warned—except by an occasional journalistic investigation.

The Russia Report published last week by the U.K. government proved what we had grown to suspect. Western intel—personified by the revered British spy services—were not being tight-lipped. They were—and more alarmingly still are—clueless. No systematic, consistent post-mortem seems to have been conducted on Russian influence operations, either after the Brexit vote or after the Scottish referendum. The government's response to the Report's findings was blinkered and Trumpian. Even as it admitted no serious effort was put into establishing whether or not Russia intervened in the Brexit referendum, it stressed, defensively: "There is no evidence Russia influenced the [Brexit] referendum". Indeed—it's hard to find evidence if you weren't looking.

All in all, the Russia Report acknowledges Britain's security agencies have dropped the ball on Russia—and attributes the failures to the self-assessment by the agencies that in the last 20 years they have been too busy focusing on counterterrorism.

This is a rather poor excuse. Even a cursory analysis of what is already publicly known about Russian destabilization, manipulation and disinformation efforts over the last two decades would have produced an array of potential counter-measures that are easy to implement, and essentially free.

Tighter border controls

But as the report contains no such recommendations—advising macro policy changes but no so much concrete counterintelligence and security measures—perhaps we can try and fill the gap once more.

First, to impede the flow of undercover Russian spy activity—which, it bears repeating, includes murdering people on British soil—it would suffice to introduce mandatory biometric passports for Russian visa-seekers. All of the literal dozens of Russian spies we have identified travel on old-fashioned, non-biometric passports—allowing them to change identities like socks. There is no good reason to accept non-biometric passports from Russian arrivals when they are not an option in many other countries—and while biometric passports are easily obtainable, indeed the norm, in Russia, too.

Second, a more data-driven approach to visa applications would have prevented the likes of the Salisbury spire "tourists" from getting visas in the first place. The companies they listed as employers on their visa applications were empty shells; and their (fake) names did not exist in Russia's taxpayers' registry, which is accessible online. There's no good reason why U.K.—and EU—consulates don't implement a basic, probabilistic data validation algorithm that would spot implausible visa applicants. Given each country's sovereignty over its territory, using discretionary visa refusals would be completely legitimate. Indeed, Russia itself prefers to err on the side of paranoid caution in its own visa policy. My own Russian visa was cancelled years ago, apparently just for writing about the country. At the same time, one of the key corporate executives of the St. Petersburg troll factory - himself a subject of US sanctions over disinformation—enjoys unimpeded travel around Europe as a holder of both UK and Schengen multi-entry visas.

The U.K.'s—and the EU's—sovereign visa issuance policy can be used not only as a filter against spies but also as a deterrent against disinformation and illicit influencing operations. As social media platforms root out automated trolling behavior, Russia's disinformation factories have had to expand their employment of real-life, educated, thinking "trolls", to customize and individualize their messaging. There are many hundreds of young people employed in Yevgeny Prigozhin's fake news sweat shops in St. Petersburg alone. Most of them—they have told us—are in it for the money, faced with few viable alternatives given Russia's struggling economy. They don't believe in what they write. They actually find their activity abhorrent—or at best, futile. They tell us they will work for The Factory for a year or so, and then move on to more fulfilling jobs, and maybe travel to see the West they've been pretending to live in.

What these young people do may be futile, but it is not innocent. They are complicit in fabricating online forgeries—many of which cause real-life consequences. A recent crude fabrication we suspect to have come from Prigozhin's fake news factory targeted one of our colleagues, putting his personal safety at risk. These blasé young men and women took part in amplifying the forgery. The news of placing a few hundred of these young people on the EU and UK visa blacklist for the next 10 years will spread like wildfire—and will likely result in a sharp drying-up of the hiring pool, at least among the ambitious, multilingual young professionals best-suited for the job.

Still, palliative measures like those listed above can only go so far.

Stop trying to best modern Russia with Cold War tools

A more important task is to renew our understanding of how today's Russia works. With a only a couple percentage points of the intelligence budget allocated to Russia, the UK's—and the West's—understanding of the complex and changing dynamics of Russia's global interference machinery is going to always be simplistic, at best, and based on outdated, retrospective analysis.

Russia is not the centralized, socialist mammoth that the Soviet Union was. The view—that seems to also permeate the Russia Report—that Vladimir Putin sits at the top and metes out disinformation decrees, is anachronistic. Russia's interference activities are largely privatized and competitive; and thus there will be both market failures and darlings, sometimes going for the same "market niche" concurrently. There is a whole oligopolistic industry of disinformation and extraterritorial destabilization. The captains of this industry are offering competing, but always deniable, solutions to the Kremlin, and enjoy significant freedom in what and how they do that. Some of them (like Prigozhin) fund their influence operations through state concessions; others (like Konstantin Malofeev) finance them on their own account, and expect in return the Kremlin's connivance for their business misdemeanors. The Russian official security services are often junior partners in such public-private partnerships.

Comprehending the complexity of this new reality is key to having an adequate response. Sadly, the Russia Report does not contain a convincing case for such understanding, save for the all-too-obvious recognition that some of the many Russian expats residing in the U.K. often do the Kremlin's bidding. The U.K. government's response to the Report is even more anachronistic. Even the errors it recognizes, and the forward-looking measures it commits to, amount to a 20th century solution to a 21st century problem.

One of the few silver linings from the Russia Report may be new-found understanding by independent researchers and journalists—like Bellingcat and others—that we are not duplicating or trailing in someone else's work. This will hopefully result in a new-found sense of purpose and motivation for journalists, NGO's and private researchers alike to conduct and publish independent analyses on Russian—and others'—interference efforts.

One can only hope that intelligence services—and governments—will take account of such reports, and will not haughtily (or defensively) reject them out of hand. This has already happened in law enforcement. And a decentralized, market-driven approach to investigation and analysis may in fact also lead to development of more efficient countermeasures than in the traditional top-down approach.After all, competition and private initiative has worked well in the fight against computer viruses; no reason why it can't work in the fight against state-sponsored interference.

If the 20th century has taught us anything, it's that you can't outpace a capitalist market with a centrally planned, socialist approach.

Christo Grozev is lead Russia investigator with Bellingcat, focusing on security threats, extraterritorial clandestine operations, and the weaponization of information. His investigations into the identity of the suspects in the 2018 Novichok poisonings in the UK earned him and his team the European Prize for Investigative Journalism.

The views expressed in this article are the author's own.