The World Cup comes to Russia this summer and so will the world. If they haven’t already, your clients will soon begin asking the inevitable questions around risk and retaliation, at the Russia 2018 World Cup, if they hail from one of the countries that expelled Russia’s diplomats. This article is an attempt to inform and equip you with answers to those questions and aide in your preparations and risk assessments.
Retaliation by Russia for international sanctions and diplomatic expulsions may occur against travelers, and even high-profile dignitaries, as geopolitical tensions rise. Executive protection professionals would be wise to monitor advisories and alerts related to the detention and questioning of travelers, harassment incidents, or additional visa or passport requirements for certain nations.
Russia travel risk assessment is driven by three factors:
- Location-specific inherent risks
- The nature of the travel
- The individual traveler.
For example, hate crimes against foreigners, minorities, and the LGBT community occur in Russia because of an apparent tolerance for such conduct as reflected in weak legislative prohibitions and an unwillingness to prosecute. Deadly terror attacks happen in Moscow, the north Caucasus and, most recently, St. Petersburg because of long-standing organic ethnic, religious and regional strife such as the Chechen/Russian conflict including possible sympathies for ISIS within the Chechen region.
Travel in connection with special events or sporting matches raises the already well documented daily risk of tourists targeted by pickpockets and muggers, often by organized gangs in major cities. Individual travelers of Asian or Afro-Caribbean descent or who simply “don’t look like they belong” in the eyes of certain locals should exercise particularly enhanced vigilance. Now, with diplomatic expulsions and Russia’s increasing isolation from other countries, your clients may experience an additional risk of retaliation not only from the Russian government but from Russian citizens who increasingly view the western countries as adversaries. Retaliation by Russia for international sanctions and diplomatic expulsions may occur against travelers, and even high-profile dignitaries, as geopolitical tensions rise.
Your clients should understand that electronic devices are frequently targeted for intrusion via malware and other means in an attempt by the Russian intelligence services to access proprietary corporate information for a competitive edge.
The terrorism threat is still high, on 3 April 2017, Akbarzhon Jalilov – a Kyrgyz-born Russian citizen suspected of links to radical Islamist groups – carried out a deadly bombing attack on a metro train in Saint Petersburg. The explosion prompted a shutdown of the city’s entire metro system for most of the day, leaving much of the city centre cut-off. The Saint Petersburg metro bombing underscores an uptick in Islamist lone-wolf attacks seen across Europe since 2016 and coinciding with the rise of the Islamic State (IS). Further evidenced by a Dec 2017 Supermarket bomb in St. Petersburg.
Thousands of Russians have travelled to conflict zones in Iraq and Syria, where an estimated 4,000 Russian nationals fled to in 2016 to support IS and other rebel factions. Their presence in the Middle East increases the risk of terrorism in Russia as these fighters may recruit others to their cause and plot attacks in Russia upon their return.
Despite a history of major terrorist attacks, Russian security, emergency and other civil support services are poorly prepared for mass casualty incidents. Accusations of heavy-handedness have been levelled against security forces for their actions in siege situations, including the 2002 Moscow theatre siege and the 2004 Beslan school hostage taking. It has been argued that these actions may have contributed to the high casualty rates.
High-profile international sporting events are likely targets for ISIL and Al Qaeda affiliates. The modus operandi of ISIL and AQ has recently focused on small cells or individuals in orchestrated marauding attacks with small arms and/or Body-borne Improvised Explosive Devices (IED’s), the objective being to kill or injure as many people as possible. The majority of these attacks as seen in Paris, Brussels and Istanbul involve more than one attacker in more than one set location.
The Istanbul attack (June 28th 2016) suggests that lessons learnt from prior attacks getting thwarted at security checkpoints (Paris 2015) have led to a designated Body Borne IED assailant targeting the security so that ‘secondary waves’ of attacks can progress into ‘secure’ areas.
Although the motivation is definitely present it is assessed the capability of ISIL or AQ to carry out a successful, multi stage and ‘high-level’ attack is low. However, the threat of a ‘lone-wolf’ or small cell style attack using firearms and rudimentary explosives is high. Russia has easy access to firearms and high-grade munitions.
‘Hard-targets’ such as Olympic sporting venues will have robust physical security check-points so it is more likely that any hostile will focus on ‘soft-targets’ such as restaurants and other public places. Security teams should therefore consider having layered security, an increased focus on situational awareness and hibernation/lock-down plans (specific to venue). With the consideration of maintaining a local armed reaction capability.
VIP travelers to the World Cup should also be advised of the significant risk posed by organized hooligans who seek to engage in fights with opposing fans from countries like Britain, France and other nations. The recent tensions may only exacerbate and fuel this.
Russian hooliganism is marked by elements distinct from traditional hooliganism in the UK and Europe. Law enforcement agencies with decades of experience in securing soccer competitions have documented observations of Russian thugs who are highly trained and prepared to fight. These teams are well trained and they make a point of not drinking alcohol during matches to maintain an advantage over their UK or European counterparts. Disturbingly, Russian government leaders seemingly encourage such behavior with Russian Ministers quoted saying “Keep up the good work”, and Putin himself observing how Russian fans had quite literally beaten the English fans.
However, with the right security protocol, plans and management in place Russia is entirely manageable and even with the current global tensions there is no reason why VIP and Business/ Tourism travel should not occur.
Should my clients attend the World Cup?
Despite the inherent risks, protection specialists who make the effort to seek the “ground truth” of their destination through their own government alerts, reading current country risk profiles offered by established security firms, and who maintain vigilance and a low-profile, can easily mitigate the risks and enjoy a memorable trip to a vast and proud nation.
A major world event such as the World Cup is likely to be secured by the highest level of Russian national security agencies who understand the negative impact globally of any major incident during the World Cup. The largely incident-free Winter Olympics in Sochi, even under high threat of terrorism, is evidence that Russian can secure a major event when it chooses.
What are the most common risks?
Opportunistic crimes such as pick-pocketing and other thefts are common in major Russian cities. This risk includes theft from hotel rooms and theft from vehicles. Cases are well-documented of visitors whose drinks were spiked at bars for the purpose of robbery, rape or other violence. Unconscious victims are often left outside sometimes with life-threatening implications especially in the cold winter months. Further reports exist of criminals impersonating police officers for the purpose of harassing and robbing tourists.
What are the unseen risks?
Protective specialists traveling to Russia often overlook or dismiss the reality that the Russian government is in near total control of infrastructure which facilitates intelligence service targeting of western business and government travelers to include remote intrusion into their devices, or, even outright theft of their laptops, smart phones and other devices.
Similarly, hotels frequented by western travelers are particularly notorious for intelligence collection, entrapment and attempts to compromise western business and government visitors. This fact poses a dilemma for clients seeking to avoid targeting by possibly choosing a local, non-westernized hotel. However, such a choice often increases the odds of opportunistic crimes such as theft or assault and can antagonize the intelligence services who may become perturbed by your diversion from the usual hotel chains.
Understanding Intelligence Officer Methodology:
There is a reason that when government employees apply for Top Secret clearances they have their finances so heavily scrutinized – if someone is in debt or living beyond their means, they are more likely to sell secrets. Greed has been a leading factor in some of the most high profile double agent cases in history.
This is the technique when IO’s utilize personal information – whether true or false – against you to coerce you into providing classified information.
Again, why do vetting agents for governments focus so heavily on personal character, integrity, and any potential deviancies, affairs, habits etc.? If you are hiding something, or you have just been caught doing something illegal, immoral or of poor judgement then it can be used against you. The common Honeytrap still works and is used regularly to great effect.
In the intelligence community these two methods are the more aggressive methods of obtaining intelligence and are still used. Why? – Simply because they work very well. However, only in rare cases have foreign IOs used aggressive tactics such as trapping someone in an embarrassing act, stealing personal belongings etc. Foreign IOs want to avoid drawing attention to themselves or their clients. Other, more refined techniques are also in use:
Normal face to face conversation where the IO utilizing subtle and skilled methods works to extract classified information. This may seem implausible, however a skilled IO has many tricks up their sleeve to elicit information, and in a manner that is often difficult to recognize as intelligence collection.
Skilled and experienced IOs will utilize subtle and indirect questioning, to obtain information from you. If done correctly elicitation will feel and look like every other types of harmless encounter, business relationship, or friendship. IOs will focus on utilizing mutual friends, professional contacts, and ‘random’ meetings at specialist conferences or events.
Physical Surveillance and Intrusive Surveillance.
Physical Surveillance –
An IO may put you under surveillance to identify who you are meeting and where. The IO will utilize this to get close to any conversation or meeting that you are having, and try to eavesdrop either normally or with the assistance of technical means. This may sound like a Hollywood spy trick, but it is very easy to follow an unaware individual and blend in next to them, perhaps at a restaurant, or bar. The IO will blend in, sit back and listen to a conversation, or place a technical device strategically to record any meeting or discussion.
Intrusive Surveillance –
An IO may attempt to gain covert entry into a hotel room, place of residence, and/or a private piece of property such as luggage or briefcases. Government agencies and more recently corporate entities have developed multiple covert methods of entry (CMOE) techniques to garner intelligence without the target realizing.
The single biggest threat to the majority of VIP travelers is technical espionage. Very simply, it is often the easiest method for an IO to obtain and capture data, or introduce malware, and gain access to a whole host of your electronic devices. All of these are often done without you even knowing it.
Legal or illegal intercepts of electronic communications, predominantly cell phones and laptops are efficient ways for IOs to garner extensive information.
How should EP professionals mitigate Intelligence related risks?
Try to work closely with trusted bi-lingual local assets to help understand the local nuances as well as being able to assist with potential approaches by Police, security and officials etc.
Have a robust plan for protecting personal and proprietary information of your clients when in Russia, but also when you get back home. Consider VPNs, encryption, burner phones, laptops etc. and only take the data needed for that trip. Then destroy all devices on return, change password etc.
Brief your clients in detail about the threats prior to departure, and if in any doubt speak to cyber security experts.
Understand the techniques often used by the intelligence services, including Bribery, Blackmail and Elicitation. These may not only be directed at your client. They may target you and your fellow security team. Remember, the attractive person at the bar paying you interest, may just be too good to be true.
Assume that you are being overheard and imagery is being taken, everywhere.
Form a solid relationship with the embassy of your Client’s country, and your own. Remember that some consulates and embassies may be closed, or running understaffed, and overwhelmed.
Understand that due to the FIFA Accreditation and Vehicle Access permit regulations there is a risk that VIPs/Clients may have to walk extended distances to get to/from vehicle drop-off and pick-up points. This increases the risks of getting caught in disturbances/hooliganism etc.
Heads of States will always take primacy and even the best laid plans in relation to access/egress and timings etc. will get affected. Plan for every contingency, consider liaising with hospitality rooms and sponsors for a place to hold, in-case of delays.
Certain accreditation will not get you a seat, and certain tickets will not let you leave and return. Understand and clarify all ticket/accreditation intricacies and plan for the security attendants and police to not speak English. Think about translators, fixers and bi-lingual security support.
If a terrorist attack occurs the city, or close vicinity may get temporarily shut down, GSM may get switched off or severely impacted. Consider hibernation locations and
What duty of care and questions to ask?
Corporate protective and security professionals sending executives to Russia are advised to include professional risk management measures in the travel plan.
These measures should include physical security guidance, protection of intellectual property, and potential medical consultation and even evacuation. The addition of enhanced security enables your team to focus on business/travel objectives within minimal constraints or distractions.
Executive protection leaders traveling for lengthy periods, particularly to more remote areas of Russia, should understand that the local hospital blood supply may not be screened for HIV and other diseases as is the standard in the US, UK and other nations. Therefore, plan for medical evacuation plans in the event of an unexpected need for surgery.
Any organization planning group events, or individuals seeking protection, threat assessments or intelligence should contact https://www.ets-riskmanagement.com at firstname.lastname@example.org.
Article written by Frank Figliuzzi, the Chief Operating Officer of ETS Risk Management, a global provider of travel security, executive protection, threat intelligence and major event security. Frank is the former FBI Assistant Director of Counterintelligence, and recent head of Investigations, Special Event Security and Workplace Violence Prevention for General Electric.