September 30, 2022 / by 


The Suspected Assasination of Gareth Williams and Shadow Brokers’ Focus on SWIFT

If you haven’t seen it, BuzzFeed has been doing a superb series on the UK deaths that US spooks included in a secret report on suspected Russian assassinations. Yesterday they published the story I knew had to be coming, confirming that GCHQ spy Gareth Williams is among those deaths suspected to be Russian assassinations.

Police declared the death of Gareth Williams “probably an accident” – but British intelligence agencies have been secretly communicating with their American counterparts about suspicions that the spy was executed by Russian assassins, four US intelligence officials told BuzzFeed News.

An ongoing BuzzFeed News investigation has revealed that British and American spy agencies have intelligence connecting a string of suspected assassinations in the UK to Russian state agents or organised criminals – who sometimes cooperate. One high-ranking US intelligence source said: “The Kremlin has aggressively stepped up its efforts to eliminate and silence its enemies abroad over the past couple of years – particularly in Britain.” A second serving official said the circumstances of Williams’ death and 13 others “suggest Russian involvement” and demand “more investigation from the UK”. In all 14 cases, police ruled out foul play while intelligence agencies secretly compiled information connecting the deaths to Russia.

Williams, a 31-year-old codebreaker for Britain’s Government Communication Headquarters (GCHQ), had been assigned to MI6, and in the months before his death, sources said, he was working with the US National Security Agency. Two senior British police sources with direct knowledge of the case said some of his work was focused on Russia – and one confirmed reports that he had been helping the NSA trace international money-laundering routes that are used by organised crime groups including Moscow-based mafia cells.

While the report revisits and expands on all the suspicious details of Williams death and the thwarted British investigation into it, that spooks suspected it had ties to Russian mobsters is not new (though that theory does solidly explain why Williams would be among those targeted in this apparent assassination wave). The Daily Mail reported that theory back in 2011.

At the time, I noted that Williams’ impact on the Russian mob was described as a knock-on effect of a generally improved ability to track money laundering, something I tied closely to NSA’s ability to track SWIFT messaging.

[M]oney laundering is money laundering. Terrorists do it. Organized crime does it. Spy services do it. Corporations do it (often legally). And banksters do it, among others.

And there doesn’t appear to be anything about this description to suggest the Russian mafia would be specifically targeted by the technology. Indeed, the description of their exposure as a “knock-on effect” suggests everything would be targeted (which sort of makes sense; you can’t track money laundering unless you track the “legitimate” part of finance that makes it clean).

Which is why I find this latest narrative–with its complete lack of attention on the technology, instead focusing exclusively on the Russian mob–so interesting. Because finding a way to track money laundering, of any sort, would just be a new way to do what US intelligence has already been doing with SWIFT.

The following year, I noted that Gauss, a variant of StuxNet, sounded like the kind of money laundering tracking that might piss off the Russian mob.

That feels so long ago now: before the time we learned, in 2013, that the NSA was double-dipping at SWIFT, accessing SWIFT data directly at targeted customers in addition to its legal access via Europol, and before the time in April when Shadow Brokers not only dumped details of how the NSA hacked SWIFT but also (particularly ominously given the reminder of Williams’ death) doxed the NSA hackers who had carried that out.

Remember: Shadow Brokers has promised more details on “compromised network data from more SWIFT providers and Central banks” as part of its monthly tools of the month club.

There’s a lot that’s going on here. But a big part of it appears to be striking at US asymmetric visibility into the world’s financial system (I don’t say transparency because the US is increasingly the haven of last resort).

Copyright © 2022 emptywheel. All rights reserved.
Originally Posted @