Global Intelligence Weekly Wrap up
Welcome to the Global Intelligence Knowledge Network Podcast, where real-world intelligence expertise meets insightful analysis. Join your host, Neil Bisson, a former Intelligence Officer with the Canadian Security Intelligence Service, for a weekly deep dive into the world of espionage, national security, foreign interference, terrorism, and all matters spy and intelligence related.
With over 25 years of experience in intelligence and law enforcement, both domestically and internationally, Neil Bisson brings a unique perspective to the table. From hunting spies and terrorists to recruiting and managing human sources, he's seen it all.
Each episode, Neil Bisson, Director of Global Intelligence Knowledge Network as he provides a comprehensive summary of the most intriguing international intelligence stories, dissecting the hottest media topics with professional analysis and insider knowledge. Whether you're a seasoned intelligence professional or simply fascinated by the world of spies, this podcast is your go-to source for accurate, insightful, and engaging content.
Tune in weekly to stay informed, enlightened, and entertained. Don't miss out on the latest from the frontlines of global intelligence. Subscribe now to the Global Intelligence Knowledge Network Podcast on Buzzsprout and never miss an episode. Stay sharp, stay informed, and stay ahead of the curve with the Global Intelligence Knowledge Network Podcast.
Global Intelligence Weekly Wrap up
Russia Expels Brit Dip for Spying
🇷🇺🕵️ Russia Expels Brit Diplomat for Spying | Global Intelligence Weekly Wrap-Up
This week on Global Intelligence Weekly Wrap-Up, Neil Bisson — retired CSIS intelligence officer and Director of the Global Intelligence Knowledge Network — breaks down a series of developments that reveal how espionage, sabotage, foreign interference, and terrorism are increasingly interconnected across today’s global threat environment.
From Chinese intelligence recruitment inside the U.S. Navy, to Russia’s expanding use of disposable agents for sabotage across Europe, to the public expulsion of a British diplomat accused of spying, this episode exposes how state competition is now being fought simultaneously through insiders, proxies, and intelligence confrontation.
But the core focus of this episode is Russia’s expulsion of a British diplomat from Moscow — and what it tells us about the intensifying counterintelligence conflict between Russia and the West.
🎧 Before you hit play, consider these questions:
❓ How vulnerable are Western militaries to insider recruitment by hostile intelligence services?
❓ What does Russia’s growing use of “disposable agents” tell us about the future of sabotage and hybrid warfare?
❓ Why do diplomatic expulsions matter far beyond symbolic politics?
❓ What does an alleged state-linked organized crime network operating in Canada mean for sovereignty and community safety?
❓ How are terrorist designations and military espionage cases reshaping today’s counterterrorism and counterintelligence landscape?
These questions — and many more — are explored through open-source reporting, intelligence tradecraft, and real-world national security experience throughout the episode.
If you value serious, independent intelligence analysis that goes beyond headlines, consider supporting the podcast on Buzzsprout.
⏱️ Chapters
00:00 — Intro
01:50 — U.S.: Ex-Navy Sailor Sentenced for Spying for China
11:40 — Europe: Russia’s “Disposable Agents” and Hybrid Sabotage
20:10 — Russia Expels British Diplomat for Spying
27:45 — Canada: RCMP Report Alleges Indian-Linked Criminal Proxies
34:30 — Canada: Foreign Influence Registry Controversy
38:30 — U.S./Middle East: Muslim Brotherhood Terrorist Designations
41:20 — Israel: IDF Soldier Charged with Spying for Iran
42:00 — Outro
🎓 Featured Courses with the University of Ottawa – Professional Development Institute
Sabotage and Proxy Operations in Modern Intelligence (2 days – February 2026)
👉 https://pdinstitute.uottawa.ca/PDI/Courses/National-Security/Sabotage-and-Proxy-Operations/Course.aspx?CourseCode=S0245&429f5b2a066e=1#429f5b2a066e
The Psychology Behind Human Sources in Intelligence Collection (2 days – May 2026)
👉 https://pdinstitute.uottawa.ca/PDI/Courses/National-Security/The-Psychology-Behind-Human-Sources/Course.aspx?CourseCode=S0236
💡 Support the Podcast
If Global Intelligence Weekly Wrap-Up helps you better understand today’s rapidly evolving espionage, sabotage, terrorism, and foreign interference threats, please consider supporting the show:
👉 https://www.buzzsprout.com/2336717/support
Your one-time or ongoing contribution directly supports the research, monitoring, and independent analysis that
2026 01 16 Global Intelligence Weekly Wrap Up
INTRO:
Welcome to the Global Intelligence Weekly Wrap-Up — the podcast where open-source reporting meets informed, expert analysis.
This week, Neil Bisson — retired CSIS intelligence officer and Director of the Global Intelligence Knowledge Network — breaks down a series of developments that underscore how espionage, sabotage, foreign interference, and terrorism continue to reshape the global security landscape.
We begin in the United States, where a former U.S. Navy sailor has been sentenced to nearly 17 years in prison for selling sensitive warship information to Chinese intelligence — a case that exposes how aggressively Beijing continues to target Western militaries, and how damaging a single willing insider can be.
From there, we move to Europe, where new reporting shows how Russia-linked networks are increasingly using so-called “disposable agents” to carry out acts of sabotage and disruption across the continent — a low-cost, deniable model of hybrid warfare designed to strain security services and test NATO resolve.
We then stay with Russia, as Moscow expels a British diplomat, Gareth Samuel Davies, accusing him of espionage — a public flashpoint in the ongoing counterintelligence confrontation between Russia and the West.
Back in Canada, we examine a deeply troubling RCMP assessment alleging that the Bishnoi organized crime group has been acting on behalf of the Indian government, using criminal networks as proxies to intimidate and target individuals on Canadian soil.
We then turn to Ottawa, where criticism is growing over the federal government’s slow and uncertain rollout of a foreign influence registry — raising serious questions about whether Canada is truly prepared to confront covert state interference.
From there, we head to the Middle East, where the United States has formally designated Muslim Brotherhood organisations in Egypt, Lebanon, and Jordan as terrorist groups — a significant shift in counterterrorism policy with wide regional and intelligence implications.
And finally, we close in Israel, where an active-duty IDF soldier from the Givati Brigade has been charged with spying for Iran, highlighting once again how hostile intelligence services continue to penetrate even well-protected military institutions.
Taken together, these stories reveal a clear pattern: today’s threats are interconnected, adaptive, and increasingly difficult to separate into neat categories of crime, terrorism, or espionage.
Let’s get started.
MUSIC
Hello and welcome back to another episode of the Global Intelligence Weekly Wrap Up.
I’m your host, Neil Bisson, a retired Intelligence Officer with the Canadian Security Intelligence Service and the Director of the Global Intelligence Knowledge Network.
Each week, I take headline news concerning espionage, sabotage, national security and terrorism and provide you with the insights and analysis that goes beyond the story.
Through analysis and corroboration, I provide you with the perspective and context to understand how the shadowy world of intelligence, counterintelligence, statecraft and spycraft affect your career, your country, and your safety.
So, without further ado, let’s dive in.
For our first story this week, we’re returning to a threat stream I have addressed before on this podcast — the sustained and systematic effort by Chinese intelligence services to recruit insiders within Western militaries.
On an episode previously aired in April last year entitled “META Compromises US National Security? Canadian Campaign plagued by FI,” I discussed U.S. indictments that revealed Chinese intelligence efforts to groom and recruit U.S. Navy personnel in order to gain direct access to sensitive naval information.
Earlier this week in an article entitled — “Ex-U.S. Navy Sailor Gets Near 17 Year Prison Sentence Selling Ship Secrets To China” — represents the outcome of that same operational environment.
On January 13th, a federal court in California sentenced Patrick Wei, 25, a former U.S. Navy sailor, to 200 months in prison — just under 17 years — after he was convicted by a jury on multiple counts, including espionage, for selling sensitive U.S. naval information to a Chinese intelligence officer.
Patrick Wei served as an engineer aboard the USS Essex, a U.S. Navy amphibious assault ship.
In that role, he had authorized access to technical documentation, operational manuals, and internal system references tied to the functioning and maintenance of U.S. warships.
According to court records and the Department of Justice, between March 2022 and August 2023, Wei provided a Chinese intelligence officer with at least 30 technical and operational manuals, along with other sensitive material related to U.S. naval systems.
In exchange, he received more than $12,000 in cash payments over an 18-month period.
Prosecutors told the court that the information Wei transmitted included detailed documentation about shipboard systems and how U.S. amphibious assault vessels are operated, maintained, and supported.
From a military intelligence perspective, this type of material allows a foreign navy not only to understand how platforms are built, but how they are sustained, where their limitations exist, and how they might be disrupted, degraded, or exploited during future conflict.
In sentencing filings, federal prosecutors argued that Wei’s actions went far beyond isolated document theft.
They stated that his disclosures “compromised the U.S. Navy’s entire fleet of amphibious assault ships,” by providing China with thousands of pages of technical information that reveal how these vessels function as an integrated system.
What is particularly significant in this case is that Wei was fully aware of the nature of his actions.
Investigators revealed that he had told a friend that his contact with the Chinese handler was “quite obviously espionage.”
Despite this, he continued to meet with the handler and transfer material over an extended period.
This places the case squarely within the most damaging counterintelligence category: the willing insider — an individual with legitimate access who knowingly chooses to cooperate with a foreign intelligence service.
This case directly aligns with patterns I previously discussed on this podcast.
In the April 11th, 2025, episode, I examined U.S. indictments detailing Chinese Ministry of State Security efforts to identify, cultivate, and recruit U.S. Navy personnel.
That earlier reporting outlined how Chinese intelligence handlers were focusing on naval ecosystems, using relationship-building, financial incentives, and digital communications platforms to establish long-term access.
Wei’s recruitment reportedly began in 2022, when he was first approached by a Chinese intelligence officer through social media.
This detail is operationally important.
It reflects how modern intelligence services increasingly conduct spotting and assessment in digital spaces rather than through traditional diplomatic channels.
Service members no longer need to travel overseas to be identified.
They can be located, profiled, approached, and cultivated entirely online.
Wei was not the only U.S. sailor implicated in this broader effort.
He was one of two U.S. Navy sailors arrested in 2023 for espionage linked to China.
The second sailor, Wenheng Zhao, was later sentenced to prison after providing sensitive non-public military information related to operations, training activities, and critical infrastructure.
Taken together, these cases demonstrate continuity.
These are not isolated breaches.
They reflect a sustained, methodical recruitment strategy directed at U.S. naval personnel.
From an intelligence standpoint, the most striking element of this case is the cost-to-impact ratio.
For just over $12,000, Chinese intelligence obtained insight into complex naval platforms, internal system architecture, and fleet-level operational practices.
This reinforces a central principle of espionage: that penetrating human systems is often cheaper, quieter, and more strategically valuable than cyber intrusion.
No classified network was hacked.
No perimeter was breached.
No malware was required.
Wei was already a trusted insider to the system.
Technical manuals, maintenance documentation, and operational procedures are foundational intelligence.
They support war-gaming, cyber targeting, electronic warfare planning, logistics modeling, and vulnerability analysis.
They allow foreign militaries to simulate how platforms perform under stress, how quickly they can be repaired, and which subsystems represent critical points of failure.
This case also reinforces why modern counterintelligence programs focus so heavily on insider-threat indicators:
financial pressures, unexplained foreign contacts, behavioral shifts, online engagement patterns, and the exploitation of personal grievances.
Once an insider decides to cooperate, the damage is rarely limited to a single disclosure. It compounds.
Patrick Wei’s sentencing sends a strong legal message.
But operationally, it confirms what Western intelligence services have been warning about for years.
China is not only stealing technology.
It is investing in time effort and money into human sources or spies.
Specifically, people inside Western militaries who understand how platforms work, how forces deploy, how systems fail, and how operations are sustained.
This case validates the assessment I discussed last April: that Chinese intelligence services are executing a long-term human intelligence strategy aimed at persistent access, insider exploitation, and military-grade collection.
Yet again this is another warning for Canadian Armed Forces members.
As Canada continues to discuss concerns over a lacking military infrastructure, Arctic Sovereignty and bolstering our military might, China is watching and likely actively talent spotting for individuals with access similar to what Wei had.
As more investigations move through the courts, more of these cases will likely surface.
Because recruitment programs do not end when one asset is arrested.
They adjust.
They regenerate.
And they continue.
MUSIC
We head to Europe for our next story; we shift from classic espionage to something that sits squarely in the grey zone — the use of sabotage as a form of hybrid warfare.
This Sky News report examines how Russia-linked intelligence networks are increasingly using what are being described as “disposable agents” to carry out low-cost, deniable acts across the UK and Europe, designed to undermine NATO cohesion, raise the political cost of supporting Ukraine, and erode public trust in government security systems.
The reporting draws heavily on new research from the Royal United Services Institute, or RUSI, which argues that these operations are no longer isolated incidents — they are becoming a systematic campaign.
According to the RUSI research referenced in the article, Russian intelligence-linked actors are recruiting individuals online — including Ukrainians, and other nationalities — to conduct acts such as arson, vandalism, and other hostile activity in European states.
The key point here is how this is being done.
Instead of relying primarily on trained intelligence officers physically operating inside Europe, the report describes a shift toward a remote model: handlers use messaging apps such as Telegram and even gaming platforms to identify and task individuals who may have little or no understanding of who is really behind the request.
In other words, this becomes sabotage outsourcing — a “gig-economy” model where the people carrying out the acts are expendable, easily replaced, and often highly deniable.
The article also highlights why money matters in this space.
The report notes that payments can range from hundreds to thousands of euros, often offered in cryptocurrency, which makes attribution and financial tracing more difficult for investigators.
RUSI’s assessment is that the recruitment pool tends to include people who are more vulnerable to quick cash: teenagers, migrants, and in some cases older individuals with former Soviet military experience — people who may be easier to approach, persuade, or manipulate.
This story is best understood against the backdrop of Russia’s post-2022 hybrid toolkit.
After Russia’s full-scale invasion of Ukraine, many Russian intelligence officers were expelled from European countries.
The RUSI assessment in this report is that those expulsions helped force adaptation.
With fewer official or semi-official intelligence personnel able to operate openly, networks leaned more heavily on intermediaries and cut-outs — and increasingly on “agents for a day.”
And the timing matters.
The article notes a reported rise in Russia-linked arson and serious sabotage incidents across Europe: from very low numbers in 2022, to higher levels in 2023, and then a further increase in 2024.
In the logic of hybrid conflict, a rising tempo matters even when individual events look small — because the cumulative effect is what shifts public perception and tests political will.
The report also emphasizes something that’s easy for policymakers and the public to miss:
individual incidents can appear opportunistic, even random, but collectively they can indicate a coordinated campaign designed to probe NATO “red lines,” distract law enforcement, and stretch security services across multiple jurisdictions.
Sky News points to the breadth of activity that can fall under this umbrella:
from major operations like undersea cable disruption, all the way down to simple attacks such as starting fires or vandalism, and even reconnaissance-style activities.
One example highlighted is Poland, described as a frequent target of suspected Russia-linked hybrid attacks.
The reporting notes that Polish authorities have detained multiple individuals in sabotage-related investigations between 2023 and 2025, many of whom were Ukrainian nationals — not because Ukraine is coordinating sabotage, but because Russia is exploiting the presence of Ukrainian migrants to create political tension and distrust inside European societies.
A particularly serious example referenced in the article is an explosion in November 2025 on a railway line used as a key route for transporting aid to Ukraine — an incident Polish authorities attributed to Russian intelligence involvement, with officials describing it as an unprecedented act of sabotage.
The strategic logic becomes clearer here: Russia doesn’t necessarily need a spectacular attack.
It needs persistent disruption, uncertainty, and mistrust — and ideally a political narrative that fractures support for Ukraine.
From an intelligence and counterintelligence perspective, the most important concept in this reporting is deniability by design or plausible deniability.
If the people carrying out the attacks are “disposable,” then Moscow retains flexibility.
If an operation is exposed, Russia can deny state involvement and point to criminals, extremists, or “lone actors.”
If the perpetrators are Ukrainian nationals, the resulting political friction can serve Russia’s interests even if the individuals were manipulated or unaware of the true sponsor.
This is also why the report urges NATO and EU states to treat even low-level incidents as potential components of a broader campaign, rather than isolated criminal events.
The report also argues for practical improvements: agreeing on a shared definition of sabotage, improving coordination, and using tools often associated with counterterrorism — especially to track illicit financing and disrupt the funding channels that support these operations.
The key takeaway from this story is that modern sabotage is evolving.
It is becoming cheaper, more deniable, and easier to scale.
Instead of a small number of highly trained operatives, hostile states can now recruit and task a much larger number of online “contractors” to carry out low-grade attacks that, over time, can create strategic pressure.
And that should matter to Canada as well, because the logic is transferable.
If Russia can run a distributed model of sabotage and disruption across Europe using disposable recruits, there is no reason to assume that Canada, who has supported Ukraine from the start of the conflict, is immune to the same approach — especially against critical infrastructure, diaspora communities, or supply chains tied to allied support for Ukraine.
MUSIC
Russian Sabotage and Proxy operations in Europe is a good segway into our main story this week, as we move to Moscow, where the intelligence confrontation between Russia and the United Kingdom has flared again — this time through the expulsion of a British diplomat accused of espionage.
On January 15th, Russia announced that it was expelling a British diplomat from the UK Embassy in Moscow, alleging he was operating as an undeclared intelligence officer.
The United Kingdom has rejected this allegation, describing it as malicious and baseless, and said it was considering how to respond.
On the surface, expulsions can look like routine diplomatic disputes.
In practice, they are often the public-facing tip of a much deeper conflict involving counterintelligence pressure, disruption, and political signalling between services and states.
Russia’s Federal Security Service, the FSB, stated that it had identified a British diplomat, who it accused of carrying out intelligence activity under diplomatic cover.
Russia revoked the diplomat’s accreditation and declared that he must leave the country within a set period — approximately two weeks.
Russia’s foreign ministry then summoned the UK’s senior diplomatic representative in Moscow — the charge d’affaires — to issue a formal protest and deliver the expulsion notice.
In other words, Russia treated this not as a quiet administrative matter, but as a deliberate political act intended to be seen and understood.
The diplomat has been publicly named in reporting as Gareth Samuel Davies, who held the title of second secretary at the British embassy in Moscow.
Russia alleges he was not simply a career diplomat, but an undeclared intelligence officer using diplomatic status as cover.
The UK government rejected the accusations and framed the expulsion as part of a broader pattern of hostile Russian behaviour.
London also signalled that it was weighing its response — language that typically indicates the UK is considering reciprocal action.
This incident must be understood within the post-2022 reality of Russia’s relations with Western states.
Since Russia’s full-scale invasion of Ukraine, diplomatic relations have deteriorated sharply, and intelligence competition has become more overt and public.
Expulsions in this environment serve multiple purposes.
They remove individuals Russia claims are engaged in intelligence work.
They disrupt embassy capacity, including routine diplomatic functions.
And they provide a mechanism for retaliation and escalation management that remains below the level of criminal prosecution or kinetic action.
This is also not the first time Russia has used this playbook against the UK.
In recent years, there have been multiple rounds of accusation and expulsion, with Russia alleging espionage and Britain denying it.
The repetition matters, because it shows this is not a single episode — it is a sustained pattern.
From an intelligence perspective, there are two key layers here.
First, the operational environment.
Embassies are one of the classic arenas where intelligence services operate under diplomatic cover and where host-country counterintelligence services focus a significant amount of attention.
Expulsions are one of the host state’s most effective overt tools: they remove a person of interest without the legal burden, evidentiary threshold, often with minimal international consequences of a criminal prosecution.
Second, the strategic signalling.
Russia’s consistent messaging in these cases is that it will not tolerate what it describes as undeclared intelligence activity, and it often pairs expulsions with warnings not to retaliate — while simultaneously threatening a symmetrical response if retaliation occurs.
That is a classic escalation-control technique: impose a cost, define the narrative, and attempt to deter an equal response while preparing for one.
If the UK responds with reciprocal expulsions — which is common in these situations — the net result will likely be a further reduction in diplomatic presence and a narrowing of formal channels between London and Moscow.
In a hostile environment, reduced communication can increase the risk of miscalculation even as it satisfies political and security imperatives.
Bottom line: this expulsion is another indicator of how adversarial and transactional Russia’s relationship with the UK has become.
While a single expulsion may appear procedural, it reflects a broader cycle of counterintelligence pressure, diplomatic retaliation, and public messaging that has become normalized since the war in Ukraine began.
There are two things that should be watched out for:
whether the UK issues a reciprocal expulsion, and whether Russia responds again in kind — because in the current climate, neither side wants to be seen taking an operational intelligence hit without returning one.
MUSIC
For our next story, we head to Canada for a story that sits at the intersection of national security, transnational organized crime, and foreign interference.
This week, Global News released an article entitled, “RCMP report says Bishnoi gang ‘acting on behalf of’ Indian government,” revealing details from an internal RCMP national security assessment that alleges the Lawrence Bishnoi crime group — already linked to extortion and violence in Canada — has been operating in coordination with, and “on behalf of,” the government of India.
This report highlights the fact that this is not just a policing issue.
It demonstrates the state-linked threat activity inside Canada, using criminal proxies to intimidate and target individuals on Canadian soil.
At the centre of the story is a short but pointed RCMP national security division briefing, marked “Protected A,” that was distributed internally last year.
The document was later released through an Access to Information request and obtained by Global News.
In just a few pages, the RCMP assessment reportedly references alleged ties between the Bishnoi gang and the Indian government multiple times.
The RCMP describes the Bishnoi Crime Group as a violent, expanding transnational criminal organization operating in several countries, including Canada.
The report characterizes the group as being driven primarily by greed — not ideology — and links it to a range of serious criminal activity, including extortion, drug trafficking, money laundering, and contract killings.
The critical allegation in the briefing is that the gang uses violence to further its criminal enterprise while “acting on behalf of the Indian government.”
This matters because it reframes the gang from being simply a foreign-based organized crime problem that happens to spill into Canada, into something potentially closer to a hybrid threat:
criminality blended with foreign state direction, and intimidation tactics tied to political objectives.
The timing of the report’s release is politically sensitive.
It surfaced the same day the B.C. Premier began a trade mission to India, and amid reporting that Prime Minister Mark Carney intends to visit India later this year.
Global News notes that efforts to deepen trade and diplomatic engagement are occurring while Sikh organizations and community representatives continue to warn that Canadians are being placed at risk if alleged transnational repression is not confronted openly.
To understand why this RCMP allegation is so consequential, it needs to be placed in the broader arc of Canada–India tensions following the June 18th, 2023 assassination of Sikh temple leader Hardeep Singh Nijjar in Surrey, British Columbia.
Something I have referenced often on this podcast since it’s inception.
Nijjar was a prominent figure associated with the Khalistan movement, which seeks independence for India’s Sikh-majority Punjab region.
India had publicly labelled Nijjar a terrorist and pressured Canada to arrest him.
Three months after Nijjar’s killing, then-prime minister Justin Trudeau told the House of Commons that Canadian authorities were investigating the possible involvement of Indian government agents.
Several arrests followed in 2024, and the RCMP later warned publicly that investigations had linked Indian officials to violent crimes in Canada.
Canada responded by expelling multiple Indian consular and diplomatic officials.
But as diplomatic ties have since been partially restored and trade discussions continue, Sikh advocacy organizations argue that the fundamental safety issue has not gone away — especially if the same networks suspected of supporting violence remain active.
The Bishnoi gang has been repeatedly linked in Canadian reporting to extortion threats and shootings affecting members of the South Asian community, and Ottawa has already taken a major step by listing the gang as a terrorist entity under Canadian law in September 2025.
That listing enables stronger enforcement tools, including property seizure and account freezes, and bars Canadians from financing or materially supporting the group — but it does not, in itself, publicly reference any foreign-state link.
The RCMP briefing described in this article is notable precisely because it does what the public terrorist listing does not: it repeatedly points toward alleged state coordination.
From an intelligence and national security standpoint, there are several reasons this story deserves close attention.
First, the alleged “how” matters.
If a foreign state is using an organized crime group as a proxy, it creates built-in deniability. Criminals can be framed as criminals. Violence can be dismissed as gang conflict. Targets can be intimidated while the sponsoring state claims it has no involvement. This is a classic method of proxy action: outsource coercion to a network that already has the infrastructure for intimidation, recruitment, and enforcement.
Second, this becomes a sovereignty issue. When politically motivated targeting or intimidation is occurring inside Canada — especially if it is aimed at activists, community leaders, or dissidents — it moves beyond policing into the domain of counterintelligence and counter-foreign-interference response.
Third, the community impact is not abstract. The alleged targets, as described in the reporting, are primarily Canadian Sikhs — meaning this isn’t just a matter of international diplomacy. It’s about whether Canadians can live, organize, speak, and advocate freely without fear of overseas-linked coercion.
The report’s discussion of the gang’s structure is also revealing. The RCMP briefing describes an organization that has grown from roots in Punjab into a global network, operating across regions with significant Punjabi diaspora communities.
It reportedly notes that Lawrence Bishnoi has been incarcerated in India since 2015 yet is believed to have continued directing the organization, while a close associate — often identified as Goldy Brar — is believed to have taken on a leading operational role.
The implication is that Canada is not dealing with a loosely connected set of criminals.
It is dealing with a durable transnational network capable of projecting intimidation and violence across borders — and, according to the RCMP assessment cited here, potentially capable of being used in support of state objectives.
This story raises a hard question for Canada going forward:
what does a serious response look like when the lines between foreign interference and organized crime begin to blur?
If the RCMP assessment is accurate, then Canada is facing a proxy threat model in which criminal networks are not only profiting from extortion and violence but may also be leveraged to target individuals as part of transnational repression.
That demands clarity, not ambiguity — because the public, and especially affected communities, need to know that allegations of foreign-linked violence are being treated as national security threats, not just criminal incidents.
It also demands policy discipline.
Canada can pursue trade diversification and diplomatic engagement, but not at the cost of downplaying credible warnings about intimidation and violence occurring inside our borders.
Because the first responsibility of government is the safety and security of Canadians.
MUSIC
We’re staying in Canada and on topic for our next story, where foreign interference and political resilience are once again front and centre.
This article from The Hill Times, entitled “‘Too weak, too vague, too slow’: PM Carney accused of ‘dragging his feet’ on foreign influence registry while charging forward on economic reset with China,” examines growing criticism of the federal government’s pace and seriousness in implementing Canada’s long-promised foreign influence registry.
On January 14th, 2026, the government released draft regulations connected to the registry — a system intended to require individuals and organizations acting on behalf of foreign states to publicly declare those relationships.
But critics are now arguing that, despite years of warnings about foreign interference, Canada still does not have a functioning registry, a named commissioner, or a clear enforcement regime.
According to the reporting, the draft regulations were published roughly 18 months after royal assent was granted to the enabling legislation.
Opposition parties and national security observers are now questioning why implementation has moved so slowly, particularly given the volume of public reporting, intelligence warnings, and high-profile inquiries related to foreign interference in Canada.
A central issue raised in the article is that the government has not yet appointed or confirmed an independent commissioner to oversee and enforce the registry.
That role is critical.
Without a commissioner with clear authority, investigative powers, and enforcement tools, a foreign influence registry risks becoming a transparency exercise on paper rather than an operational national security instrument.
Critics quoted in the piece argue that the draft regulations remain too vague on key questions: Such as:
-who must register?
-what level of activity triggers disclosure?
-how non-compliance will be detected?
-and what penalties will apply?
In other words, the framework exists, but the operational backbone appears unfinished.
At the same time, the article situates this delay against the government’s stated interest in pursuing an economic “reset” with China.
That contrast is driving much of the political criticism — the perception that Ottawa is willing to move quickly on economic engagement, but slowly on defensive measures designed to protect Canada’s political system from covert foreign influence.
The push for a foreign influence registry did not emerge in a vacuum.
For several years, Canadian intelligence agencies, parliamentary committees, media investigations, and two major public inquiries have all pointed to persistent foreign interference efforts targeting Canadian political institutions, elected officials, diaspora communities, and public discourse.
The concept behind a registry is straightforward: it is meant to force disclosure when individuals or entities in Canada are acting under the direction of, or in coordination with, a foreign state or its proxies for the purpose of influencing political or governmental processes.
Comparable registries already exist in allied countries, including the United States and Australia.
In those systems, registries are not intelligence tools themselves, but they create transparency, investigative leads, and legal obligations that make covert influence harder to sustain.
The Hill Times reporting highlights that Canada is now well past the debate phase.
Legislation has been passed.
Public awareness is high.
The continual outstanding issue is execution — whether Canada can move from acknowledging and admiring the problem to building a durable mechanism to try and manage it.
From an intelligence and counter-interference perspective, registries serve three main purposes.
-First, they introduce friction. Foreign influence thrives in opacity. Disclosure requirements force foreign states and their proxies to choose between visibility and illegality.
-Second, registries create investigative baselines. They provide law enforcement and security agencies with reference points — names, declared relationships, and activities — that help distinguish transparent advocacy from undeclared foreign tasking.
-Third, registries carry deterrent value. When properly enforced, they raise the cost of operating influence networks, disrupt recruitment pipelines, and provide prosecutors with earlier legal intervention options.
But all of that depends on design and enforcement.
A registry that is too narrow becomes symbolic.
A registry that is too vague becomes unenforceable.
A registry without an empowered, independent commissioner becomes administrative rather than protective.
This is why the article’s focus on delays, unclear authorities, and the absence of a confirmed commissioner is not procedural trivia — it goes to whether Canada is building a functional counter-interference capability or a political placeholder.
This story ultimately isn’t just about draft regulations.
It’s about whether Canada is prepared to operationalize what years of intelligence reporting and public inquiries have already concluded: that foreign influence is not hypothetical, and that transparency mechanisms must move at the same pace as the threats they are meant to counter.
Let’s be clear here: A foreign influence registry is not a cure-all.
It will not replace intelligence collection, criminal investigations, community protection, or diplomatic responses.
But it is a foundational tool.
And the longer its implementation drags on, the longer Canada remains in a posture where influence activity continues in the grey — with limited disclosure requirements and limited early-stage legal leverage.
The real test will not be whether regulations are published.
The test will be whether Canada establishes a clear, enforceable registry, led by an independent commissioner, backed by investigative authority, and supported politically when enforcement becomes uncomfortable.
Because countering foreign interference is not just a policy choice.
It is a sovereignty obligation.
MUSIC
For our next story, we turn to the Middle East, where the United States has made a major counterterrorism and foreign policy move with significant regional and international implications.
The article, “US labels Muslim Brotherhood organisations in Egypt, Lebanon, and Jordan as ‘terrorist’,” details a decision by the U.S. government to formally designate branches of the Muslim Brotherhood in three countries as terrorist organisations.
The announcement was made on January 13th, 2026, and marks a significant escalation in how Washington is choosing to treat elements of one of the most influential Islamist movements in the modern Middle East.
The U.S. government has now officially designated Muslim Brotherhood-linked organisations operating in Egypt, Lebanon, and Jordan under terrorism authorities, triggering sweeping legal and financial consequences.
Under these designations, it becomes a criminal offence under U.S. law to knowingly provide material support, services, or funding to the listed groups.
Assets tied to them can be frozen, travel can be restricted, and international financial institutions become obligated to block transactions.
In practical terms, this shifts these organisations from being treated as controversial political or social movements to being handled within the same counterterrorism framework used against armed extremist groups.
U.S. officials justified the move by asserting that these branches present themselves publicly as legitimate civic or political organisations while covertly supporting or facilitating militant activity, including ties to groups such as Hamas.
The Lebanese branch, often known as al-Jamaa al-Islamiya, is being treated as directly involved in militant activity, while the Egyptian and Jordanian branches have been designated under terrorism-financing and global sanctions authorities.
This creates a much broader legal environment in which individuals, charities, companies, or intermediaries suspected of supporting these organisations can now be targeted through financial disruption, criminal investigations, and international enforcement mechanisms.
The Muslim Brotherhood was founded in Egypt in 1928 and has since evolved into a transnational ideological movement with branches, affiliates, and sympathisers across the Middle East, Europe, and North America.
Over decades, Brotherhood-linked organisations have operated across a wide spectrum: from social and charitable work to formal political parties, to ideological and logistical support networks connected to militant groups.
Some Brotherhood-affiliated movements pursued electoral politics, particularly following the Arab Spring.
Others were banned, repressed, or driven underground.
Several regional governments — including Egypt, Saudi Arabia, and the United Arab Emirates — have long designated the Brotherhood as a terrorist organisation, accusing it of destabilisation, subversion, and links to violent extremism.
The United States historically took a more cautious approach, often differentiating between violent jihadist organisations and Islamist movements that claimed political or social mandates.
This designation represents a shift away from that distinction, signalling that Washington now assesses these specific branches as sufficiently connected to militant activity to warrant full counterterrorism classification.
From an intelligence and counterterrorism standpoint, this decision significantly expands the operational toolkit available to U.S. authorities.
Terrorist designations are not symbolic.
They enable financial warfare: tracking, freezing, and seizing assets; compelling disclosure from banks; criminalising facilitation; and enabling international cooperation against networks that operate across borders.
They also provide legal foundations for intelligence collection, undercover operations, surveillance authorities, and international information-sharing focused specifically on dismantling organisational ecosystems rather than reacting only after attacks occur.
Strategically, this move also reshapes how the United States positions itself in the broader ideological contest in the Middle East.
It aligns Washington more closely with regional governments that have long argued that the Muslim Brotherhood functions as a gateway movement — providing ideological infrastructure, recruitment pools, and logistical cover for more overtly violent extremist groups.
From a counterterrorism perspective, the designation reflects a preventive logic: targeting not just those who carry out violence, but the organisational environments that allegedly sustain and enable it.
This decision marks a consequential shift in U.S. counterterrorism policy.
By formally designating Muslim Brotherhood organisations in Egypt, Lebanon, and Jordan as terrorist groups, Washington is broadening the scope of what it considers part of the extremist threat environment.
The practical impact will be felt in financial systems, legal proceedings, international partnerships, and intelligence operations.
The political impact will be felt across the Middle East, where the Brotherhood’s role in society, politics, and resistance movements remains deeply contested.
For intelligence and national security professionals, this move underscores an important trend:
the expanding definition of what states consider part of the terrorism ecosystem — and the growing use of legal, financial, and intelligence tools to disrupt not just attackers, but entire ideological and organisational networks.
MUSIC
For our final segment this week, we turn to a developing espionage case in Israel that highlights the ongoing threat posed by Iranian intelligence operations penetrating even disciplined military forces.
The Jerusalem Post reports that an active soldier with the Israel Defense Forces — serving in the Givati Brigade — was arrested back in September of 2025 and has now been formally charged with spying for Iran.
Much as in our first segment this week, this case underscores how hostile actors continue to target military personnel for intelligence collection, leveraging access to critical information about defence infrastructure, weapons systems, and strategic sites.
According to a court release published on January 15th, 2026, the unnamed soldier had been in contact with Iranian intelligence forces since July of 2025.
Israeli authorities allege that the soldier provided photos and videos of important locations, including from inside military bases, as well as detailed information on weapons and armaments used by the Israeli Defence Forces, or IDF.
The intelligence was furnished to Iranian handlers in exchange for financial compensation.
The arrest followed a multi-agency investigation involving Shin Bet, the Investigative Military Police, and MALMAB, which is the Director of Security of the Defense Establishment.
The soldier now faces multiple charges, including contact with a foreign agent, passing information to the enemy, impersonation, and obstruction of justice.
What makes this case particularly serious is not just the betrayal of trust inherent in an IDF servicemember spying for a foreign adversary, but the proximity to and access inside Israeli military ecosystems that the individual possessed.
Materials from within army bases and information on weapons systems can provide foreign intelligence services with actionable insights for strategic planning, target development, and long-term collection priorities.
This arrest is part of a broader pattern of Iranian espionage efforts targeting Israelis, both inside and outside formal defence structures.
The Jerusalem Post notes that a number of Israelis have been detained in recent months on similar charges of assisting Iranian intelligence. For example:
- In September 2025, another Israeli man was convicted after being recruited through a Telegram contact who allegedly tasked him with various operations on behalf of Iranian agents, including recruitment and propaganda-related activities.
- In October 2025, a separate individual was arrested for conducting security-related missions for foreign agents, including retrieving and transferring equipment according to instructions.
- In January 2026, an indictment was filed against a third person accused of conducting surveillance for individuals suspected of being Iranian intelligence operatives, including installing a dashboard camera for remote monitoring of specific locations.
These cases collectively suggest that Iranian intelligence services are employing multiple recruitment vectors, from social media approaches to exploitation of personal vulnerabilities, with an aim to gather operational and strategic intelligence.
From an intelligence and counterintelligence perspective, this development is significant on several levels.
- First, it reflects the persistence of Iranian human intelligence (HUMINT) efforts against Israel — a state with highly developed counterintelligence capabilities.
Despite rigorous vetting and internal security measures, adversaries continue to identify and exploit individuals willing to betray their oath and access.
Second, the range of alleged activities — from collection of visual intelligence to passing details on weaponry — highlights that foreign services are not simply seeking incidental or opportunistic information. They are targeting tactical and strategic-level material that could feed into broader operational planning or long-term capability assessments.
Third, the involvement of multiple agencies — Shin Bet, military investigators, and defence security — underscores the severity with which Israel views this threat. Espionage cases involving active military personnel trigger some of the most intensive investigative resources available precisely because of the access and potential damage involved.
This case is a stark reminder that espionage remains a potent and evolving threat even against well-secured societies or governments.
As Iran continues to blend cyber operations, diplomatic intelligence functions, and HUMINT recruitment campaigns, nations like Israel — and by extension, its allies — must remain vigilant against efforts to penetrate military and defence infrastructures.
For Global Intelligence Weekly Wrap-Up listeners, this story reinforces a broader pattern that I’ve been tracking for years:
that adversarial states have not stopped investing in human access to sensitive defence ecosystems. And that insider threats — whether ideological, financial, or coercive — remain among the most dangerous forms of intelligence compromise.
Espionage and Counterespionage are not going away anytime soon, but don’t worry because neither am I.
With that, we come to the close of this week’s wrap up.
As we are firmly into 2026, I want to remind my listeners that, just like last year, I will be teaching online courses for the Professional Development Institute of the University of Ottawa.
In February, I am giving an 8-hour, 2 day online course on Sabotage and Proxy Operations in Modern Intelligence.
As you can see from this episode, Proxy operations are becoming the “gig economy” of wannabe assassins and arsonists. India, China, Russia and other intelligence agencies are using proxies to do their dirty work, and Canada is just as vulnerable to these tactics as any western nation.
In May, I will be doing another session on the Psychology Behind Human Sources in Intelligence Collection. Another 2-day, 8-hour course that looks at the motivational factors surrounding why people spy and how intelligence organizations leverage these motivations to gain access to state secrets and more.
I’ll leave links in the show notes and transcripts for those interested in registering.
Until next week: Stay curious, stay informed and stay safe.
MUSIC
OUTRO: That wraps up this week’s Global Intelligence Weekly Wrap-Up.
Thank you for listening.
Every story we covered today — from Chinese intelligence recruitment inside the U.S. Navy, to Russia’s expanding sabotage networks in Europe, to diplomatic expulsions, alleged foreign-directed criminal proxies in Canada, and Iranian espionage targeting Israeli military personnel — reflects just how complex, interconnected, and persistent today’s threat environment has become.
These are not isolated events.
They are part of a broader pattern of state competition, intelligence confrontation, and hybrid activity that increasingly blurs the lines between crime, espionage, terrorism, and foreign interference.
Producing the Global Intelligence Weekly Wrap-Up requires extensive research, daily monitoring of open-source reporting, and careful analysis to deliver clear, accurate, and independent intelligence insight each week.
If you find value in this work, you’re encouraged to support the show by visiting Buzzsprout, where you can make a one-time or ongoing donation.
Your support directly helps sustain the podcast and helps ensure this analysis can continue without interruption.
Don’t forget to subscribe, share the podcast with others, and leave a review — it helps more listeners discover the show.
And as Neil always reminds us: stay curious, stay informed, and stay safe.
MUSIC
Links:
Courses:
Sabotage and Proxy Operations in Modern Intelligence:
The Psychology Behind Human Sources in Intelligence Collection:
Segments:
Segment 1) Ex-U.S. Navy Sailor Gets Near 17 Year Prison Sentence Selling Ship Secrets To China
Segment 2) Russia is waging hybrid war on UK and Europe through 'disposable agents'
https://news.sky.com/story/how-russia-is-using-disposable-agents-to-sabotage-europe-13494007
Segment 3) Russia expels British diplomat for spying, agencies say
https://www.reuters.com/world/russia-expels-british-diplomat-spying-agencies-say-2026-01-15/
Segment 4) RCMP report says Bishnoi gang ‘acting on behalf of’ Indian government
https://globalnews.ca/news/11609940/rcmp-report-bishnoi-gang-acting-on-behalf-of-indian-government/
Segment 5) ‘Too weak, too vague, too slow’: PM Carney accused of ‘dragging his feet’ on foreign influence registry while charging forward on economic reset with China
Segment 6) US labels Muslim Brotherhood organisations in Egypt, Lebanon, and Jordan as ‘terrorist’
Segment 7) IDF Givati Brigade Soldier Arrested, Charged in Suspected Iran Espionage
https://www.jpost.com/israel-news/crime-in-israel/article-883423
Podcasts we love
Check out these other fine podcasts recommended by us, not an algorithm.
