Posted inGeoeconomics Intelligence ops National Security

Shadow Diplomacy: Moscow’s Use of Former Illegals to Access India’s High-Tech Ecosystem

Shadow Diplomacy: Moscow’s Use of Former Illegals to Access India’s High-Tech Ecosystem
SAINT PETERSBURG, RUSSIA - 2025/06/18: Andrey Bezrukov, President, Technological Sovereignty Export Association; Professor at the Department of Applied Analysis of International Problems, MGIMO University during the New Models for Technological Alliances in the BRICS Nations: Best Practices session of the XXVIII St. Petersburg International Economic Forum at the Expoforum Convention and Exhibition Center. (Photo by Maksim Konstantinov/SOPA Images/LightRocket via Getty Images)

A former deep-cover Russian intelligence officer, whose clandestine identity was exposed in 2010 after his arrest in the United States, is now at the forefront of the Kremlin’s efforts to attract high-technology investments from India. The operative, Andrei Bezrukov, was recruited by the Soviet Committee for State Security (KGB) in the late 1970s or early 1980s and later transitioned into Russia’s Foreign Intelligence Service (SVR). His recruitment most likely coincided with that of his wife, Elena Vavilova, who was trained and deployed with him as part of a long-term “illegal” program—a signature Soviet intelligence tradition involving deep-cover operatives embedded abroad without diplomatic protection.

The couple lived under various fabricated identities across Canada, France, and other Western jurisdictions before settling in the United States in 1999 under the false Canadian identities of Donald Heathfield and Tracey Foley. For over a decade, they developed extensive personal and professional networks, including within business circles, academic institutions, and consulting environments— classic SVR methodology designed to acquire political and economic intelligence in strategic sectors without attracting counterintelligence attention.

Their careers ended abruptly in June 2010, when the FBI dismantled a Russian “illegals” network in a coordinated counterintelligence operation that resulted in the arrest of 10 deep-cover operatives. The spy ring’s exposure was one of the most significant setbacks for Russian strategic intelligence since the end of the Cold War. Bezrukov and Vavilova were later exchanged for Western operatives imprisoned in Russia—the largest spy swap since the 1980s. Upon their return to Moscow, the Kremlin awarded them high state honors, including the Order “For Merit to the Fatherland” 4th Class, underscoring the political value Moscow attaches to long-term clandestine programs.

Both operatives were subsequently incorporated into the state apparatus in advisory and academic roles. Bezrukov served as a consultant to Rosneft, Russia’s second-largest oil corporation, and joined the faculty at the Moscow State Institute of International Relations (MGIMO), where he began shaping elite narratives on covert influence, geopolitical competition, and Russia’s doctrine of strategic autonomy. His post-2010 professional trajectory indicates a common Russian intelligence pathway: former covert officers are repurposed as unofficial envoys, facilitators, or intermediaries positioned at the nexus of government, business, and academia, where they can influence policy and international economic networks without overt attribution to Russian intelligence structures.

In June 2025, Bezrukov appeared to represent Russian state interests at the 28th Saint Petersburg International Economic Forum (SPIEF), a flagship Kremlin-managed platform often described as “Putin’s Davos”. According to reporting by The Washington Post, Bezrukov’s mandate at SPIEF included targeted networking with Indian technology executives and government-affiliated entities, acting on direct instructions from President Vladimir Putin’s administration. His presence reflects Moscow’s increasing practice of deploying former illegal officers not as traditional spies, but as trusted commercial intermediaries with intelligence discipline, deep cultural fluency, and the ability to negotiate outside formal diplomatic channels.

SPIEF 2025, branded under the theme “Shared Values as a Foundation for Growth in a Multipolar World,” was attended by nearly 20,000 delegates from 140 countries. The Kremlin showcased the forum as evidence that Western sanctions, export controls, and diplomatic pressure had failed to isolate Russia following its full-scale invasion of Ukraine. Beyond optics, the forum served as a concrete policy platform for Russia to diversify its energy and technology supply chains, attract capital from the Global South, and secure partnerships in innovation sectors where Western markets remain closed due to sanctions and dual-use restrictions.

India plays a uniquely strategic role in this realignment. It is the largest of the so-called “friendly” states willing to engage with Russia without political preconditions, and possesses a powerful technology ecosystem, world-class IT services, and rapidly expanding startup and semiconductor sectors. The Kremlin increasingly views India’s private technology investment as a potential lifeline capable of stabilizing Russian industrial capacity and enabling sanctioned entities to circumvent Western bottlenecks in digital infrastructure, fintech, electronics, and cloud computing.

Economically, Russia and India are already tied by the International North–South Transport Corridor (INSTC), a 14-year-old strategic infrastructure initiative designed to create a multimodal transport artery linking Russia with India via Iran, the Caspian Sea region, the Persian Gulf, and eventually Europe. Analysts describe the INSTC not as a traditional development project, but as the logistic backbone of Moscow’s wartime strategy: it enables sanctioned Russian exporters to bypass Western-controlled maritime chokepoints, reduces dependency on EU logistics, and deepens India’s role as an anchor economy for Russian trade.

Bezrukov’s involvement reflects a broader Russian operational logic:
when formal diplomacy is constrained by sanctions, informal envoys with intelligence backgrounds are deployed to build trust, mobilize capital, and facilitate technology transfers outside conventional regulatory visibility. Former illegals like Bezrukov have credibility inside Moscow’s elite, long-term tradecraft experience, and the autonomy to negotiate with foreign businesses without appearing as state officials.

When questioned by Western reporters, Bezrukov denied ongoing affiliation with Russian intelligence agencies. This denial is standard practice: former illegals rarely admit ongoing operational roles, and their separation from formal intelligence employment allows the Kremlin to maintain plausible deniability while benefiting from their global expertise, covert-connections architecture, and non-transparent influence channels.

The Kremlin’s redeployment of former deep-cover operatives into commercial and economic diplomacy illustrates how Moscow adapts intelligence infrastructure to circumvent sanctions and geopolitical isolation. In wartime conditions, economic statecraft, energy supply chains, and high-technology alliances are increasingly coordinated by actors who are neither diplomats nor traditional spies, but hybrid envoys with intelligence discipline and access to elite networks. India’s technology sector is a prime target because it offers scale, technical sophistication, and geopolitical neutrality—and because such cooperation can help Russia quietly reconstruct parts of its sanctioned digital ecosystem.

Assessment of Dual-Use Risks Linked to Russia–India Technology Engagement

1. Russia’s Strategic Requirements Create High Dual-Use Demand

Russia’s post-2022 industrial economy is under unprecedented stress due to:

  • U.S. and EU export controls,
  • sanctions on microelectronics, semiconductors, software, cloud services,
  • restricted access to advanced machine tools, AI applications, cybersecurity platforms, sensing systems, and autonomous technologies.

Since 2023–2024, Russian military procurement has heavily shifted toward civilian-grade imports with dual-use potential – particularly Chinese machine tools, microchips, robotics components, cloud computing services, and logistics software.

India’s fast-growing startup ecosystem, fintech sector, cybersecurity firms, semiconductor design capabilities, and IT outsourcing expertise logically fit into Moscow’s long-term strategy of filling sanctioned industrial gaps using commercial channels that are harder to police.

Therefore, any Russia–India cooperation facilitated by hybrid envoys increases the structural risk that civilian technologies may be re-purposed for military, reconnaissance, drones, battlefield automation, or digital warfare platforms.

India’s Technology Ecosystem Is Not Fully Controlled by Western Export Regimes

Unlike South Korea, Japan, Taiwan, or the EU, India is not fully aligned with Western export-control frameworks on:

  • battlefield AI,
  • drone platforms,
  • edge computing,
  • encryption systems,
  • industrial sensors,
  • satellite / geospatial analytics,
  • dual-use software.

This gives Moscow potential regulatory arbitrage space:

Russia can mobilize investments, joint R&D projects, cloud services, crypto or fintech infrastructure, and software licensing via Indian corporate structures that do not automatically trigger U.S. or EU export bans.

In several categories, India does not even require licensing for software layers that could be adapted to military systems, and such software is easily transferable digitally with no customs footprint.

3. Outsourced Development Is Almost Impossible to Monitor

A critical risk is not hardware, but professional services, including:

  • coding,
  • database engineering,
  • AI model development,
  • network security auditing,
  • drone flight-control software,
  • battlefield logistics optimization,
  • telecommunications encryption.

If an Indian firm is hired to write code, patch systems, integrate sensors, or manage cloud infrastructure, it can be legally classified as commercial software development with no export record.

But software is the backbone of dual-use capability:

  • missile telemetry,
  • drone-swarm coordination,
  • predictive logistics for artillery,
  • battlefield mapping,
  • anonymized communications,
  • industrial cyber hardening.

This is exactly where Bezrukov’s informal commercial diplomacy is operationally dangerous:
it channels dual-use analytical services disguised as commercial IT outsourcing, which Western regulators cannot fully intercept.

Dual-Use Can Occur Indirectly Through Financing and Venture Investment

A more subtle risk lies in capital flows rather than products:

  1. Russian entities, via front companies, invest in Indian R&D,
  2. Indian startups develop proprietary tech with commercial branding,
  3. Russian partners receive licensing or source code,
  4. the product is later modified for military or cyber-warfare applications.

This bypasses:

  • sanctions screening,
  • export licensing,
  • customs review,
  • and standard arms-control detection.

Because no physical item crosses a border, the most sensitive part of dual-use—algorithms or firmware—is effectively untraceable.

The INSTC Trade Architecture Enables Technical Grey-Zones

The International North–South Transport Corridor (INSTC) gives Russia logistical access to:

  • UAE tech markets,
  • Iranian manufacturing,
  • Indian services and IT outsourcing.

Several nodes along INSTC are already known sanctions-bypass hubs, particularly in the Persian Gulf and Caucasus. When Russian and Indian firms jointly operate under INSTC-backed corporate umbrellas, it becomes very difficult for Western authorities to:

  • identify beneficial ownership,
  • track cross-licensing,
  • monitor software transfers,
  • assess IP movements.

INSTC thus magnifies the dual-use opacity of Russia–India cooperation by providing:

Russia’s Military Doctrine Explicitly Encourages Civilian–Military Convergence

Moscow treats commercial IT development as a national mobilization resource.

Russian military doctrine since 2021 explicitly promotes:

  • civilian cloud infrastructures for battlefield data management,
  • commercial robotics for drone manufacturing,
  • facial-recognition tech for counterintelligence and occupation operations,
  • fintech and crypto for sanctions evasion,
  • logistics optimization for ammunition transport.

Western intelligence analysts already observe that nearly all “civilian” software procured by Russian firms has at least theoretical dual-use potential, and Moscow does not respect the conceptual boundary between civilian and military software.

Therefore, any commercial Russian access to Indian technology should be treated as military-relevant by default, even when contractual language appears benign.

The Deployment of Former Illegals Is a Warning Signal

The most significant risk indicator is that Moscow is using:

  • former deep-cover officers,
  • unofficial envoys,
  • state-linked corporate networks,

to negotiate technology access. That alone demonstrates:

  • the activity is strategically sensitive,
  • formal diplomatic channels are inadequate,
  • Russia wants deniability,
  • and the outcomes are probably military-adjacent or sanctions-relevant.

Former illegals are not used to arrange hotel bookings or classical foreign direct investment.
They are deployed where secrecy, intelligence discipline, and structured deniability are essential.

This is an unmistakable sanctions-evasion risk profile.

Strategic Implication

India may not view itself as enabling Russian military modernization, but its commercial technology ecosystem is unintentionally positioned to fill critical strategic gaps created by Western sanctions on Russia.

As long as:

  • digital transfers are unregulated,
  • export law remains hardware-centric,
  • software outsourcing remains invisible,
  • INSTC deepens cross-border corporate architecture,
  • and Russian envoys operate outside diplomatic transparency,

dual-use leakage becomes not an exception, but a structural inevitability.

“Sanctions-Evasion Pathways: Scenario Analysis for Drones, Cyber and Battlefield AI”

Scenario 1: “Invisible Code” – Outsourced Software for Drone and Missile Systems

Mechanism

Russia uses Indian (or India-based) IT, AI and engineering firms as offshore dev shops for software that is officiallycivilian, but functionally critical to Russian drone, missile and EW systems:

  • flight-control algorithms for UAVs,
  • target-recognition modules using computer vision,
  • route-planning and anti-jamming logic,
  • telemetry and health-monitoring software for engines and avionics,
  • ground-station interfaces and communication encryption layers.

On paper, contracts describe generic tasks:

“Autonomous navigation for logistics drones”,
“AI-based image classification for agriculture”,
“Predictive maintenance for industrial equipment”, etc.

But the same codebase is integrated into:

  • OrlanLancet or Geran strike drones,
  • loitering munitions,
  • recon UAVs used in Ukraine,
  • missile health-monitoring and mission-planning tools.

Enablers

  • No physical export to inspect: code is delivered over GitHub, private repos, SFTP, or cloud.
  • Companies may never know the end-user is a Russian defense integrator: work arrives via front companies in UAE, Armenia, Kazakhstan, or Cyprus.
  • Export controls are still heavily hardware-centric, while software services are loosely regulated.
  • India (and many Global South states) are not fully tied into U.S./EU export-control regimes for software and AI services.

Early Indicators

  • Sudden growth of “anonymous” foreign clients for Indian AI/IT firms offering:
    • computer vision,
    • robotics,
    • autonomy,
    • flight-control,
    • geospatial analytics.
  • Recurrent use of intermediaries in Dubai, Yerevan, Almaty, Tbilisi as “contracting entities”.
  • Russian defense-linked firms (or their subsidiaries) appearing in obscure joint ventures or shell companies along the INSTC corridor.

Policy Implications

  • Even if Western states cut Russia off from chips, Russia can still buy brains, i.e., outsourced programming capacity.
  • Ukrainian battlefield gains (e.g., drone superiority) could be eroded as Russia quietly improves guidance, swarm coordination, and resilience using foreign-written code.
  • To counter this, regulators must extend export-control logic to AI/software services, not just hardware.

Scenario 2: “Friendly Cloud” – Cyber & C2 Infrastructure via Third-Country Data Centers

Mechanism

Russia leverages Indian or Global South cloud providers and data centers — some with partial Western technology — as trusted “foreign” infrastructure for:

  • cyber operations launchpads,
  • command-and-control (C2) servers for drones,
  • battlefield data lakes and analytic clusters,
  • encrypted communication hubs for GRU/SVR units.

Russian services or front-companies rent servers under benign pretexts:

“Fintech analytics”, “adtech”, “logistics optimization”, “blockchain services”.

In reality, the infrastructure supports:

  • distributed C2 networks for UAV strikes,
  • malware deployment (phishing, wipers, ICS attacks),
  • social-media influence operations,
  • data fusion for battlefield AI and target selection.

Enablers

  • Many cloud providers in India / Global South resale or white-label Western-origin hardware and hypervisor stacks, but are not under Western jurisdiction.
  • Attribution is hard: traffic looks like generic SaaS or microservices usage.
  • Local regulators have limited incentives and sometimes limited capacity to audit who actually uses the infrastructure.

Early Indicators

  • Spike in Russia-linked or opaque shell companies registering for services at:
    • Indian,
    • Gulf,
    • or Caucasus-region cloud providers.
  • Discovery (by threat intel firms) of C2 nodes in third-country data centers in Russia-attributed cyber campaigns.
  • Increased Russian diplomatic / commercial outreach to “friendly” telecom and cloud players.

Policy Implications

  • Even if Western providers (AWS, Azure, GCP) purge Russian state-linked users, Moscow can shift to non-Western clouds and preserve most cyber and C2 capacity.
  • Sanctions regimes that ignore third-country hosting have a large blind spot.
  • Western and Ukrainian defenders will increasingly confront Russian cyber tools launched from “neutral” IP space, complicating proportional response.

Scenario 3: “Civilian Swarms” – Dual-Use Drone Ecosystems as Military Feedstock

Mechanism

Russia taps into civilian drone ecosystems in India and other partners to indirectly support its own military UAV capacity:

  1. Indian or foreign firms export civilian quadcopters, mapping drones, LiDAR payloads, and components to innocuous markets (Gulf, Caucasus, Central Asia).
  2. Russian brokers re-export them or cannibalize them for:
    • motors, ESCs, flight controllers,
    • batteries,
    • optical sensors,
    • navigation modules.
  3. Russian defense plants and volunteer groups integrate them into:
    • FPV drones,
    • recon platforms,
    • ad-hoc loitering munitions.

Parallel path: Indian universities or startups cooperate with Russian entities on “agricultural drones”, “forest monitoring UAVs” or “infrastructure inspection”. Designs, firmware and manufacturing know-how quietly flow into Russian military use.

Enablers

  • It is impossible to ban all consumer drones and components without crippling normal economies.
  • Re-export via “grey” hubs: UAE, Turkey, Kazakhstan, Kyrgyzstan, Armenia, Serbia, etc.
  • “Civilian only” end-use certificates are easy to fake and hard to enforce in wartime.

Early Indicators

  • Customs data showing unexplained spikes in Indian or Asian UAV exports to small intermediaries with weak end-use monitoring.
  • Discovery on the Ukrainian battlefield of:
    • commercial flight controllers,
    • imported payloads,
    • firmware matching foreign OEMs.
  • Social media / Telegram reports of Russian DIY drone groups showcasing imported hardware, including labels in Hindi or other languages.

Policy Implications

  • Even if Russian factories are hit by sanctions, global consumer drone supply chains can keep feeding the war machine.
  • The real choke-point may not be hardware, but services:
    • software updates,
    • cloud-based mission-planning tools,
    • proprietary firmware, mapping APIs.
  • Western policy must consider “geo-fencing” through software licensing and cloud control, not just banning physical export.

Scenario 4: “AI in the Shadows” – Battlefield Decision-Support via Global South AI Labs (Worst-Case)

Mechanism

Russia quietly partners with AI labs, universities, or private firms in India and other “friendly” states to develop advanced battlefield decision-support and target-selection systems, all framed as:

  • “Smart logistics”,
  • “Disaster-response modeling”,
  • “Border security analytics”,
  • “Traffic optimization”.

In practice, these systems are adapted for:

  • prioritizing targets in Ukraine based on satellite, UAV and SIGINT data,
  • optimizing artillery and missile use (cost-effectiveness of striking certain targets),
  • predicting Ukrainian troop movements using ML on sensor and OSINT data,
  • automating some stages of kill-chain analysis.

Enablers

  • Many AI models are general-purpose: the same architecture can serve:
    • retail demand forecasting,
    • or artillery resource allocation.
  • Training can be done on depersonalized or synthetic data abroad, then models are fine-tuned on Russian military data at home.
  • AI frameworks (PyTorch, TensorFlow, etc.) are open-source; the sensitive part is practical integration and domain adaptation, which foreign partners can assist with under civilian labels.

Early Indicators

  • Research papers or conference talks from Global South institutions that:
    • heavily use military-relevant domains (logistics under adversarial conditions, swarm routing, adversarial environments),
    • acknowledge or obscure cooperation with Russian or Russia-linked partners.
  • Sudden formation of Russia–India “security analytics”, “border AI”, or “resilience” joint ventures.
  • Growing Russian presence in AI-focused events in the Global South, under the banner of “smart cities”, “transport” or “emergency management”.

Policy Implications

  • This scenario would gradually close Ukraine’s advantage in dynamic decision-making, especially if Kyiv and its partners don’t keep pace.
  • It also blurs the line of complicity: foreign partners may claim they only worked on “logistics research”, but in practice contributed directly to kill-chain optimization.

Western policy will need to discuss norms on AI collaboration with aggressor states, similar to nuclear and missile-control regimes.

INDIA RUSSIA 27 1764917610844 1764917628140 1764918381581.JPG

More on this story: Putin’s Visit to India: Strategy, Objectives, and Geopolitical Implications Context & Timing

More on this story: Sanctioning Leverage: U.S. Influence Through India’s Russian Oil Trade

Tags: