Thursday, July 01, 2010

Spies amongst us

Yesterday I discovered I have been living near to a pair of Russian spies for the past ten years and never noticed. Today we start to discover just how lame those spies were. Shoddy tradecraft, falling for ridiculous ruses, what clowns!

I beg to differ.

Looking at the tradecraft described in the complaints it does not appear to be markedly different from the methods used by the KGB in the Soviet era. Some of the tools had changed, wireless laptops had replaced the old dead drops. But they were using the exact same methods that they had used in the Soviet era when the KGB successfully infiltrated both MI5 and the FBI.

And that for me is the real reason why the Russian spying antics were so pathetic: the times had changed, they had not. Which at root is the whole problem with the Putin crowd and its attempt to turn the clock back to the Breshniev era of 'Stalinism-Lite'.

First off, lets get the terminology right. The spies that were just caught were not agents, they were operatives. That is the field level spy masters. A real life James Bond does not go and steal the information himself, he recruits locals who have already have access to the information to act as agents. The division between operatives and agents is an important one in intelligence work: the agencies will generally do whatever they can to protect operatives, agents are generally considered expendable.

The Russian ten spies did not attempt to burrow into government agencies or perform classified work directly. Their covers were only designed to be good enough to fool immigration and would almost certainly have been exposed in a positive vetting process. To be effective as spies following the old KGB model the Russians would have to recruit agents with access to the information they wanted.

We yet don't know if the spies were successful in recruiting agents, though we may well find out if there are further arrests. While the tools of the operative are money, ideology and blackmail, it is only the last one that is practical with respect to cold-calling in a democratic society. Mercenaries such as Hanssen and Ames are typically walk-ins. They decide they are going to betray their country by themselves and then make contact. The same is typically true of ideologues.

Lets say you are an NSA employee and have been identified as a target by a Russian operative who approaches you with an offer of money in return for secrets. Even if the amount of money on offer is tempting (a million dollars say), the risks are enormous and the approach is very likely to be a trap. The competent traitor knows that they have to reject any unsolicited offers and be the party that makes contact themselves.

This leaves blackmail, which has always been the primary tool of the field operative. An offer of money is likely to be rejected and reported, an offer of money coupled with a threat is much less risky. Later this year the IETF will be holding a meeting in Beijing. As a somewhat senior information security professional I would consider it something of an insult if I was not targeted by a honey-trap operation. A few years back a police raid on an 'Asian massage parlor' in Silicon Valley uncovered hidden cameras in all the rooms. While it is possible that the owner was merely a pervert, many of the clients captured on the tapes would have access to technology that China would very much like to acquire.

In the Soviet era, the KGB could use a very powerful form of blackmail: reprisals against relatives still in their power. Co-operation might mean permission to live in Moscow for a parent or sibling, refusal might mean loss of a job, internal exile or being denied critical medical care.

Putin's modern day spies had much less to work with. The US is a far more open society than it was ten or twenty years ago. Exposure as an adulterer or homosexual might damage personal relationships but is not going to end a career or result in prison unless your job happens to be running an anti-gay bigotry association.

Its not just the tools that have changed, the objectives have as well. Twenty years ago an operative who obtained an internal telephone directory for a government agency would be a hero. Today the information is most likely up on a Web site (and more likely to be up to date). Want a background profile on the new assistant director for widget command? His kids are probably on Facebook, his classmates certainly are.

For the past couple of years I have been attending weekly seminars at MIT on cybernetic aspects of international relations. In a nutshell the Internet is having major effects on national security, diplomacy and the way that wars are fought in future. Russia, China and the US are each attempting to work out what military and foreign policy doctrine is going to be in the Internet age. The MIT/Harvard project funded by the Minerva Institute is looking into these issues.

Isn't this exactly the sort of stuff that Russia would want to send a spy to sit in on? Is it likely that any of them did? Well not if they were illegals unless they wanted to attract quite a bit of attention.

And here we get to the real incompetence of the whole affair. We do not know what the spies may have acquired but the fact that they were allowed to operate, observed for over a decade shows that they probably didn't acquire very much that was damaging. How much more could the Russians have acquired if they had spent the same amount of money on a room full of clerks searching Google?

The Chinese espionage activities leave me equally skeptical. I do not doubt that they exist, the documentation is conclusive. I just think that they are more likely harming the Chinese economy as helping it. As long as China focuses on stealing foreign innovation, development of their own technology base will suffer.

We do not yet know, we may never know the reason that the arrests happened now, but one possibility is that the spies were so incompetent that they were actually hurting US interests. This may sound odd to someone brought up with the notion that being spied on is a bad thing. But in international relations terms there is a real value in transparency. If I do not have anything to hide, I want my adversary to know that I do not have anything to hide. If I stop him from confirming that I have nothing to hide he is going to go off and invent an explanation for my refusal and plan against it. that is going to make his behavior more random (bad) and possibly more aggressive (very bad).

We may never know, but it does not look like the Russian ten were doing much to improve transparency. The Russians probably knew less as a result of their efforts than they would have without them.

No comments: