Russia

Surely we can find, and stop, high-tech spies

It’s rumored that the U.S. intelligence community has commissioned The Eagles to rewrite some of their famous lyrics to serve as a deterrent to Russia and China. The hope is that this new song will stop the apparently unabated espionage activities occurring in the National Capital Region, known as the NCR. It’s called “You Can’t Hide Your Spyin’ Eyes.”

BY MORGAN WRIGHT

Concerns about enhanced technical espionage have circulated for a long time. A very provocative technology, currently being used by law enforcement and our military, is a cell-site simulator. Known as an IMSI-catcher, or commercially as a Stingray, it’s a box about the size of an oversized pair of sneakers.

 

IMSI stands for International Mobile Subscriber Identity. This is how the Global System for Mobile Communications (GSM) finds you, regardless of country, and delivers a call to you or allows you to make one to a destination of your choice. Several reports surfaced in 2017 that showed the Department of Homeland Security was worried about IMSI catchers. 

 

In a Nov. 17, 2017, letter, Sen. Ron Wyden (D-Ore.) asked the DHS National Protection and Programs Directorate if there was any evidence of foreign IMSI catchers operating in the National Capital Region. A pilot study had been conducted from January to November of the same year. The short answer was yes. The longer, typical government response was:

“The Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD) has observed anomalous activity in the National Capital Region (NCR) that appears to be consistent with International Mobile Subscriber Identity (IMSI) catchers. NPPD has not validated or attributed such activity to specific entities or devices. This information was reported to our Federal partners at the time it was observed.”

Now that it’s been established that nefarious electronic hijinks abound in the NCR, surely there must be a way to find it and stop it. Right? The short answer is no. The government answer is even more terrifying:

“NPPD is not aware of any current DHS technical capability to detect IMSI catchers. To support such a capability, DHS would require funding to procure, deploy, operate and maintain the capability, which includes the cost of hardware, software, and labor.”

The previous statement might make you think this is a newly discovered problem of which DHS is just becoming aware. But our Canadian neighbors found the same activity near their Parliament in 2017. In 2014, the Harvard Journal of Law and Technology said that “Hostile foreign intelligence services can and, almost certainly, are using the technology in this country for espionage.”

About two weeks ago, the Senate passed a spending bill that included language directing the Pentagon to divulge the use of IMSI catchers near U.S. bases and facilities. It’s not the first time the use of electronics has caused security concerns. A 20-year-old Australian student discovered the location of several military bases overseas by simply looking at the heatmap posted by Strava of running routes that had been shared.

You’d have to go back almost another 20 years to find when the threat of IMSI catchers became a real issue. The notorious hacker Kevin Mitnick was captured in 1996 using the same technology DHS is worried about in 2018. The hacking victim who helped the FBI track Mitnick down — Tsutomu Shimomura — was very well acquainted with the technology.

“Later that night, the FBI radio surveillance team from Quantico, Virginia, arrived at the Sprint cellular telephone switch office. The team talked to me a little about the technology they had toted along in the station wagon, especially something called a cell-site simulator, which was packed in a large travel case. The simulator was a technician’s device normally used for testing cell phones, but it could also be used to page Mitnick’s cell phone without ringing it, as long as he had the phone turned on but not in use. The phone would then act as a transmitter that they could home in on with a Triggerfish cellular radio direction-finding system that they were using.”

This wasn’t Shimomura’s first brush with cell phones. In 1993, in front of a congressional oversight committee, he showed how easy it was to use a software hack to listen in on the calls of nearby cellular phones. The problem isn’t new. In fact, it’s quite old.

If you take DHS’s response at face value, it appears NPPD does not have its own technical capability. If DHS has no organic ability, how did it detect anything in the first place? With a little help from other solutions. Project Overwatch, for example.

According to the RSA presentation, “Project Overwatch has been a multinational effort between USA, Germany, and Australia to create a solution leveraging GSMK’s patented Baseband Firewall technology.” This began six years ago.

In February 2017, at the RSA Security Conference in San Francisco, a demonstration of Project Overwatch showed the detection of rogue IMSI catchers — the same technology DHS used, but did not disclose, in its letter to Sen. Wyden.

The warnings were there. The threat was there. Six years ago, we worked with our allies to develop a solution to counter this growing form of technical espionage. So why is Congress just now worried about this?

It’s inconceivable that this electronic eavesdropping that targeted the White House, Congress, our federal law enforcement and intelligence agencies, and who knows what else, should have gone on for this long without a warning to the relevant oversight committees. And the public.

When it comes to our national security, no one should be allowed to, as The Eagles might say, “Take It Easy.”

Morgan Wright is an expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. Previously Morgan was a senior advisor in the U.S. State Department Antiterrorism Assistance Program and senior law enforcement advisor for the 2012 Republican National Convention. Follow him on Twitter @morganwright_us.

Russia probably has more undercover ‘sleeper’ agents in the West now than during the Cold War

• Russia’s programme for placing sleeper agents in foreign countries — spies who live ordinary, mundane lives — is probably bigger now than it was in the Cold War, the House of Commons Defence Committee has been told.

• The so-called “illegals” are trained and controlled by two separate and sometimes competing Russian agencies, the mysterious “Directorate S” within the Foreign Intelligence Service (SVR); and the “Main Intelligence Directorate” (GRU).

• The end of the Cold War actually made it easier for Russia to place illegals inside the UK and US.

• Russia wants its illegals to remain quiet and anonymous, developing low-level contacts on the edges of power. They don’t act like James Bond.

Victor Madeira

LONDON — There are probably more Russian “sleeper” agents in the UK and US today than there were during the Cold War, according to Victor Madeira, a senior fellow at The Institute for Statecraft who testified to Parliament about Russian covert interference in Britain.

In written evidence to the House of Commons Defence Committee, Madeira — a Russia expert — described the resources Russia commands in its efforts to subdue British, European and American influence.

Most of his evidence focused on the fact thatRussia’s intelligence services vastly outnumber their counterparts in the UK. But he also included this tidbit about Russia’s “Main Intelligence Directorate,” the GRU, and its “illegals” operation, which places spies in Britain and the US where they live seemingly ordinary lives, until called upon by Moscow:

“GRU has long deployed ‘illegals’. These hand-picked, deep-cover intelligence officers live abroad under assumed ‘legends’: carefully constructed false foreign identities and life stories (over decades in some cases), allowing ‘illegals’ to blend in.”

“… Nowadays, UK CI and CE [counterintelligence and counterespionage] resources are much diminished, while former Warsaw Pact nationals can easily travel across NATO. This is a particular problem if an intelligence officer/asset uses ‘natural cover’ (i.e. their own identity, sometimes called ‘non-official cover’ or NOC). A banker or travel agent may be just that – or they may also be intelligence officers or assets (the latter willing or coerced). Having few(er) or no traceable links to a hostile intelligence service, NOCs are far more difficult to detect, monitor and counter. This is why they are so valued.”

“‘Illegals’ are the most prized of intelligence officers,” Madeira, the author of “Britannia and the Bear,” a history of espionage between the two nations, concluded.

“Despite the ‘end’ of the Cold War in 1989-1991, Russia’s decades-long ‘illegals’ programmes didn’t miss a beat. These programmes remain as strategic, long-term, resource-intensive in nature and prized as ever, with a single purpose: placing hand-picked Russian intelligence assets across foreign societies and governments, regardless of the current state of East-West relations,” he told Business Insider recently.