Innovations in Espionage

Posted on by

Innovations find their own path of least resistance, often response to others. Global espionage is no different.

Anne Applebaum, writing for the Washington Post, describes the the co-evolution of cat and mouse in modern espionage: Russian Hackers caught in the act…

1259.jpg

Dutch authorities have photographs of four Russian military intelligence (GRU) operatives arriving at the Amsterdam airport last April, escorted by a member of the Russian embassy. They have copies of the men’s passports — two of them with serial numbers one digit apart. Because they caught them, red-handed, inside a car parked beside the Organization for the Prohibition of Chemical Weapons in The Hague — the GRU team was trying to hack into the OPCW WiFi system — Dutch authorities also confiscated multiple phones, antennae and laptop computers.

These have produced a trove of additional information. Among other things, the Dutch have proof that some of these men have been to Malaysia, where they were spying on the team investigating the crash of MH17 , the passenger plane brought down by a Russian missile in eastern Ukraine in July 2014. They have proof that these same men hacked a computer belonging to the World Anti-Doping Agency (WADA), the organization that revealed the drug use by Russian athletes. They found train tickets to Switzerland, where it seems the GRU team was planning to hack the laboratory tasked with identifying Novichok, the chemical nerve agent that their colleagues used to attack an ex-spy in England. They even found a taxi receipt from the cab the team took from GRU headquarters to the Moscow airport.

This story offers two nice examples of how those such innovations unfold. The nature of espionage today is not longer limited to the spy vs spy stuff of double agents and hacking centrifuges.

[T]his particular GRU team was not engaged in a traditional form of spying. They were not looking for secret information; they were looking for dirt. They wanted embarrassing stories, catty emails or anything at all that would discredit organizations that seek to establish the truth about Russian crimes: OPCW, WADA, the MH17 investigation, the Swiss chemical lab. Had they found anything, they would not have analyzed it in secret, they would have leaked it.

A similar search for kompromat was one of the motivations for the GRU’s hack of the Democratic National Committee in 2016, as well as of Hillary Clinton’s election campaign. The GRU agents who ran that operation were also looking for material, however banal, that could be leaked and then spun into compromising, distracting stories that would dominate news cycles and discredit Clinton.

It’s now spy vs ordinary citizens. They might work at an anti-doping lab or on a presidential campaign, but in private emails or other forms they’re acting ordinary: complaining about each other, sending nudes, having political opinions. The GRU has found it far easier to access and weaponize this banality than take on an arms race with western intelligence agencies.

At the same time, that has raised equal and opposing changes in how the West can defend against weaponized banality.

Once upon a time, the Dutch authorities might have kept all these things to themselves. But not now. On Thursday, the Dutch defense minister presented this plethora of documents, scans, photographs and screenshots on large slides at a lengthy news conference. Within seconds, the images spread around the world. Within hours, Bellingcat, the independent research group that pioneered the new science of open source investigation, had checked the men’s names against several open Russian databases. Among other things, it emerged that, in 2011, one of them was listed as the owner of a Lada (license plate VAZ 21093) registered at 20 Komsomolsky Prospekt, the address of the GRU. While they were at it, Bellingcat also unearthed an additional 305 people — names, birthdates, passport numbers — who had registered cars to that very same address. It may be the largest security breach the GRU has ever experienced.

By sharing its findings early and publicly, the West has begun open sourcing responses to Russia’s hacking efforts. In the original treatise on open source efforts, The Cathedral and the Bazaar, Eric Raymond said, “Given enough eyeballs, all bugs are shallow.” In this case the bugs are spies. I can’t help but wonder how this might have played out as a first response to Russia’s attempts to influence the 2016 election.