The Russian intelligence services continued recruiting mercenary spies in the NSA for the duration of the Cold War. The KGB successes included Robert Lipka, a clerk at the NSA in the mid-1960s, who was caught in a sting operation by the FBI and sentenced to eighteen years in a federal prison. Ronald Pelton, an NSA analyst, was recruited after he retired from the NSA. After he was betrayed by a KGB double agent in 1985, he was sentenced to life imprisonment. Finally, there was David Sheldon Boone, an NSA code clerk, who between 1988 and 1992 provided the KGB with NSA documents in return for $60,000. Boone, sentenced to twenty-four years in prison, was the last known KGB recruitment of the Cold War.
During the Cold War, Russian intelligence service officers operated mainly under the cover of the embassies, consulates, United Nations delegations, and other diplomatic missions of the Soviet Union. As “diplomats,” they were protected from arrest by the terms of the 1961 Treaty of Vienna Convention on Diplomatic Relations. Their diplomatic cover, however, greatly limited their field for finding potential recruits outside their universe of international meetings, diplomatic receptions, UN organizations, scientific conferences, and cultural exchanges. They therefore tended to recruit their counterparts in adversary services.
In this regard, the successful entrapment of Harold Nicholson in the 1990s is highly instructive. From his impressive record, he seemed an unlikely candidate for recruitment. He had been a superpatriotic American who had served as a captain in army intelligence before joining the CIA in 1980. In the CIA, he had an unblemished record as a career officer, serving as a station chief in Eastern Europe and then the deputy chief of operations in Malaysia in 1992. Even though his career was on the rise and he was a dedicated anti-Communist, he became a target for the SVR when he was assigned to the CIA’s elite Russian division. Because the job of this division was to recruit Russian officials working abroad as diplomats, engineers, and military officers, its operations brought its officers in close contact with SVR officers. Nicholson therefore was required to meet with Russian intelligence officers in Manila, Bucharest, Tokyo, and Bangkok and “dangle” himself to the SVR by feigning disloyalty to the CIA.
As part of these deception operations, Nicholson supplied the Russians with tidbits of CIA secrets, or “chickenfeed,” that had been approved by his superiors at the CIA. What his CIA superiors did not fully take into account in this spy-versus-spy game was the SVR’s ability to manipulate, compromise, and convert a “dangle” to its own ends. As it turned out, Russian intelligence had been assembling a psychological profile on Nicholson since the late 1980s and found vulnerability: his resentment at the failure of his superiors to recognize his achievements in intelligence. The Russians played on this vulnerability to compromise him and then converted him to becoming its mole inside the CIA.
Nicholson worked for the SVR first in Asia; then he was given a management position at CIA headquarters, which is located in Langley, Virginia. Among other secret documents, he provided the SVR with the identities of CIA officers sent to the CIA’s special training school at Fort Peary, Virginia, which opened the door for the SVR to make other potential recruitments. Meanwhile, it paid him $300,000 before he was finally arrested by the FBI in November 1996. (After his conviction for espionage, he was sentenced to twenty-three years in federal prison.) The CIA postmortem on Nicholson, who was the highest-ranking CIA officer ever recruited (as far as is known), made clear that even a loyal American, with no intention of betraying the United States, could be entrapped in the spy game.
When it comes to recruiting moles in a larger universe, intelligence services operate much like highly specialized corporate “headhunters,” as James Jesus Angleton described the process to me during the Cold War era. He was referring to the similar approach that corporate human resource divisions had with espionage agencies. Both headhunt by searching through a database of candidates for possible recruits to fill specific positions. Both types of organizations have researchers at their disposal to draw up rosters of potential recruits. Both sort through available databases to determine which of the names on the list have attributes that might qualify or disqualify them for a recruitment pitch. Both also collect personal data on each qualified candidate, including any indication of his or her ideological leaning, political affiliations, financial standing, ambitions, and vanities, to help them make a tempting offer.
But there are two important differences. First, unlike their counterparts in the private sector, espionage headhunters ask their candidates not only to take on a new job but also to keep their employment secret from their present employer. Second, they ask them to surreptitiously steal documents from him. Because they are asking candidates to break the law, espionage services, unlike their corporate counterparts in headhunting, obviously need to initially hide from the candidates the dangerous nature of the work they will do. Depending on the targeted recruit, they might disguise the task as a heroic act, such as righting an injustice, exposing an illegal government activity, or countering a regime of tyranny. This disguise is called in the parlance of the trade a false flag, as mentioned earlier. By using such a false flag, the SVR did not need to find a candidate who was sympathetic to Russia or the Putin regime. In its long history dating back to the era of the czars, Russian intelligence had perfected the technique of false flag recruitment, through which it assumes an identity to fit the ideological bent of a potential recruit.
Russian intelligence was well experienced with false flags. It first used this technique following the Bolshevik revolution in 1917 to control dissidents both at home and abroad. The centerpiece, as later analyzed by the CIA, was known as the “Trust” deception. It began in August 1921 when a high-ranking official of the Communist regime in Russia named Aleksandr Yakushev slipped away from a Soviet trade delegation in Estonia and sought out a leading anti-Communist exile he had known before the revolution in Russia. He then told him that he represented a group of disillusioned officials in Russia that included key members of the secret police, the army, and the Interior Ministry. Yakushev said that they all had come to the same conclusion: the Communist experiment in Russia had totally failed and needed to be replaced. To effect this regime change, they had formed an underground organization code-named the Trust, because the cover for their conspiratorial activities was the Moscow headquarters of the Municipal Credit Association, which was a trust company. According to Yakushev’s account, it had become the equivalent of a de facto government by 1921.
The exiled leader in Estonia reported this astonishing news to British intelligence, which, along with French and American intelligence, helped fund this newly emerged anti-Communist group. Initially, British intelligence had doubts about the bona fides of the Trust, as did other Western intelligence services sponsoring exile groups. But they gradually accepted it after they received intelligence reports confirming its operations from many other sources, including Russian officials, diplomats, and military officers who claimed to have defected from the Soviet government. Because these reports all dovetailed, they recognized the Trust as a legitimately underground organization.
Once the Trust had been established in the minds of the Western intelligence services, it offered them as well as exile groups the services of its network of collaborators. These services included smuggling out dissidents, stealing secret documents, and disbursing money inside Russia to sympathizers. Within a year, exile groups in Paris, Berlin, Vienna, and Helsinki were using the Trust to deliver arms and supplies to their partisans inside Russia. The Trust also furnished spies’ and exiled leaders’ fake passports, which allowed them to sneak back into Russia to participate in clandestine missions. It even undertook sabotage and assassination missions paid for by Western intelligence services. As they learned of police stations being blown up and political prisoners escaped from prisons, these agents and dissidents came to further believe in the power of the Trust.
By the mid-1920s, no fewer than eleven Western intelligence services had become almost completely d
ependent on the Trust for information about Russia. They also sent millions of dollars into Russia via couriers to finance its activities.
But suddenly exiled leaders working in Russia under the aegis of the Trust began to vanish. Then top Western intelligence agents, including Sidney Reilly and Boris Savinkov, were arrested, and their networks were eliminated. Instead of the Communist regime collapsing, as the Trust had predicted, it consolidated its power and wiped out all the dissident groups. Finally, in 1929, the Trust was revealed by a defector to be a long-term false flag operation run by the Russian intelligence service. Even the Trust building, rather than being the cover for a subversive conspiracy, was the headquarters for the Russian secret police during this eight-year operation. The secret police had provided the documents fed to Western intelligence, briefed the agents who pretended to defect, published the dissident newspapers the Trust distributed, fabricated the passports it supplied exiles, blew up Russian buildings, and staged jail breaks to make the deception more credible. It also collected the money sent in by Western intelligence services, which more than paid for the entire deception. Because it was running the show, it could offer those lured into the trap an opportunity to work for it as double agents. The alternative, if they refused, was to face a firing squad.
Even after the Trust itself had been fully exposed, the Russian intelligence service continued to succeed with other false flag deceptions. During the Cold War, it set up a fake underground in Poland called WIN, modeled on the Trust. It set up false flag groups in Ukraine, Georgia, Lithuania, Albania, and Hungary. It also had agents masquerade as members of the security services of Israel, South Africa, Germany, France, and the United States to recruit unwitting agents. These deceptions became an integral part of the recruitments of the Russian intelligence services.
Penetrating the NSA and getting access to files from its stovepiped computers was a far more difficult challenge for the SVR. Approaching CIA officers, such as Nicholson, was relatively easy because it was part of the CIA officers’ jobs to meet with their adversaries. NSA officers, on the other hand, did not engage in “dangles” or even attend diplomatic receptions. They had no reason, other than a sinister one, to meet with a member of the Russian intelligence service. Furthermore, unlike CIA officers, who, like Nicholson, are often posted in neutral countries where they can be approached in a social context, NSA officers work at well-guarded regional bases and are not part of the diplomatic life. Because a known employee of a foreign diplomatic mission could not even approach an NSA officer without arousing suspicion, the SVR would need to use an intermediary, called an access agent, whose affiliations were not known to the FBI. Such an operation would require establishing a network of illegals in America, as the SVR did after Putin became president. Even then, the intermediary would have to find a plausible pretext to approach the target without revealing his actual interest. Such complex operations at the NSA, as far as is known, only yielded a few low-level recruits.
The emergence of computer networks in the 1990s greatly expanded the SVR’s recruiting horizon. It offered a new penetration opportunity at the NSA: civilian technologists working under contract for the U.S. government. Many of these civilians at the NSA, especially the younger ones, as we know, had been drawn from the hacking and game-playing culture; some had even taken courses on hacking techniques. They presented the SVR with inviting targets for recruitment. As was previously mentioned, Russian intelligence had considerable experience in Germany with hacktivists, who tended to be anarchists. There were also supporters of the libertarian movement. The common denominator was often their resentment, expressed in their postings, of the United States and its allies attempting to limit the downloading of copyrighted music, movies, and software on the Internet, all of which fell under the rubric of “freedom of the Internet.” They also vocally objected to the NSA’s using built-in back doors in its software to read their encrypted messages. Such people were not difficult to find on the Internet. The donors to Ron Paul’s libertarian election campaign (including Snowden) were a matter of public record.
Even if there was no shortage of hacktivists who believed the surveillance of the Internet by the NSA was an evil worth fighting, the SVR still had to find a plausible way of approaching members of this counterculture without offending them. Clearly, the SVR could no longer use out-of-date Communist and anti-capitalist ideology as a lure. Russia was far more authoritarian than the United States when it came to the Internet. One viable alternative for the SVR was custom-tailoring false flags to appeal to hacktivists.
For this purpose, the Internet provided a near-perfect realm. Because it is a place where true identities cannot easily be verified, intelligence services could employ a protean kit of disguises to assume false identities to entice potential dissidents into communicating with them. The KGB’s earlier efforts to use hacktivist groups in Germany had produced little if any intelligence about the NSA because of the stovepiping it used to isolate its computers from networks that could be hacked into from the outside. It will be recalled that the NSA threat officer had cited these failures in his 1996 report on NSA vulnerability. He also said that efforts of the Russian intelligence services to use false flag recruitments provided the KGB with “a learning experience.” The KGB had learned that hacking by itself could not breach the NSA’s protective stovepiping. He predicted that its next logical move would be to “target insider computer personnel.” This false flag recruitment would aim at, in his view, system administrators, computer engineers, and cyber-service workers who either were already inside the NSA or had a security clearance that would facilitate getting jobs with NSA contractors.
Even with an appropriate false flag, the task of finding such a “Prometheus” required obtaining a database of those working at the NSA. There were some five thousand civilian technicians at the NSA of all political stripes. Hacking into the personnel records of the intelligence workers seeking to renew their security clearance was a place to begin. The Internet provided the SVR with just this opportunity. As you will recall, holes in the security of the computer networks of the U.S. Office of Personnel Management and USIS and the websites of the companies supplying the NSA with independent contractors had made the background checks on American intelligence workers available to the Chinese, and presumably other adversary intelligence service hackers, since 2011. If the SVR had access to this personnel data, the research for a candidate would be greatly facilitated. From the 127-page Standard Form 86, which each applicant for a security clearance submits, the SVR could filter out intelligence workers employed by the NSA by their educational background, employment history, affiliations, and foreign contacts. It could then search this data for candidates with a possible hacktivist profile.
This data could next be crossed with a list of individuals the SVR knew were in contact with high-profile activists who were part of the anti-surveillance movements. This would include core participants in the Tor Project, WikiLeaks, Noisebridge, CryptoParties, the Freedom of the Press Foundation, and the Electronic Frontier Foundation. (Snowden, for example, had been in touch with members of all these groups in 2012 and 2013.)
The SVR would have little problem monitoring even encrypted communications with leading figures in the anti-surveillance world. These activists, despite secrecy rituals such as putting their cell phones in refrigerators, remain visible to a sophisticated intelligence service such as the SVR. All the defensive tactics of Laura Poitras, including PGP encryption, Tor software, and air-gapped computers (computers that have never been connected to the Internet), did not keep secrets about her sources entirely to herself. Snowden, at a time when he was stealing NSA secrets in February 2013, went to great lengths to impress on Poitras the need for operational security about his contacts with her, but that injunction did not prevent her from telling at least five people about her source, including Micah Lee, the Berkeley-based technology operative for the Freedom of the Press Foundation; Jacob Appelbaum, the Tor proselytizer; Ben Wizne
r, the ACLU lawyer; Barton Gellman; and Glenn Greenwald. “It is not me that can’t keep a secret,” Abraham Lincoln joked. “It’s the people I tell it to that can’t.” In the same vein, Poitras could hardly rely on these five confidants not to tell her secrets (and Snowden’s) to others. Hours after he was told, Greenwald told his lover, David Miranda, about the source in great detail. He even asked him to evaluate the source’s bona fides for him. Gellman, for his part, raised the matter with a former high official at the Justice Department.
Moreover, as the intelligence world knew, Poitras was herself a veritable lightning rod for attracting ex-NSA employees who objected to some of its surveillance programs. In 2012, her previously mentioned filming in Berlin of NSA insiders could make her communications of interest to intelligence services that wanted to keep tabs on possible NSA dissidents.
Nor was Snowden himself overly discreet. It will be recalled that he had also advertised his Tor-sponsored CryptoParty activities over the Internet and supplied Runa Sandvik, who worked with Appelbaum, his true name and address in Hawaii. Sandvik had no reason not to share the identity of her co-presenter with others in the Tor movement. Snowden, of course, had his girlfriend make a video of his presentation as well. He also bragged about operating the largest Tor outlets in Hawaii. Even if his Tor software provided him with a measure of anonymity, it was not beyond the ability of the world-class cyber services to crack it.
How America Lost Its Secrets Page 25
