03 July 2010

the intrigue of russian espionage

Last month, eleven people were arrested and accused of performing espionage for Russia while living in the United States. I am not qualified nor sufficiently informed to discuss any of the political, security, or legal aspects of this. It's fascinating to speculate that Russia would have espionage operations in the United States in current times. But I'm going to focus on the purported communications techniques that were employed.

The wikipedia article about this incident, Illegals Program, makes reference to tradecraft including hiding messages in digital images, disappearing ink, ad hoc wireless networks, hf radio communication, and exchanging physical items in public places.

I was most surprised to hear about how wireless networks were used. Coffee shops located in modern United States cities often have patrons using laptops, so this alone does not arouse suspicion. A vehicle parked in front of the coffee shop, requiring as little as a laptop running on its internal battery, is sufficient to create an ad-hoc wireless network to which a coffee shop customer can connect. Then, computer files can be exchanged freely without relying on the cafe's own wireless network. This is not a completely secure technique, but encrypting the files before transferring them further reduces risk of detection or interception.

This is essentially the wi-fi version of a dead drop. Two people can exchange information without meeting; they only need to agree to a time and a place. The person driving the vehicle that sits outside the coffee shop can be a cutout without knowledge of the operation. Wikipedia also references unmanned wireless data exchange in the dead drop article.

1 comment:

aubilenon said...

I figure that every largish/importantish country has secret agents in every other largeish/importantish country.

That wifi trick doesn't really need coffee shops at all. Two laptop closed in backpacks (or I guess, attaché cases) can do this anywhere. You can then use starbucks, the library, or a random insecure domestic network for the final upload later.