Dan Gordon Spy Club » Spy News

An Iranian Spy in Israel? Hardly a Professional

Agent Zero — Fri, 01 Nov 2013 14:42:51 +0000

The SHABAK — Israel’s internal security service, has announced that on September 11, 2013, it captured Ali Mansouri, a/k/a Alex Manes, a suspected Iranian spy. The revelation came as part of Israel’s effort to provide solid proof that while Iran is publicly sweet-talking President Obama, its Revolutionary Guards continue with their effort to plan “black operations” — intelligence and sabotage operations for which the perpetrators will not claim responsibility, and which they will try their best to keep in the dark. Three weeks after his arrest, Mansouri was indicted for espionage and aiding the enemy during war. If convicted, he could face 15 years in prison.

As a probable counterweight, the Head of Iran’s Atomic Energy Organization, Ali Akbar Salehi, announced on October 6 that four people have been arrested while attempting to conduct subversive activity in one of Iran’s nuclear sites. He accused un-named countries, which, he said, “think that they can use sabotage to hinder nuclear talks with the West.” Salehi provided no further details.

Although some media organizations were quick to describe Mansouri as a spy, it seems that he’s not exactly worthy of the title. He visited Israel three times using his Belgian passport, obtained through marriage to a Belgian national. He rented a hotel room with a balcony facing the American Embassy in Tel Aviv and took photos. He also took photos of the arrival hall at the Ben Gurion airport. These activities could hardly be labeled espionage. So why was Mansouri arrested? Because, legally, it’s not the quality of the intelligence he was gathering but the criminal intent. Otherwise all clumsy spies would get off the hook. The value of the intelligence, if at all, is measured during sentencing. There’s no doubt that Mansouri was a potential risk, and it is credible that he could have posed a serious security risk for Israel.

Mansouri appeared to be using clandestine methods. According to the indictment, he entered Israel three times, each from a different European country. He presented himself to Israelis as a Belgian businessman selling glass for “European Folded Glass System,” probably a shell corporation established by Iranian Intelligence. The indictment further alleges that during his investigation, Mansouri’s handlers instructed him to establish a seemingly legitimate business infrastructure for Iran’s agents to use in espionage and sabotage operations. They also instructed him to seek information about business incorporation, and to survey the local needs for pneumatic tools. According to the indictment, Mansouri, when debriefed by his Iranian handlers, also reported his findings on the passenger screening process at Ben Gurion Airport. The report also alleges Mansouri travelled to a sensitive security installation in Israel and took photos there.

Mansouri was born in Iran. But he spent most of the last 30 years in Turkey and Belgium. He told his Israeli interrogators that when he visited Iran in 2007, he attracted the attention of the Revolutionary Guards’ intelligence and special operations unit. An Iranian national with a name changed to one that sounded European, a European passport, and with no apparent contact with Iran, could become an intelligence nugget. Mansouri claimed that he was coerced to become a spy. However, judging from the information available publicly thus far, much more credit should be given to the Iranian intelligence services — they are not that stupid or simplistic. Although Mansouri admitted being dispatched by Iran to Israel, his mission could have been a test balloon: testing the Israeli counterintelligence services’ alertness. There’s no need to be a rocket scientist — or ,in this case, an intelligence analyst — to predict that Manouri’s mission was likely to fail. His Belgian passport showed that he was born in Iran. In and by itself, that’s no reason to raise a suspecting brow. But when he came several times to Israel, each time from a different country, suspecting brows went up. One of the first things done under these circumstances is to check the bona fides of the person of interest. This would take just a quick search in the huge databases of the Israeli intelligence community; an inquiry to the Belgian security services for background information; and checking the website used by Mansouri and whether there’s a real company behind it. If the results warranted, he’d be flagged at the border during his next entry, and he’d grow a motorcade tail courtesy of Israeli counterintelligence agents. The rest is just as obvious. He’s arrested; a search of his camera shows photos he took of the American Embassy and the airport; handcuffs; two weeks of interrogation when he spilled out his mission; and soon, an appearance before a Magistrate and indictment.

Why did the Iranians bother? They are much more sophisticated than that. They would never send a professional spy to Israel bearing a passport that gave his birthplace as Iran. A professional spy would not keep incriminating photos in his camera, but would dispatch them and erase the memory card. A spy worthy of his title would establish himself as a law abiding resident; start a business; make contacts; and refrain from any suspicious activities such as taking photos of sensitive areas. Realistically, what intelligence achievements could a tourist with an Iranian accent make during several short visits to security-minded Israel? Identify strategic areas for attack? There’s no need to risk sending an operative. Just watching Israeli TV or reading the newspapers would provide ample information. Incorporating in Israel? Read the website of the Ministry of Justice.

So why was Mansouri sent? One reason could be a security breach on the Iranian end: a suspicion that Israel had planted within the Iranian intelligence services an agent informing Israel of forthcoming espionage operations. To catch the culprit, Iran might plan an operation using a scapegoat that could easily be sacrificed, and make sure that the suspected Israeli agent within their organization — but no one else — was made aware of the operation. If Israel caught the unsuspecting Iranian traveler, then it could lead to the planted Israeli agent in Iran. But Israeli security is sophisticated, too. An Israeli agent planted in Iranian intelligence would scarcely be needed to bring Mansouri to Israel’s attention.

Bottom line: unless this operation was planned by a clumsy and unsupervised Iranian intelligence officer, now behind bars in Tehran, this operation must have had purposes other than traditional espionage.

Turkey Telling on Israeli Mossad Agents: No Loyalties in the Intelligence Cesspool

Agent Zero — Fri, 01 Nov 2013 14:36:12 +0000

Did Turkey give Iran the names of Israeli Mossad agents allegedly operating in Turkey? David Ignatius of the Washington Post writes that “early last year the Turkish government of Prime Minister Recep Tayyip Erdogan is said to have disclosed to Iranian intelligence the identities of up to 10 Iranians who had been meeting inside Turkey with their Mossad case officers.” In April 2012, Iran announced that it had uncovered an Israeli spy network and arrested 15 suspects. It is unclear if these arrests were connected to the alleged Turkish leak.

If true — and the public is unlikely to find out any time soon — then Turkey breached one of the fundamental unwritten rules of ethics in the lawless no-rules game of espionage: do not betray your fellow cooperating intelligence service, because it will haunt you and damage your own interests with all other intelligence services. Turkey’s alleged conduct can be condemned, but understood, because in the cesspool of the covert intelligence war, there are no long-term loyalties, only immediate interests — and Turkey probably had overriding interests strong enough to risk the price it will have to pay for their disloyalty.

Intelligence is traded between countries’ intelligence services just like commodities are traded in the world markets. They trade information for other information or take “a credit slip” for future exchanges.

Although it is common practice among intelligence services to trade information, steps are taken to protect sources and methods used to obtain the information. Rarely are actual secret documents shared for fear that hidden markers would reveal who had original access to the documents. For example: If there are 10 copies of the same intelligence report distributed within a country’s government — each copy has a minuscule change from the others, perhaps just a comma in a different location in the text. Therefore, that risk exists even when redacted documents are sent. Instead, the transferring organization usually prepares a synopsis of the document before it is released to the receiving intelligence organization.

The same elaborate security minded procedures are applied when intelligence agents meet their “assets.” That is particularly true when the meetings are held in countries with suspect loyalty towards the visiting agents’ country. That could have happened with the case at hand. What appears to have happened is that the Israeli Mossad case officers — probably no more than two or three at the time plus back up security — met near the Turkish-Iranian border with their “assets” who had crossed the mountains between the countries. In my fictional intelligence thriller The Chameleon Conspiracy there is a detailed description how a CIA/Mossad agent escaped from Iran to Turkey using the same route. It is not known whether the alleged meeting between the Mossad agents and the “assets” was held with the knowledge of the Turkish intelligence service, Milli Istihbarat Teskilati, or MIT, because Israel could share intelligence, but never operational activities. However, even without MIT’s nod, there’s no doubt that its agents are monitoring the towns nearby the Iranian border, and any strange face gets immediate attention.

Two conclusions can be drawn from the Washington Post’s report; first, whoever leaked them the information, probably a Western intelligence agency, used the credibility of the newspaper to shoot a salvo across the Turkish intelligence agency’s bow: Hey, MIT, you did something that is just not done. And our long organizational memory will teach us to be wary of you next time you want to exchange intelligence information.

Indeed, Turkey immediately protested the article describing it “as part of an attempt to discredit Turkey by foreign powers uncomfortable with its growing influence in the Middle East.”

The second conclusion is that Mossad Israeli case officers preferred not to enter Iran and held face-to-face debriefing rendezvous with their “assets” outside Iran, fearing that any other mode of communication, such as electronic, is less reliable. Who were these assets? Definitely not Israelis, perhaps members of an ethnic minority with an agenda — Kurds, Bahá’í, or Balochs — discriminated Sunni Muslims in Shiite Iran.

In the murky world of international espionage, multiple layers of secrecy, subterfuge and treachery are not the exception. They are the rule.

Laser Leaks

Agent Zero — Fri, 23 Aug 2013 18:31:19 +0000

The GCHQ (Government Communications Headquarters) in the UK, demanded the return or the destruction of the Guardians’ Snowden files. They were acting on behalf of the British government, citing that the use of lasers by foreign agents could monitor conversations in the room.
The Guardian had secured the files by insuring that they were never connected to the internet and that they were disconnected from networks. This did not allay the concerns of the GCHQ. Claiming that a laser would be able to pick up a conversation’s vibration by bouncing off a window in the room or relaying off an object as innocuous as a plastic cup; the GCHQ insisted that the files should not exist in the London offices. Rather than hand over the computer drives; the Guardian chose to smash them.
In reality, “laser spying” has been used by the US against Russian embassies for years. A high-quality laser can fire a beam of invisible light for up to half a mile. Supposedly a “laser microphone” was used to relay vibrations in Abbottabad which were then relayed to a voice recognition system. The technology was used to confirm the location of Osama bin Laden.
Even though laser technology could reveal the number of people in a room, and sometimes even determine their identity; it does not reveal what is actually being said. There are much simpler technologies for that; including planting the traditional “bug”. In fact, the penetration of a laser beam into a room can easily be blocked by something as simple as a closed window curtain. Another issue is precision positioning.
According to the Guardian “The principle of laser spying is comparatively simple. The conversation inside a room moves the air; the air moves the windows. A laser beam aimed at the window will shift slightly in wavelength as the window moves. By tracking that shift, the movement of the window can be inferred – yielding the original conversation.
Lee Marks , a director at Spymaster says: “Laser spying is about the most difficult way of listening to what’s going on in a room… you have to get it exactly at right angles. It has to bounce off and right back to you.”

In addition to the US usage of “laser spying” against the Russians, Nasa technology that has previously been used to detect faint radio signals from space, is now being used to eavesdrop on a room where the curtains are blocking the windows. Using a “horn antenna” this “microwave” technology can blast a wave of energy that is between 30GHZ and !00Ghz through a building wall. If people are speaking inside a room, any flimsy surface, such as clothing will be vibrating, and cause a modulation of the radio beam as it reflects from the surface. It is then amplified and analyzed.

Simpler systems using the planted bug can also use a laser beam to transmit conversations. Such a device was found in the offices of Trinidad & Tobagos’s director of public prosecutions this year.

Czech Mate

Agent Zero — Wed, 17 Jul 2013 14:55:47 +0000

Czech prosecutors charged two former heads of military intelligence along with the previous prime minister’s chief of staff, Jana Nagyova, with corruption. Ms. Nagyova was charged with abuse of power and bribery after prosecutors said she ordered a military intelligence agency to spy on three people. The most notable of those spied upon is the estranged wife of Prime Minister Peter Necas who resigned in disgrace. Mr. Necas said that he and his wife, Radka Necasova, were divorcing.

It has been rumored that Mr. Necas and Ms. Necasova were having an affair, and that she exerted pressure on him to bring about the divorce. Last year Ms. Nagyova first made headlines for receiving hefty bonuses from Necas, who had been previously elected for being “Mr. Clean”. Giggles were abundant when he explained that “she works like a horse.” Subsequently, “Mr. Clean” has admitted to his affair with his chief of staff.

Currently behind bars, Nagyova’s lawyer claims that she acted in good faith to protect the Prime Minister and his wife from scandal. Radka Necasova had “allegedly got in touch with the Jehovah’s Witnesses and began to raise money for gifts…And since Ms. Nagyova didn’t like it and thought it would be good to monitor, she requested surveillance.”

The former chief of staff is also suspected of promising lucrative jobs in state-run companies to three former lawmakers from Necas’ party on condition they quit parliament, and of having contact with entrepreneurs of disrepute.

She faces five years in prison if convicted, in the most extensive anti-corruption operation since the end of Communism. After belligerently reacting to the scandal, and claiming that he would not resign; Mr. Necas was forced to step down.

According to Miroslav Mares, a security expert at Masaryk University in Brno, the corruption that exists between the government and corporate interests has eroded the trust in the Czech government among its allies; including the United States.

“The affair will certainly raise question marks about the trustworthiness of our military intelligence,” Mr. Mares said, “since the intelligence department may have been used for personal reasons that seem to belong in gossip columns.”

Art Imitating Life or Life Imitating Art? You decide

Agent Zero — Mon, 25 Feb 2013 17:38:22 +0000

A “preposterous-sounding plot weaving together a former used-car salesman, Mexico’s Zetas drug gang and a bank transfer from a Revolutionary Guard account to assassinate Saudi Arabia’s ambassador — by bombing a Washington restaurant?”
To some it reads like a Dan Gordon thriller; but according to Time Magazine, this is exactly what the infamous Quds Force of the elite Iranian Revolutionary Guard Corps. has been up to.
While the MOIS, the domestic part of Iranian intelligence is partially successful in uncovering internal plots; the Qud’s external success rate hovers near zero percent. The only attack known to be successful was via its Lebanese proxy, Hezbollah, who blew up a Bulgarian bus carrying Israeli tourists. The Quds Force is intent on attacking Israelis and Americans in emerging countries, whose own security forces are considered to not be as sophisticated as the Mossad nor the CIA. Allegedly, the Mossad is thought to be responsible for the assassination of Iranian nuclear scientists, in order to prevent an expansion of Iran’s nuclear program.
Immediately after disembarking from a plane in Nairobi, and placing a call to a Kenyan known as a contact for the Somalian terrorist group Al Shabaab, two middle-aged Quds operatives were put under surveillance and eight days later arrested for hiding 15kg of the military explosive RDX under bushes that bordered a Mombasa golf course.
Providing mostly embarrassment, Iran’s secret agents were photographed in Pattaya, Thailand, with one arm around a hookah, the other around a hooker. Additionally, Quds operatives did succeed in blowing up their safe house as well as themselves while in Bangkok.
Other incidences Azerbaijan have caused the arrest of Iranian spies. A century ago the famous spy, Sidney Reilly, knew that Baku was a hot bed of espionage activity. In some ways little has changed in the country which is just north of Afghanistan, and supplies 30% of Israel’s oil. Here the shadow war between the Mossad and the Quds Forces continues to play out. Last month Azerbaijan submitted a formal protest to Tehran that Iranian agents had plotted to kill Israel’s ambassador in Baku along with a rabbi. Apparently, the Iranians are also losing this one.
Members of the Quds Forces’ elite Unit 400 have been activated inside Turkey to attack U.S. and Israeli interests and to support the Kurdish separatist movement PKK with violence as needed.
According to the Turkish newspaper Today’s Zaman, an Iranian spy was arrested while collaborating with the Kurdish separatists. He confessed to being an Iranian operative with the Revolutionary Guards. Recently, the same paper revealed that nine spies have been arrested in Turkey, two of them were Iranian nationals. They provided information on Iranian contacts with the PKK fighters and their mission in identifying strategic targets within Turkey. It is in Iran’s interest to destabilize Turkey ever since they called for the ouster of Syrian leadership, one of the few governments that Iran considers an ally.
Not a great record for an intelligence agency. Either that or they don’t know one of the responsibilities of an intelligence agent is to not get caught.
.

Scale of Cyber-espionage Attack Proof of Chinese Government Complicity

Agent Zero — Fri, 22 Feb 2013 21:44:05 +0000

Mandiant, a major cyber security firm who acts as agent for both government and private industry has released its report detailing China’s role in cyber attacks stating “Our research and observations indicate that the Communist Party of China is tasking the Chinese People’s Liberation Army (PLA) to commit systematic cyber espionage and data theft against organizations around the world.”
Using well-defined computer network attack methods, and gaining access over extended periods of time, the cyber spy unit stole broad categories of information including technology blueprints, proprietary manufacturing processes, pricing documents, business plans, partnership agreements, test results, contact lists and emails from within the organizations that were victimized.
Chinese hackers have attacked the NY Times, stealing journalist’s emails and contacts. According to The London Times; Chinese hackers have targeted British military drone technology and have attacked British aerospace, defense and technology firms working on drones. They utilized the spyware program known as Beebus.
The unit uses close to a 1,000 command and control servers hosted on at least 849 distinct IPs in 13 countries. The report continues “The detection and awareness…is made even more probable by the sheer scale and sustainment of attacks that we have observed and documented in this report”
In a country that extensively monitors Internet use; the spying unit’s long-running operations indicate it “is acting with the full knowledge and cooperation of the government.”
National security agencies and law enforcement investigated the hacking of a White House computer a few months ago. The attack penetrated a network inside the White House Military Office that handles top-secret data. It was traced to a server in China. The cyber attack coincided with Chinese cyber attacks against Japanese and private sector computers. There have been ever growing tensions between China and Japan over the Senkaku Islands. Although the Islands have been under Japanese control for decades, China is now claiming them as its territory; referring to them as the Diaoyu Islands.
Operation Aurora, the code name for a Chinese “spear phish” attack on Google and other U.S. companies was discovered in late 2009. “Spear-phishing” is a fraudulent use of email. The user receives an email that they are made to think is from someone familiar to them. Once opened, it can allow the hacker to infiltrate a computer network, and exfiltrate the information that they are seeking.
According to Mandiant, some of the Chinese hackers got lazy and did not log out of the servers that they were using for cyber-espionage, before logging into U.S. social media sites such as Twitter and Facebook. By deviating from following their proper protocol, they in turn led investigators to discover their real identities. Thus, Mandiant was able to trace two hackers, known as Ugly Gorilla and DOTA all across the Web using data points.
Brian Fung of the National Journal writes, “It’s no small irony the everyday shortcuts users take, and which subsequently open them up to hackers like DOTA and Ugly Gorilla, are the same traps that the two hackers fell into. “

Hunt for Red October Operation

Agent Zero — Fri, 18 Jan 2013 20:10:47 +0000

Last October, experts at Kaspersky; a Moscow based cyber-security company, claimed to have discovered a major global malware system that has attacked and compromised the computers of sensitive institutions including research centers, defense installations, diplomatic consulates, and government agencies in 39 countries for the past 5 years. Their released report about Red October, aka Rocra, hints that the programmers are Russian.
John Bumgarner, research director for US Cyber Consequences Unit suspects Russia or China. The author of “Inside Cyber Warfare”, Jeffrey Carr thinks that the virus was the work of the foreign intelligence service of a NATO or EU country spying on Russian embassies.
Initially targeting embassies around the world, the origin of the program as well as motives of the attackers is still unknown. The new virus usually infects computers through an email attachment that mimics ordinary business correspondence.
Due to the syntax and choice of words, it has become evident that the Rocra malware modules were created by Russian speaking operatives. However, currently there is no evidence linking the malware attacks with a nation-state sponsored attack.
Not only does the malware target traditional workstations; it can garner information from mobile devices, steal configuration data from routers and Cisco switches, as well as deleted files from removable disk drives. Like an ever expanding universe, the hackers use the stolen information exfiltrated from infected networks to infiltrate into additional systems, and have compiled and used the passwords to gain access to an ever increasing amount of data
Apparently, the main purpose of the operation seems to be the gathering of classified information as well as geopolitical influence. According to Sergei Karaganov, honorary chairman of the Moscow based think tank Council on Foreign and Defense Policy, such cyber-espionage is increasingly common. Russia and other countries have tried to create international protocols to combat it. He also suggested that “On the other hand, I wouldn’t rule out the possibility of this being an ingenious trick on the part of Kaspersky Lab to boost their trade.”

30,000 Strong Iranian Spy Network

Agent Zero — Tue, 15 Jan 2013 16:39:56 +0000

Concluding that MOIS, Iran’s Ministry of Intelligence and Security is “one of the largest and most dynamic intelligence agencies in the Middle East”; the Pentagon revealed that the ministry engages 30,000 people in clandestine and covert activities that include technological theft, terrorist bombings, as well as assassination.
Although the Quds Force of the Islamic Revolutionary Guards Corps, also known as the IRGC, primarily handles extraterritorial operations that include espionage, sabotage, and assassinations, according to the Iranian Constitution it must comply with MOIS’ policy with regard to fighting domestic antirevolutionary dissidents. Thus the IRGC is entitled to collect and analyze, as well as to produce information to identify the anti-revolutionaries. The Quds Force operates independently, but shares its collected information with MOIS.
In return, MOIS handles the communication aspects of operations, as well as providing logistical support for the Quds Forces and their related foreign organizations, such as Hezbollah, Hamas, and Al Qaeda (all deemed terrorist organizations by the US). Both MOIS and the IRGC report to the Supreme Leader. Together they have been involved in terrorist bombings from Argentina to Lebanon. They operate wherever Iran has interests, from A to U; Afghanistan to the United States, as well as the countries in between.

Reluctant Spy Reluctantly Prepares for Prison Sentence

Agent Zero — Wed, 09 Jan 2013 17:25:52 +0000

John Kiriakou, author of “The Reluctant Spy: My Secret Life in the CIA’s War on Terror”, pleaded guilty to charges of violating the Intelligence Identities Protection Act and was sentenced to 30 months in Federal Prison.

Initially, Kiriakou thought he was assisting in an FBI investigation, and only too happy to offer his services. About an hour into the interview he discovered that he was the subject of the investigation.

Previously, Mr. Kiriakou had worked for the CIA for nearly 15 years; first as an analyst and then as an operative. He was stationed undercover in pursuit of Al Qaeda operatives and other terrorist groups. Although he led the team that was responsible for the capture of Abu Zubaydah, an Al Qaeda logistic specialist, along with other militants that were captured in Pakistan, he is best known as the first former CIA operative who in 2007 appeared on numerous cable and network news shows ambivalently discussing waterboarding and other enhanced interrogation techniques as torture and not very effective as an intelligence tool.

Although a varied collection of people including former spies, left-leaning critics of torture, a number of Liberty University (a Christian Right Institution) professors, as well as the famed director Oliver Stone all showed support for Mr. Kiriakou; nevertheless he became the first CIA agent to be convicted of leaking classified material to the media. His supporters found it an outrageous outcome for a man who had risked his life for his country.

It all started when references to Kiriakou’s emails to reporters and human rights’ inquirers containing contact information for other CIA personnel appeared in testimony submitted by defense attorneys for Guantanamo Bay detainees. One of the journalists known as Journalist B, aka Scott Shane, was looking for information about the interrogation of Khalid Shaikh Mohammed, the alleged architect of the September 11th World Trade Center bombings. Scott Shane already had the name of Deuce Martinez. Mr. Kiriakou confirmed the identity of the CIA contractor to the journalist as the best source for background information; while admitting that he had worked with Mr. Martinez on the Abu Zubaydah case. He emailed Mr. Shane his contact information. The confirmation of Mr. Martinez’ identity is one of the things that the government viewed as illegally disclosing classified information.

Mr. Kiriakou mistakenly believed another agent whose contact information he shared with Journalist A to have retired, and the journalist never used his name. However, the communication was done via email, and Mr. Kiriakou discovered, just as CIA boss General Petraeus was later to discover; that emails, not unlike diamonds, are forever.

Some think that the media attention he received for his opinions caused John Kiriakou to suffer a self-aggrandizement that led to his downfall. Kiriakou said that he was just being helpful.

China: “The Most Threatening Actor in Cyberspace”

Agent Zero — Fri, 16 Nov 2012 16:55:55 +0000

China: “The Most Threatening Actor in Cyberspace”

A new government report concludes that China’s cyber security threat is increasing in sophistication and that its sheer volume “makes China the most threatening actor in cyberspace,”
Although still unknown who is actually exercising the threat, trackers are being helped by technical gains. The US-China Economic and Security Review Commission reported to Congress that the culprits are:
1. The People’s Liberation Army
2. Three intelligence and security service ministries.
3. Patriotic hackers conducting espionage out of nationalist fervor.
4. Big IT companies and telecommunications firms.
5. Informal “cyber warfare militia” composed of workers with high-tech day jobs that focus on military communications, electronic warfare, and computer network operations.
6. Criminal hackers conducting industrial espionage for private, state-owned, or government clients.

The report continues “China’s cyber capabilities provide Beijing with an increasingly potent tool to achieve national objectives,” the congressional report states. “In a strategic framework that leans heavily on cyber espionage, a diverse set of Chinese hackers use pilfered information to advance political, economic, and security objectives.”
Chinese embassy officials in Washington routinely deny responsibility for cyber espionage against US targets. A spokesman for the Chinese Embassy wrote in an e-mail responding to a government report last year on cyber spying. “China’s rapid development and prosperity are attributed to its sound national development strategy and the Chinese people’s hard work, as well as China’s ever enhanced economic and trade cooperation with other countries that benefits all, “Willfully making unwarranted accusations against China is irresponsible, and we are against such demonization efforts as firmly as our opposition to any forms of unlawful cyberspace activities.”
The report to Congress points to photos of China’s new J-20 stealth fighter jet and its similarities with Lockheed Martin’s F-22. The photos revived “concerns that human, cyber, or other forms of espionage may have played a role in the J-20’s development.”
The report cites other examples of “malicious Chinese cyber activity” in 2012, including successful attacks on NASA networks and spear phishing e-mails targeting the White House Military Office, which assists in presidential travel and communications.
Until recently, Chinese hackers have long appeared less sophisticated than those in Russia. However in January, a China-based attack targeted the “secure authentication” system of the Defense Department’s Common Access Card standard, one of the Pentagon’s most secure systems.
US military officials testified this year that infiltrating weapons systems, including missiles, aircraft, ships, and ground systems is a Chinese focus. In order to infiltrate computers belonging to India’s Eastern Naval Command, which had no connection to the Internet; Chinese hackers reportedly used compact discs along with thumb drives.
Within the Department of Defense, the US Cyber Command has become fully operational. Beyond that, the White House reportedly issued a secret policy document that outlines what actions the US military can take against cyber attacks.
John Bumgarner, research director for the US Cyber Consequences Unit, a nonprofit security think tank that advises government and industry, has advised “We’re all economic partners, but we’re all on this cyber espionage path where people are routinely breaking in to steal the latest and greatest fighter plane plans. At some point, it may cross the line and become an act of war. In the cyber world, that line is a very blurred line. It’s a path we need to get off.”

FBI Investigation: Discovers CIA Chief Under Covers: “Embedded Journalist” Given Whole New Meaning

Agent Zero — Thu, 15 Nov 2012 18:01:24 +0000

It all started in May, when Jill Kelley; a voluntary liaison to the military’s Joint Special Operations Command in Tampa, FL, complained to an FBI agent she knew about receiving a series of harassing emails:
Although the friendly FBI agent was removed from the case due to potential conflict of interest (he had sent a shirtless picture of himself to the married Mrs. Kelley)The FBI spent months tracing metadata footprints left by the emails, piecing together who may have sent them and what locations they were sent from. They matched the places, including hotels, where Ms. Paula Broadwell was during the times the emails were sent. FBI agents and federal prosecutors used the information as probable cause to seek a warrant to monitor Ms. Broadwell’s email accounts.
As General Petraeus’ biographer, Ms. Broadwell, co-author of All In, is described on Amazon as having been “Afforded extensive access by General Petraeus, his mentors, his subordinates, and his longtime friends, Broadwell embedded with the general, his headquarters staff, and his soldiers on the front lines of fighting and at the strategic command in Afghanistan to chronicle the experiences of this American general as they were brought to bear in the terrible crucible of war. All In draws on hundreds of hours of exclusive interviews with Petraeus and his top officers and soldiers to tell the inside story of this commander’s development and leadership in war from every vantage point.”
Ms. Broadwell, along with Mr. Petraeus had set up private Gmail accounts to use for their communications, which included explicit details of a sexual nature, according to U.S. officials. But because Mr. Petraeus used a pseudonym, agents doing the monitoring didn’t immediately uncover that he was the one communicating with Ms. Broadwell. Petraeus and Broadwell apparently used a trick, known to terrorists and teenagers alike, to conceal their email traffic, one of the law enforcement officials said. Rather than transmitting emails to the other’s inbox, they composed at least some messages and instead of transmitting them, left them in a draft folder or in an electronic “dropbox,” Then the other person could log onto the same account and read the draft emails there. This avoids creating an email trail that is easier for outsiders to intercept or trace.
However, Gmail is not to blame for helping the FBI uncover the affair of CIA Director David Petraeus, which led to his resignation. His email client, on the other hand, likely is. The reason the FBI was able to figure out the identities of Broadwell and Petraeus was, at least in part, due to so-called metadata that is embedded in every email we send. The information contained in email metadata differs depending on which service is used; however, most email metadata includes sender email address, recipient email address, date and time that the email was sent, and IP addresses associated with sending and delivery of the email. If you send an email from a Gmail address – but rather than use Gmail.com, you do so through an email client like Microsoft Outlook – then your actual IP address will be added to the email header, thus allowing the FBI (or anyone else) to easily find out the physical location from which that email originated. The same is true for Gmail emails sent from Apple’s Mail client for OS X, as well as Mozilla’s Thunderbird email client. It is this last bit of info – IP addresses – that would have told the FBI where the various damning emails were coming from.
Once they figured out the emails had come from Broadwell, they began tracking her movements. Then they went to court to get a warrant to read her email. They apparently got a warrant to monitor a second email account belonging to someone Broadwell was having an affair with. It turned out to be Petraeus.
As the news initially broke, one could only wonder about the clout Ms. Kelley had for such an investigation to have been launched, the indiscretion on the part of Ms. Broadwell, and the resignation along with the fall from grace of Mr. Petraeus.
The FBI also looked into whether a separate set of emails between Petraeus and Broadwell might involve any security breach. A federal law enforcement official, speaking on condition of anonymity to discuss details of the investigation, said the FBI had concluded relatively quickly — and certainly by late summer at the latest — that there was no security breach. Absent a security breach, it was appropriate not to notify Congress or the White House earlier, this official said.
Extramarital affairs are viewed as particularly risky for intelligence officers because they might be blackmailed to keep the affair quiet. For military personnel, adultery is a crime under the Uniform Code of Military Justice.
In a speech Ms. Broadwell recently gave in Denver; she laid out a scenario of what happened in Benghazi, Libya that culminated in the death of four US citizens, including a much beloved ambassador. No government testimony up to date had portrayed the occurrence in the same light; nor revealed as much about CIA operations in Libya. Subsequently the FBI removed the hard drive from the computer that they found in Ms. Broadwell’s home, and are investigating whether or not it contains classified information.
Update:The FBI has recovered classified documents in Ms. Broadwell’s home, and her security clearance has been revoked.

Taiwanese Officials Nervous about Chinese Espionage

Agent Zero — Thu, 08 Nov 2012 21:22:50 +0000

Characterized as a “shame for the military”. Taiwan has arrested Chang Chih-hsin, the former chief of political warfare at the Taiwanese naval meteorology and oceanography office, along with two other former military officers; on charges of spying for China. The office is seen as especially sensitive because it holds information about Taiwanese submarines and hidden ambush zones.
Last year, Taiwan arrested an air force officer for alleged espionage, who had been stationed at a base in northern Taiwan which had sophisticated radar systems.
Previously, Lo Hsien-che, , the major general in charge of communications and electronic information for the army, was sentenced to life in prison after being convicted of passing on secrets to China for years.
At a time, when Taiwan has been seeking to strengthen friendlier trade relations with China, and has been liberalizing investment and tourism, boosting the Taiwanese economy; issues of Taiwan’s sovereignty still remain. Cyber warfare remains a “serious and real” problem. According to the head of Taiwan’s national security bureau, one of the island’s intelligence agencies, the NSB is hit by 500,000 hacking attempts each month.

American Naval Linguist Pleads Not Guilty to Espionage Act Charges

Agent Zero — Thu, 08 Nov 2012 21:11:57 +0000

A linguist for the Navy in Bahrain is charged under the Espionage Act with possessing classified documents; some of which ended up in public archives of the Hoover Institute at Stanford University. The deputy archivist at the Hoover Institution told Hitselberger in an email that “in light of the FBI investigation of your collection … we will no longer accept additions to the collection, as we don’t want to risk receiving more classified material.” Hitselberger replied that he “was unable to locate my regular reading glasses that day over a month ago and I did not notice the `secret’ designation at the bottom.”
Fluent in Arabic, James Hitselberger’s job as a federal contractor was to translate documents for the Joint Special Operations Task Force-Gulf Cooperation Council. The council contains a unit conducting special reconnaissance, counter terrorism and unconventional warfare.
An FBI affidavit unsealed Monday says Hitselberger copied documents last spring that discussed gaps in U.S. intelligence in Bahrain as well as military troop activities in the region. His superiors later found the material stashed in his backpack, and investigators said they subsequently discovered additional classified material at Stanford in the “James F. Hitselberger Collection.”
The section of the Espionage Act that Hitselberger is charged with violating prohibits unauthorized possession of defense information that could be used to injure the United States or aid a foreign power.
U.S. Magistrate Judge Deborah Robinson ordered Hitselberger held without bond. “While the government concedes that defendant has no history of violence and did not disseminate the classified information to a `foreign power,'” Robinson wrote, “defendant’s retention of classified documents poses a danger to the community by potentially compromising national security.”
Hitselberger pleaded not guilty on Oct. 26.

A Spy’s Story Revealed

Agent Zero — Thu, 12 Jul 2012 18:04:19 +0000

Israeli citizen Massoud Bouton isn’t who everyone around him—from government officials to fellow businessmen—thought he was. As an Israeli spy in Israel’s military intelligence service, he was known to all as Mustafa Taleb, a Lebanese businessman of Algerian descent. Residing in Beirut, his real work was to recruit operatives in enemy countries. In 1962, after Algeria’s liberation from French occupation, he told his friends and all those in his broad social network that he was returning to his family there. No one ever heard from him again.

Mustafa Taleb, in actuality, returned to Israel as his real self, Massoud Bouton, as a result of the decision made by Israel’s Intelligence Unit to end his spy career without compensation because of a disagreement with his bosses.

Bouton’s story is told by a former Shabak (Israel’s Internal Security Service) officer in his newly-released book An Intelligence Agent’s Story. He met with Bouton for hours to gather the details of his life of espionage, which began in 1956 and spanned seven years as he operated in Beirut and Damascus. As Mustafa Taleb, Bouton created a vast network through which he used to collect intelligence. He used a special communication device to relay his information to Tel Aviv. The author wrote this book to clear Bouton’s defamed reputation ensuing from being fired. Bouton died last year.

The Buzz on Insect Drones

Agent Zero — Wed, 11 Jul 2012 21:52:24 +0000

A plethora of articles are in the headlines these days on the CIA’s and the Army’s use of drones to strike terrorist targets in Pakistan. The question is, what else are they used for? The answer: for high-tech surveillance. It has already been released to the public that the U.S. has tiny remote-controlled vehicles based on the natural structure of insects. These micro air vehicles (MAVs) are based on the physics of how insects fly. Separately, the US Air Force has revealed it is developing “lethal mini-drones” with a structure based on Leonardo da Vinci’s blueprints for his Ornithopter flying machine. They state these mini-drones will be ready for usage in 2015.

Public concern arose in 2007 when flying objects hovering above anti-war protesters were reported. Although entomologists claimed that they were actually dragonflies, the U.S. government was accused of secretly developing robotic insect spies. The fact that officials denied the accusations did not end the suspicions. Retired US Air Force Colonel Tom Ehrhard, an expert on unmanned aerial craft, was quoted in the London Daily Telegraph saying, “America can be pretty sneaky.”

In 2008, the US Air Force did unveil undetectable insect-sized spies “as tiny as bumblebees” that they said are capable of flying into buildings to photograph, record, and even attack insurgents and terrorists. With the U.S. military’s record for keeping its technology action to itself, the question remains as to what the reality is regarding the use of lethal mini-drone