Leaked Spy Catalog Reveals Hacking Tools, More
Some of the listed spy tools also appear to fulfill propaganda purposes or other information operation campaigns by sending out mass emails and text messages.
Mike Agliolo / Corbis
In the intelligence community, "tradecraft" refers to agents' advanced espionage tactics. That meant creating clever disguises, conducting surveillance, using concealments, procuring secret information and exchanging secure messages with other agents. "Spies can be ingenious in the way that they communicate," said Peter Earnest, executive director of the International Spy Museum in Washington, DC. He cites miniature dots containing text that came to prominence during World War II. "Somebody can still use that kind of technique." From Biblical times until the 20th Century, spy operations were pretty much person-to-person, said former director of the CIA’s Office of Technical Service Robert Wallace. He and historian H. Keith Melton detail such tactics in their books "Spycraft" and "The Official CIA Manual of Trickery and Deception." Earnest and Wallace share these 10 classic spy tactics gleaned from declassified information.
Courtesy of CIA
The Combustible Notebook What’s an agent to do when caught with compromising notes? During World War II, spies could keep sensitive information in a special Pyrofilm Combustible Notebook, Wallace said. This notebook contained film that would ignite when triggered by a particular pencil. Working like a grenade, the paper would burn and the whole thing would disappear within seconds. The CIA’s one-time pads of paper were used between agents for secure communication using encryption that’s virtually unbreakable. Once they were used, the pages could be torn off and destroyed. “After that, we developed water-soluble paper,” Wallace said. “You could take notes on this paper but if you were about to be compromised you could immediately just dump the paper in the toilet or run water over it.”
Bugs, Tried and True During the 1960s, integrated circuits represented a major breakthrough. Before that, transmitters were unreliable and required huge batteries. “Integrated circuits reduced power consumption, made reliability almost 100 percent, and allowed a reduction in size,” Wallace said. New devices were a tenth the size of previous ones. “That means you could put bugging devices about anywhere you wanted to.” When U.S. supplies were dropped by parachute into remote jungle areas during the Vietnam War, tiny beacons were attached so that U.S. soldiers could follow the signal, Wallace said. He added that, conversely, spies could carry beacons disguised as a branch or a cane, leave it at a specific location, and then moments later an attack fleet would hone in to hit the target.
Courtesy of CIA
The 'Dead Drop' One well-known spy technique called the dead drop involved placing an item or message in a device. An agent then signals to a handler that the drop has been made -- in the past that meant marking a signpost or building corner with chalk, Peter Earnest said. Hollow coins could carry messages. Although the space inside was extremely small, agents could put in a microdot. This micro writing system developed by the CIA in the 1960s and 70s required a high-powered magnifier to read concealed messages. The most famous espionage case involving a hollow coin occurred in 1953 when a Russian agent inadvertently gave his hollow nickel to a newspaper boy. When the boy dropped the coin, a microphotograph fell out. It would take the F.B.I. four years to decipher the instructions encoded in the tiny photo. Micro writing was effective, Wallace said. "It was just very difficult. It had a lot of potential for human error."
Courtesy of CIA
'Jack-in-the-Box' Spies must be ghosts, not poltergeists. To avoid detection, they used maps like this one printed on silk that don’t rustle. The British Directorate of Military Intelligence MI9 issued cufflinks containing tiny compasses during the late 1930s through the mid-1940s. One tactic Wallace and Melton detail in Spycraft involves using equipment dubbed a “Jack-in-the-Box.” This simple device was a suitcase containing a dummy designed to look just like an agent from the shoulders up. An agent in a car who wants to escape surveillance could wait for a sharp turn, roll out the passenger side, and open the Jack-in-the-Box. “Even though you are only out of surveillance for five seconds, that was long enough for the officer to roll out of the car quickly into the shadows,” Wallace said. “Surveillance, looking at the car ahead of them, would still see two people in the car.” In 1982, CIA officers used the device to evade KGB surveillance reestablish contact with an informant.
Courtesy of CIA
Hidden Surveillance Clandestine surveillance remains a hallmark of covert operations. In "Spycraft," Wallace and Melton describe cameras hidden in unusual places, audio equipment for listening to conversations through walls, and even a pipe with a receiver so the officer could bite the stem and detect hostile radio communications nearby. In the 1970s, the CIA worked on a mini unmanned aerial vehicle shaped like a dragonfly called the "Insectothopter." When the CIA’s Directorate of Science and Technology celebrated its 40-year anniversary in 2003, it revealed a realistic looking robotic catfish dubbed "Charlie." Built in 2000, the device's true mission has never been revealed, but experts think its aim was to sample and test water around nuclear plants and facilities. “You build in it the necessary filters to take samples,” Wallace suggested. "Then you recover the fish downstream and evaluate those samples." When the fish was revealed, the Associated Press consulted with a scientist who said the fish was so realistic that predators might target it. Robotic fish have caught on in the academic arena, though. Many institutions now use robo-fish for environmental monitoring.
Deliver a Knockout In the mid-1950s, spies had to be ready to spike a drink in a pinch. Wallace and Melton’s book “The Official CIA Manual of Trickery and Deception” outlines several strategies for dispensing liquids, powders and pills without the recipient noticing. Glove-wearing lady-spies of the era had a particular advantage with their handkerchiefs, and could sew small containers into them. While lighting someone else’s cigarette, the matchbook could be used to dispense a small tablet into their cup. All in the flick of a wrist. Wallace said he particularly liked the trick where a standard Number 2 pencil became a tool for delivering a pill or powder -- up to 2.5 CCs -- simply by manipulating the eraser and the metal band around it. “It can be a knockout pill, it can be a hallucinogenic,” he said. “I suppose it could be lethal, if you wanted it to be.”
Hidden in Plain Sight Steganography is the practice of leaving a concealed message out in the open. Wallace credited magician John Mulholland for introducing new tactics for this kind of communication to the CIA when he became their consultant in 1953. “He wrote about how you can communicate,” Wallace said. “He talked about how magicians could communicate when they were doing tricks.” One method for communication was how shoelaces were tied. Connecting them between the holes on both sides of a shoe in different ways signaled certain things such as “follow me” or “I have brought another person.” Hiding messages in plain sight continues to be an effective tactic. Just look at Al Qaeda. “We have seen that used by the terrorists,” Earnest said. In a case that was just reported, Al Qaeda embedded secret documents in a porn video.
Courtesy of CIA
The Document Grab Get that document and get out. Pulling out a small scanner would help today, but spies had to use different techniques decades ago. The CIA Museum now displays this letter removal device from World War II. When inserted into the unsealed gap in an envelope flap, the device grasped the paper and wound it around pincers so it could be extracted without anyone the wiser. Another way to retrieve documents involved magician’s wax, the kind that temporarily attaches to objects. To use this technique, described in Wallace and Melton’s book “The Official CIA Manual of Trickery and Deception,” first wax was placed on a book cover. In the blink of an eye, the book is used to grab a paper. All the agent had to do is remember to hold the book so that the paper side faces the body or the floor.
Courtesy of the Crypto Museum
Short-Range Coded Messages Long before cell phones, the CIA’s Office of Technical Service was developing what it called a short-range agent communications systems or SRAC. When two officers communicated securely with each other using a SRAC device, they didn't need to risk being spotted in the same location, Melton and Wallace explain in "Spycraft." An early SRAC device from the 1970s had code names like “DISCUS” and “BUSTER," and resembled a large calculator and contained a keyboard with a stylus for punching in 256 characters, Wallace said. Using “burst transmissions,” these systems allowed agents to transmit messages across about a quarter-mile range, communicating in bursts through coded messages that were automatically deciphered and displayed. Although the signal could potentially be intercepted, this communication technique represented a significant advancement in tradecraft. “This meant that you didn’t have to meet an agent to get information,” Wallace said. “You could actually transmit it in real time.”
The 'Brush Pass' That spy film staple, the so-called “brush pass” used to pass documents or a package between agents, can be traced back to the Cold War era. The technique was developed to be used in hostile areas where U.S. agents were under constant surveillance, Earnest said. “It’s very elaborate,” he said. “You’re staging this but you are arranging for you and the agent to pass each other surreptitiously somewhere.” Highly choreographed, the handoffs took place quickly in alleys, on corners, in subway stairwells. In late 2009, an elderly couple, Walter and Gwendolyn Myers, was convicted on charges that they’d spent several decades spying on the United States for Cuba. Among their tactics, according to the F.B.I., was a variation of the brush pass. Gwendolyn exchanged shopping carts in grocery stores with contacts to pass along information.
GET MORE ON SPIES: Top 10 Trickiest Spy Gadgets
No online communication is for your eyes only in the age of Internet surveillance by government spy agencies. But a leaked British spy catalog has revealed a wide array of online tools designed to also control online communication by doing everything from hacking online polls to artificially boosting online traffic to a particular website.
Such documents don't contain much in the way of technical information about how the online spy tools work, but they do reveal a colorful array of code names for methods aimed at both collecting information and manipulating online information seen on websites such as Facebook and YouTube. The GCHQ's Joint Threat Research Intelligence Group (JTRIG) that developed the catalog described most of the tools as being "fully operational" or else "very close to being ready."
Some of the most intriguing spy tools show the UK spy agency's desire to control and manipulate both online and cellphone communication, including emails and popular social media networks such as Facebook. In the latter case, a tool named "Clean Sweep" can "masquerade Facebook wall posts for individuals or entire countries." Another tool called "Burlesque" can send spoofed (faked) SMS text messages. And "Scrapheap Challenge" can send fake emails that appear to originate from a target Blackberry device.
Other tools can change the online information and websites that ordinary Internet users might see. A tool named "Underpass," previously known as "Nubilo," can supposedly change the outcome of online polls. "Bomb Bay" has the capability to boost a website's recorded hits and rankings in order to improve its popularity. Similarly, "Gateway" artificially increases the traffic going to a certain website, while "Slipstream" inflates page views. A more mysterious tool named "Gestator" aims to amplify certain messages, typically videos, on "popular multimedia websites such as YouTube."
The catalog also reveals efforts to counter the propaganda of terrorist and insurgent groups. "Bumpercar" represents an automated system capable of filing "offensive material" reports on video upload services such as YouTube, with the goal of getting "terror videos" removed. Another tool called "Silverlord" targets video-based websites hosting "extremist content" for the purpose of discovering and removing such content.
Some of the listed spy tools also appear to fulfill propaganda purposes or other information operation campaigns by sending out mass emails and text messages. Others appear to come from a hacker wish list by launching denial of service attacks. And one intriguing tool named "Glitterball" comes with the description: "Online gaming capabilities for sensitive operations." The latter seemed to be used by British agents in the online game "Second Life" as of the document's latest update in July 2012. (For more, see "Spy Games: Spooks Infiltrated Online Games.")
By now, few people should be surprised that government spies have tools to eavesdrop on both cellphone and online communication. For instance, much has already been revealed about how the U.S. National Security Agency (NSA) scoops up online records from the internal networks of Internet giants such as Google and Yahoo, as well as how the spy agency tracks cellphone location data worldwide. But the recent revelations about GCHQ's activities show that the UK spy agency also has a strong interest in actively controlling both public information and personal communication in certain cases.
Such online tools give some real-world heft to the fictional boast of Q, the MI6 gadgets man of the long-running 007 films, as he compares his hacking skills to James Bond's more physical approach in the 2012 film "Skyfall": "I can do more damage on my laptop, sitting in my pajamas, before my first cup of Earl Grey than you can do in a year in the field."
Get more from IEEE Spectrum
U.S. Navy: “I Thought the Other Guy Was Doing Security”
Virtru Crafts Countermeasures to Combat E-mail Snooping
NSA Spies Who Purchased This Snooping Device Also Bought…
This article originally appeared on IEEE Spectrum; all rights reserved.