Russian spies lacked computer nous, says FBI
What the alleged Russian spies unmasked in the US a fortnight ago were able to find out about US political affairs is anyone's guess, but the FBI reckons they were a mystifyingly unsophisticated bunch when it came to technology.According to the...
According to the New Scientist, they are said to have used steganography (the science of hiding data in things like images), encrypted their hard drives, set up dedicated Wi-Fi links to upload some communications and spent time on short-wave radio, more or less where most people would start if they felt the need to hide what they were doing.
The sophistication was mere veneer. As any undergraduate computer science student will know, using images in steganography is pretty useless for anything other than small amounts of data, and there are much better methods such as hiding the same data in white noise traffic. The images can also be intercepted without the sender being aware that this has happened, another reason to avoid general purpose file formats.
The FBI claims that the steganography software used was also a proprietary version written by the Russian secret service, precisely the sort of program you'd expect the US secret service to know all about. An open source, freeware or commercial program would have been a much tougher cover and harder to trace.
The article also notes that US authorities were able to sniff MAC addresses (tied to individual laptops) used to carry out data transfers via WiFi, which suggests that the agents had never heard of spoofing. This is basic stuff.
But here it gets more incredible still. Apparently one or more of the suspects destroyed data from hard drives simply by using the Windows delete function, the sort of blind misunderstanding of how a file system works you might expect from a total novice.
Apart from lacking the training and skills to use some of these technologies, there seem to have been a number of fundamental problems if we decide to take the whole affair at face value.
First, the alleged spies had no way of knowing they were being watched, a counter-surveillance layer that lies at the root of all good spying.
Second, nobody had assessed whether the technologies they were using were actually appropriate. Every technology, however secure, by its nature can draw attention to itself. The fewer used, the better.
Three, nobody seems to have considered, for want of a better term, 'espionage obsolescence'. However carefully used, some of the technologies were simply out of date.
That's the problem with spies that have been living incognito for a decade or more. The technology they use is also going to be about that old. How does a self-respecting security agency upgrade spy technology in the field? Apparently they don't.
On the other hand, perhaps the accused weren't meant to function as spies in any useful meaning of the term. Their purpose was more sociological, to spread mistrust in the suburbs, generate paranoia of and among and against the swell of immigrants that so define many East Coast US cities.
If that was their aim, they failed. Most US citizens appear to have shrugged their shoulders and moved on to other news stories. Incompetent spying is, to re-use a baseball term, still too left field, especially when it involves technology and motivations that few ever stop to consider.
ShareTwitter Facebook Google Plus
The grab and go technology looks impressive, but only if you're willing to have your data harvested by cameras and microphones
Access to talent remains the biggest concern for the UK technology sector following the Brexit vote