Schneier on Security
A blog covering security and security technology.
« Friday Squid Blogging: Kid vs. Squid |
| Bletchley Park Archives to Go Online »
June 7, 2010
How to Spot a CIA Officer
How to spot a CIA officer, at least in the mid-1970s.
The reason the CIA office was located in the embassy -- as it is in most of the other countries in the world -- is that by presidential order the State Department is responsible for hiding and housing the CIA. Like the intelligence services of most other countries, the CIA has been unwilling to set up foreign offices under its own name. So American embassies -- and, less frequently. military bases -- provide the needed cover. State confers respectability on the Agency's operatives, dressing them up with the same titles and calling cards that give legitimate diplomats entree into foreign government circles. Protected by diplomatic immunity, the operatives recruit local officials as CIA agents to supply secret intelligence and, especially in the Third World, to help in the Agency's manipulation of a country's internal affairs.
Posted on June 7, 2010 at 5:43 AM
• 25 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
It's an interesting study on how to use seemingly innocuous data to arrive at truly revealing conclusions.
Unfortunately it's written by Philip Agee, a US turncoat and traitor that tried to dress himself in the clothes of a reformer.
My favorite part:
"...most legitimate diplomats do not like being a minority within their own profession or having the rest of the world confuse them with the CIA's dirty tricksters. They generally regard themselves as working at a higher calling."
Diplomats. Higher calling. That's simply priceless.
Most intelligence agencies keep their foreign operational headquarters out of embassies if they can - they're much more likely to use an inconspicuous building somewhere. Sure, there are a few spooks wandering around any embassy at any given time, but that's not where the main action takes place.
This is because it's standard practice to employ covert surveillance methods - such as putting microphones in bricks and so fourth - when building another country's embassy.
Also, it would look just a tad suspicious kidnapping someone and bringing them to an embassy for interrogation, methinks.
Other than that, you're right - spies often (though not always) travel under diplomatic cover.
Well, it's a little less obvious than making them "passport control officers" but not by much.
Reads like it was written by and/or for the KGB. Humint is still king, and people talking to people is how you get humint.
It's only fair to point out that the "sister cities" program has been used for a huge amount of espionage cover over the years, both ways.
Hah, dated, but interesting...
Interesting article up to this point:
"Most of the military and economic intelligence we need we can get from our satellites and sensors ... and from reading the newspapers and the superabundant files of open reports."
Unfortunately we need more human intelligence to actually know what's going on in the world, not less. After reading the last part I start to suspect the motivations of this author...
The CIA has 2 kinds of foriegn service officers, those under "official cover" as described, and those under "non-official cover" (NOC). Those under official cover are not in any way "secret agents"- those are the NOC officers. I think there's actually a law that says "if you've *ever* been in an embassy, you can *never* operate on NOC".
So, no, this isn't a way to "out" a "secret agent" - those guys aren't allowed to be in an embassy for any reason (except for some event that ends their covert career).
The bit that dates it for me is the ElInt comments.
At one time it was seen as the "great white hope" of pure Intel.
However it is like "data" without the "metadata" that turns the data into information. and even before the end of the cold war it was well known that the likes of the NRO where not delivering Intel just data whilst humint was delivering both.
As for the jobs he ascribes to these in house Officers dream on even back then that was done by "out of house" officers or "contractors" often local criminals that think they are working for comercial organisations doing industrial/business espionage.
There is a story (probably untrue) that the NSA used to hide their embassy coms and crypto staff in the CIA staff...
The unstated premise in your quote is written to presuppose that we give a fig about what happens in some third world country's internal affairs. Else, why would we be bent on manipulating those internal affairs?
Of course, if other, malevolent (from our perspective), let us say Marxist, third parties were already actively seeking to manipulate that country's internal affairs, then perhaps the situation was a bit different than described....
Speaking of the value of HUMINT (the flipside of the insider threat). Army CID just busted the alleged perpetrator of the wikileaks video we discussed somewhat earlier. An Army (SPC) Intel Analyst.
In addition to the videos he claims to have turned over a "previously unreported breach consisting of 260,000 classified U.S. diplomatic cables".
This young man is in for a world of hurt.
Skorj is right. The guys described in that text aren't supposed to be a secret in the first place. By and large, they're _supposed_ to be exposed.
Aside from the opportunities moving in official circles attending parties and the like, they provide a known safe contact both for the host country (sometimes you do _not_ want to go through official diplomatic channels) and for those wanting to offer information or defect.
@nknight: "The guys described in that text aren't supposed to be a secret in the first place. By and large, they're _supposed_ to be exposed."
In this case, why try to cover them at all?
From the article:
The security man, along with everyone else in the embassy, knew that this particular "political officer" was actually the Central Intelligence Agency's "Station Chief,"
Did the CIA use "political officer" as a cover? Do they exist at the American Embassy? For some reason I had assumed this was something only the USSR did. Happy to be proven wrong though.
Unusually, I think I am going to have to fly against the wind with some of the comments made here.
HUMINT is indeed a valuable part of any intelligence collection plan but it is not better than any other source by virtue of its source alone. The exact same claim can be made by SIGINT and IMINT (and probably any other categories that are now in use).
It is certainly a lot sexier and more publicised that vital intelligence comes from human sources. It is also certainly true that some other source intelligence (SIGINT/IMINT) has been spoofed to spectacular effect, but I really fail to see that one dominates the others significantly. Each have strengths and weaknesses and *should* be used together.
If I forced to choose, as a collector I would say HUMINT (but that is simply because I know how to do that) and as an Intelligence consumer I would ask for SIGINT (because in my experience this has proven the most valuable). I dont mean to disparage IMINT but I have had less exposure to it, thats all.
With HUMINT we (humans) are more used to it and its the first thing that springs to mind when creating defences against counter penetration, sources are generally unreliable and its very, very rare to get a direct access. Most of the time you are reporting on what Person X claimes to have heard or seen Person Y do. This is fraught with analytical issues - motive, understanding, deception etc - but this is why people should be trained to collect.
Compare that to being able to successfully gain access to a targets encrypted communications - you catch them in an unguarded moment, saying things over a medium they have assumed is secure. Not every SIGINT attack will be that lucky but I suspect it happens more often than getting direct access to prominent players.
Even the much maligned ELINT has its place - more so with military units but good analysts can do wonders.
As I said, however, my strongest belief is that all disciplines work best in conjunction with each other - if a human source can get you an encryption key, the SIGINT product will be much better, which can in turn be used to direct photo recon or other human sources.
There isnt, however, one type of collection which is better than the others.
Re-reading the article and I have more and more doubts.
The CIA moves its men off the diplomatic lists only in Germany, Japan, and other countries where large numbers of American soldiers are stationed. In those countries, the CIA's command post is still in the U.S. Embassy, but most of the CIA personnel are under military cover.
Really? For some reason I just dont accept this. I am sure there are Military Intelligence units that _may_ be conflated with being the CIA but I cant imagine there being real units in 1970s Germany which were really CIA stations.
The source says that all the local Spanish employees knew who worked on what floor of the Embassy and that visitors could figure out the same thing.
Well, I accept that the local employees could work it out (given that if anyone in an Embassy can, they can) but often this will be gossip rather than accurate. I doubt it would be as easy for a casual visitor and regular, yet hostile, vistitors should be controlled better anyway.
I would like to think that the local employees would be properly screened and background checked (as much as possible) anyway, if not working for the CIA themselves.
While I accept a lot of the stuff in the article, and realise it is talking about the world 30 years ago, there is quite a bit that doesnt ring true with my almost contemporary experiences serving in Europe.
Still, it is interesting.
Sorry for POST 3 - but I noticed something else and cant edit my previous posts.
The authors of the article discount David Bruce because they describe him as having a long career as an FSO.
However he was in the OSS from 1941 to 1945 and went through a series of positions that could just as easily be used as cover for an Intelligence Officer. Even my understanding of the USLO leaves that as a dream cover job.
Sadly, most decent diplomatic jobs are dream covers for intelligence officers so its hard to tell them apart....
In Stockwell's memoire about Angola "In Search of Enemies" he tells a story about how the local case officer and his contracts were so well known that the layabouts hanging outside their drop would say "No. The american spy has not yet come."
So the tradecraft was likely either not very good or the quality varied with theater.
@Paeniteo: That's part of it. It's not considered nice to say "we're sending you a spy". More importantly, though, "spy" is not a legitimate diplomatic job, and not entitled to the protections thereof.
I'm sure you're familiar with legal fictions. Well, this is another one. In order to invoke the protections of international law concerning diplomats, the façade must be maintained, even though everyone knows it's crap.
That way, the worst that can happen is the officer is ejected. And in order for that to happen without causing a huge ruckus, they have to have been caught doing something not in keeping with their official status in the embassy.
International relations are pretty much defined as one absurdity after another. This is one of the more dramatic examples. :)
"I play 'Spy at the Airport.' Do you ever do that? Play 'Spy at the Airport.' I believe in using that kind of time- it's wasted time. Especially at a big airport, you know there’s a spy at the airport. Your job? Find him!"
~George Carlin, RIP
The guys in embassies were mostly handlers. The KGB used to funnel everything through its embassy in Washington DC. The actual spies, like John Walker, who were usually flipped military or intelligence personnel. If a Navy Chief Warrant Officer walks into the Soviet embassy that's a dead giveaway.
That's where pickups and drops come into play. John Walker drops a stack of documents somewhere, the embassy guys pick it up then drop off payment along with the time and location of the next exchange somewhere else. The CIA and KGB each knew who was who at the embassies but you throw out one and you get another. The real spies were the homegrown traitors - John Walker, Kim Philby, etc. - and those were the hard ones to figure out. You'd have better luck finding spies from lists of your own people than from a list of your enemy's.
dulles created the cia illegally from money collected outside of govt control, no?
> dulles created the cia illegally from money collected outside of govt control, no?
No. The CIA was created legitimately and quite openly by the National Security Act of 1947. The Central Intelligence Agency Act of 1949 enabled it to be lawfully funded and audited but without the public scrutiny usually involved in auditing disbursement of Federal funds.
It was NSA that was created very informally and secretively by a simple letter from the President. This was because of a special property of SIGINT called "fragility of sources". SIGINT is at its most powerful when the opponent doesn't even suspect you may be listening. As awareness of the SIGINT risk grows, its utility rapidly plummets. Thus, widespread knowledge of the mere existence of a SIGINT agency makes that agency less effective.
@ BF Skinner at June 8, 2010 9:35 AM
"So the tradecraft was likely either not very good or the quality varied with theater."
I think its probably both...
Humans are human, no matter how much training they have and there is always the risk that case officers had a low opinion of the locals so didnt bother trying.
"If a Navy Chief Warrant Officer walks into the Soviet embassy that's a dead giveaway."
It sounds like the setup for a joke. ;)
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.