Schneier on Security
A blog covering security and security technology.
« Security Systems as a Marker for High-Value Targets |
| Full Disclosure in Biology »
November 30, 2011
Bad CIA Operational Security
I have no idea if this story about CIA spies in Lebanon is true, and it will almost certainly never be confirmed or denied:
But others inside the American intelligence community say sloppy "tradecraft" -- the method of covert operations -- by the CIA is also to blame for the disruption of the vital spy networks.
In Beirut, two Hezbollah double agents pretended to go to work for the CIA. Hezbollah then learned of the restaurant where multiple CIA officers were meeting with several agents, according to the four current and former officials briefed on the case. The CIA used the codeword "PIZZA" when discussing where to meet with the agents, according to U.S. officials. Two former officials describe the location as a Beirut Pizza Hut. A current US official denied that CIA officers met their agents at Pizza Hut.
Posted on November 30, 2011 at 6:57 AM
• 18 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I commented on this a few days ago on my blog. It's a bit too long for here, so here's a link:
Different sources blame bad tradecraft (it goes beyond the use of "PIZZA"), while others stress the rigid control case officers have over assets.
It's a world where "sloppy" doesn't happen, unless for a purpose.
@Kent Allard "It's a world where "sloppy" doesn't happen"
Don't buy the myth. The Agency only hires people after all.
Have to agree with Skinnner... A former British Intelligence Officer said that one of the reasons the CIA and others were concerned when KGB documents were being released a few years back was that it could "explode the myth of competency".
It was sloppy tradecraft. Since 9/11 recruitment and training for CIA has been escalated and some things have been less stressed such as the tradecraft angle. These operatives need to work under the premise of "Moscow Rules" in country.
Their bad tradecraft hygiene got them and their assets caught.
The Chinese are quiet, right? The Russians are quick, and we're sloppy.
The problem with "tradecraft" is. that it consists of three main parts,
1, The mechanics (which can be taught).
2, People skills (which is difficult to teach).
3, Second sense (which cann't be taught).
The mechanics of tradecraft is not particularly onerous and most people can learn as much or as little is required for their job. However although mainly a mental skill, it's more like a physical skill in that the more practice you get the better at it you are.
People skills are mostly intuative, some people make the grade some don't, in many respects it's like being both an actor and a sales person. There are those who can "sell snow to eskimos" and there are those who "can't give beer away on a hot sunny day". Likewise there are those who will always look guilt/suspicious even when they are just taking the dog for a walk. You can with perseverance learn to be come moderatly good at people skills but it helps if your a natural.
The one that nobody has found a way to teach (except for "sitting next to nelly") is second sense or what Bruce calls feeling/thinking hinky. Whilst you can pick it up over time, and police and security guards and some military personel do by being mentored by "an old hand" it is not a method that works in tradecraft. Simply because the chances are you will blow the cover long before you have absorbed the ability.
Training agents good at tradecraft and fieldskills is a difficult and protracted process and not one that can be hurried, nor is it something that many people are good at.
If you know where to look (between Vaxhall and Victoria stations in London) you can sit at a cafe table on a warm day and watch people learning the basics of following people etc. And believe me they stand out like "septic fingers" when you know what to look for. It is why those who's job is 'veep handaling' usually have two sets of people, one set watches the VIP the others watch for those watching the first set...
For those that want to learn the mechanics side there are a number of books on the subject, some by Russian defectors are actually quite good on both general fieldcraft and tradecraft. However there are few books on the more specialised asspects as they would in essence be about teaching you to be a successful criminal...
Clive, you wouldn't be kind enough to list some of those books on general field/trade craft? Thx!
@Clive ... Except in this case they were re-using the code word and meet point for assets. That is just plain poor thinking.
Pizza, you say?
The cheese stands alone!
Wikipedia has a nice short article on the Moscow Rules: http://en.wikipedia.org/wiki/The_Moscow_Rules
The worst consequence for a case officer who messes up is a career change.
The worst consequence for one of his agents is being tortured to death.
"The coyote runs for his dinner; the rabbit runs for his life."
And meanwhile, in that reliable trade publication The Onion, the truth is revealed:
"Smart, Qualified People Behind the Scenes Keeping America Safe: 'We Don't Exist'"
They need to stop learning their science from Hollywood. Cars dont explode instantly when they fly over a cliff (but long before they hit something). Airplane engines dont start sputtering because you shot a hole in the rudder. And the whole point of a "codeword" is to not have ANY relationship to the subject, otherwise you'd just call it "Top Secret Spy Satellite" in the first place #"Keyhole" isnt a very good codeword either, but I make an exception for that cause you can just look up and see the thing, telescopically speaking - not much point trying to keep its existence secret#.
An apt enough summary but I have one issue. In the threatscape of Iran you lose more than your job if you are an agent of for the opposition.
Moscow Rules was meant as protocol for not being detected.
An 'officer' is an employee of the intelligence services. The best analogy is to a police detective.
An 'agent' is a person co-opted by various means (ideology, money, promises, threats) into working for an officer. The best analogy is to a criminal informant.
With rare exceptions, an officer is not at risk of torture or death. If under diplomatic cover, the worst that can happen is that they are kicked out of the country ("PNG'd"). Even if captured, an officer can usually count on being traded back. Even in a high threat environment such as Lebanon, an intelligence officer has a safety plan and considerable resources, including the possibility of diplomatic or even military pressure being applied to protect them.
An agent is a traitor to somebody. In legalistic countries, prison time awaits. In less formal settings, torture and death is much more likely. Several agents convicted of working against the United States have been imprisoned in Marion, Illinois: http://en.wikipedia.org/wiki/...
As for Iran, I seriously doubt that any CIA case officers have operated in country since the Desert One fiasco. (Several abandoned after the failure of the operation had to escape and evade out on their own with no support.) Iran plays the game; a captured CIA officer would probably get traded.
Lebanon is a much more dangerous environment. RIP LTC William F. Buckley, CIA station chief for Beirut, who died on June 3, 1985 after 15 months of captivity and torture by Hezbollah:(http://en.wikipedia.org/wiki/William_Francis_Buckley). Another reason why the CIA should keep on their toes in Hezbollah-controlled territory.
The story has a ring of truth about it. I'm sure they will be more careful about their operational procedures next time.
I suspect a lot of the problems are with the local agents who are inexperienced and don't have the time and luxury of learning proper security procedures and less secure methods have to be used to prevent confusion and errors.
However there is no excuse for holding meetings for more than one officer/agent pair in the same location. That is simply lazy.
I suspect some of the CIA officers have some serious explaining to do back home
I'm not surprised. What goes for terrorists goes just as well for CIA operatives: even with huge budgets, there are only so much skilled and seasoned operatives you can have at the same time and the same place when having to disperse your resources over so many locations.
Maybe they watched Spaceballs too much:
"PIZZA THE HUT!"
I never said directly that there were NOC's in Tehran but the principle still applies here. Any handler should know better than this and use tradecraft that includes the premise of Moscow Rules in country (i.e. Iran)
If there are any case officers there, they would have to be from a country seen as friendly to Iran frankly and quite risky.
Nope, its still a failure of the case officers running the operations even by proxy in keeping a tight ship.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.