How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly difficult to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all of this automatic. Meanwhile, Western countries have new laws and norms that put them at a disadvantage over other countries. And finally, much of this has gone corporate.

Posted on May 21, 2019 at 6:19 AM • 22 Comments


TomMay 21, 2019 7:16 AM

It would have been interesting if the author had explored some the history of how our intelligence services got to where they are. The article makes it sound like it's just the agencies playing catchup with technology and ignores the changes in the types of threat they work against. Today they face well-equipped nation-state adversaries really for the first time since the end of the cold war. In the meantime, they have seen a fairly radical realignment of their role, from the "symmetric espionage" of the cold war to working against either poorly-equipped nations (conflicts in Africa, the Balkans etc) or, more likely, non-nation-state organisations such as ISIS, Al-Qaeda and so on. In these asymmetric scenarios, often more police actions than international confrontations, agencies often don't need to worry whether their agents have plausible digital records or a valid birth certificate; it's more important that they have a plausible conversion to whatever cause they are infiltrating. At the same time, they're much more likely to be running what would have traditionally been considered a counterintelligence operation on their own territory, to disrupt terrorist plots and the like. These types of operations are much more likely to be interested in domestic records of phone calls, locations, emails and so on and so are much more likely to get caught up in domestic legal problems. Most nations don't have laws against spying in other countries (though the EU complicates this somewhat).

It's not surprising that agencies which have spent 25 years re-orienting themselves to this kind of threat and this kind of operation aren't quite prepared to face adversaries with similar resources to their own.

HumdeeMay 21, 2019 8:10 AM

What i think is interesting is how the normalization of good cover stories trickle down to the masses in terms of fake job references, resumes, dating profiles, and the like. One might argue...trickle up...and that spycraft is playing catch up.

Fake seems to be everywhere these days.

Petre Peter May 21, 2019 8:29 AM

Spying, which is a well practiced peace time activity, involves both technology and policy. Technology makes spying and tracking easier while policy makes it legal.The legalisation of spying has been done by technology corporations who grease the palms of politicians to underfund privacy advocates while providing corporations with tax breaks. When the spying is done by corporations who are difficult to punish the power balance is broken by fascism.

TimHMay 21, 2019 8:36 AM

The enemy has solidified to be citizens resisting the status quo. It's not just Cointelpro compiling dossiers on the dissenters, but correlation and interpolation software (mis-named AI) identifying the future MLK and AOC troublemakers. The dissimulation of anti status quo information is slowly being leglislated against also.

If this sounds unlikely, remember that quite a few states made it effectively illegal to investigate illegalities in animal farms.

The PullMay 21, 2019 10:33 AM

There's a lot of in's and out's, in regards to phones and false identities, and social media, and false identities.

And, there's a ton of non-spy people online who rely on false identities, sometimes for bad reasons. Some of these folks are really good at their false identities.

1. if you have a presence on social media, which is fake, you have to be able to backtrack that identity in time with believable bevy of posts and responses.
2. you have to be able to continue to keep up that believable bevy of posts and responses.

On the surface, this sounds simple, but this means you have to have a small army of false identities to justify one false identity. I am not sure if any intelligence agency has decided to go this far, yet.

A lot of people who do undercover work, do not just have one false identity, either, but they may have multiple false identities.

Theoretically, this means that each nation has a small army of people working hard on their own nation's social media to not just create backdated material, but also to sustain current false identities.

Russia, China, and the US are all very likely to be doing this with their own, respective, national, major social media outlets.

Theoretically, it should be possible for intelligence agencies to analyze social media data to detect false profiles. Because that small army of people required to keep up false identities should have hallmarks of being fake. And, foreign nations to a social media platform, should be weak in creating their own false identity.

On phones, just a thought: one way to detect if your phone is compromised should be, oddly, battery usage patterns. It would be irresistable for an adversary to want to have more spying functionality on your phone, rather then less. Which inevitably means that there should be a detectable pattern of battery usage.

As a for instance:
If there is usage of the phone when it is shutdown, that should mean, you can note your battery usage before shutting down, shut down, and later on power up, and compare battery power. If your phone is using battery power while shutdown, then you have a problem.

Otherwise, you would need an app to analyze battery usage to detect whether it has a mysterious power leak. And such an application would need a baseline. For instance, it could power profile every observable application, then watch power usage. In this way, an application not able to be seen by the security app might make its' appearance as a battery draining vampire. :-)

The PullMay 21, 2019 10:41 AM


I think only serious sociopaths are creating such a path of false identities. But, they do exist. There is a whole television show on the subject (catfishing).

Conversely, everyday folks use social media to substantiate their real identity.

I know I have had times where people do not believe I work as a 'good guy' 'hacker', and shown them my linkedin. More commonly, I get jobs from my linkedin, but also share my own self by sharing my profile to someone I met on some forum.

What ordinary people such as ourselves do do is have pseudonyms on forums. A normal pace of a friend relationship with someone is to eventually share and connect up on social media.

So, there is a good with this social media trend. In the past, a person would only learn more about you as you shared more with them. But, these days, you end up sharing a whole lot about some by joining their social media. Which, IMO, is a good thing. I feel closer to someone after sharing such a thing.

vas pupMay 21, 2019 2:41 PM

"There is no need to download the data; you can just photograph the computer screen with a mobile phone."
Exactly! Cell phones should banned in some environments handling sensitive information for many reasons, and that is one of them.
@all Spy craft is changing due not only technology, but cultural issues.
E.g. Chinese, Israelis, Russian, etc. female spies are ready for honey trap activity, but American - I doubt due to all recent malignant feminism activity. Lets name things as they are. They could later bring multimillion lawsuit against hiring agency for all those requests which is/was/will be one of the main tool for covert operations. Same applied (I guess) for female spies from Islamic states (e.g. Iran, Saudi Arabia) due to religious restrictions.
Moreover, even Russians should develop male-type honey-trap agents due to recent cultural changes in relationships (in Western countries in particular). OMG! James Bond should never seduce male member of adversary!

So, Human intelligence never dying, but definitely need to be adjusted to those cultural changes.

Now special operations have newly resuscitated dimension - political assignation of leaders by compromising them - see latest case in Austria.

Think about who is benefitting from this operation: China, Russia, Israel, Iran, France, Germany? I doubt.
Make your own conclusions based on political events in Europe.

1&1~=UmmMay 21, 2019 4:53 PM

Dod anyone else notice the assumption that those who behave sensibly when crossing borders must be spys?

For years those with reasonable security knowledge, have said you can not make your devices secure so don't take them with you.

Thus you either,

1) Take 'No' technology.
2) Take 'Clean' technology.

Both of which the article author assumes is indicative of being a spy...

As someone who routinely does not travel with a phone or other piece of technology I guess that makes me deeply suspect 0:)

It's funny but back less than a couple of decades it was quite normall not to travel with technology...

JonMay 21, 2019 11:12 PM

Oddly enough, cell-phone tracking tracks only the phone. I've seen a few news articles wherein an alleged perpetrator has been located at or near a crime scene because a phone registered in their name was nearby at the time.

Which leads to an interesting idea. If you were, say, a motorcycle gang who wished to get away with mayhem, then have each member of the gang buy a phone, in their legal name - and then cheerfully exchange phones. The money paying for the phones doesn't have names on it, and those accused can claim "I wasn't there. The phone, 'my phone', in my name, was sixty miles away."

In a way, it's using the "certainty" of cellphone location against itself. I'm sure it has been done, and better, already...


NopeMay 21, 2019 11:17 PM

Dod anyone else notice the assumption that those who behave sensibly when crossing borders must be spys?

No, that's silly to take away from this.

RamsiMay 22, 2019 1:46 AM

It is a Wild West out there Bruce where anything goes be it London, New York, Moscow or Beijing and it is increasingly less about national than about private interest

1&1~=UmmMay 22, 2019 2:57 AM


"No, that's silly to take away from this."

You know "No hope" would be a better handle for you to use and your persistent nilhistic behaviour.

It's fairly obvious that once again you have made a stupid comment just as a knee jerk reaction.

If you could have be bothered to read the article first you would have found several paragraphs expressing the authors views starting with,

"'The most crucial element of the technological storm engulfing intelligence agencies is the mobile phone...'"


"'One obvious solution would be to not carry a mobile phone or to use a “burner” device—a phone bought with cash and replaced frequently. But doing so creates an even bigger danger...'"


"'Of course, if the student does have a phone, but the number is new, that’s also suspicious...'"

And so on.

The security advice given to business travelers and journalists and others who travel across borders, on this blog and many other places is,

Due to the inability to secure mobile phones, laptop computers and other technology or to fully erase them is don't take you technology with you. If you need technology whilst abroad,

1) Get a new phone.
2) Get a new computer.

Either before you go or after you arive.

4) Do not take memory devices with you.

That is if you need to take data use other methods of data transportation. Usually a variety are given and include the use of encryption and seperate paths for the encrypted data and the keys.

But then an actual participant in this blog, would know that.

GeorgeMay 22, 2019 4:23 AM

@Tom wrote, "It's not surprising that agencies which have spent 25 years re-orienting themselves to this kind of threat and this kind of operation aren't quite prepared to face adversaries with similar resources to their own."

The "military" typically does not act on a passive "adaptive" stance. To be proactive, it means several strategies but the most obvious one is often left overlooked.

In my opinion, there are two ways to beat a competitor technologically, being better and be ahead. Not taking into account of "being lucky."

If you look at "technology" and "information" from a historic perspective. They've always been the tools used by a "ruling class" to exert influence on the rest to overcome the numbers problem (a ruling class is always in a minority).

In the modern perspective, most of our "technology" especially those pertaining to info systems found their origins in military systems. It's been known the "military" has in various ways declassed intellectual assets for the advancement of public interest.

So how do they realistically "stay ahead" of the playing field. We must examine the playing field itself to find the answer. This hypothecially lies in various standards committees that are commonly known to be invloved in iterative evolution of "technology" that we hold dear. IMHO

GeorgeMay 22, 2019 4:29 AM

Thus, by iteratively tilting the playing field forever in their favor, it is possible to continously "being better" and "being ahead" in the modern perspective. IMHO, that leaves only one factor of being lucky and as they say it's fat chance.

Wesley ParishMay 22, 2019 5:29 AM

With all due respect, this strikes me as rubbish:

Many Western societies are fiercely debating the issue of intelligence oversight—and that debate is healthy. But for all their flaws, there is a categorical difference between the way big Western agencies operate—under judicial, legislative, executive, and other constraints—and the means and methods of their counterparts in places such Russia or China. Getting access to mobile phone records in the West takes more than a mouse click. It typically requires a warrant, which must be sought through a bureaucratic process. In Moscow and Beijing, it’s easy. Indeed, China’s national security law expressly requires every individual and corporation, state-run or not, to aid the intelligence services.

Has said author/s of said article ever read any of the numerous satirical SF novels published during the Soviet era? Where bureaucracy reigns and the efforts of the individual to get any satisfaction let alone make any sense out of the bureaucratic process, is inevitably thwarted?

Read the Strugatski Brothers' Snail on a Slope and Beetle in an Anthill for confirmation. Or just read Ilf and Petrov, or that greatest of Russian authors of the Twentieth Century, Andrei Platonov. Chevengur's a good place to start.

Wesley ParishMay 22, 2019 5:58 AM

And this:

Information in most countries is also ludicrously overclassified, at too high a level and for too long a period of time. Overclassification and excessive secrecy do not protect countries from their adversaries. Such methods only protect bureaucrats from scrutiny. Intelligence agencies use the supposed need to protect sensitive sources and methods to justify their concealment of blunders or activities that deserve public scrutiny. This excessive secrecy makes spy services timid, introverted, risk-averse, and calcified by procedure. Taxpayers end up paying ever greater bills for ever less impressive results. Meanwhile, the enemies of Western democracies, untroubled by such procedures, steal secrets and meddle in U.S. and European politics with abandon.

New Zealand Prime Minister David Lange once made the comment that he was not impressed with the Intelligence service because in far too many cases they merely regurgitated stuff he'd already seen on the evening news or in a newspaper. Michael Moorcock makes a similar comment in either The Russian Intelligence or The Chinese Agent, I forget which. And that in the case of David Lange was back in the eighties - he's long since joined the choir invisible; he's an ex-Prime Minister.

And likewise overclassification was criticized and condemned by Dr Paul Myron Linebarger in his book Psychological Warfare in the early fifties. It's the closed societies' besetting sin. It's the reason they fail.

I can't see the change in technology has changed much in that respect; it undoubtedly has changed the equation somewhat in that it makes failure easier for the unwary, and I doubt anyone in this forum considers anyone in their respective governments wary, let alone competent. (Let me illustrate what I mean - in the uproar following the Christchurch Terror attacks, someone let slip that the relevant intelligence agency had been watching, but not for far-right extremists, even though most Christchurch people are sick to death of their more obvious face, the White Pride lot.)

Maria FindoMay 22, 2019 1:55 PM

Academic writing is clear, concise, focussed, structured and backed up by evidence. Its purpose is to aid the reader’s understanding. click is all about academic writing.

ThunderbirdMay 22, 2019 3:59 PM

"Maria Findo's" comment is spam, FYI. (And this one in another way, so you can delete both...)

PatriotMay 23, 2019 9:37 PM

Take a peek at SnoopSnitch, an Android application that turns your phone into a cellular network monitoring device that specifically looks for, and registers, fake towers. It is available on F-Droid. It gives you a baseline of the strength of your connection to your current tower, and you can monitor that for changes. There is a lot more to this application, but I thought it best to get it off my phone.

If your phone gets handed off to a fake tower that imitates your current tower--which is not, in fact, a question of signal strength--it still gives you a bit of a hint.

This application certainly has real-world use in counter-surveillance.

Specifically on the topic at hand, yes, spycraft is probably changing rapidly. Western democracies do have huge disadvantages. It is clear.

But the state actors are not going away. State games are still going to be played, and they are at the center because of the potential for war.

If we look at the technological advances of the seventeenth century, specifically how the previous breakthroughs in printing spread and became practicable on large scale, the printing revolution had a profound effect on society, and it led straight to the English Civil War an a fracturing of opinion into evermore deep factions. This is what is happening now.

Or is it?

The little guy seems to be more powerful these days, even to the point of being able to form his own intelligence agency (Assange). But on the other side, the biggest actors have everything going for them: centralization, controlling thought, en masse eavesdropping, and the ability to de-platform people, silence them.

We really are living in technical revolution whose profound effects have not yet become entirely clear. Spycraft has changed, but so has just about everything else.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Security.