Russians Hack FBI Comms System

Yahoo News reported that the Russians have successfully targeted an FBI communications system:

American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams. Officials also feared that the Russians may have devised other ways to monitor U.S. intelligence communications, including hacking into computers not connected to the internet. Senior FBI and CIA officials briefed congressional leaders on these issues as part of a wide-ranging examination on Capitol Hill of U.S. counterintelligence vulnerabilities.

These compromises, the full gravity of which became clear to U.S. officials in 2012, gave Russian spies in American cities including Washington, New York and San Francisco key insights into the location of undercover FBI surveillance teams, and likely the actual substance of FBI communications, according to former officials. They provided the Russians opportunities to potentially shake off FBI surveillance and communicate with sensitive human sources, check on remote recording devices and even gather intelligence on their FBI pursuers, the former officials said.

It's unclear whether the Russians were able to recover encrypted data or just perform traffic analysis. The Yahoo story implies the former; the NBC News story says otherwise. It's hard to tell if the reporters truly understand the difference. We do know, from research Matt Blaze and others did almost ten years ago, that at least one FBI radio system was horribly insecure in practice -- but not in a way that breaks the encryption. Its poor design just encourages users to turn off the encryption.

Posted on September 24, 2019 at 6:33 AM • 20 Comments

Comments

Charlie PrimeroSeptember 24, 2019 8:28 AM

Articles which attribute the source "Anonymous Government Official" must always be considered fake news Propaganda.

RalfSeptember 24, 2019 10:30 AM

I'd like to see your comment not only on the incident, but also on the report of the incident:

* what are sources of information?
* are they reliable?
* what is your opinion on them?

IMO news is not only about stating things, but putting them in a context, so that the reader can interpret. In case of the "Bad-Russia"-hype such a news needs a context description even more.

best
ralf

AndySeptember 24, 2019 12:18 PM

Note that Congress was notified. It's not hype.

But this break should be mentioned every time FBI talks about "going dark" or figuring out ways to weaken encryption. They can't even secure their own communications.

peterSeptember 24, 2019 12:55 PM

Using tactical radios for surveilance of objects and their position changes is a tactical mistake if its not hidden behind a VOIP gateway, under no circumstance would you want to leak RF in anyway that your adversary can detect

I dont think its necessary to hear the radio traffic describing object so and so turning left and right etc just metadata is more than enough, however it can be done using bugging

Not only KGB or intelligence agencies are doing this, everyone that has a possibility of having a tail does this today and i think have done at least since the radio was invented, why is this a news, or is it just a yahoo news

peterSeptember 24, 2019 1:45 PM

I forgot at least two things, being alittle bit sloppy here, sorry abt that

- They can use trackers when they have identified the surveilance car or persons involved
most likely passive, something as easy as a penmark on the roof of the car that can be detected from a drone above could be used, not even any electronics involved

- They most likely can use anpr and they most likely can use face recognition and voice fingerprinting, they could listen in to the cars frontwindow with a laser
or any window for that matter, or they can just bug the vehicles when identified

- Dont forget that a cellularphone also has an identity that can be tracked
we all know that ofcourse but i forgot to mention that

So back to basics no radio no communication devices or any fancy gadgets put your
adidas shoes on and do the humint the oldway, goodluck

Dont forget to eat those antihangover pills when they start drinking vodka with you
sounds like a lot of fun to me
/Cheers

WeatherSeptember 24, 2019 3:16 PM

Humit ,you can tell Aos(Swat) to Sis(NSA) its lack of training, that's targeted at the environment. Six sense Aos look one way in there face, Sis lose on the group, but hiding good individualy.

Chris P. BaconSeptember 24, 2019 5:10 PM

@ peter
"Also pay attention to any other devices in the car that can be detected"

Like occupants wearing sunglasses and baseball caps

Petre Peter September 24, 2019 7:42 PM

If the FBI's elite can get hacked then my guess is that consumer grade goods don't stand a chance.

Clive RobinsonSeptember 24, 2019 10:36 PM

@ Petre Peter,

If the FBI's elite can get hacked then my guess is that consumer grade goods don't stand a chance.

Whilst I'm far from sure the things claimed by Yahoo actually happened. Consumer RF electronics at best barely passes EMC testng. Worse cost reduction means that segregation would be at best very minimal, and any CPU/RAM barely specified for the task. None of which are good for security...

Project 25September 25, 2019 6:45 AM

at least one FBI radio system was horribly insecure in practice

Ah, the thing of beauty (and exemplar of the corrupt corporate-government nexus) that was APCO Project 25. Is it still even a thing? Do the superannuated relics staffing the committee still have that group discount at Denver knocking shops?

Barely fit for use by a binman, let alone 'elite FBI surveillance teams'.

AndersSeptember 25, 2019 11:13 AM

@All Networks Compromised

hxxps: // www.cshub.com/security-strategy/articles/nist-releases-enterprise-zero-trust-architecture-draft-document

IsmarSeptember 26, 2019 3:04 AM

As is usually the case, these news reports have no information about the most interesting aspects of the story which in this case is exactly how did Americans find out about the issue in the first place.
The rest of the story is also of a limited value as it does not provide any specific details as to the technical aspects of the breach leaving us to second guess the whole thing.

MaximSeptember 26, 2019 5:04 AM

@Andy "It's not hype"
I can't agree. Firstly, absolutely the same I see everyday in Russian media, but you must change word 'Russia' on 'USA'. Propaganda never sleeps. At second... In my country pretty often arises problems as refusal to provide user data to russian Federal Security Service. Do you know what is going on after? They just baned these resources on a country territory. Telegram, LinkedIn etc. Just baned, they can't influent on it anyway. And then suddenly they did broken FBI? This looks
ridiculously.

PatriotSeptember 26, 2019 11:14 AM

Well...

I don't know where to begin. I see systemic failure on the U.S. side, and it looks as if there is nothing to be done.

If people do not take there jobs seriously, there is not much that can help. Apathy, poor leadership, etc.--awaiting the downward plunge.

And the culture of the organization is critical.

It's a sad story. The only good thing here is Yahoo News. They do a good job. They are the ones who wrote the article about how the entire cadre of CIA sources had been exposed globally... for years. It became a non-event in the U.S. news even though it did irreparable damage to U.S. national security--it was so shameful and stunningly dumb that no one wanted to talk about it. How could that be? Even though a lot of warm bodies hit the floor and the whole operation got exposed as utter clown shoes, Leon Panetta, et al., were not going to be disgraced.

The disgrace continues ladies and gentlemen. So, will this news about the Russians be in the Washington Post today? Has it been? Don't bet on it. They are too busy trying to bring down the President of the Untied States.

Remarks complete.

TheRealChrisSeptember 27, 2019 5:04 PM

I fill in ont the previous talker about what the chinese and iranian found, what ever it was i dont know, very sad!

What I want to say however is that KGB is not an issue, or ofcourse it still is an issue but a much bigger issue and with much more money behind is the chinese and russian maffia.

They dont really care about the secrets of any governements you can pretect them all day long
they only care how to move stuff between borders, and thats where alot of this is intermingled.
They DO care how to identify FBI or Interpol or Europol or any other agency that makes their life misserable, i know a thing or two about this particular problem and i havent seen any improvements.
I maybe have to do the most unlikely thing to make sure these issues starts to get attention.
//C.L//

TheRealChrisSeptember 27, 2019 5:38 PM

Some mitigation ideas for TETRA

No DMO at all for important users

Make sure that no TMO channels are only used for a particular user
so that no metadata can be collected between TMO traffic

Make sure that tactical traffic NEVER goes out from a person or a radio that
uses tactical traffic, its still possible to use IMEI/IMSI tracking etc but its more complicated

Dont EVER use any bluetooth devices such as hidden devices that is connected to the radio via the ear

Dont use any any IOT devices in the car, including pressure tires from various makers such as Nokia Tires

Basically make a real overall thinking about your RF signatures
Drones big problem
HKP big problem
ADS-B for these are soon written in law and cant even be hidden, the tactical possibility to use a HKP is out of the window
etc etc

On the posiive side i have seen that registrations of vehichles are hidden
thats good, but still there is much more to do, remember anpr can anyone use
and its used!

Yes well, so then we come into humint, and faces, also in use
so how can you hide in a pub when you will be recognized?
Cameras perhaps or something i dont know...
Big problems ahead
Have a nice thought and a good evening
//C.L//

Christian CampbellSeptember 29, 2019 5:14 AM

It's almost like the only hope anyone has for secure communication is straightforwardly baked in encryption by default from end to end…

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.