back to article Two infosec blunders that betrayed the Russian spy ring

Everyone is having fun this week speculating on all aspects of the alleged Russian spy ring busted in the US on Monday. How were they initially detected? Are they just a decoy to hide the real spies? Why did the US go public now? Has anyone got any more pictures of Anna Chapman for the front pages? From what little we do know …

COMMENTS

This topic is closed for new posts.
  1. Sir Runcible Spoon Silver badge

    Sir

    What annoyed me the most, beyond the technical brain-deadedness of the alleged operatives, was the holier than thou attitude that this was all announced with in the press.

    Not only are they presented as spies (as opposed to alleged spies) there is an undercurrent that seems to suggest that Russia are the only country still employing spies.

    What to the CIA/NSA and MI6 do again?

    1. JohnG

      Not even spies

      None of them have been charged with espionage. The related charge is that of "acting as agent of a foreign power (without registering)" with a maximum sentence of 5 years. If they had registered as agents of the Russian government, they could have lobbied and researched legally and in the open.

      The most serious charges any of them face are those of money laundering - i.e. bringing in bundles of cash and not declaring it or paying tax on it - maximum sentence of 20 years.

    2. Anonymous Coward
      Anonymous Coward

      What to the CIA/NSA and MI6 do again?

      If GCHQ is worth the money then what you posted should have set off a dozen alarm bells.

      So I'd imagine MI6 is checking you out as I type.

      1. Sir Runcible Spoon Silver badge

        Sir

        "So I'd imagine MI6 is checking you out as I type"

        I wouldn't be surprised. It should be fairly easy as they already have a head start with all the security clearance I have to go through. Not sure why they'd bother though, they aren't local plod and generally do have a clue.

    3. Anonymous Coward
      Anonymous Coward

      What do CIA/NSA do

      NSA does mostly signals intelligence and desk work. CIA does agents, but they tend to hang out in hotels frequented by westerners, or live openly on US air bases where they do the kinds of interrogations that are illegal when done by members of the armed forces or reported by the press.

      It is traditional for US spies to "turn" russians to spy on their own government. This probably worked pretty well when the truly oppressive comunist government was in power. I'm guessing it costs a lot more money these days. I think it's a difference in style that causes the KGB/SVD to train and use sleeper agents.

    4. Martin Nicholls Silver badge
      Black Helicopters

      Silly point

      Those people tend to be diplomat types, working at embassies and whatnot, register themselves as working or a foreign governement. If russia or whoever wants to keep track of them when they're around moscow or whatever they can.

      The media attention is how useless these guys were, they appear to have been under watch pretty much from the word go.

      As for your comment about the CIA/MI6 et al - they tend to not be stupid enough to get caught when they're doing truly covert work and/or they tend to turn 'natives' as opposed to sending in their own guys. Established local intel tends to be better and less risky.

  2. Aitor 1

    They are idiots

    But hey, we all have errors..

    As for the US unmarking these agents.. it is also comic.. the US has agents in Russion for sure, and they must know who they are.

    The same can be said for UK agents in USA.. as secret agencies tendo to have spies..

  3. Simon 39
    Terminator

    In Soviet Russia....

    target spies on you!

  4. Anonymous Coward
    Coat

    Public sector cutbacks

    are probably to blame :)

  5. Anonymous Coward
    Black Helicopters

    Pretty sure...

    ... this is 'smoke and mirrors' on Russia's part, give up some ineffectual sleeper agents (or in this case it appears 'lazy' agents) so that your real hardcore sleepers can carry on, or move something big around with less attention.

    She's hot, so why not stick to the traditional 'prostitiute' role, she could meet her handler at various locations and they could play a soundtrack of loud ASBO type sex to defeat any parabolics, a quick sweep of the room before hand, if you have more than one listening device embedded in the room then place speakers near each one and adjust sound levels accordingly. Changing location on a regular basis 'natch would mean less hassle with room embedded devices.

    1. Anonymous Coward
      FAIL

      Hidden Cameras ??

      Ever thought of it ?

      The NSA's Special Collection Service even secretly broke into foreign embassies in DC, so they certainly would lend the FBI a helping hand on this kind of thing.

      1. Anonymous Coward
        Anonymous Coward

        But think of the headlines

        ``Prostitute and client busted for not having sex''

      2. Rob
        FAIL

        RE: Hidden cameras

        Yup, thought of those, generally annoying if you want to pick up speech cause it's easy to defeat lip readers. Also the changing of locations helps get round the fact that the agency doing the surveillance would need the inside track on where the next meet location would be to give themselves time to hide the cameras in the first place.

    2. Nick Ryan Silver badge

      Even better...

      Why simulate the sex? After all dear, just lie back and think of your country...

  6. Anonymous Coward
    Anonymous Coward

    Coffee Shop Alternatives

    They could have avoided all this coffee shop nonsense and just used encrypted file transfers to a servers in a third country maybe run off broadband connections of various agents, each taking turns to use some dynamic name. Could use VPN or sftp or ICQ or....

    Given the delectable Anna was not attempting to hide her Russian background, they could even have even used servers in Russia - a secure private messaging system on some forum or social networking site, encouraged to help the motherland.

  7. mittfh
    Pint

    Xanatos Gambit?

    Well done FBI, you've found the "Agents" you were meant to find. Unfortunately, while you've been spending precious time and resources investigating these, the real agents have been having a merry old time, safe in the knowledge you were looking in the wrong direction.

    Of course, the Russians could have just employed the easily-detectable, but it would be a masterful if they have been playing a Xanatos Gambit.

  8. Disco-Legend-Zeke

    I'll Tell All...

    ...but only to the redhead.

    1. Anonymous Coward
      Paris Hilton

      or perhaps they were an Omega company

      In other words they were a spy group formed out of the "screwups", since they didn't know what else to do with them, and certainly they did not want them working on important things. So you collect all the screwups together in one safe place and give them something non-dangerous to do...

      Paris, for that's the spy that loved me ;)

      1. Ken 16 Silver badge
        Coat

        alternatively

        maybe these are the best they've got?

        I like to think it was a little present from the SVR to the FBI to remind everyone how nice it was in the old days when all you had to worry about were atheists with nuclear missiles.

        Mine's the one with the microdot in the lining.

  9. JohnG

    Not the first signs of dodgy KGB agents...

    The arrest of a drunk driver in the company of an unidentified blonde back in 1971 hastened Oleg Lyalin's defection:

    http://news.bbc.co.uk/onthisday/hi/witness/september/30/newsid_2523000/2523457.stm

    I liked the bit "You cannot talk to me, you cannot beat me, I am a KGB officer." Classic.

    Not quite as good as the Profumo affair but more entertaining than leaving notebooks in wine bars or that WLAN rock.

    1. A.A.Hamilton
      Alien

      @Not the first signs of dodgy KGB agents...

      Anybody else read the referenced BBC article? The most exciting part is '.. a Hillman Saloon in front of us...'

      I don't recall ever having seen that phrase in any article I have ever read in any medium during the past 40 years. There must be some hidden meaning there....

  10. Dave 32
    FAIL

    Freedom of Speech?

    So much for Freedom of Speech!

    Dave

  11. Version 1.0 Silver badge
    Coat

    Burned by the FBI?

    Since it's clear that these people have been "known" for sometime you have to wonder why bust them now? After all, a spy that you know about is worth something - and can be useful is the US spooks because then then have a direct line to Moscow when they wish to misdirect.

    I think it's likely that the fact that the FBI knew about the ring has been leaked by to Moscow by a spy inside the FBI - thus the value of a pet spy ring is compromised and the FBI (never the brightest bunch) have bust the ring rather than admit that they've got internal problems. As a result all that they're willing to admit that they got against these people is a little money laundering and being unregistered foreign agents. The later charge will be (on current evidence - and given that the Israelis have already beaten this type of charge in DC last year) very hard to make stick - so basically all you really have as criminal activity is the money - at least until something else emerges.

    As for better ways of doing things - there are two issues here, how Control communicates with the agent and how the agent gets the Intel back to Control. The easiest way (these days) is for control to run a variation of "The Lincolnshire Poacher" - perhaps using a blog or dating website.

    I think I'll get my coat and keep my mouth shut about the return path.

    1. Christoph Silver badge
      Black Helicopters

      Why bust them now?

      Here's one theory:

      http://www.craigmurray.org.uk/archives/2010/06/those_russian_s.html

    2. TimeMaster T
      Linux

      Title!

      From what I've picked up the reason the FBI moved now was because Ms. Chapman had been tipped off that her cover had been compromised and was leaving the country, they had to move or lose the chance to get her.

      Why Tux? Why not?

    3. JohnG

      They were going to run

      "Since it's clear that these people have been "known" for sometime you have to wonder why bust them now?"

      The complaint filing more or less indicates what happened: An undercover FBI agent managed to convince Anna Chapman that he was sent to help her and she gave him her laptop to be fixed. He later gave her a fake passport to give to someone else. After this, she must have realised something was wrong, bought a PAYG mobile phone and an international calling card (presumably to contact her bosses in Moscow) and she did not attend another prearranged meeting. The FBI must then have realised they had been rumbled and decided to arrest everyone before they escaped.

      1. Pablo

        RE: They were going to run

        I suppose that make sense, but they must have realized this would happen. The fake handler scheme couldn't last long against any but the dimmest adversary. As soon as she got back in touch with her real handlers the jig would be up.

        So the question then becomes why did they escalate the investigation to the point where they blew their own cover now (or rather a little while ago)? Given that we're supposedly trying to patch up relations with Russia it still seems like very strange timing.

      2. david wilson

        @JohnG

        >>"An undercover FBI agent managed to convince Anna Chapman that he was sent to help her [...]

        After this, she must have realised something was wrong, [...] The FBI must then have realised they had been rumbled and decided to arrest everyone before they escaped."

        Surely the act of trying to get someone to report to a fake handler is highly likely to lead to suspicion and then proof of a compromised surveillance operation sooner rather than later, and as such indicates that the FBI either thought things wouldn't last much longer, or that they were bored after spending years watching people who weren't [apparently] doing much of national importance?

        1. Sir Runcible Spoon Silver badge

          Sir

          I wonder if they arrested her to get the mobile so they could trace who she was reporting to back home? There are different factions in all coutries after all. Just a thought.

    4. Anonymous Coward
      Anonymous Coward

      why bust 'em now?

      That was in the press coverage. They FBI guy was "made" by Anna Chapman (after she gave him the laptop) and she was planning to leave the country. The FBI wanted to round them up before they all slipped away.

  12. Cliff

    Read Le Carré

    Read the stack of John Le Carré novels (he was a former employee of the services), and you'll doubtless get a taste of the bluffs, double-bluffs and giving away false agents. And as a bonus, they're bloody good reads, too :-) You'll thank me once you get into his stuff, it's head and shoulders above most of the genre writers!

    1. Gordon 10 Silver badge
      Alien

      Le Carré? More likely Stross

      This is all a decoy by the Black Chamber and the Thirteenth Directorate, to keep us distracted as CASE NIGHTMARE GREEN is imminent. 8E

      1. Anonymous Coward
        Anonymous Coward

        RE:Le Carré? More likely Stross

        Stross has always made it clear that he was heavily influenced by Le Carré, Len Deighton, Ian Flemming etc.

        I am now most of the way through The Fuller Memorandum now, and loving it as much as the rest of the series.

  13. Brian Miller

    Need new Anna icon

    How about El Reg drop Paris in favor of Anna? She's prettier, and actually does have something to do with IT, if only ineptly.

  14. J 3
    Coat

    Heh

    They should have employed financial criminals (aka Brazilian bankers), then their data would be safe.

  15. Anonymous Coward
    Anonymous Coward

    But really - writing down your stenography password?

    That's either rather clever or extremely stupid, depending on what was inside the box it unlocked.

    I can think of lots of ways for the wrong password to be extremely useful for a spy.

    1. david wilson

      Misinformation?

      >>"That's either rather clever or extremely stupid, depending on what was inside the box it unlocked."

      Indeed, especially if a box can be opened multiple ways.

      It would seem pretty trivial to use some easily-remembered obscure phrase as a password - some section of a book, or a remembered poem starting at a particular letter, so it's hard to see why a password would need to be written down - even if someone had a bad memory, it's not hard to write a cryptic hint that anyone else would have immense difficulty in understanding.

      Though thinking about the story in question, if *I* was going to covertly break into someone's house to copy their hard drive with no guarantee I'd be likely to find the necessary passwords stuck to the monitor surround on a Post-It note, I'd be tempted to install a software or hardware keylogger, to be on the safe side.

      If I *had* done that, and got useful information from it, I'd be very tempted to later on loudly tell everyone that I'd found the passwords stupidly written down. The agents and their bosses would know I wasn't being honest, but the agents might well not protest I was lying about that, since they'd have nothing obviously to gain by protesting, and potentially things to gain by playing the game and co-operating at least passively.

      It'd be no bad thing for either the US or Russian authorities to have the bulk of people they're *domestically* interested in think that keeping passwords unwritten makes a huge difference to security.

  16. Z80
    Headmaster

    You were right the first time

    Programme?

  17. DI_Wyman
    Go

    Ah Comrade...

    ...today we will be using the password putinswilly, now have you written it down?

    Good!

    See you in Starbucks tomorrow, I will be the one in disguise!

    Dos vedanya Tovarisch

  18. Nexox Enigma

    Meh...

    In addition to spoofing MAC addresses, the ad-hoc network was a mistake, because it established a connection between those two addresses. If they had both joined the same public hotspot and then hid their messages in the noise that most personal computers spray all over their local networks (often to broadcast address - no traceable recipient there) they could have at least obscured the two parties.

    And if they didn't show up like it was a meeting - if they just both happened to frequent two nearby establishments, and occasionally they were both there at the same time, then surveillance of one party wouldn't lead directly to the other party.

    As for wifi, it's pretty well made for untraceable communications, since it's everywhere, it's generally broadcasting frames even when it isn't connected to anything, works through at least a couple walls, etc. Go to coffee shop / book store, turn on laptop, don't connect to wifi, spout off a few probe requests a second, turn off the caps-lock light to indicate that someone else out there is spewing beacons back at you, then wait for your transfer to complete, all while reading through some really really interesting PDFs you downloaded from somewhere beforehand. Wifi beacons and probes leave pretty much no record anywhere, except Kismet, where they're often ignored because they're so filled with garbage. And you can spoof different MAC addresses on each frame, so you can make it look like they're coming from a handful of different machines.

    Of course all that would take a bit of coding and planning... So some combination of VPN and TOR, and just swap encrypted files around on a secure server in a safe place, just make sure it doesn't make you look like a kiddie porn ring instead of a spy ring.

  19. John Smith 19 Gold badge
    FAIL

    Don't seem exactly the A team, do they?

    Hard to mistake Ms Chapman for anything but an Eastern European. Difficult to know if any of the rest are any better at *not* looking like a bunch of Eastern Europeans either (Would Mr & Mrs "Murphy" have pulled it off?) but leaving the password for a key specialist bit of software on a bit of paper.

    A far cry from previous generations with perfect local ascents, convincing back histories and *very* well hidden hardware.

    As always Conspiracy or Cockup?

    I'm sure *someone* make a packet on the film.

  20. This post has been deleted by a moderator

    1. JohnG
      WTF?

      WTF

      "...UK Warfare Ministry...."?

    2. Anonymous Coward
      WTF?

      I don't get it?

      Good Sir, you seem to have left out detail where you tell me how much I have to give you in order to secure my share of this guaranteed 22bn payout?

      With the Blessings of Jesus,

      Lawyer Steven Malinga (acting on behalf of the estate of the late Sani Abacha God rest his Soul).

  21. fred #257
    FAIL

    FBI?

    It's probably down to some internal struggle inside the FBI. "We need a distraction / 'success' right now, what have we got that we can use? What, just a few part-time amateurs? Ah well, one of them looks foxy, if we gussy it up enough it'll get a headline".

    "Acting as an agent of a foreign power without registering" - that's pretty weak, isn't it? If they'd been the Russian cultural attache's deputy assistant researchers they'd have been untouchable.

  22. Mark 65

    Makes you wonder

    Were this lot just a set of bunnies sent to take the FBI off the sent of the real deal agents still working away undercover? Surely no modern spy agency places "real" agents this stupid into a foreign super-power's back yard?

  23. Anonymous Coward
    Thumb Up

    This is just like '24'!

    I knew that series was a documentary all along!

    "Chloe, I've got a line of sight on the target but you've got to re-encode the uplink parameters until you find that decription key!"

  24. Bounty
    Paris Hilton

    Wireless

    I'm guessing the point of the wireless was to hide the handler so he coulndn't be outed? If that's the case he should have been at a different coffe shop anywhere else in the world.

    An Ad-hoc setup forces the FBI to be in the area to intercept the data, but if your encryption is setup correctly that isn't a problem. They should have encrypted the message, then steno'd that into some home made porn, anonymously posted to the net. :>

    1. david wilson

      @Bounty

      >>"An Ad-hoc setup forces the FBI to be in the area to intercept the data, but if your encryption is setup correctly that isn't a problem. They should have encrypted the message, then steno'd that into some home made porn, anonymously posted to the net. :>"

      Indeed - that could be a pretty good cover for communications - hot insatiable couple uploading their dogging or BDSM pictures, and downloading other people's.

      Or even someone with a large ego uploading countless pictures of themselves to Flickr or Facebook.

      Though I guess the first option could lead to some amusing embarrassment for buttoned-up security officials and prosecutors if things ever did get found out.

      1. Magnus_Pym

        But why?

        Use wireless at all?

        If they can use by stego'd pictures then then they can communicate easily, instantly and undetectably on forums anywhere in the world. Just fain an interest in any subject and post away. A 'my little pony' collectors forum message board becomes a... well a message board.

        It doesn't make sense. All this 'wireless' and 'written down passwords' crap must be planted to try to cover up the truth. After all what evidence have they got that could not easily be fabricated after the event?

        And another thing. What secrets where they trying to uncover? I can't see any hint of contact with high ranking US officials or working in secret locations? What exactly where they planning to do?

  25. Anonymous Coward
    Anonymous Coward

    Hiding in plain sight

    "There are plenty of other options of course for more secure coffee shop wireless data exchanges; post your idea in comments."

    Using speech code on internet forums. That would explain amanfrommars, no?

    1. Yesnomaybe
      Flame

      Hiding in plain sight

      That WOULD explain AMFM. Let's burn him! For the community!

    2. Magnus_Pym

      Hmm...

      An anagram of amanfrommars is 'ran ammo farms' . I think that makes it it all too clear.

  26. Anonymous Coward
    Anonymous Coward

    More secure coffee shop wireless data exchanges

    After all the hilarious boys own espionage theories above let's back to some semblance of seriousness.

    Alternative wireless data exchange - Semaphore

    Advantage - Everyone will just think you are the local loony and even go out of their way to ignore you.

    Secondary advantage - Ideally suited to a playmobil reconstruction with the toy that's had the bulgarian airbag treatment.

  27. Psyx
    Megaphone

    You WHAT?

    "There are plenty of other options of course for more secure coffee shop wireless data exchanges"

    You might as well use a loudspeaker, in many ways. If data is transmitted, then it can be intercepted. What's wrong with just dead-letter-dropping a secured USB stick?

  28. Anonymous Coward
    Anonymous Coward

    Mmmovie

    I will wait for the movie to be released with a younger Nicole Kindman as Anna Chapman. Looking at the picture of Mr Chapman I think Jim Carrey as he was in Dumb and Dumber would be perfect.

  29. David McMahon
    Flame

    Regarding....

    The idea that saying MI6 sets off alarm bells, then maybe this story is a attempt to hide real operations? After all This is a big story especially on the Internet.

    You can imagine all this flak the low level operators are sifting though!

    Just make sure no bad jokes surface on Twitter!

    p.s where can I get Anna Chapman Pics? Anyway I'm off to apply for a prison guards job!

  30. Anonymous Coward
    Go

    More like...

    James Blunt than Anthony Blunt. Hum. They don't make 'em like they used to, if at all.

  31. tom 24

    but that's the problem with passwords

    And that's the conundrum with passwords: a good password is one that you couldn't possibly remember without writing it down--but you don't want to write it down. This is what I tell my non-computer-geek friends when educating them about passwords, because this is the central trade-off in selecting one.

    It sounds like their passwords were too good. :)

  32. TkH11

    Real spies?

    Makes me wonder if these 'spies' have been given up to keep the real spies hidden.

    To be a spy you have to be trained in the techniques.

    Surely the Russian secret services could and would train their spies better than this?

    The basics of computer security, the writing down of passwords has been violated. Just about every employee in the work place who uses computers on a frequent basis knows not to write down passwords, yet here we are, with properly trained spies handling information they're *trying* to keep secret, that's the very nature of the business they're in, and they're violating even the most basic of principles?

    So I question how well they've been trained and *why* they weren't trained better to do their roles?

    I don't believe a genunine spy who has been properly trained by an intelligence organisation would make such mistakes. And their knowledge, their training would certainly include things like PGP and stenography, and if it does, then they're certainly know about password security.

  33. Joe K
    Coat

    Excellent stuff.

    Can't wait for the film!

    I hope its called "Spies Like Us 2: Electric Bugaloo".

  34. Gil Grissum
    Big Brother

    Decoy

    These "agents" are nothing more than decoys. The real agents are out there, are invisible, and while the FBI is distracted with the foxy Ms. Chapman, they are undetectable. There are far too many ways these "agents could've made it near impossible to connect them to each other, much less anything or anyone else. And leaving a password written down on paper? Amateurish, at best. They weren't real agents. Unlikely to do any time.

  35. John Smith 19 Gold badge
    Joke

    so you're saying...

    AMFM is a human (?) numbers station?

  36. Charles King
    Paris Hilton

    Someone's career just went down the toilet

    "From what I've picked up the reason the FBI moved now was because Ms. Chapman had been tipped off that her cover had been compromised and was leaving the country, they had to move or lose the chance to get her."

    So in order to arrest a 'spy' who hadn't done any actual spying, they blow the entire op?

    Classy.

    Their fake handler gambit was a klutzy move that makes me thing the FBI were just getting desperate. Cleaning up the cell with nothing better than money-laundering charges merely confirms that. Someone staked his career on this red-herring from Moscow and went all-in in a frantic attempt to save it. I bet the Kremlin has been resounding with laughter over the past week.

    Paris, because sometimes being a sleeper agent just comes naturally.

  37. Steve 114
    Big Brother

    Nice Mr M?

    Perhaps nice Mr Medvedev mentioned over burgers that he's picked up 10 USian spies, and made the friendly suggestion that the FBI pull in a few minor sleepers so that a traditional swap can happen without bothering real Embassies.

  38. david wilson

    Decoys?

    Some interesting speculations about decoys here, but ones that do rather raise a couple of questions.

    a) If the people involved were decoys, is the FBI really dumb enough to fall for them as being examples of the best Russia can do, or to assume that because they'd found some agents that must mean there can't possibly be any more?

    b) If the FBI really *is* that dumb, then why would some 'proper' spies using effectively untraceable communications be worried enough about them to bother having decoys in the first place?

  39. Eddy Ito Silver badge
    Paris Hilton

    A redhead

    It may be red now but given the quality of the spy work I'm guessing they all have blonde roots. I'm beginning to think Paris is the perfect spy, lulling everyone with that public persona.

  40. Flossie
    Linux

    Forensic copy?

    What's the difference between a forensic copy and a normal copy, or is this just a fancy word for disk imaging software? Perhaps they used a linux boot disk ad dd.

  41. Anonymous Coward
    Anonymous Coward

    Burner dongles; restaurants

    They could have just used burner USB/PCMCI/ExpressCard wifi devices to change MAC address. No need to mess about with software.

    Of course, if Russia really wanted some secrets, they could have followed the lead of some other countries and started restaurants across the street from defense contractors, government offices, etc. The employees come in for the $3 sesame chicken lunch plate and naturally discussion turns to office gossip and latest projects...

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019