High-Tech Methods Used by Alleged Russian Spies
A clandestine network of Russian spies in the United States used private Wi-Fi networks, flash memory sticks, and text messages concealed in graphical images to exchange information, federal prosecutors said Monday.
The Justice Department has filed criminal charges against 11 people who allegedly were covert agents of the Russian government assigned to establish close ties with American policymakers, including White House officials and an unnamed political fundraiser.
The court papers made public on Monday (PDF and PDF) include details of 21st century spycraft more high-tech than anything Jason Bourne knew about: defendant Anna Chapman allegedly brought her laptop to a coffee shop on 47th Street in Manhattan in January and transferred data with a Russian government official who drove by in a minivan but never entered the store.
In another information exchange two months later, Chapman allegedly opened her laptop while in a bookstore in lower Manhattan--probably the Barnes and Noble store on Greenwich Street--and used a private Wi-Fi network to communicate with the same Russian official who was nearby.
Some members of what the FBI calls "the Illegals," meaning agents who adopted cover stories and lived in the United States for decades, allegedly used custom steganographic software developed in Moscow. (Steganography is the practice of concealing secret messages in otherwise innocuous files.)
"Law-enforcement agents observed and forensically copied a set of computer disks" when searching some of the defendants' residences, according to a statement from FBI agent Maria Ricci. "Based on subsequent investigation as described below, I believe that the password-protected disks contain a steganography program employed by the SVR and the Illegals." SVR stands for Sluzhba Vneshney Razvedki, Russia's foreign intelligence agency and the successor to the foreign operations arm of the KGB.
Ricci said the steganographic program was activated by pressing control-alt-E and then typing in a 27-character password, which the FBI found written down on a piece of paper during one of its searches.
The practice of steganography has a distinguished history: the Greek historian Herodotus describes how one of his countrymen sent a secret message warning of an invasion by scrawling it on the wood underneath a wax tablet. To casual observers, the tablet appeared blank.
In World War II, both Axis and Allied spies used invisible inks such as milk, fruit juice, and urine, which darken when heated. They also used tiny punctures above key words in documents that formed messages when combined.
An unnamed U.S. government law enforcement agency has funded research into steganography detection (it turns out that messages concealed with many off-the-shelf stego packages can be detected). And there have been a handful of efforts to develop complete steganographic file systems.
The FBI also says the alleged agents used "radiograms," coded bursts of data sent by a shortwave radio transmitter, to communicate with Moscow.
According to the FBI, the Russian agents were instructed to report details about U.S. policies in Central America, estimates of Russian foreign policy, and problems with U.S. military policy. One surprise, though, is that "United States policy with regard to the use of the Internet by terrorists" allegedly made the list.
The suspected agents have not been accused of actually unearthing any classified or even sensitive material. Instead, they've been charged with violating 18 USC 371, which is conspiracy to commit an offense against the United States by not following 18 USC 951, which requires agents of the foreign governments to register with the attorney general. (Nine of the defendants have also been charged with 18 USC 1956, or money laundering.)
The charges have been filed in the southern district of New York, and prosecutors say that 10 of the 11 defendants were arrested Sunday, with a man known as Christopher R. Metsos still at large. Information about any attorneys representing the defendants was not immediately available on Monday.
Return to security news headlines
View Security News Archive