After the recent arrest of CIA agent Ryan Fogle by the Russian counter intelligence agency Federal Security Service one of items they found in his possession and leaked to the press was a letter advising his Russian informer how to conduct secure email communications, this post will scrutinize these instructions to learn why the CIA adopted those particular security measures.
- CIA Tip 1: “To get back to us please use an Internet cafe that has Wi-fi”
The Central Intelligence Agency is advising Wi-Fi to make sure that their informer does not use someone’s else computer, when you use a public computer you agree to being monitored by the system administrator, it is impossible to known what kind of surveillance or viruses exist in that computer and any data left behind, like visited and written emails are recoverable from the Internet browser cache even after years.
They are also making sure that if the informer home Internet connection is under surveillance by his ISP and checked by keywords, it will not be a threat.
- CIA Tip 2: “Open a Gmail account which you will use exclusively to contact us” ; “As you register do not provide any personal info”
They get their informer to use an American email company that can be easily accessible by the US government if needed, they make sure that he is not stupid enough to open the email account using his real name or address or other small details that could be linked to him like his phone number or a real password recovery email address belonging to him.
As a side note, there must be something good about Gmail security because former CIA Director General David Petraeus also decided to use a Gmail account for cheating on his wife last year, something I can think of is that Gmail login is with SSL and username and password can not be captured over insecure Wifi.
- CIA Tip 3: “Once you register send a message to unbacggdA@gmail.com“: “In exactly one week, check this mailbox for a response from us“
The CIA gets his informer to email to another Gmail address from the same company, with this they make sure that email content will not have to travel over the Internet from one provider to another, if you send an email from Gmail to Gmail, presumably data never leaves Gmail servers.
The confusing email address the CIA is using makes it very difficult for a similar one to exist, so even if their informer makes a typo, the email will not be sent to someone else by mistake, it should bounce to his inbox instead.
- CIA Tip 4: “If you use a Netbook or any other device (i.e. tablet) to open the account at a coffee shop please don’t use a device with personal data on it”
The CIA wants to avoid cross contamination, if the tablet is lost, stolen or hacked and accessed without permission, a third party could link the email exchange with the informer’s real job exposing him as an American spy.
- CIA Tip 5: “If possible buy a new device (paying in cash) which you will use to contact us”
The best way to avoid mixing real life data with underground activities is using a dedicated device for illegal actions that will not be touched by anything else, this greatly reduces chances of a mistake and the device can be quickly disposed of if needed. The CIA also makes sure that the informer’s credit card can not be linked to the purchase of a new tablet, if the informer is investigated someone could notice in the financial transactions that he has spent money buying a new tablet nowhere to be found.
Other spy items
Other seized items showed to the press include a couple of wigs, three pair of sunglasses and a baseball cap, all of those items make facial recognition difficult if the Russians have that kind of software installed in their CCTV network (public transportation, street cameras, etc) to automatically flag people of interest. The British government has trialled facial recognition software on CCTV street cameras and Germany is known to employ it in Frankfurt international airport.
Another interesting item found in his possession was an RFID shield that prevents reading of RFID chips embedded in passports and ID cards, this indicates that the CIA does not trust those chips otherwise there would be no need to protect them from unauthorized reading.
Allegedly the CIA spy was also carrying a large bundle of €500 Euro bank notes, these are ideal for money smuggling and corruption. China for example limits its bank notes value to small amounts to make bribery more difficult, to carry a very large amount of money in Yuan would have required the CIA agent a box full of bank notes instead of a bundle, this could explain why the CIA wanted to pay the informer’s bribe in Euros and not dollars or Russian roubles.
Computer savvy people will wonder why encryption and proxies are not mentioned at all, I am guessing here that the CIA instructions are addressed to someone who is a total computer knob and even an old grandma could follow.
Read the full letter on the WashingtonPost article