Spies Like Us: Are They LinkedIn?

Are you one of alleged Russian sleeper spy Anna Chapman's 181 Facebook friends?  Do you subscribe to her Twitter feed?  She's @nycrentalsnews. What about one of her 150 connections on LinkedIn? Were you one of the five people who recommended her on LinkedIn?

According to documents seized by the FBI, Chapman's key tasking was to "search and develop ties in policy making circles in the U.S." and then send intelligence reports back to Moscow Center. In today's world, connections are made online. 

Chapman's Twitter feed offers a glimpse into how her own recruitment might work. As a real estate agent, she could gain intimate knowledge of her clients. She'd know their residences inside and out, and even be in a position to recommend where a technical agent might place a listening device.  Her LinkedIn resume suggests she was a prodigious networker, attaching herself to groups like the Online Marketing Association, the eMarketing Association Network and others. 

On Facebook, one of Chapman's friends posted a news alert about her arrest and asked, in Russian, whether the Anna Chapman he knew was the same person who was caught in the dragnet. There was no reply.

How many connections away were they from folks like me and you?  Were the alleged spies directly connected on Twitter/Facebook/LinkedIn? (Not that I could tell.)

Folks in the intelligence community want to forbid their people from using social media, believing it to be a counterintelligence risk of the first order. There is almost no training in how to use social media to figure out who the bad guys (or gals) might be.

When journalists communicate with tipsters on Twitter, through direct messages, who's watching? This is a digital version of the following question: when an old college friend who now works for a foreign embassy invites you for drinks and gently probes you for information about the mood inside the West Wing, are you complicit?

The technology the alleged spies used to communicate -- steganography, WiFi brush passes, and old, regular, high-frequency Morse code -- is quite antiquated and exploitable, provided the FBI knew where to look. You can find WiFi networks with your own cell phone, and the NSA and CIA have long used devices that can suck up data from both unencrypted and encrypted networks. And they were looking since at least 2005, probably exploiting the spies and (perhaps) passing disinformation back to Moscow through them.

Want to try your own brush pass? Download the "bump" application from iTunes. It's ingeniously easy to figure out ways to wirelessly pass information from one person to another within a range of about 400 feet. Spies these days prefer disk drives whose contents they can delete with a press of a button; they keep the drives on their persons at all times, so that if they're ever taken into custody, they can, with a swipe of their hand, erase much of the evidence against them.

The U.S. is experimenting with Ultra Wide Band (UWB) frequencies for its communications; these frequencies are very hard to exploit because the radio information is distributed across the spectrum.

The fact that the FBI was able to run the spy-hunting operation for seven years suggests that American counterintelligence efforts have improved dramatically since the days of Aldrich Ames, Robert Hanssen, and Harold Nicholson.