shared this story
The FBI says that “Law enforcement is extremely concerned about the serious threat posed by the use of robust encryption products that do not allow for authorized access or the timely decryption of critical evidence, obtained through lawful electronic surveillance and search and seizure.” Indeed, an FBI spokesperson told the Wall Street Journal on February 26 that end-to-end encryption “is a problem that infects law enforcement and the intelligence community more and more so every day.” This encryption-weakening, backdoor opening, rhetoric rings with a certain irony now that it has been revealed that Russian intelligence agents succeeded in breaking one of the FBI’s encrypted communications systems used by elite mobile surveillance teams.
Without needing a backdoor.
What encrypted communications systems have been breached, and when?
According to a Yahoo News report, the 2016 expulsion of Russian diplomats, and the seizure of East Coast compounds owned by the Russian government wasn’t just about meddling in the presidential election but, in fact, had everything to do with the Russians breaching FBI secure, encrypted, communications systems.
Both of the Russian compounds, often referred to as “dachas” which is the name given to holiday homes in Russia, along with “some of the expelled diplomats,” were reported by Yahoo News as having played “key roles in a brazen Russian counterintelligence operation that stretched from the Bay Area to the heart of the nation’s capital.”
This operation, it is claimed, targeted the specific FBI communications systems used by Bureau agents to track suspected Russian spies on U.S. soil. “American officials discovered that the Russians had dramatically improved their ability to decrypt certain types of secure communications and had successfully tracked devices used by elite FBI surveillance teams,” the report said.
It would appear that the compromise itself, which dates back as far as 2010, revolved around the encrypted radio systems used by elite mobile surveillance teams of FBI agents to track movements of suspected Russian spies. After talking to multiple former intelligence officials, Yahoo News said that “Russian spies also compromised the FBI teams’ backup communications systems.” These comprised of cellphones with a push-to-talk capability. Indeed, four former senior officials told reporters that “the Russians were able to intercept, record and eventually crack the codes to FBI radio communications.”
The reach of the FBI breach
Let’s be clear, the equipment being used was far from at the cutting edge of encryption technology at the time. The radios were necessarily lightweight to allow agents to be discreet in tracking targets. More secure technology would have made that stealthy tracking harder to accomplish. These radios were also very low range which, together with fears of communications being intercepted, led to agents using the backup cellphones instead.
A former senior intelligence official told Yahoo News investigators that “The intel reporting was they did break our codes,” or got their hands on a radio “and figured it out,” but the result was the same: “they decrypted our comms.”
There is no evidence that the Russians were able to crack anything other than these “moderately encrypted” communications networks, and certainly not the much stronger encryption employed the U.S. government for sensitive communications.
The Russian response
The Moscow Times has reported that the Russian Embassy in Washington refers to the accusations as being groundless. Describing the Yahoo News report as a “clumsy attempt to justify the seizure of Russian diplomatic property through spy hysteria,” a Russian Embassy spokesperson is quoted as having said “we intend to request clarification from the U.S. Department of State since such provocative publications can lead to acts of violence against the Embassy staff and their close ones.”
The information security expert view
Ian Thornton-Trump is currently the head of cybersecurity at Amtrust International. However, he also served with the Military Intelligence Branch of the Canadian Forces between 1989 and 1992 and more recently a criminal intelligence analyst with the Royal Canadian Mounted Police. I approached Thornton-Trump for his expert view on this story.
“This ‘tit-for-tat’ spy game between the Russians and Americans is nothing new, but it illustrates an age-old issue,” Thornton-Trump says. “The enemy is always listening, but if you know they have broken your codes do you reveal that you know that the enemy knows? It’s a huge dilemma.”
Spy-craft and gaining insight into the adversary’s activity is a time-honored tradition, Thornton-Trump says, adding that “intelligence operations, code-breaking and secure communications remain the most contested space between nation-state adversaries as they have in the past and will do in the future.”
How does this sit with the FBI’s stance on encryption and backdoors?
Mike Masnick, writing at Techdirt, said that these revelations are engaging in the general spy against spy context, but “even more incredible in the context of the FBI still fighting to this day to weaken encryption for everyone else.” Techdirt reports how the FBI under both James Comey and Christopher Wray has pushed the notion that the tech industry should introduce backdoors to give easier access to encrypted data for law enforcement. “The pushback on this,” Masnick said “is that any such system for lawful access will inevitably lead to much greater risk of others being able to hack in as well. Given that, you’d think that the FBI would be especially sensitive to this risk.”
That the political spin doctors are hard at work on this issue isn’t open to debate, but according to Thornton-Trump, there’s a dirty little secret that needs outing. “The FBI has been immensely successful against sophisticated cybercriminals and nation-state groups without encryption backdoors,” he says, “the ‘war on encryption’ is actually a war on privacy.” Global law enforcement organizations, including the FBI, already have all the tools they need, Thornton-Trump says. “It’s called police work, and I feel that this war on encryption is driven by pure budgetary considerations as investigations are expensive,” he says, concluding “that and the belief that an algorithm should just spit out a list of bad guys so the police can go and arrest them: that future is something unpalatable in our free and open society.”
More on Forbes
Michael Novakhov – SharedNewsLinks℠