What A Burned CIA Officer and A Patriot Hacktivist Can Teach Us About Cover Discipline

Ryan Fogle, an alleged CIA officer being detained by Russian
counterintelligence after his cover was "blown" (Source: AFP)

In light of the news a Central Intelligence Agency officer was detained by Russian counterintelligence, I felt it would be good to examine what it means to have good "cover discipline". In order to accomplish missions that require stealth in plain sight, intelligence operatives use what is commonly referred to as "cover" which is a fictional persona adopted by individual officers so that their true identity and purpose remain unknown to their target. "Cover" takes a significant amount of time to develop and assimilate into the officer. Persons who operate "undercover" will spend a great deal of time studying and perfecting their "cover". Where most officers get caught is when they lose "cover discipline". This could be something as simple as confusing one's "cover" name with their "real" name. In some cases, like the one depicted in this film, "cover" is often lost due to carelessness.



A recent display of good "cover" discipline came coincidentally during an exchange with a "hacktivist" known as The Jester and Jeff Bardin, a leading information security expert. The Jester and Bardin engaged in a phony confrontation regarding The Jester's alleged betrayal of Bardin's "cover" during an information security intelligence operation. The "feud" ended with Bardin "revealing" The Jester's "real" name which was actually a "cover" he developed for this operation over two years ago. It was very elaborate but according to those involved, it was a success.

Here's a snippet from The Jester and Bardin's "feud":

@th3j35t3r Fix in DM my ass. YOU blew my op and and exposed my resources. It is time your shit was blown.
— Treadstone 71 (@Treadstone71LLC) May 9, 2013

The Jester posted this with regards to his "cover" on another website:

For just such an occasion.....
-------------------------------
On the 1st July 2011 - I myself left this on pastebin >> http://goo.gl/JtI46
I also purposely left this in source code of my blog: http://goo.gl/8lwUC
Later I created this: http://goo.gl/S0UAb
and to bolsert I also created this http://goo.gl/O7EtX
It's taken almost 2 years for anyone to spot the deliberate mistake. Well Done.
He doesn't exist. It's a decoy. Good to know who's who though. Thanks.

You will notice the meticulousness of the preparation involved in developing a good cover. The Jester has been active for a few years and has yet to be successfully unmasked because of his adherence to good "cover discipline".

I'm not an intelligence expert nor have I ever claimed to be. However, I have studied intelligence gathering and espionage for quite some time. What I have learned is that spies on rely on secrecy, deception, and disguise to conduct clandestine operations. In order to be successful, spies must "live, eat, and breathe" their cover story. As it's stated in this article, "Cover is a mosaic, it's a puzzle," said James Marcinkowski, a former CIA case officer who attended the dinner. "Every piece is important [to protect] because you don't know which pieces the bad guys are missing."

For more information on "cover":

http://www.slate.com/articles/news_and_politics/explainer/2003/09/how_deep_is_cia_cover.html

http://en.wikipedia.org/wiki/Non-official_cover

http://www.npr.org/templates/story/story.php?storyId=4757713

http://seattletimes.com/html/nationworld/2002400477_ciaculture25.html

VIDEO: Defenses Against Espionage

It never ceases to amaze me how many of the cardinal rules of security and threat mitigation are relevant know matter which era or platform they are adhered to in. This video is a perfect illustration of that. It's a video produced by the National Security Council for government contractors who worked with classified projects. It follows a fictional case wherein a company loses a key piece of classified information they produced.  Of interest to security practitioners are the human security vulnerabilities exposed. Many of the fictional characters are exploited using social engineering. While the manner in which the information is much more elaborate than what we say in modern corporate espionage, the lessons are the same.

VIDEO: Espionage Target - You (June 15, 1964)

This video is a classic from the Cold War. While some of the material is outdated, those same human security vulnerabilities still exist whether it be financial, sex, or peer pressure. The only difference between when this film was produced and now is the theater of operations has changed from being solely in an analog world to a digital, multi-spectrum world.

Here's the synopsis from archives.org:

Exposes the worldwide operation of the Sino-Soviet espionage system and shows how Communist agents used any means to obtain vital information from military personnel. Reconstructs three actual cases to demonstrate various facets of espionage techniques. Explains how agents of different nationalities probe for vulnerable areas, such as loneliness, indebtedness, fast money, sex and the sporting life. Portrays the agent as he subtly approaches, ensnares and involves his victim until it is too late for the victim to retreat. Purpose: Information on communist espionage methods.