Risk
6/29/2010
03:02 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

11 Alleged Russian Secret Agents Charged

The complaints filed against the alleged spies reveal a sophisticated high-tech investigation.

In two legal complaints that read like a cold war espionage thriller, the U.S. Department of Justice on Monday charged 11 people with carrying out deep-cover intelligence-gathering missions for the Russian Federation.

The multi-year investigation by the FBI, the U.S. Attorney's Office for the Southern District of New York, and the Department of Justice's Counterespionage Section and Office of Intelligence has led to the arrest of 10 people. One defendant is still at large.

The defendants allegedly served as Russian secret agents who were living in the U.S. on long-term deep-cover assignments.




Image Gallery: Who's Who In U.S. Intelligence
(click for larger image and for full photo gallery)

A coded message allegedly sent by the SVR, the Russian foreign intelligence service, to two of the defendants was intercepted and decrypted by the FBI. It explains their mission:

"You were sent to USA for long-term service trip," the note reads, according to one of the complaints. "Your education, bank accounts, car, house etc . -- all these serve one goal: fulfill your main mission, i.e. to search and develop ties in policymaking circles in US and send intels [intelligence reports] to C[enter]."

The SVR's headquarters is known as "Moscow Center."

The Russian Foreign Ministry has called the charges baseless, according to The Washington Post, and suggested the charges arise from an anti-Russian faction in the U.S. government that seeks to prevent improved relations between the U.S. and Russia.

Beyond cracking encrypted codes, government investigators appear to have brought considerable high-tech expertise to bear in their evidence gathering. The complaints describe extensive use of court-authorized electronic surveillance, including covert microphones in defendants' residences, covert video cameras in public locations and hotel rooms, and the monitoring of defendants' phone calls and e-mails. FBI agents covertly entered some of the defendants' residences and copied electronic media and took photographs there.

The alleged conspirators likewise are said to have made use of covert communication technology, specifically steganography, in which encrypted messages are concealed inside other data, and radiograms, coded messages sent by short wave radio.

Searches of defendants' residences uncovered software, allegedly provided by the SVR, that encrypted messages and concealed them in image files. The encryption code used by the steganography software was defeated because one of the defendants had written down the 27 character password. Following the recovery of this password in a clandestine 2005 search in New Jersey, the FBI was able to access protected files. Links to other Web sites containing image files with hidden messages were discovered in an electronic address book.

A search in Boston produced computer disks with deleted messages that proved to be recoverable by computer technicians. Other searches in Boston and Seattle provided evidence that the defendants were communicating using radiograms.

Money for the operation was allegedly provided by Russian government officials in the U.S. Investigators tracked one of the defendants in 2004 via a covert GPS tracking device as he drove to bury a bag of money provided by his handlers. Investigators subsequently found a package wrapped in duct tape buried beneath five inches of dirt, photographed the package, and re-buried it.

All of the defendants are charged with acting as an unauthorized agent of a foreign government, a charge that carries a maximum penalty of five years in prison. All but two are also charged with conspiracy to launder money, which carries a maximum 20-year sentence.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0607
Published: 2014-07-24
Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

CVE-2014-1419
Published: 2014-07-24
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

CVE-2014-2360
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

CVE-2014-2361
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

CVE-2014-2362
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.