Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Sent Coded Messages From Its Twitter To Communicate With Foreign Spies (gizmodo.com)

Posted by BeauHD on from the not-so-secret-after-all dept.

Matt Novak reports via Gizmodo: During the first Cold War, American and British spies would sometimes place coded messages in newspaper classified ads to communicate with each other. And according to new reports in the New York Times and The Intercept, the National Security Agency (NSA) has updated the tactic, using its public Twitter account to send secret messages to at least one Russian spy. That's just one relatively small detail in much more salacious articles about NSA and CIA agents traveling to Germany in an effort to recover cyberweapons that had been stolen from U.S. intelligence agencies. A Russian spy allegedly offered up the stolen cyber tools to the Americans in exchange for $10 million, eventually lowering his price to just $1 million. The Russian spy allegedly claimed to even have dirt on President Trump.

According to the reports, the unnamed Russian met with U.S. spies in person in Germany, and the NSA sometimes communicated with the Russian spy by sending roughly a dozen coded messages from the NSA's Twitter account. The one important question: Were the messages sent via direct message or were they sent out as public tweets? The New York Times report leaves some ambiguity, but according to James Risen in The Intercept they were very public.

48 of 108 comments (clear)

  1. Meh. by PPH · · Score: 4, Informative

    The Russian spy allegedly claimed to even have dirt on President Trump.

    Who doesn't?

    --
    Have gnu, will travel.
    1. Re:Meh. by jfdavis668 · · Score: 1

      The got it off of CNN, USAtoday, MSNBC, Fox News, etc.

    2. Re:Meh. by msauve · · Score: 2

      Trump needing to fit code words in proper order into his tweets would explain a lot.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    3. Re: Meh. by Anonymous Coward · · Score: 1

      >But his apparent eagerness to sell the Trump “kompromat” — a Russian term for information used to gain leverage over someone — to American spies raised suspicions among officials that he was part of an operation to feed the information to United States intelligence agencies and pit them against Mr. Trump. Early in the negotiations, for instance, he dropped his asking price from about $10 million to just over $1 million. Then, a few months later, he showed the American businessman a 15-second clip of a video showing a man in a room talking to two women.

      >No audio could be heard on the video, and there was no way to verify if the man was Mr. Trump, as the Russian claimed. But the choice of venue for showing the clip heightened American suspicions of a Russian operation: The viewing took place at the Russian Embassy in Berlin, the businessman said.

      >Within days, though, the deal turned sour. American intelligence agencies determined that the data was genuinely from the Shadow Brokers, but was material the group had already made public. As a result, the C.I.A. said it would not pay for it, American officials said.

      >The Russian was furious. But negotiations limped on until September, when the two sides agreed to try again.

      >Late that month, the American businessman delivered the $100,000 payment. Some officials said it was United States government money but routed through an indirect channel.

      >A few weeks later, the Russian began handing over data. But in multiple deliveries in October and December, almost all of what he delivered was related to the 2016 election and alleged ties between Mr. Trump’s associates and Russia, not the N.S.A. or C.I.A. hacking tools.

      sounds like the exact opposite. If anything this just goes to show that the main objective of Russia's operations has been to spread disunity, not that we need much help with that. The facebook ad buys and twitter operations that we know about were doing this. Is it really so surprising?

    4. Re: Meh. by Betty+Crocker · · Score: 5, Informative

      This is nothing new. It's just a different medium of something that has been done since at latest the Cold War. Numbers stations have been used for DECADES. Broadcast something publicly over shortwave (or perhaps MW or LW) in a sometimes unending stream. It is garbage to anyone who doesn't have the means to decode it.

      Famous Soviet/Russian UVB-76, "The Buzzer" where someone was sitting at a chair and pushing a key every second or two
      https://www.youtube.com/watch?v=Wcv_cGLjxCY

      Chinese numbers station
      https://www.youtube.com/watch?v=VhpqZpfb03c

      A C= decoding one being used in CW mode
      https://www.youtube.com/watch?v=pawOMIlMfIw

      Some being jammed
      https://www.youtube.com/watch?v=wGxEnnzrwmc

    5. Re:Meh. by fahrbot-bot · · Score: 5, Funny

      Trump needing to fit code words in proper order into his tweets would explain a lot.

      Certainly would settle the debate about: covfefe

      --
      It must have been something you assimilated. . . .
    6. Re: Meh. by PopeRatzo · · Score: 3, Interesting

      CIA going after dirt on their own president

      This happened in June of 2017, so it's much more likely that Trump was using the NSA and CIA to try to get this kompromat and bury it. Remember, by that time, they were working for Trump.

      --
      You are welcome on my lawn.
    7. Re: Meh. by msauve · · Score: 1

      "You are just jealous that Trump says more in 140 characters then you could say in a hundred forty pages."

      Not really.

      "Fuck you. I'm better than you."

      See? I can do it in fewer characters than he can!

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    8. Re: Meh. by Reverend+Green · · Score: 1

      All Christians are RUSSIAN AGENTS!!!1!!1!!

      Thanks for that insightful commentary, Comrade Wang.

    9. Re:Meh. by PolygamousRanchKid+ · · Score: 3, Informative

      Actually communication directly via twitter makes no sense what so ever, defiantly no spy vs spy.

      The NSA is using Twitter as a Numbers Station: https://en.wikipedia.org/wiki/...

      Nothing new or exciting about this.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    10. Re:Meh. by shawn95gt · · Score: 1

      Covfefe!

  2. Odd... by Frosty+Piss · · Score: 2, Interesting

    I'm not surprised that Twitter / Facebook and so on are used like this, the Bot Nets have been using them for Command and Control for ages. But why use the "official" NSA Twitter Twaddle? It's pedestrian to discover who accesses specific sites... Why not something more benign like Britney Speers Twitter?

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Odd... by Megane · · Score: 1

      ...or Bayesian junk messages on Slashdot? Why would someone still be posting that crap for well over a decade when hardly anyone even notices it?

      --
      #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
    2. Re:Odd... by tburkhol · · Score: 1

      I'd imagine that people presenting themselves as "CIA operatives" could confirm that by having the official CIA twitter broadcast some pre-specified message.

    3. Re:Odd... by quantaman · · Score: 1

      I'm not surprised that Twitter / Facebook and so on are used like this, the Bot Nets have been using them for Command and Control for ages. But why use the "official" NSA Twitter Twaddle? It's pedestrian to discover who accesses specific sites... Why not something more benign like Britney Speers Twitter?

      Because it's the official NSA Twitter account.

      Think about it from the Russian's perspective, are you talking to some low level spy who doesn't actually have the authority to send the money you're after? An ex-spook like Steele? A Russian counter-intelligence operative?

      An official NSA tweet tells you that a very powerful person at the agency is backing the operation. That it's important enough that they're willing to screw with their Twitter account. And you're still relatively indistinguishable from all the other people who read the NSA Twitter account (which in the Russian intelligence community is probably a lot of people).

      --
      I stole this Sig
    4. Re:Odd... by AHuxley · · Score: 1

      The NSA and GCHQ think people working for the USA who will be reading such messages will not be tracked in their own nations due to lack of "collect it all" skill in other nations.
      Other nations just see their population are using social media all day, everyday.
      That other nations fail to have the granulated per account real time collection to show a person visited a section of social media.
      That other nations can only bait and trap their citizens on social media over time with fake accounts not log all social media use in real time.
      Perhaps some defector "told" the CIA, NSA, MI6 of everything another nation of interest can do, cant do and that using social media in that way was considered safe. i.e. the other nation was so far behind in digital collection skills they still had to do very classic in person police work per account.
      The NSA/GCHQ looked at that nations imported collection tech and considered what collection could be done and accepted that tech "story".

      The new social media messages get posted as a "number station" and random people working for the USA in another nation feel confident/secure to read the messages without been detected.
      The question for an FBI, MI5 is then who knows of the social media message system and has told the other side.
      Have long in place and top level human spies been allowing social media to feel safe in their own nation so everyone reading the messages gets tracked long term.
      That the spy working for the US might just decode the messages on their computer or with paper work in front of their computer? Malware on the computer or a camera at the location of their desk could get the decoded message.
      Thats the problem with networks. The radio number station works as it offers privacy and anonymity when broadcast into a nation, globally.
      Using social media only offers the privacy of the message in code. Anonymity is lost in having to visit social media to collect the messages.

      If a well placed long term human spy in NATO, NSA, CIA passed on such social media methods, then not having number station privacy and anonymity was a real risk.
      The use of new contractor "social media" communication methods could see the real time tracking of new and old US spy networks.
      Wonder what was used to sell "social media" communication to the clandestine services?
      That the new spy did not need one time pad equipment and would never be found with it?
      That just using the "internet" in their nation was not a risk due to a lack of real time collect it all?
      That a new social media message system could be faster at anytime than needing the to find the real privacy to work on number station radio decryption?

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Odd... by AHuxley · · Score: 1

      That works until a human spy well placed in the USA starts seeing the results of such missions and has worked their what up to clearance access to the "how" of contractor social media communications.
      Then the other nation just has to watch for everyone interesting in their own nation reading the "official" US gov social media.
      Plant a few must have, top secret new fake project names and see what the USA gets as results.
      A short list of information given to the USA and who has such gov project access in the other nation can then be created.
      Who on that project is reading the "official" US gov social media a lot?
      Install a camera above their computer to see if they are decrpting. Install malware in their computer to see if they are decrpting.

      Thats why the smarter nations fill other "cyber" nations with decades and generations of real human spies.
      Read along with the cyber spy results and pass back who is spying on what project. Lists of turned staff with project access and who are reading a lot of US gov social media make for a not long list.

      --
      Domestic spying is now "Benign Information Gathering"
  3. Classified by devnullkac · · Score: 2

    During the first Cold War, American and British spies would sometimes place coded messages in newspaper classified ads to communicate with each other.

    Turns out that's the origin of the word "classified" for secret documents. Lol.

    --
    What do you mean they cut the power? How can they cut the power, man? They're animals!
    1. Re:Classified by jfdavis668 · · Score: 1

      Informative

  4. To all our friends on Slashdot by Mister+Liberty · · Score: 3, Insightful

    Peace of mind comes without Twitter.
    I repeat: Peace of mind comes without Twitter..

    1. Re:To all our friends on Slashdot by fahrbot-bot · · Score: 3, Funny

      Peace of mind comes without Twitter.
      I repeat: Peace of mind comes without Twitter..

      Your inspirational message would reach more people if you tweeted it.

      --
      It must have been something you assimilated. . . .
  5. Coordinating the French Resistance by jfdavis668 · · Score: 1

    They're just giving instructions to the French Resistance. Vive la France.

  6. Biased political bullshit from the CIA by Anonymous Coward · · Score: 1

    The "cyberweapons" is a bullshit cover story.

    NSA and CIA agents traveling to Germany in an effort to recover cyberweapons that had been stolen from U.S. intelligence agencies. A Russian spy allegedly offered up the stolen cyber tools to the Americans in exchange for $10 million, eventually lowering his price to just $1 million. The Russian spy allegedly claimed to even have dirt on President Trump.

    Why would you pay anything for a copy of "stolen cyber tools"?!?!?! The Russians aren't about to give the CIA their last copy no matter how they're paid, and the NSA and the CIA already have them and don't need another copy.

    After the transaction, the CIA gets a disk of "stolen cyber tools" that they already have, and the Russian still have them too.

    So it's a bullshit cover story.

    So what did the CIA pay for?

    This was the CIA trying to get dirt on Trump - no more, no less.

    1. Re:Biased political bullshit from the CIA by quantaman · · Score: 4, Interesting

      The "cyberweapons" is a bullshit cover story.

      NSA and CIA agents traveling to Germany in an effort to recover cyberweapons that had been stolen from U.S. intelligence agencies. A Russian spy allegedly offered up the stolen cyber tools to the Americans in exchange for $10 million, eventually lowering his price to just $1 million. The Russian spy allegedly claimed to even have dirt on President Trump.

      Why would you pay anything for a copy of "stolen cyber tools"?!?!?! The Russians aren't about to give the CIA their last copy no matter how they're paid, and the NSA and the CIA already have them and don't need another copy.

      Even if you think the NSA should offer patches for every bug they found the NSA doesn't agree.

      If the NSA knows exactly what was stolen that does 3 things for them.
      1) They know which tools are now useless (or if they work you might have hacked a honeypot).
      2) The more you know about what was stolen the easier to figure out who stole it and how they did it.
      3) You know which vulnerabilities you need to patch.

      This was the CIA trying to get dirt on Trump - no more, no less.

      According to the article the CIA was against the investigation because the head of the CIA is a Trump loyalist who didn't want dirt on the President. I wouldn't be surprised if the CIA was the source of the leak for this story.

      --
      I stole this Sig
  7. Re:Numbers Stations by The+Grim+Reefer · · Score: 1

    Numbers stations have long been used to send coded messages to spies, who decided them with one time pads.

    Has this ever been verified? It seems a pretty likely possibility, especially when you look at the location of many of these stations. But does anyone really know?

  8. Fair New York Times article by manu0601 · · Score: 1

    This is getting unusual: the New York Times paper is not obviously anti-russian.

  9. Of course they're public. by BitterOak · · Score: 4, Informative

    The one important question: Were the messages sent via direct message or were they sent out as public tweets? The New York Times report leaves some ambiguity, but according to James Risen in The Intercept they were very public.

    Of course they're public. The whole point is that no one can see who is receiving the messages. They're coded, of course, so only the intended recipient will know what they mean, but possibly even the sender doesn't know who that person is. If DMs were used, that would entirely defeat the purpose: might as well use a secure communications app. The points of classified ads in the past, or tweets today, is that they can be read anonymously, even from a public computer terminal without typing in any login credentials.

    --
    If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
    1. Re:Of course they're public. by mentil · · Score: 1

      The points of classified ads in the past, or tweets today, is that they can be read anonymously, even from a public computer terminal

      Publicly pulling out the spool of silk OTP encodings, and then burning it, is slightly suspicious, however.

      --
      Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
    2. Re:Of course they're public. by BitterOak · · Score: 1

      The points of classified ads in the past, or tweets today, is that they can be read anonymously, even from a public computer terminal

      Publicly pulling out the spool of silk OTP encodings, and then burning it, is slightly suspicious, however.

      Just write down the tweet, or photograph it, then do your OTP decoding at home.

      --
      If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
  10. Coded Message by PopeRatzo · · Score: 3, Funny

    I-ay, avehay the irtday on umptray! Eepay apetay!

    --
    You are welcome on my lawn.
    1. Re:Coded Message by PopeRatzo · · Score: 2

      I-ay, avehay the irtday on umptray! Eepay apetay!

      I just realized that this hasn't been modded down because Russian trolls don't understand Pig Latin.

      --
      You are welcome on my lawn.
  11. Re:Russia collusion by PopeRatzo · · Score: 1, Interesting

    Carter Page, followed by all the government since 2013 and they haven't found anything to charge him with.

    Intelligence services will usually keep a foreign agent in place, where they can follow the flow of information. And now, with the change in Page's legal team, it appears that he's cut a deal with the FBI to give up someone more senior.

    --
    You are welcome on my lawn.
  12. Re: Russia collusion by Anonymous Coward · · Score: 2, Informative

    Oh dear, you sad semi-literate Trumpie, you missed all the references (not one of them is Reddit). Here they are so you can improve your reading skills.

    1) The Guardian - Trump Tower meeting with Russians treasonous, Bannon says in explosive book

    2) NBC - A Panama tower carries Trump’s name and ties to organized crime

    3) Global Witness - Narco-A-Lago: Money Laundering At The Trump Ocean Club Panama

    4) The Guardian - Trumps Panama tower used for money laundering by condo owners, reports say

    5) Sketchy Donald Trump Deal Eyed For Ties To Iran | Rachel Maddow | MSNBC

    6) The New Yorker - Donald Trump’s Worst Deal:
    The President helped build a hotel in Azerbaijan that appears to be a corrupt operation engineered by oligarchs tied to Iran’s Revolutionary Guard

    7) NPR - The New Yorker Uncovers Trump Hotels Ties To Corrupt Oligarch Family

    8) Business Insider - Dossier author Christopher Steele: Trumps hotel and land deals with Russians need to be examined

    9) New York Times - Trump Associate Boasted That Moscow Business Deal ‘Will Get Donald Elected’

    10) The Washington Post - Trump’s company had more contact with Russia during campaign, according to documents turned over to investigators

    11) Slate - An Intriguing Link Between the Mueller Investigation, Trump, and Alleged Money Laundering

    12) GQ - Inside Donald Trumps Election Night War Room

    13) Politico - Trump’s mob-linked ex-associate gives $5,400 to campaign

    14) Raw Story - Longtime Trump business partner ‘told family he knows he and POTUS are going to prison’: report

    15) The Spectator - Forget Charlottesville - Russia Is Still The True Trumps True Scandal

    16) McClatchy - Donald Trump and the mansion that no one wanted. Then came a Russian fertilizer king

    17) New York Times - Tracking the Yachts and Jets of the Mega-Rich

    18) McClatchy - Trump, Russian billionaire say they’ve never met,

  13. Re: Russia collusion by Anonymous Coward · · Score: 4, Funny

    Sorry, nothing from Breitbart or RU.com.

  14. Re:Russia collusion by PopeRatzo · · Score: 4, Informative

    Oh, so no evidence and you claim Page is a traitor.

    There is plenty of evidence against Carter Page that we know about. The evidence we don't know about, which was used to get a FISA warrant against him, is in the Intelligence Committee Memo that the Democrats want to put out but Donald Trump refuses to allow. But as I said, what we know is plenty:

    https://www.politico.com/magaz...

    --
    You are welcome on my lawn.
  15. Re:Russia collusion by PopeRatzo · · Score: 1

    He's already admitted that he's a paid Soros troll.

    I'm well-paid, my friend. Well-paid.

    --
    You are welcome on my lawn.
  16. Re:Russia collusion by ABEND · · Score: 1, Insightful

    If the Democrats on the HPSCI had evidence that FISA warrants were obtained under un-impeachable circumstances then, why did they wait to publish their findings until after the Republicans published their summary memo? Really. Why wait?

    How and why could the the dossier (have you read it?) be used, in any capacity, without un-impeachable verification, to get a FISA warrant to surveil a presidential campaign and administration?

    What will you say when Trump's administration uses FISA warrants to surveil the Democrat candidate in 2020?

    --
    In all seriousness:
  17. Sigh. by ledow · · Score: 3, Interesting

    If they're coded messages, it literally doesn't matter.

    In fact, that's kind of the point of encrypted and coding - people can read your message AND STILL not understand what it says.

    Sending as direct message would link the two parties conclusively. Putting a public message doesn't - literally anyone who viewed it could have been the intended recipient and there's no way to tell who it was.

    Stupid headline/summary/article is stupid.

    Any agency that wanted to get a message to an agent who can't reveal themselves would often find the best way to do so would be to publicly broadcast a coded message using a system that only that agent has the facility / knowledge / key to understand.

    Everything from numbers stations, to messages in newspapers, to Twitter... it's the right way to do it without revealing the message, or the intended recipient.

    Encrypt the message. Don't try to obfuscate/obscure the medium. Anything radio can be captured, anything visible can be photographed, anything written can be intercepted, anything electronic can be sniffed, anything audible canbe recorded. Pretty much the entire basis of things like TLS, SSH, etc. - who cares if the underlying medium is secure... form a secure channel over it using methods that EXPECT it to be actively monitored by an enemy (e.g. Diffie-Hellman, etc.).

  18. Re:Russia collusion by PopeRatzo · · Score: 1

    How and why could the the dossier (have you read it?)

    Yes, I've read it, and you can too. Here is the full text:

    https://www.documentcloud.org/...

    ... be used, in any capacity, without un-impeachable verification, to get a FISA warrant to surveil a presidential campaign and administration?Because parts of it had been verified, and more gets verified as time goes on. Before all is said and done, the entire document will be verified.

    http://www.newsweek.com/trump-...

    --
    You are welcome on my lawn.
  19. The walruses are cold by presidenteloco · · Score: 1

    in Pyongyang today.

    --

    Where are we going and why are we in a handbasket?
  20. Who the hell... by Bartles · · Score: 1

    ...pays money to "buy back" stolen hacking tools. The cover story is obviously a lie.

  21. Humint by JBMcB · · Score: 1

    Since when does the NSA run human intelligence operations? I guess when your budget is classified you can just do whatever the hell you want.

    --
    My Other Computer Is A Data General Nova III.
  22. Re:Russia collusion by ABEND · · Score: 1

    Ok, you've read the "dossier." Then you know it looks like something from the Onion, You should know it's still in "largely unverified" status (meaning it names people and places that really exist but the events described in it are not verified).

    We do not know who Steele's sources were. We do not know whether they were from the FSB, FBI/CIA, DOJ, U.S. Department of State, etc.

    I'm not going to click on the Newspeak link. Why don't you provide a summary of what's at the link?

    What will you say when the Trump administration uses a "dossier" to surveil their opposition in the 2020 election?

    --
    In all seriousness:
  23. Re:Numbers Stations by f3rret · · Score: 1

    Check out Spycraft by Robert Wallace, H. Keith Melton and Henry R. Schlesinger it is well sourced and quite informative.

    Long story short, yes this use of number stations has been confirmed by multiple sources, including operators and "users". It is a well known, and confirmed, fact that a Cuban spyring operating out of Florida (IIRC) was controlled by a number station.

    --
    Admit nothing. Deny Everything. Make Counter-accusations.
  24. Hey, don't blow up their spot. by sabbede · · Score: 1

    Spies use all kinds of things to pass coded messages. Should we really splash examples all over the media? I don't see any benefit, just potential harm.

  25. OH NOES! by ne7minder · · Score: 1

    Anybody here know that during WWII the Allies sent coded messages via BBC radio broadcasts? This is not rocket surgery boys & girls. Sending via a tweet hides the possible recipients & is probably why the Intercept is upset, Putin does not know who the mole is.

  26. Begs the Question by tmjva · · Score: 1

    So, what to they use for DOMESTIC spies?

    --
    Tracy Johnson
    Old fashioned text games hosted below:
    http://empire.openmpe.com/
    BT
  27. Defined!!! by minstrelmike · · Score: 1

    covfefe : Dude, call me. I've got the stuff.