Russian SVR allegedly planning false‑flag recruitment of NSA personnel via hacktivist channels

230 | HOW AMERICA LOST ITS SECRETS and software on the Internet, all of which fell under the rubric of “freedom of the Internet.” They also vocally objected to the NSA’s using built-in back doors in its software to read their encrypted messages. Such people were not difficult to find on the Internet. The donors to Ron Paul’s libertarian election campaign (including Snowden) were a matter of public record. Even if there was no shortage of hacktivists who believed the sur- veillance of the Internet by the NSA was an evil worth fighting, the SVR still had to find a plausible way of approaching members of this counterculture without offending them. Clearly, the SVR could no longer use out-of-date Communist and anti-capitalist ideology as a lure. Russia was far more authoritarian than the United States when it came to the Internet. One viable alternative for the SVR was custom-tailoring false flags to appeal to hacktivists. For this purpose, the Internet provided a near-perfect realm. Because it is a place where true identities cannot easily be veri- fied, intelligence services could employ a protean kit of disguises to assume false identities to entice potential dissidents into communi- © cating with them. The KGB’s earlier efforts to use hacktivist groups ® in Germany had produced little if any intelligence about the NSA because of the stovepiping it used to isolate its computers from net- works that could be hacked into from the outside. It will be recalled that the NSA threat officer had cited these failures in his 1996 report on NSA vulnerability. He also said that efforts of the Russian intel- ligence services to use false flag recruitments provided the KGB with “a learning experience.” The KGB had learned that hacking by itself could not breach the NSA’s protective stovepiping. He predicted that its next logical move would be to “target insider computer person- nel.” This false flag recruitment would aim at, in his view, system administrators, computer engineers, and cyber-service workers who either were already inside the NSA or had a security clearance that would facilitate getting jobs with NSA contractors. Even with an appropriate false flag, the task of finding such a “Prometheus” required obtaining a database of those working at the NSA. There were some five thousand civilian technicians at the NSA of all political stripes. Hacking into the personnel records of the intelligence workers seeking to renew their security clearance | | Epst_9780451494566_2p_all_r1.indd 230 ® 9/30/16 8:13AM | | HOUSE_OVERSIGHT_019718