New in SpyWeek
A Moscow diplomats hack, CIA Black Swan predictions, U.S.-China spy wars and deciphering a code in an 1880s dress, lead the week.
Welcome to SpyWeek, our new weekly newsletter, where we look at news from the intersection of intelligence, foreign policy, and military operations.
Moscow Hack: The iPhones of workers in diplomatic missions and embassies inside Russia were penetrated by a highly sophisticated “zero day” exploit, according to security researchers. What’s being called possibly the most sophisticated phone exploit ever attacked several thousand iPhones, some of which belonged to diplomatic personnel “including countries of the NATO bloc and the post-Soviet space, as well as Israel, SAR [Hong Kong], and China,” according to Russia’s FSB, the successor of the Soviet KGB. Researchers at Kaspersky, the Moscow-based maker of computer antivirus software, recently detailed the exploit that employed an eye-popping four zero days, hard-to-find vulnerabilities that allowed secret infiltrations of iPhones without the owner even realizing it.
“This is nation-state stuff, absolutely crazy in its sophistication,” security expert Bruce Schneier says. (Four zero days were also found in Stuxnet, the joint U.S.-Israeli cyberweapon that targeted Iran’s nuclear centrifuges.) The FSB blamed the U.S. National Security Agency, which did not respond to a request for comment. The FSB even went so far as to accuse Apple of colluding with the NSA, which Apple denied. "We have never worked with any government to insert a backdoor into any Apple product and never will," an Apple spokesman tells SpyWeek. Apple says that the vulnerabilities were fixed in June and July after Kaspersky made the phone maker aware of the problem. There are no indications that the exploit has compromised devices running versions of the iPhone operating system distributed from September of 2022 to the present, Apple says.
Target Hamas: America’s spy agencies have raised Hamas to a Level Two intelligence priority, clearing the way for additional funding for stepped-up intelligence collection. The New York Times reported that the shift in priority has also opened up new money for the CIA to develop human sources, but that will take time. Before its October 7 attack, Hamas was a Level Four priority, and the United States relied on Israel for intelligence on Hamas. Today, only China, Russia, North Korea, and Iran—international adversaries that could pose a more direct threat to the United States—are higher Level One priorities than Hamas. The shift in priorities comes as a U.S. intelligence task force formed after October 7 is collecting intelligence on senior Hamas leaders and the location of hostages. The intelligence gathered by the task force is being shared with Israel, the Times reported.
Black Swans: The predictions are grim: 2024 will be a year marked by disinformation and terrorism. Billions of people will vote in more than 80 elections scheduled to take place around the globe, The New York Times writes, setting the stage for what one expert called ”a perfect storm of disinformation.” Last year saw an uptick in terrorist attacks, culminating in Hamas’s October 7th attack on Israel, which suggests the violence will continue and perhaps grow, Lawfare writes. But that’s the conventional wisdom. It’s not necessarily wrong, but it’s based on recent events. Intelligence analysts need to be on the lookout for the unexpected, seemingly unlikely, but entirely possible events that change the course of history (and get CIA personnel called in to work on a weekend morning).
The CIA calls these “strategic-level surprise” events, but author Nassim Taleb popularized them in 2007 as “Black Swans” (Examples include the 9/11 terrorist attacks, the global financial crisis of 2008, and the COVID-19 pandemic.) Two former CIA acting directors say Russia is ripe for a systemic shock. Former CIA Acting Director John McLaughlin tells Politico his pick for a 2024 Black Swan event is a revolt against Russian President Vladimir Putin. Sure, Putin has a high approval rating and appears to have tightened his grip on power, he argues, but, as the 2000 Kursk submarine catastrophe showed, Putin has a weak spot: grieving Russian mothers. Russian mothers can’t be ignored or shoved out of windows (although a distraught mother of one of the dead Kursk sailors was sedated involuntarily while haranguing a deputy prime minister). A sustained revolt by Russian mothers angry over their children being slaughtered in Ukraine could cut into Putin’s expected majority in the March presidential election in Russia. If that happened, it could limit Russian aggression on the battlefield and give Ukraine an opportunity to counterattack. “Any weakening of Putin’s position as Russian president could trigger cascading effects that would impact events around the world in unpredictable ways—including our own election in 2024,” McLaughlin writes. Meanwhile, Jack Devine, another former CIA acting director, told Australia’s Sun he wouldn’t be surprised if Putin is dethroned in a Black Swan palace coup. Of course, you gotta watch what you wish for.
China Espionage, Part I: There were some jaw-dropping details in Bloomberg’s Jan. 6 report about the latest US intelligence assessments on corruption in the Chinese military. We know that the Chinese military has been undergoing a series of purges, but the assessments described by Bloomberg describe a staggering level of corruption that prompted them: Missiles filled with water instead of fuel. Vast fields of missile silos in western China with malfunctioning lids that prevent the missiles from launching, and so forth There’s more, according to the astounding reporting by Bloomberg’s Peter Martin and Jennifer Jacobs: “The corruption inside China’s Rocket Force and throughout the nation’s defense industrial base is so extensive that US officials now believe [President] Xi is less likely to contemplate major military action in the coming years than would otherwise have been the case,” they write. Xi now must worry about replicating Russia’s inept performance in Ukraine, where endemic corruption played a huge role in its military’s dysfunction. Corruption is “the number one killer that impairs the military’s ability to fight,” according to PLA researchers.There have been a series of internal purges inside the military as Xi tries to get the corruption problem under control. The latest came on Dec. 29, when China’s top legislative body unseated nine defense figures, including five linked to the missile force.
China Espionage, Part II: An American sailor in California was sentenced to more than two years in prison for passing military secrets to a Chinese intelligence officer, while in Beijing China says it arrested an MI6 spy in the latest near-simultaneous moves of the US-China Cold War. Petty Officer Wenheng Zhao, 26, who worked at a Navy base in Port Hueneme, California, received nearly $15,000 in exchange for sensitive military information that federal prosecutors say included “sophisticated encrypted communication,” plans for a large-scale maritime training exercise in the Pacific theater, and operational orders, electrical diagrams, and blueprints for a radar system in Japan. In the MI6 case, meanwhile, SpyTalk contributor Matthew Brazil reports that China’s Ministry for State Security identified the suspected spy only as a foreign passport holder and contractor surnamed Huang. The MSS announcement, on the popular social media platform, QQQ, claims that Huang's mission included identifying Chinese citizens willing to "incite rebellion" [策反, cèfǎn], but Brazil notes that actually means to recruit or turn a source, a phrase that goes back at least to revolutionary times. Huang’s relationship with British intelligence allegedly goes back to at least 2015.
Dress Code: A Canadian researcher has cracked a 136-year-old code with a fascinating origin. Pieces of paper containing cryptic messages were found in a silk bustle from the 1880s purchased from an antique shop in Maine. Messages like “Bismark Omit leafage buck bank / Paul Ramify loamy event false new event” have fascinated and puzzled cryptologists ever since the dress’s owner, Sara Rivers Cofield, posted them to her blog in 2014. Now Wayne Chan, a research computer analyst with the University of Manitoba, says he’s solved it—with a deflating finding. Writing in Cryptologia, Chan found the cryptogram was merely a telegraphic code for transmitting weather observations in 1888 by the U.S. Army Signal Service (later Signal Corps) and later by the U.S. Weather Bureau. Each message started with a station location, followed by code words for temperature and pressure, dew point, precipitation and wind direction, cloud observations, wind velocity, and sunset observations. The code was designed to save money, since telegraph companies charged by the word. Sorry, espionage fans.
Legend: The espionage journalist Edward J. Epstein has died at age 88 from complications of Covid. The author of more than two dozen books, Epstein was memorialized Friday in The New York Times as a “professional skeptic.” The Washington Post noted that Epstein “delighted in puncturing accepted narratives.” At the CIA, Epstein is remembered differently.
A 1993 essay by agency historian and former station chief Cleveland Cram in the organization’s in-house journal, Studies in Intelligence, credits Epstein with being at the vanguard of a “watershed” in critical writing about the CIA in the 1970s. In a series of articles that were the basis for his 1978 book, Legend: The Secret World of Lee Harvey Oswald, Epstein was the first to publicize the bitter internal agency dispute over the bona fides of a KGB defector named Yuri Nosenko, Cram wrote. Epstein propounded the theory that Nosenko had been sent by the KGB to provide a cover story or “legend” for Oswald, who, the book alleged, was a KGB agent. The theory had been discredited—Nosenko was a genuine defector—but Cram noted that Epstein’s work contained “so much classified information that [it] could only have come from someone with intimate knowledge of the Nosenko case.” In a subsequent book, Deception, Epstein admitted his sources were the late James Angleton, the retired chief of CIA counterintelligence, and his associates. Epstein got caught in the web Angleton spun to avenge his 1974 dismissal and “indict his successors for negligence of duty,” Cram wrote.
America’s most notorious prison, the military detention facility at Guantanamo Bay, Cuba, turned 22 this week. Thirty men remain in a prison that has housed nearly 800.
U.S. intelligence officials warn of rising risk that Lebanese Hezbollah militants will strike Americans in the Middle East — and even potentially hit inside the United States (Politico).
European Union officials are hoping that the new Polish government will be more helpful in the investigation into the sabotage of the Nord Stream pipeline (WSJ).
The United States will increase security assistance and intelligence sharing with Ecuador in wake of narco-criminal violence that rocked the formerly peaceful South American nation. (State Department)
The US Army has a $175 million spy blimp (YouTube).
Is there something we missed? Or something you would like to see more of? Send your tips, corrections, and thoughts to SpyTalk@protonmail.com.
SpyTalk is a reader-supported publication. To receive new posts and support our work, consider becoming a free or paid subscriber.