Online Sex and the Single Leaker
Spy agency cyber sleuths prowl for lonely men looking for love
The February 21 indictment and March 2 arrest of David Franklin Slater elicited quite a few giggles across social media. Slater, a 63-year-old retired U.S. Army lieutenant colonel working as a civilian Air Force employee at the United States Strategic Command in Nebraska, had allegedly fallen for an online honey trap on a foreign dating website.
"Beloved Dave, do NATO and Biden have a secret plan to help us?" and similar less than subtle pairings of mawkish endearments and suspiciously pointed questions read like something out of a very bad spy novel or ill-advised reboot of Rocky and Bullwinkle.
However, the terms of affection seemed to have worked. Slater did, in fact, hand over classified documents to his online paramour, who claimed to be a female based in Ukraine, according to the indictment. That she (or perhaps he) knew the documents were classified is without question. In one instance his online love interest responded, “Sweet Dave, the supply of weapons is completely classified, which is great!" The perpetrator’s spy service affiliation, if any, was not identified.
That an experienced military officer would transmit classified documents in such a manner seems absurd, though in the online world, for “men of a certain age” in search of love or a reasonable facsimile, a gift of information often stands in for fancy dinners with good wine or an age-inappropriate sports car. And while Slater’s alleged online affair, which is said to have run from approximately February to April 2022, is easily dismissed under the “no fool like an old fool” doctrine, there is no shortage of young fools as well.
The young have also proved just as vulnerable to these types of honey traps that combine sophisticated technology with equally sophisticated social engineering. In 2017 Reuters reported that Israeli soldiers had their phones hacked by Hamas operatives posing as young Israeli women. Targets were selected and wooed from well-known social media platforms, such as Facebook, and eventually enticed to download a phishing-type program—a Mobile Remote Access Trojan, or MRAT.
The malicious program, disguised as an app that would allow the secure exchange of risqué photographs and messages, boasted its own credible looking website and was posted on the Google Play store. For the target, the program appeared to not download and displayed a convincing looking error message. In fact, it was running in the background and providing hidden access to stored data as well as control over the compromised phone, including accessing GPS coordinates, listening in on conversations, reading text messages, and taking photographs.
Proof that the operation was deemed a success may be seen in the Israeli announcement last year that a similar effort based in Iran by the IRGC included voice recordings and video. However, an IDF spokesman said in 2020 that the army had detected the Hamas scam early on and “prevented any major secrets from reaching the Islamic militant group.”
London Calling
At around the same time the first operation took place, Mia Ash made her appearance. Launched by a Middle Eastern group believed to be funded by Iran, Ash was purported to be a London-based photographer. In fact, the image of a young lady “Ash” used was of a Romanian photographer lifted from the website DeviantArt. Operating through social media platforms, the Ash team cultivated a number of male followers developing online friendships before posing as a damsel in distress in need of assistance with technology. The plot motivated a staffer at the accounting firm Deloitte to open an infected document.
India has also seen an aggressive effort of cyber honey trapping, said to be launched by Pakistan, targeting scientists and military personnel. In one notable 2023 case, an Indian scientist who headed up the Defense Research and Development’s Research and Development Establishment laboratory was arrested on allegations he shared sensitive information with an online paramour in exchange for risqué pictures and texting.
All of which is not to say online entrapment will completely replace the more traditional forms of bedding-down honey traps, at least not in the foreseeable future.
In late 2023, the Department of Justice announced the arrest of three individuals who ran high end brothels in Cambridge, Mass., California, and the Virginia suburbs of Washington, D.C. It was, of course, the military and intelligence-heavy locations of Fairfax and Tysons Corner that raised some eyebrows.
“Commercial sex buyers allegedly included elected officials, high tech and pharmaceutical executives, doctors, military officers, government contractors that possess security clearances, professors, attorneys, scientists and accountants, among others,” the official press release pointedly noted. The establishments, which featured women of Asian descent, were promoted through online marketing and offered menu options to customers. Although no direct connection to espionage was established, there was widespread speculation.
However, compared to traditional recruitment efforts by a handler working under cover as an anodyne diplomat, or the orchestrated ensnarement of old school honey traps, cheap social media efforts appear to have paid off handsomely. And too, not mentioned in most stories surrounding Slater and others is the dismaying reach of such efforts.
In the case of Slater, it extended to the center of the country, not to mention the United States Strategic Command, the heart of America’s nuclear arsenal and global information grid. Espionage, which has a long history as early adopter and adapter of new technologies, seems to have found the perfect vehicle in social media to target age-old vulnerabilities while expanding the pool of potential targets among the lovelorn, misguided, disgruntled, or greedy.
Henry R. Schlesinger is an author and journalist who has been writing about things espionage for more than two decades. His most recent book is Honey Trapped: Sex, Betrayal, and Weaponized Love.
WANT TO HEAR MORE? Listen to Henry Schlesinger and SpyTalk Editor-in-chief Jeff Stein explore the topic further on the latest SpyTalk podcast.
"ill-advised reboot of Rocky and Bullwinkle"
Excellent description of those mawkish texts.
Thank you, da-link!