Document alleges Russian SVR accessed US personnel clearance data to recruit NSA insiders via anti‑surveillance activist networks

177 that could be hacked into from the outside. It will be recalled that the NSA threat officer had cited these failures in his 1996 report on NSA vulnerability. He also said that efforts of the Russian Intelligence Services to use false flag recruitments provided the KGB with “a learning experience.” The KGB had learned that hacking by itself could not breech the NSA’s protective stove-piping. He predicted that its next logical move would be to “target insider computer personnel.” These false flag recruitment would aim at, in his view, system administrators, computer engineers and cyber service workers who were either already inside the NSA or who had a secrecy clearance that would facilitate getting jobs with NSA contractors. Even with an appropriate false flag, the task of finding such a “Prometheus” was daunting. There were some five thousand civilian technicians at the NSA of all political stripes. Finding the one who met its espionage requisites was the equivalent of seeking the sharpest needle in the proverbial giant haystack. For espionage purposes, however, recruiters did not have to find the sharpest needle, or any particular one; they just needed to find any needle in a position to cooperate. They could hone a willing recruit over time to do the job at hand. The size of the haystack could also be reduced to more manageable proportions by hacking into the personnel records of the intelligence workers seeking to renew their security clearance. The Internet provided the SVR with just this opportunity. As discussed in the previous chapter, holes in the security of the computer networks of the US Office of the Office of Personal Management, USIS and the websites of the companies supplying the NSA with independent contractors had made the background checks on American intelligence workers available to the Chinese and presumably other adversary intelligence service hackers since 2011. If the SVR had access to this personnel data, the research for a candidate would be greatly facilitated. From the 127-page standard form 86 each applicant for a security clearance submits, the SVR could filter out intelligence workers employed by the NSA by their educational background, employment history, affiliations and foreign contacts. It could then search this data for candidates with a possible hacktavist profile, This data could next be crossed with a list of individuals SVR in contact with high-profile activists who are part of the anti-surveillance movements. This would include core participants in the TOR project, Wikileaks, Noisebridge, Crypto Parties, and the Freedom of the Press Foundation and the Electronic Freedom Foundation. (Snowden, for example, had been in touch with members all these groups in 2012 and 2013.) The SVR would have little problem monitoring even encrypted communications with leading figures in the Anti-surveillance world. These activists, despite secrecy rituals such as putting their cell phones in refrigerators, remain visible to a sophisticated intelligence service such as the SVR. Consider, for example, the defensive tactics of Laura Poitras, including PGP encryption, TOR software, and air-gapped computers which are computers that have never been connected to the Internet. She also famously changes her tables at restaurants to evade surveillance. With all these precautions, she did not keep secrets about her sources entirely to herself. Snowden, at a HOUSE_OVERSIGHT_020329