Site hosted by Angelfire.com: Build your free website today!
ACTIVISTS AND SPOOKS

  A lecture about covert activities against activist groups, given at TILT
  conference, Sydney Australia

  (c) Felipe Rodriquez - 27 September 2001
 

  With special thanks to Eveline Lubbers for her insightful comments and
  inspiration for this article and in general.
 

  INTRODUCTION

  Activists worldwide are scrutinized by government agencies and corporate
  intelligence activities. Numerous organizations have been the object of
  surveillance and infiltration. These organizations include activist groups
  that advocate sabotage and violence. But most are peaceful organizations
  that do not advocate violence.

  Organizations around the world that have been targets of government
  surveillance and infiltration include Greenpeace and Amnesty International.
  Other groups include gay and lesbian rights organizations, socialist and
  Communist organizations, environmental groups, animal rights groups, middle
  east organizations, unions, peace activist organizations and human rights
  groups [1].

  Western world intelligence organizations work on the basis of a counter
  insurgency model developed by British intelligence expert Frank Kitson. In
  his book, Low Intensity Operations he defines various stages of development
  of political organizations. He advices that the primary work of an
  intelligence agency should occur in the earliest phase of the creation of an
  organization, when the it is small and vulnerable. It outlines the necessity
  for continuous covert operations, insisting that infiltration and
  "psychological operations" be mounted against dissident groups in "normal
  times," before any mass movement can develop. [2]

  Officially the primary functions of government intelligence activities
  consist of giving information and warning of potentially hostile political
  plans of organizations, and the research and analysis of that information.
  Unofficially it includes the manipulation of organizations and people, in
  order to disrupt, weaken, compromise and control them.

  There is a need for activist groups to be concerned with surveillance and
  infiltration: governments and corporations observe, and sometimes
  manipulate, these groups to discover what they know, who their sources are,
  and what their future activities will be.

  One word of warning; you should not let this lecture make you feel too
  paranoid; governments have limited resources, and therefore they are
  unlikely to use many of the techniques that I will mention in this lecture
  if you are not an important suspect to them.
 

  WHO ARE THE SPOOKS ?

  Organizations involved in infiltration and surveillance activities include
  police organizations, local and foreign human intelligence organizations,
  local and foreign signal intelligence organizations and global corporations.
  A large US based religion, The Church of Scientology, has also been accused
  numerous times of infiltration and surveillance activities, apparently to
  weaken and destroy their perceived enemies.

  A large number of government infiltrations of activist groups have been
  reported worldwide. An example is reported infiltration and surveillance
  activity by the Victorian police Operations Intelligence Unit, in Australia,
  in the early nineties. This unit monitored 316 organizations and had files
  on more than 700 people in the state of Victoria [1]. Exceptional about this
  was not the amount of organizations and individuals that where monitored,
  but the fact that these covert activities where exposed. Similar activities
  by police forces and intelligence organizations happen around the world, but
  remain covert.

  Often we only get to see single pieces of the intelligence puzzle. Some of
  the examples of puzzle pieces that where found are:

  -    the infiltration into the US organization 'Students for Economic
  Justice' [3]
  -    undercover police activities during protests [4]
  -    failed attempts to recruit informers [5]
  -    informants or agents that have been discovered and volunteered
  information about their previous covert activities.

  Such activities need not be limited to domestic government agencies. In the
  early 90s a US agency tried to infiltrate a hacker group in the Netherlands
  by setting up a hackers bulletin board to lure and entrap hackers. He
  created multiple personalities on his bulletin board to create an impression
  that there was genuine activity and communication going on. But in reality
  he was trying to extract information from Dutch hackers about their
  activities, and possibly try to infiltrate those hacker groups. The operator
  of this bulletin board later turned out to be an employee at the US embassy
  in The Hague. In 1995 he was fired by the US embassy because he had become a
  security threat, and in 1996 he started posting elaborate stories about his
  intelligence activities [6] for the CIA.

  Various corporations have also engaged in surveillance and infiltration
  activities. And they do not only spy on their competitors. Activities
  against activist groups have been reported. Such as the case of McDonalds,
  that employed private investigation agencies to infiltrate London Greenpeace
  [7,8]. In the case of Greenpeace London, Mc Donald's had hires more than one
  investigators to infiltrate that group. The infiltrators did not know the
  identity of the other infiltrators.

  Corporations have an increasing need to gather intelligence to protect their
  interests. Governments can often not provide the information and
  intelligence products that corporations need. Various corporations have
  therefore used private intelligence companies, such as a company called
  Control Risks. Control Risks is a so called international business risk
  consultancy. Services include political and security risk solutions,
  investigations, security consultancy and crisis management and response. The
  essence of companies like Control Risks, is to function like a privatized
  intelligence organizations.

  In January this year a person called Manfred Schlickenrieder was exposed as
  a corporate spy that was doing work for shell and possibly other
  corporations. This person has been spying on activist groups for a period of
  more than twenty years. He collected information and photographs on hundreds
  of people. He also offered to sell guns to people. The founder of the
  company he worked for, a former MI6 agent, said in the Financial Times that
  his company tried to do the same thing for corporations as they had done
  before for the government.

  A number of espionage activities by freelance agents that sell their product
  to corporations have been reported. In the Netherlands there was a case
  involving a detective agency that collected paper from activist groups. The
  agency employee, posing as an activist, told organizations that the old
  paper would be sold to a recycling company, and the proceeds would be
  donated to a school. As a result many sensitive documents ended up on the
  desk of corporate managers, to whom they where sold by the agency [9].
  Another freelance agent was Adrian Franks, who infiltrated numerous activist
  groups, collected information about them, and tried to sell this information
  to corporations around the world [10].
 

  METHODS OF SURVEILLANCE

  Much has been written about the Echelon surveillance network. Echelon has
  the capacity to carry out total communications surveillance. Satellite
  receiver stations and spy satellites in particular are alleged to give it
  the ability to intercept any telephone, fax, Internet or e-mail message sent
  by any individual. Echelon operates worldwide on the basis of cooperation
  among the UK, the USA, Canada and Australia. These states place their
  interception systems at each others disposal, and make joint use of the
  resulting information [11]. A former Canadian secret service employee says
  the service routinely received communications concerning environmental
  protests by Greenpeace vessels on the high seas [12].

  Echelon is coordinated by the National Security Agency, or NSA, in the
  United States. This is an agency has a budget of approximately 4 billion
  dollars a year. This budget is magnified by the cooperation with other
  intelligence agencies, and assets are pooled with these agencies. Examples
  are the spy base in Pine Gap, based in Australia, with mixed Australian and
  US staff. There are numerous speculations about the capabilities of the NSA,
  they have been known to top into undersea communications cables, and the
  United States have a special submarine equipped for these operations. There
  have been messages about the NSA tapping undersea fiber optic cables, by
  splicing them. The problem does not seem tapping into these cables, but
  processing the unimaginable amounts of information that such tapping
  provides. In space the NSA has specially equipped spy satellites, such as
  the Mercury signals intelligence spacecraft. These satellites are designed
  to intercept transmissions from broadcast communications systems such as
  radios, as well as radars and other electronic systems. They have a very
  large deployable antennae with a diameter of approximately 100 meters.

  Carnivore is a computer-based system that is designed to allow the FBI to
  collect information about emails or other electronic communications to or
  from a specific user. It has the capability to capture all the network
  traffic to and from a specific user or IP address [13]. Other countries are
  developing similar devices, and the legislation needed to implement them. In
  the Netherlands legislation has already been implemented that will force
  ISPs to make their Internet network traffic available to police and secret
  service surveillance, when served with an order to do so [14]. In the
  Netherlands there was a legal case where a former hacker, that now works for
  the police, provided evidence that the Dutch police had created a black box
  device that was capable of tapping specific internet traffic at a provider,
  and had the capability to reconstruct the entire session of the user that
  was the target of surveillance.

  There are currently a lot of news items about intelligence services trying
  to uncover messages that have been hidden using steganography. This is a
  technique to hide a message inside another message. It is alleged that
  terrorists use steganography to hide messages that are sent to other
  terrorists. Several Internet providers around the world have been asked to
  provide information about this, and to cooperate with the intelligence
  community to uncover these hidden messages. Government contracts have been
  granted to companies to develop techniques that enable the analysis of
  content on the Internet, in order to uncover messages that are hidden using
  steganography.

  If you are concerned about the security of your computer network, then stay
  away from wireless network equipment, such as the Apple Airport and Lucent
  Orinoco wireless access points. Wireless network communication has been
  compromised, and it is relatively easy even for an amateur to eavesdrop and
  penetrate a wireless computer network. In the United States it has become a
  bit of a fashion to drive around in a car, equipped with a computer, a
  wireless Ethernet device, and a special antenna. This enables one to pick up
  network traffic from most wireless networks, especially the ones that are
  not secure. This new fashion has a name, it is called war driving, and is
  derived from the old hacker activity of war-dialing

  In Australia laws have been passed that give ASIO, Australia's domestic spy
  organization, powers to hack into computers. They can now enter and modify
  computers remotely. [15] The FBI has been reported to have rigged a computer
  used by a suspected criminal in order to be able to monitor every keystroke.
  [16] The suspect was using encryption to protect the data on his computer,
  and it was impossible for the FBI to crack this encryption. By tapping his
  keystrokes they where able to find the password of his encryption software,
  and decrypt all the secret information on his computer.

  Less high-tech ways of spying on activist communication include a phone tap,
  or a pen register. A phone tap eavesdrops on the activist's telephone calls,
  recording the oral communications on tape. A pen register tracks all the
  numbers of inbound telephone calls. Phone taps are used extensively in some
  countries, and less in other countries. The Netherlands is notorious for its
  use of phone taps; it has among the highest amount per 1000 population of
  phone taps in the world. Also in the Netherlands it has been reported more
  than once that public phones where being tapped by the police, because they
  where allegedly being used by criminals that tried to circumvent government
  tapping of their phone.

  A government phone tap is impossible to detect, don't believe the marketing
  hype that spy shops give you about anti bug devices. These devices are only
  effective for very low-end surveillance equipment as employed by mediocre
  freelance spooks. The danger of bug detection devices is that they'll give a
  false sense of security.
  A very rare way of detecting a phone tap is when a mistake is made. In 1992
  a tap was placed on a computer line of the Dutch hacker group HackTic
  network. This disrupted normal network email operations. The inverse signal
  of the tapped line was connected to another line by mistake. Social
  engineering of the phone company engineer responsible for the switch
  disclosed that something odd was done to the wiring that he was not allowed
  to disclose [17].

  In some cases microphones (bugs) are installed in a premises, to record
  conversations in a room. Before such a device can be placed, surveillance by
  the agency is initiated in order to determine the best time and place to
  install it. Be wary of electricians and plumbers at the door with whom you
  have no appointment, they may be checking out the best location for a bug,
  and may be trying to find security problems for later covert entry into your
  house.

  Often there is no need for the spooks to install any microphones in your
  home, there already is one there, its called the telephone ! Built into the
  international CCITT telephone protocol is the ability to take phones 'off
  hook' and listen into conversations occurring near the phone, without the
  user being aware that it is happening [18]. This effectively makes the
  telephone into a room monitoring device.

  Do you believe only street cats are interested in your garbage bin ? You're
  wrong ! Garbage can be a primary source of intelligence. This may sound
  smelly, but look at what people throw away. Often draft versions of
  documents end up in the trash. These may give away vital information. Oracle
  paid private investigators to go through the trash of a trade group with
  ties to arch-rival Microsoft. [19] A case that already mentioned before
  occurred in the Netherlands, where a private investigation company collected
  the trash of numerous activist organizations.

  Shredding documents is an option, but may provide a false sense of security.
  When the Iranian revolutionaries occupied the US embassy in Tehran they
  found big pile of shredded secret US government documents. The Iranians
  managed to recover the shredded items and systematically reassemble them.
  They then published facsimiles of the documents in a series that currently
  numbers over 70 volumes. The information that was uncovered by the Iranians
  contained the identity of the CIA station chief in Beirut, William Buckley,
  who was kidnapped and assassinated by a group calling itself Islamic Holy
  War.

  Why do you think Osama Bin Laden switched his satellite phone off ? Because
  following people around has become very easy if they use a cellular or
  satellite phone. A mobile phone network always knows in what cell of the
  network the phone is at any given time. Police and intelligence
  organizations can access this information to locate someone, or to find out
  the history of a person's movements.

  Another way of finding out where a person has been in the past, is by
  checking credit card transactions; purchase anything with a credit card, and
  the transaction is logged on the mainframe of the credit card company,
  including the location of the merchant, and therefore your location at the
  time of purchase.

  During demonstrations and protests the government often uses photo and video
  surveillance, to record the presence and activities of individuals. Some
  police forces have specially equipped command and control vehicles with
  video camera's on their roof, and video terminals inside. Video and
  photographic surveillance of specific locations, such as an office of an
  activist organization, has been documented in the past. With the right
  optical equipment such surveillance can be done from a mile or so away,
  defeating any chance of discovery.
 

  INFILTRATION

  An infiltrator tries to penetrate an organization with the intention of
  collecting information that is otherwise not available.

  Surveillance of communications is called Sigint, an acronym for Signals
  Intelligence. The use of informers, or actual infiltration of groups is
  called Humint. Sigint often does not provide adequate information about the
  motives and future plans of people and organizations, therefore government
  agencies often engage in Humint activities. Infiltration is also used to
  manipulate and compromise activists and their organizations.

  Undercover infiltration is a specialist job, and can be hard to detect.
  There are some recurring signs that have been turning up in reports about
  past infiltrations. An infiltrator needs to gain trust in the target
  organization, and will sometimes offer secret information to gain trust and
  respect. An infiltrator will seek a leadership, or close to leadership,
  position. It is important for an infiltrator to become an information hub,
  and infiltrators often maintain extensive contacts with other organizations.
  Infiltrators often create conflict and intrigues in their environment.
  Infiltrators often extensively copy archived documents of the activist
  organization and take these copies with them.

  Another important sign that has come up repeatedly in reports about
  different infiltrations by government agencies is that the infiltrator will
  often promote the use of illegal activities, and may encourage others to
  participate in illegal activities. Infiltrators have been reported that
  offered arms and explosives to activists [20]. In the Netherlands there have
  been two reported cases of infiltrators that where offering guns and
  explosives. Another case has been documented in Germany. I have had some
  personal experience with a person working for the US embassy in the
  Netherlands that tried to incriminate me in a crime, apparently with the
  intention to use that against me to discredit me, or worse. Fortunately we
  reported this to the press and police before the case came to its climax;
  and this person consequently lost his job at the embassy.

  The reasoning behind this activity of offering weapons is that governments
  want to know who is willing to use violence or illegal activities to achieve
  their activist goal [21]. An element of entrapment is often blended into
  this; the infiltrator promotes the use of violent or illegal activity, and
  when the illegal activity takes place the people involved are arrested.
  After such an arrest an attempt can be made by the government agency to
  pressure the participating activist into becoming an informer with threats
  of punishment and prison.

  The African National Congress manual for covert actions [22] used the
  following list to identify infiltrators:

  *    they try to win your confidence by smooth talk and
      compliments;

  *    they try to arouse your interest by big talk and promises;

  *    try to get information and names from you which is no
      business of theirs;

  *    try to get you to rearrange lines of communication and
      contact points to help police surveillance;

  *    may show signs of nervousness, behave oddly, show excessive
      curiosity;

  *    may pressurize you to speed up their recruitment or someone
      they have recommended;

  *    ignore instructions, fail to observe rules of secrecy;

  Spies that work for corporate intelligence organizations often work in a
  different way than government organizations. Corporations want information
  of a more general nature, such as the results of voting sessions, the
  intentions of campaigns and what contacts exist with other activist
  organizations. The main function of this information for the corporation is
  the creation of damage assessments and to develop public relations responses
  to actions like a consumer boycotts.

  Because of their different nature, corporate spies are more low-key. They
  are less likely to promote violence or to offer weapons and explosives for
  sale. Therefore they are harder to detect and isolate. Cases have been
  reported, such as the one mentioned before in this lecture, where corporate
  spies have been active for many years.
 

  INFORMERS

  An informer reveals confidential information in return for money or other
  benefits. Recruiting informers often ends in failure, and therefore there
  are many reports available about the recruitment process.

  Informers can have a range of motives to turn against the organization they
  are informing about. They can be disenchanted members who volunteer their
  services. An activist may be overheard by someone not of the group, who in
  turn informs police. Someone may have been arrested and may try to avoid
  prosecution by agreeing to infiltrate a group and obtain information about
  activist activities. Or someone may have been targeted for recruitment by
  the police. [23]

  Recruitment by police or intelligence agencies is usually preceded by
  extensive background checks. Activists that have weak spots are singled out
  for recruitment attempts. A weak spot may be financial trouble, immigration
  status, pending prosecution and a range of other possibilities. The activist
  may be threatened and/or offered money. Other offers that may be made to
  coerce the activist into becoming an informer may include a permanent visa
  offer, or a settlement to prevent prosecution. Family members and friends of
  the recruitment prospect may be pressured, to convince the activist to
  become an informer.
 

  WHAT TO DO ?

  If you believe you, or your organization, are the target of infiltration of
  surveillance, the best thing you can do is start building up documentation
  and evidence. Create a small group of trusted individuals, and start to
  planning and researching the case. Try to find out all the facts, try to
  remember every detail that can be remembered. It is no use to have
  suspicions that cannot be backed up with hard facts. If evidence has been
  collected, it is often useful to double-check it first, and then publish the
  evidence. Please try to always be extremely careful about paranoia and
  unfounded allegations. Because that can cause as much, or more, harm to an
  organization as any intelligence activity.

  The best defense, if you have nothing to hide anyway, is to be extremely
  transparent. If transparency does not deter intelligence agencies, it will
  at least diminish your own feelings of paranoia and persecution. Second best
  is to have a high degree of awareness about security and knowledge about
  surveillance methodology. That helps in developing secure communication
  mechanisms, such as using encryption, steganography and maintaining
  anonymity.

  It is always useful to use encryption to protect your Email. Sending an
  unencrypted email is the same as sending a postcard without an envelope, any
  hacker or system engineer can read your email.  There are various encryption
  software programs available on the Internet, PGP, Pretty Good Privacy, is
  probably a good choice. If you want to hide the fact that you are
  communicating, you may want to use some steganographic program, that hides a
  message within another message.

  Security is one thing, paranoia another. The summary of technologies and
  activities in this article is extensive, and some may find it scary. The
  fact that all these things are possible, does not mean that they happen
  right now in your organization. For most people it is unlikely to be
  extensively targeted by most of the methods that I have described. Police
  and intelligence organizations have limited resources, and very extensive
  surveillance will only be done on high priority targets. One also has to be
  mindful of the fact that intelligence and law enforcement agencies have
  limited resources. Priorities change, and what one day seemed important, may
  not be important the next day. An recent example would be increased
  attention by the intelligence community for the anti-globalization
  protestors, that may not seem as important today in light of the global
  fight against terrorism.

  The intention of this article is not to make you feel paranoid, or to make
  you feel permanently watched by the government. Such extreme focus on an
  individual or group is rare and only happens in extreme cases where suspects
  are very important. Most intelligence operations against activists are
  likely to be low intensity intelligence operations with the aim of tracking
  developments and collecting information. But if you have been trained in
  some Al Qaeda camp in Afghanistan, then you probably have a credible reason
  to feel watched at this particular moment.

  The intention of this lecture is also to instill a certain level of security
  awareness in people. You could compare it to an insurance policy. You never
  know when we will have a need to know about these surveillance and
  infiltration techniques; one day in the future we may find ourselves living
  in a totalitarian state. It would be useful in those circumstances if some
  information about government surveillance and infiltration activities is
  available.
 

  Another reason to create this lecture, is that most of us live in democratic
  states. Therefore it is important to have some insight in the covert
  activities that our governments engage in, because they do so in the name of
  the electorate, and therefore in our name.
 
 
 

  Thanks,

         Felipe Rodriquez
 
 

  ------------
 

  SOURCES:

  [1] Operations Intelligence Unit Victorian police data base files at:
  http://home.vicnet.net.au/~neils/PoliceWatch/spec1.html

  [2] Low-intensity Operations - General Sir Frank Kitson Faber and Faber;
  ISBN: 0571161812

  [3] Activist group exposes undercover officer
  http://www.statenews.com/article.phtml?pk=519

  [4] Undercover troopers among those arrested during GOP convention
  http://europe.cnn.com/2000/ALLPOLITICS/stories/11/16/convention.protests.ap/

  [5] Koerden geÔnfiltreerd (dutch)
  http://www.xs4all.nl/~evel/koerd.htm

  [6] Snorri Helgarsson - My Story
  http://groups.google.com/groups?q==snorri+cia+parker&hl==en&rnum=&selm==4omak
  u%24b6%40enterprise.cistron.nl

  [7] Special Branch Help McDonald's
  http://www.mcspotlight.org/media/press/squall_aut96.html

  [8] Mag ik u infiltreren? (dutch)
  http://www.xs4all.nl/~evel/mcspy.htm

  [9] Liefdewerk Oudpapier (dutch)
  http://www.xs4all.nl/~evel/onzewer.htm

  [10] Infiltrator in A SEED, Earth First!, ENAAT - and where else?
  http://www.xs4all.nl/~respub/artikelen/adrian/

  [11] European parliament report on the existence of Echelon
  http://www.europarl.eu.int/tempcom/echelon/pdf/rapport_echelon_en.pdf
  [12] Jim Bronskill, Canada a key snooper in huge spy network, Ottawa
  Citizen, 24.10.2000

  [13] Carnivore FAQ
  http://www.robertgraham.com/pubs/carnivore-faq.html

  [14] opentap.org
  http://www.opentap.org/documents.php3

  [15] EFA newsletter - ASIO hacking legalised
  http://www.efa.org.au/News/issue5_2.html#asio

  [16] Mafia trial to test FBI spying tactics
  http://www.theregister.co.uk/content/4/15268.html

  [17] Hack-Tic afgeluisterd ? Hack-Tic 18/19 (dutch)
  http://www.hacktic.nl/magazine/1811.htm

  [18] SGR Newsletter, No.4, 1993
  And also in Hack-Tic 18/19 at http://www.hacktic.nl/magazine/1824.htm (dutch
  site)

  [19] Oracle's Private Eyes Hit Microsoft Trail
  http://www.pcworld.com/news/article/0,aid,17470,00.asp

  [20] Operatie Homerus - papieren tijger uitgeverij (dutch)
  ISBN 906728100X

  [21] Verslag van de speurtocht naar de infiltrant Adrian Franks (dutch)
  http://www.xs4all.nl/~evel/adrian.htm

  [22] African National Congress manual for covert actions
  http://cryptome.org/anc-manual.htm

  [23] POLICE UNDERCOVER OPERATIONS (2) by Mollie Maguire
  http://www.cat.org.au/a4a/police2.html
 
 

  (C) Felipe Rodriquez Copyright Notice; You may copy and distribute verbatim
  copies of this article for non-commercial use without the author's
  permission.
 

  ---
  Felipe Rodriquez http://www.xs4all.nl/~felipe