Covert Comms (Issue № 4)

CIA covert bases expand in Africa | viral Tom Cruise deepfakes make waves | new iPhone anti-stalking feature | the Pope visits Iraq | FBI needs help finding someone in a video

Welcome to our periodical brief Covert Comms, where you receive current events, espionage, digital security, and privacy-related insights from us directly to your inbox.

Behind the cloak & dagger: covert communications have long been used for two parties, normally handler and spy, to communicate secretly (and oftentimes remotely) without the knowledge of the Opposition, aka bad guys. Covert communications are a classic tool of spycraft and have been used since literally the beginning of time (espionage is the world’s second-oldest profession so we’ve got some history behind us), the ancient form being steganography, or concealing a message within another message or object.

Leave your secrets (aka your email) with us and you’ll receive the latest insights, commentary, and news directly to your inbox. We strive for timeliness, relevance, conciseness, and of course — a dash of intrigue and occasional wit.

---

Remote C.I.A. Base in the Sahara Steadily Grows

Deep in the Sahara, the C.I.A. is continuing to conduct secret drone flights from a small but steadily expanding air base, even as the Biden administration has temporarily limited drone strikes against suspected terrorists outside conventional war zones, such as Afghanistan, while it weighs whether to tighten Trump-era rules for such operations. Soon after it set up the base in northern Niger three years ago, the C.I.A. was poised to launch drone strikes from the site. But there is no public evidence that the agency has carried out anything but surveillance missions so far. The base was added to a small commercial airport largely to pay closer attention to southwestern Libya, a notorious haven for Al Qaeda, the Islamic State and other extremist groups that operate in the Sahel region of Niger, Chad and Mali. The expanding capabilities at the base indicate that the C.I.A. would be ready to carry out armed drone strikes if the high-level review permits them.¹

Analyst Comment:

The use of drone strikes to target terrorists outside of declared combat zones such as Afghanistan is not a new phenomenon, nor one that former President Trump instituted during his tenure. President Obama was often criticized for his expansion of drone strikes, which took advantage of “best practices” from the Agency’s post-9/11 evolution towards combating terrorism — a practice which has been employed not only in Afghanistan but Iraq, East Africa, the Sahara, the Federally Administered Tribal Areas in northwest Pakistan, and elsewhere. The preeminent counter-terrorism strategy at play here is the notion of employing a strong “offense” that takes the fight to the regions of the world where trouble lurks and could prove as a breeding ground for either training, planning, or staging attacks against the U.S. homeland — similar in many ways to the circumstances in Afghanistan circa late 1990s - 2000 which enabled Usama bin Laden to orchestrate the watershed 9/11 attacks. This strategy does not appear to have undergone significant revision since 9/11, and the Biden administration no doubt must determine its efficacy and any alternatives moving forward.

Deepfake videos of Tom Cruise went viral. Their creator hopes they boost awareness.

The creator of a series of deepfake Tom Cruise videos that garnered more than 11 million views on TikTok said he never wanted to trick people. But since he has, he's hoping the sudden influx of attention can help bring greater awareness to the continued evolution of the technology that can create incredibly realistic fake videos of people. “The important thing is, we didn’t want to fool people at any moment,” Chris Ume, 31, the Belgian visual effects artist behind the viral deepfakes, said in an interview. “If I can help in creating awareness, or even work on detection in the future, I would love to.” Ume created the four videos, in which it appeared to show the Hollywood star playing golf, doing a magic coin trick, and falling over while telling a story about the former Soviet leader Mikhail Gorbachev. Three of them went viral, attracting attention on TikTok and across the internet. And though most people realized quickly that the videos were fake, even experts were impressed by their quality.²

Analyst Comment:

This public and rather humorous use of so-called “deepfake” videos of actor Tom Cruise appear to offer little but a few laughs at face value. The phenomenon of deepfake videos, however, poses significant concerns in the realms of privacy and digital security. Deepfakes leverage advanced technological capabilities such as artificial intelligence and machine learning to alter and manipulate visual and audio content — a technique that has mostly so far been used to target celebrities in financial fraud, hoaxes, fake news, or revenge porn instances. In today’s digital age, where much more emphasis is placed on brand and reputation management for both individuals and companies, the advancements in deepfake technology pose significant risks when we recognize how they could be employed by adversaries or competitors to alter, shape, or otherwise nefariously affect their target.

New iPhone feature reveals if someone is stalking your exact movements

Apple is working on a new feature for its Find My app that could let you know if someone is stalking you. The setting is called “Item Safety Alerts” and tells a user if an unknown device traveling with them is being tracked on Find My. The feature then lets you disable the suspicious device. It's thought the 'unknown device' could be referring to rumoured AirTag products that Apple hasn't announced yet. AirTags are rumoured to be tile like devices that you can attach to items you lose often and then you can use your phone to find them. However, there have been some concerns that a device like that could be used to stalk and track a human if you attached an AirTag to them without their knowledge.The potential safety feature to stop this issue was spotted in the beta version of iOS 14.5. The setting is reportedly enabled by default in the test version of the Apple software. You can turn the setting off but you'll get a warning about unknown devices being able to see your location without your knowledge.³

Analyst Comment:

While we have not yet observed this feature in the iOS 14.5 update (given it was a Beta feature and most devices are still running iOS 14.4), we take interest in this capability given the ease with which potential stalkers or tech-savvy adversaries could hijack this convenient AirTag feature for nefarious purposes. While it appears relatively narrow in scope, the use of AirTags to track an unwitting individual using the Find My feature raises additional concerns about the other number of ways our devices can be used against us — namely as we consider the design and function of Bluetooth and WiFi technologies. We are reminded to always disable and turn off your Bluetooth and WiFi when not in use to prevent easy tracking, in addition to limiting the number of “leaky” applications downloaded to your device that you do not require to function (time to remove all the games!).

Pope, top Iraq Shiite cleric deliver message of coexistence

Pope Francis walked through a narrow alley in Iraq’s holy city of Najaf for a historic meeting with the country’s top Shiite cleric Saturday, and together they delivered a powerful message of peaceful coexistence in a country still reeling from back-to-back conflicts over the past decade. In a gesture both simple and profound, Grand Ayatollah Ali al-Sistani welcomed Francis into his spartan home. The 90-year-old cleric, one of the most eminent among Shiites worldwide, afterward said Christians should live in peace in Iraq and enjoy the same rights as other Iraqis. The Vatican said Francis thanked al-Sistani for having “raised his voice in defense of the weakest and most persecuted” during some of the most violent times in Iraq’s recent history.⁴

Analyst Comment:

While a promising and relatively ground-breaking visit for the Holy Father given recent reports of his declining health and back problems, we remain relatively unconvinced that Shiite attitudes towards the minority Christian population in Iraq will significantly improve. Nevertheless, the war-torn region is certainly in need of healing across all religions and populations following back-to-back conflicts, from the toppling of the Saddam regime to the resurgence of Al Qaeda in Iraq under the name of ISIS, and on to the bitter proxy wars between the Western-backed Iraqi government and Iranian-backed Shiite militias.

Preparing for Retaliation Against Russia, U.S. Confronts Hacking by China

Just as it plans to begin retaliating against Russia for the large-scale hacking of American government agencies and corporations discovered late last year, the Biden administration faces a new cyberattack that raises the question of whether it will have to strike back at another major adversary: China. Taken together, the responses will start to define how President Biden fashions his new administration’s response to escalating cyberconflict and whether he can find a way to impose a steeper penalty on rivals who regularly exploit vulnerabilities in government and corporate defenses to spy, steal information and potentially damage critical components of the nation’s infrastructure. The first major move is expected over the next three weeks, officials said, with a series of clandestine actions across Russian networks that are intended to be evident to President Vladimir V. Putin and his intelligence services and military but not to the wider world. The officials said the actions would be combined with some kind of economic sanctions — though there are few truly effective sanctions left to impose — and an executive order from Mr. Biden to accelerate the hardening of federal government networks after the Russian hacking, which went undetected for months until it was discovered by a private cybersecurity firm. The issue has taken on added urgency at the White House, the Pentagon and the intelligence agencies in recent days after the public exposure of a major breach in Microsoft email systems used by small businesses, local governments and, by some accounts, key military contractors.⁵

Analyst Comment:

In a strange “telegraphing” of secret pending cyber actions against Russia, this NYT piece highlights the challenges faced by the U.S. as it squares off against its primary competitors in cyberspace: Russia and China (among many others). It is unusual for such actions to be highlighted in the media ahead of their execution, suggesting this was a deliberate “leak” to the NYT intended to send a strong and open message to Russia that they will face repercussions for their egregious actions against U.S. critical infrastructure, corporations, and government systems over the years, a conflict which has only escalated during critical moments such as the U.S. election. We are not optimistic that this message, however seemingly strong, will greatly impact Putin’s calculus given the lack of U.S. response to previous belligerent Russian cyber activities to date. As we have previously highlighted, the formation of cyber policy as it constitutes the projection of state power and pertains to more traditional and conventional definitions of nation-states (i.e. what constitutes or delineates borders) is being determined in real-time, with no global norms to guide its implementation. The cyber domain is unlike the others, and we are wary of any actions that may contribute to the unintended escalation of force in cyberspace, resulting in an unbridled total cyber conflict with a near-peer adversary.

The Robot, the Targeter and the Future of U.S. National Security

As the U.S. competes with Beijing and addresses a host of national security needs, U.S. defense will require more speed, not less, against more data than ever before. The current system cannot support the future. Without robots, we’re going to fail. News articles in recent years detailing the rise of China’s technology sector have highlighted the country’s increased focus on advanced computing, artificial intelligence, and communication technologies.  The country’s five year plans have increasingly focused on meeting and exceeding western standards, while constructing reliable, internal supply chains and research and development for artificial intelligence (AI). A key driver of this advancement are Beijing’s defense and intelligence goals. Beijing’s deployment of surveillance in their cities, online, and financial spaces has been well documented. There should be little doubt that many of these implementations are being mined for direct or analogous uses in the intelligence and defense spaces.  Beijing has been vacuuming up domestic data, mining the commercial deployment of their technology abroad, and has collected vast amounts of information on Americans, especially those in the national security space. The goal behind this collection? The development, training, and retraining of machine learning models to enhance Beijing’s intelligence collection efforts, disrupt U.S. collection, and identify weak points in U.S. defenses. Recent reports clearly reflect the scale and focus of this effort – the physical relocation of national security personnel and resources to Chinese datacenters to mine massive collections to disrupt U.S. intelligence collection. Far and away, the Chinese exceed all other U.S. adversaries in this effort.⁶

Analyst Comment:

This excellent piece by a former CIA targeting officer outlines the immense challenge facing the West amidst persistent, massive, and invasive Chinese efforts to harness artificial intelligence and machine learning technologies for intelligence collection efforts. This capability poses a grave threat to U.S. national security and impresses upon us the critical need for our own investment and development of similar technology capabilities. As the author states, data collection and gathering is rarely an issue — processing the vast quantities of data effectively and in a manner that proves useful for national security purposes is.

FBI releases new video of person planting bombs before Capitol riot

The FBI released new videos Tuesday that investigators said show the person suspected of planting two pipe bombs the night before the January riot at the Capitol. "These pipe bombs were viable devices that could have been detonated, resulting in injury or death. We need the public's help to identify the individual responsible for placing these pipe bombs, to ensure they will not harm themselves or anyone else," said Steven D'Antuono, the assistant director in charge of the FBI's Washington field office. The FBI said the bombs were planted between 7:30 p.m. and 8:30 p.m. ET Jan. 5 outside the national offices of the Republican and Democratic national committees. Both are a few blocks from the Capitol.⁷

Analyst Comment:

Crowd-sourcing assistance by law enforcement agencies has certainly increased as the digital space plays an ever-increasing role in society. Here the FBI released CCTV footage of a person observed planting pipe bombs near the national offices of the Republican and Democratic national committees the day prior to the Capitol building riot. The timing of the emplacement of these devices is what we find most concerning here, given they preceded subsequent events at the Capitol building the next day, allegedly occupying the manning and resources of officers that normally would have been posted around the Capitol. It remains unknown whether or not these devices were intended to detonate or simply serve as a diversion of sorts; regardless, it speaks to a possibly coordinated effort given the circumstances.

How Green Berets prepared to carry 'backpack nukes' on top-secret one-way missions during the Cold War

In the 1950s, the US military came up with the tactical nuclear option, using weapons with a lower yield and range than their strategic counterparts. These weapons would be used on the battlefield or against a military-related target to gain an operational advantage. For example, the Air Force could drop a tactical nuclear bomb on a Soviet division invading Poland to stop its advance without triggering a disproportionate response — such as a nuclear attack on New York City. Tactical nuclear weapons came in several forms, including artillery shells, gravity bombs, short-range missiles, and even landmines. But perhaps the most interesting iteration was the "backpack nuke," which was to be carried by Army Special Forces operators. Specially trained Green Berets were assigned to Green Light Teams. Their purpose was to clandestinely deploy in NATO or Warsaw Pact countries and detonate their Special Atomic Demolition Munition (SADM) in a conflict with the Soviets. The Pentagon later included North Korea and Iran on the target list. Green Light Teams' main targets were tunnels, major bridges, mountain passes, dams, canals, ports, major railroad hubs, oil facilities, water-plant factories, and underground storage or operations facilities. In other words, SADMs were intended to either slow down the enemy by destroying or significantly altering the landscape or target the logistical, communications, and operations hubs that are vital to an army, especially during offensive operations. Green Light Teams primarily carried the MK-54 SADM. Nicknamed the "Monkey" or "Pig," the device weighed almost 60 pounds and could fit in a large rucksack.⁸

Analyst Comment:

Although it sounds like something out of a Call of Duty game or Tom Clancy novel, this piece outlines the secret history of highly trained Special Forces operators trained to infiltrate behind enemy lines and employ a tactical nuclear option such as a “backpack nuke”. In the event of a conflict with the Soviets or other Warsaw Pact nations, these so-called Green Light Teams would clandestinely deploy in order to provide decision-makers with a hard-hitting (but relatively lower yield) nuclear option. While the teams were deactivated having never deployed on a real-world mission, the ability to present decision-makers with such an option for the use of force and power projection remains a concept still employed across U.S. national security strategy today.

1

https://www.nytimes.com/2021/03/08/us/politics/cia-drones-sahara-niger-libya.html?referringSource=articleShare

2

https://www.nbcnews.com/tech/tech-news/creator-viral-tom-cruise-deepfakes-speaks-rcna356

3

https://www.thesun.co.uk/tech/14241996/iphone-feature-prevents-find-my-app-stalking/

4

https://apnews.com/article/middle-east-islamic-state-group-ali-al-sistani-pope-francis-iraq-f95098b179f6a82157e87a7cb6cc0c3d

5

https://www.nytimes.com/2021/03/07/us/politics/microsoft-solarwinds-hack-russia-china.html?referringSource=articleShare

6

https://www.thecipherbrief.com/article/united-states/the-robot-the-targeter-and-the-future-of-u-s-national-security

7

https://www.nbcnews.com/politics/justice-department/fbi-releases-new-video-suspect-planting-bombs-capitol-riot-n1260293

8

https://www.businessinsider.com/army-special-forces-green-light-teams-tactical-nukes-cold-war-2021-2

Comments

[Mason]

The Deep Fake is especially concerning. However this entire mailer is chock full of really interesting topics!

Reading Election issues by Rick Hassen, covering Narrative by Ajit Mann, and following Paul C in regards to the convergence of Election Fraud (meaning the building of false narratives of election Fraud), and the impact that Deep Fakes could have on elections going forward, when someone promotes "The Big Lie", they can use Deep Fakes to discredit legitimate challenges to false election fraud claims, and even use Deep Fakes to create "Plausible Deniability".

Between the Russian IRA social media manipulation of 2016, chaff and noise thrown up by the likes of Roger Stone, and the dribble of wiki-leaks emails, and now the entire drama of the 2020 elections, Deep Fakes could make 2024 even more contentious.