
Russia carried out a 'stunning' breach of FBI communications system - prostoalex
https://news.yahoo.com/exclusive-russia-carried-out-a-stunning-breach-of-fbi-communications-system-escalating-the-spy-game-on-us-soil-090024212.html
======
ac4tw
Great article @prostoalex--gets excellent 1/2 way in with the details I was
looking for.

Esp. interested in more on this:

'A major concern was that Russian spies with physical proximity to sensitive
U.S. buildings might be exfiltrating pilfered data that had “jumped the air
gap,” i.e., that the Russians were collecting information from a breach of
computers not connected to the Internet, said former officials.

One factor behind U.S. intelligence officials’ fears was simple: The CIA had
already figured out how to perform similar operations themselves, according to
a former senior CIA officer directly familiar with the matter. “We felt it was
pretty revolutionary stuff at the time,” the former CIA officer said. “It
allowed us to do some extraordinary things.”'

~~~
alexfromapex
Seems like it should’ve been classified and not something they should’ve
admitted in an interview

------
blantonl
My bets here are the Russians probably were tracking the encrypted simplex
(short range unit to unit) communications of the FBI's counterintelligence
teams. I believe even in 2012 those would have been simplex Project-25 (P25)
digital voice encrypted with AES-256.

If the Russians simply sent out a subject they suspected of being watched by
the counter intelligence teams and then had their own teams monitor for
encrypted P25 simplex comms within the general vicinity of the subject, they
would know that the subject was indeed being watched.

Even though it's almost certain that the Russians were not able to actually
decrypt AES-256 P25 transmissions, there are a number of key meta-data
variables in the FBI's simplex P25 communications that would be available. The
Unit ID of the portable radio, and the current KeyID of the AES-256
encryption. Presumably, the counter-intel teams had their own personnel
assigned radios which have unique P25 unit IDs, and most likely had their own
team unique AES encryption keys loaded into the radios.

If you couple the ability to monitor each of those metadata variables with
knowing that simplex communications are short range (local to just you) and
even employ some rudimentary DF (direction finding) capabilities into the
equation, and it would be very simple for the Russians to determine which of
their assets were being tracked by the FBIs counter-intel teams, and even
possibly which individual agents were part of the tracking and close to the
target (by cross-referencing P25 unit IDs)

------
m0zg
>> The Russians are able to extract every capability from any given
technology.

And that's how you know you're reading fake news made up horseshit.

Full disclosure: dual Russian and US citizen. Lived most of my life in the US.

