Beacons are considered both strategic and tactical. Tactical beacons, monitored from ground receivers, are usually located within a short range of the target; strategic beacons may be monitored from a highflying aircraft or satellites. Most clandestine beacons use a small radio frequency transmitter to broadcast a navigational signal to the surveillance team. For example, the CIA might covertly insert satellite-tracked beacons inside shipping containers of shoulder-fired missiles being transported by terrorists from Afghanistan to other locations in the Middle East and place a tactical beacon on a pickup that is hauling a few of the missiles to a terrorist safehouse.

During the Vietnam war, TSD disguised a small beacon inside imitation animal dung. Left in the foliage adjacent to a North Vietnamese Army or Vietcong campsite, the active beacon would not be noticed or disturbed because of its appearance. Attack aircraft could home in on the signal that pinpointed the site for destruction.6 In the Middle East, beacons were deployed inside briefcases and belts to protect individuals at high risk against kidnapping. When activated by nonalerting movements of the wearer, the beacon transmitted a signal for help and provided the location of the kidnapped individual. In the Middle East, beacons were deployed inside briefcases and belts to protect individuals at high risk against kidnapping. When activated by nonalerting movements of the wearer, the beacon transmitted a signal for help and provided the location of the kidnapped individual.

Software beacons were created for operations against cell phones and portable computers. With brief access to a target's laptop or cell phone, the beaconing software could be installed and, thereafter, anytime the target used his cell phone or logged onto the Internet with his laptop, his position was logged and his e-mails and conversations intercepted.

Taggants represent another means for tracking movements by identifying a targeted individual as he pa.s.ses through choke points within the operational area. Similar to the plastic security tags attached to clothing that must be removed before departing a store, taggants made of chemicals, pheromones, or electronics can be remotely detected and the tagged individual identified.7 One of the best-known taggants used by the KGB was "spydust," the chemical compound 5-(4-Nitrophenyl)-2,4-pentadien-1-al (NPPD). The Soviets' use of spydust was of such concern to CIA operatives that OTS established a special program to a.n.a.lyze and counter the material. One of the best-known taggants used by the KGB was "spydust," the chemical compound 5-(4-Nitrophenyl)-2,4-pentadien-1-al (NPPD). The Soviets' use of spydust was of such concern to CIA operatives that OTS established a special program to a.n.a.lyze and counter the material.

The CIA employed audio, visual, physical, forensic, and electronic technical aids to enhance the organized study and observation of targets. Throughout most of the Cold War, audio operations and satellite photography dominated technical collection successes. Audio operations were an original function of the Technical Services Staff, but initially were no more important than printing, concealments, and disguise. However, by 1960, audio technical surveillance had become TSS's top priority. Audio operations, designed to obtain positive or operational intelligence, targeted communications systems or facilities where conversations of interest might occur. Government telephone lines, official foreign missions and facilities, an office, residence, or hotel room-all were exploited by the audio techs.

Traditional landline telephones were particularly vulnerable to clandestine tapping. Almost every target individual anywhere in the world had and used a phone. The handset contained a high-quality microphone built into the mouthpiece and was connected to wires leading out of the building. TSS developed three basic systems for bugging phones in the early 1950s that remained viable for decades.

By tapping the line, both parties talking could be heard and the full conversation captured. The tap might require direct contact with the wires, or an "inductive" tap could be fitted as a collar around a line without making physical contact with the internal wires. An alternative was to modify the phone.

Normally when a telephone receiver is placed on its cradle the depressed hook switch ends the call. TSS developed a technique in the 1950s to bypa.s.s remotely the hook switch in order to use the sensitive mouthpiece microphone to listen in on all room sounds and conversation. Usually a tech required access to the telephone to make the modification but if the make and model of the targeted telephone could be obtained, a hook-switch bypa.s.s modification to an identical instrument could be made. Then, similar to a quick-plant operation, a cleaning person or service personnel could covertly exchange phones. The third basic system exploited the telephone's own current. Telephone instruments draw current from the telephone company for power to operate the unit and activate the bell or ringer. This power level was sufficient to support other bugs and listening devices in the room and eliminated the need for batteries to be replaced.

Cellular telephones are particularly vulnerable to audio attacks. Cellular conversations can be intercepted while transmitting between the nearest cell tower and the handset, or as the signal is relayed between towers to the telephone exchange. All data and conversations sent to and from a cell phone, including e-mails, videos, images, and text messages can be captured without any physical access to the phone itself. Cell phones can be located to within 100 feet by triangulating the signal strength of the cell phone with the three nearest cell towers. By integrating this geographical positioning data with a moving map display, movements of the cell phone can be monitored in near-real time.

A cell phone can also be bugged by gaining access to the instrument for the time required to swap batteries. Modified batteries containing a microphone, digital storage media, and computer chip const.i.tute a self-contained eavesdropping system. Once the audio is captured and stored in compressed format, the microcomputer chip in the system dials a preprogrammed number and burst-transmits the stored information to a receiver. The bug automatically recharges itself when the user charges his cell phone battery.

In the 1980s, cell phones communicated using a.n.a.log signals that were easily intercepted and monitored. In the 1990s, digital cellular providers began offering limited protection from amateur eavesdroppers, but fell far short of the capabilities and technical resources of intelligence services and law enforcement agencies.

A bugged olive in a martini gla.s.s served at a black-tie emba.s.sy reception might play well to movie and television audiences but such things are usually unrealistic for CIA operations. To get the "good stuff," surveillance techs installed listening systems in walls and ceilings of consulates, concealed recorders in attache cases, and hid microphones and transmitters in apartments. They operated contact microphones to eavesdrop through the walls of hotel rooms, rigged telephones, intercepted cell calls, and bounced laser beams off windowpanes. Whether the techs left cigarette lighters with transmitters in target offices or wired microphones into a case officer's bra.s.siere, the objective never changed-to get secret intelligence in support of national security.

For each surveillance operation, the techs selected components that work together in order to capture the audio at the target site and transmit it to the listening post. Their equipment differed markedly from the repackaged consumer-grade products masquerading as "covert electronics" and offered for sale at retail spy shops.8 Consumer electronics normally lack the technical sophistication and reliability needed to operate in security environments where covertness is critical and climatic conditions uncontrolled and unpredictable. Compared to professional spy equipment, the consumer "spy" gadgets require excessive power, operate erratically, and emit signals that are easy to detect and intercept. Consumer electronics normally lack the technical sophistication and reliability needed to operate in security environments where covertness is critical and climatic conditions uncontrolled and unpredictable. Compared to professional spy equipment, the consumer "spy" gadgets require excessive power, operate erratically, and emit signals that are easy to detect and intercept.

Many OTS spy electronics were the result of a collaborative development process between CIA engineers and private companies where a dedicated team of cleared contractors worked on Agency projects.9 This model of industry-government cooperation produced components with performances that eclipsed commercial standards by decades. Among the most significant examples were rugged, sensitive audio microphones that were later made public and introduced into hearing aids and small, long-life transmitter batteries that eventually powered heart pacemakers. Charge-coupled devices (CCDs) were used in OTS spy cameras a decade before the same technology was commercially available in digital cameras. This model of industry-government cooperation produced components with performances that eclipsed commercial standards by decades. Among the most significant examples were rugged, sensitive audio microphones that were later made public and introduced into hearing aids and small, long-life transmitter batteries that eventually powered heart pacemakers. Charge-coupled devices (CCDs) were used in OTS spy cameras a decade before the same technology was commercially available in digital cameras.

The latest and most sophisticated OTS audio equipment was usually reserved for targets in denied areas where hostile technical surveillance countermeasures sweep teams were the most formidable. OTS created a variety of components and eavesdropping devices, each with different characteristics and capabilities that allowed the tech to customize each system to meet the operational requirements and counter the threat.

Commercial microphones were developed in the latter quarter of the nineteenth century after Emile Berliner sold his microphone patent to the fledgling Bell Telephone Company. The world's first electronic eavesdropping system, the Turner Dictograph introduced in 1915, contained a carbon microphone, battery, and earphone. Buyers were cautioned "not to use the device for illegal or immoral purposes." Whether a microphone is located inside the mouthpiece of a telephone, or embedded in the wooden leg of a table, its purpose is the same-to convert the sounds of room noise and voices into an electrical signal.10 From the variety of microphones available, the techs matched the one with the most desirable characteristics to the operational requirement. Mics could be hardwired to the listening post, connected to a concealed recorder worn beneath the user's clothing, or connected to a radio-frequency transmitter. While a hardwired mic offered security advantages, the radio-frequency transmitter quickly became the most commonly used audio system because the listening post could be placed in remote locations.

Contact microphones are effective in capturing sound waves from room audio that cause every hard surface in the room, including the walls, floors, and objects, to vibrate. A sensitive contact microphone with the capability to convert vibrations into an electric signal was especially useful in operations against targets in hotel rooms when the tech had physical access to one of the adjacent rooms, or the room above or below. The tech could affix the contact microphone to the wall or floor using glue or a nail to pick up the vibrations. A special type of contact microphone, the "accelerometer," could detect vibrations of room conversation or movement through solid concrete walls up to eighteen inches thick. For opportunities that required quick reaction, OTS produced a special self-contained "motel kit," disguised inside a small toiletries case, that consisted of a contact microphone, wall adhesive, pocket amplifier with optional output to a tape recorder, and earpiece.11 It could be packed in a briefcase or carried beneath a coat. It could be packed in a briefcase or carried beneath a coat.

Ill.u.s.trated are five different types of microphones intelligence services used for covert monitoring of conversations through a common wall. The degree of access to the target room and type of building construction determined which microphone was used.

The "vibro-acoustic" microphone, designed to be affixed to a reinforcing steel rod or bar inside a concrete column during building construction, could later be connected to concealed wiring that would run to a listening post. Conversations cause the concrete and rebar to vibrate and enable the vibro-acoustic sensor to capture the sounds. Multiple sensors inside the same column on different pieces of rebar could be selectively tuned by the monitor at the post to target specific conversations anywhere in a 360-degree circle around the column. However, the task of attaching the vibro-acoustic mics onto the rebar required bribing or distracting security guards at the construction site.

Pinhole mics, half the size of a pencil eraser, were a workhorse for the OTS audio techs. Whether mics were hidden behind a floorboard, inside a wall, or embedded in the base of a flowerpot, they required only a tiny (less than half a millimeter) airway to capture all of the room noises. The pinhole mic could be installed inside numerous objects or architectural features of a room. When denied access to the target room, the tech could install the mic in a common wall by drilling a pinhole too small to be noticed through the wall, floor, or ceiling.

TSD developed a "Motel Kit" for surveillance of targets of opportunity. The self-contained eavesdropping kit included contact microphones, a battery-powered source, and earphones. The sensitive transducer detected vibrations on the wall caused by sound or conversation in the target room that, when amplified, were heard clearly through the headphones, circa 1970.

Advances in the 1980s made it possible for OTS to design a fiber-optical microphone that operated using only light waves transmitted to it along a cable thinner than a human hair. The fiber-optical microphone defied detection by a metal detector or nonlinear junction detector and its tiny wire was easily hidden.

Directional mics were designed for operations to pick up a selected conversation from individuals standing together and talking at a social event while excluding other room noise to either side. The rifle mic, a type of directional microphone, was used in outdoor seating or smoking areas to collect conversations from a distance. The increase in smoke-free buildings turned these gathering spots into ideal target areas to collect gossip and personal information. The directional rifle mic, composed of an array of tubes of varying precalculated lengths placed in front of the sensitive microphone, filtered out extraneous sounds and reduced all noises other than those from voices in the direction of the target.

Audio played a critical role in the rescue of seventy-one people held hostage for four months by the Tupac Amaru Revolutionary Movement (MRTA) in April 1997. Fifteen armed MRTA terrorists stormed the j.a.panese amba.s.sador's residence in Lima, Peru, during a diplomatic Christmas party on December 17, 1996, taking seventy-two Peruvian and foreign hostages. Several days later, when it became apparent that the hostages would be held indefinitely, the Peruvian government began infiltrating listening devices into the residence in hope of acquiring intelligence about the terrorists' intentions and the status of the hostages' well-being. Loudspeakers set up at the front of the residence to deliver messages and hara.s.s the terrorists were part of the government's attempt to pressure a surrender.

In January, one hostage, a senior Peruvian government official, suddenly a.s.sumed the persona of an isolated eccentric. He began talking incoherently and at random to various inanimate objects in ways that suggested his mental state had deteriorated. The act was a ruse; the official had knowledge of audio operations from his previous work and made a calculated guess that something in the residence could contain a bug. In fact, a religious icon did conceal a transmitter and on one afternoon the listening post monitors heard the hostage pray, "If you hear this, play 'La Cucaracha' tomorrow." Precisely at 6 AM the next morning, "La Cucaracha" blared through the loud speakers, baffling the Lima press as to why the government would use a famous Spanish Civil War song as a hara.s.sment tool.

After the musical acknowledgment, the eccentric continued talking to the icon for three months until April 22, when, minutes before the successful rescue a.s.sault, he reported that the hostages were in a relatively safe indoor area while the terrorists were in an open area playing their usual afternoon soccer match. The a.s.sault was launched, killing the fifteen MRTA revolutionaries and rescuing all but one hostage.

OTS audio techs left nothing to chance in preparation and advance planning for their operations. The complexity and the risk of the activity demanded that each phase of any technical surveillance operation be considered and doc.u.mented. CIA Headquarters required that a survey and written proposal, known as "the 52-6," be prepared, submitted, and approved before an audio operation could proceed. The survey consisted of six primary elements.

The target could be a person or a facility such as a telephone line, building, room, or automobile. Methods used to operate against a target varied by the type of information sought. If the target was a briefing by a senior military attache during his weekly staff meeting, the emba.s.sy conference room would be the place to plant the listening device. On the other hand, if the attache was being a.s.sessed for possible recruitment, his bedroom or the telephone line he used for personal calls might be locations where his conversations would reveal an exploitable weakness. Attacking the third-floor room of a trade mission with windows overlooking a busy street would require a completely different operational plan than one to bug the general's briefing room inside a secure military base. Without a means of gaining un.o.bserved access to the target facility, there could be no operation.

Audio operations required a thorough physical description of the site, including a viable location for a listening post. A signal "path loss" test identified any physical obstructions that would degrade the bug's transmission signal. Activity patterns of occupants were recorded. Any security and alarm systems, including the use of guard dogs, was plotted. The survey estimated the operational life of the battery in the listening device, identified the number of people, their special skills, and the type of equipment required. The techs projected the time they could be safely inside the target, the optimum date and time for the operation, a proposed escape route, individual cover requirements, and the risk of compromise. The station and Headquarters weighed in on the expected value of the information to be gained from a successful operation.

Based on what was known of the target, the techs described their plan to enter the facility and do the required deconstruction, which could involve removing baseboards, drilling, implanting devices, reconstructing damaged walls, inventorying tools, and exiting securely. The scenario also included the plan for communicating with countersurveillance teams and contingency procedures-what to do in an emergency should technical or security problems arise during the operation.

After the installation, audio devices were managed from the listening post. The survey included information about the location, equipment, and staffing of the listening post. The station had responsibility for staffing the post, manning the tape recorders, translating and producing transcripts, while OTS maintained and serviced the equipment. When an audio operation ended, the techs conducted another clandestine entry to remove the device and to restore the facility, leaving no trace of the installation. This objective was not always achievable; operational judgment would balance the risk of exposure during a reentry with the value and importance of the equipment to be retrieved.

Both audio surveillance and concealed video camera operations consisted of three primary components: the collection device, the transmission link, and the listening or observation post. Collection devices were usually a microphone or camera that would covertly acquire the information for transmission down a wire or radio-frequency broadcast to a listening post. The collector might be a subminiature microphone embedded in the woodwork, a tap placed across the telephone line, or a pinhole video camera concealed behind a dressing-room mirror. Power for the collection device came from batteries or by siphoning power from the existing electrical lines at the target location.

The transmission link sent the collected signal containing the sound or imagery from the collection device to a receiving and recording location. The configuration of the target, the cooperation of the local security service, and the distance to the listening post were all factors in determining the type of link used-hard wire, radio transmission, or a more exotic system such as laser or fiber-optics. Where the monitoring post was positioned close to the target, as in the bas.e.m.e.nt of an apartment building or in the adjacent room of a hotel, a hardwired microphone to the recorder would be preferable since no over-the-air radio signal was generated. Hardwiring a microphone or video camera could also eliminate the need for a power source at the target site and made the implanted device nearly impossible to detect without x-raying the floors, furniture, and walls. However, hardwiring is usually slow to install and potentially more susceptible to accidental discovery.

For microphones hardwired to the listaning post, OTS developed special tools to aid in their invisible installation. A small, easily concealed aluminum crowbar was developed for quickly prying baseboards away from the wall to hide wires, as was a special hand-held fine-wire kit that used a razor blade to slice a small slit in a wall, insert a pair of tiny wires, and finally seal the opening using a pencil eraser. The device could lay wires across a painted surface without leaving a trace.12 For audio installations involving damage to woodwork or walls, OTS engineers created special quick-drying putties and odorless paint to hide signs of construction. The tech could complete his installation and cover all traces of his work during a single entry into a target site. For audio installations involving damage to woodwork or walls, OTS engineers created special quick-drying putties and odorless paint to hide signs of construction. The tech could complete his installation and cover all traces of his work during a single entry into a target site.

The listening or observation post received and recorded signals from the transmission link for processing. A typical post could contain several recorders, each paired to an implanted collection device. Advances in digital recording created a virtually unlimited recording capacity.

The radio-frequency transmitter became the CIA's most frequently used device for sending a stolen signal out of a target location. Although the transmitter required batteries or another power source, its signals had an advantage in that they could be monitored anywhere within a kilometer of the installation and farther with the use of repeaters. Since the early 1970s CIA surveillance systems have included the capability for remotely turning the transmitter on and off at selected times to conserve battery power, and storing collected conversations for a remotely programmed transmission at a later time.

For the hardest targets, exotic systems were developed to collect audio via lasers, infrared light, or fiber-optic cables. More technically complex and difficult to maintain than the radio-frequency transmitters, these systems were limited in use but effective in situations where a target employed aggressive technical countermeasures to block, identify, or neutralize a radio-frequency transmission link. Transmitting signals via infrared or laser reduced vulnerability to traditional TSCM "sweep" techniques.

MI6 officer Richard Tomlinson described the difficulties experienced in an operation to bug the penthouse apartment of a suspected Russian intelligence officer in Lisbon. A loft s.p.a.ce above the apartment provided a suitable place for hiding the small microphone, but a problem arose in linking the microphone to the recording equipment located in another apartment below. Use of a normal radio link was ruled out for technical reasons, so the alternative was to link the two areas by running a small wire "through a convoluted drainpipe that wound its way down the building."13 Technical officers experimented with various mechanical crawlers in an effort to thread the wire through the bends of the drainpipe to no avail before hitting on the idea of using a mouse. Tomlinson describes the operation: Technical officers experimented with various mechanical crawlers in an effort to thread the wire through the bends of the drainpipe to no avail before hitting on the idea of using a mouse. Tomlinson describes the operation: .

Using a fishing line they could dangle the mouse, harnessed to the end of a fishing line, into the top end of the drainpipe. They would then lower it down the vertical section of the pipe to the first right-angled bend. From there the mouse could scurry along the horizontal part of the pipe to the next vertical section and so on, down to the bottom of the pipe where it could be recaptured. The wire could then be attached to the line and pulled through the pipe.

Trials of the mouse-wire delivery system on the Century House drainpipes, using three white mice borrowed from the chemical and biological weapons research establishment at Porton Down, proved reasonably successful. One mouse, nicknamed Mickey, was a natural and scampered through the pipes enthusiastically. A second, Tricky, tried to climb back up the fishing wire when dangled, but once in the pipe, was reasonably competent.14 .

Methods of clandestinely introducing a listening or photo device were as varied as the imagination of the techs. Eavesdropping devices embedded inside Trojan horse-style gifts were given to diplomats, businessmen, and other high-profile targets with the expectation that the device would be placed in an area used for important conversations.15 The gift, described by a case officer as one that "keeps on giving," could be an engraved pen and pencil set for the target's desk, a decorative flowerpot, or a handsome globe. Two primary weaknesses of a Trojan horse operation are the inability to predict or control where the gift, with the listening device, is placed and the potential blowback on the giver should the deception be discovered. The gift, described by a case officer as one that "keeps on giving," could be an engraved pen and pencil set for the target's desk, a decorative flowerpot, or a handsome globe. Two primary weaknesses of a Trojan horse operation are the inability to predict or control where the gift, with the listening device, is placed and the potential blowback on the giver should the deception be discovered.

For short-duration audio operations, OTS developed small portable eavesdropping systems embedded in functional everyday items such as lighters and disposable ballpoint pens.16 Such a device could be attached by a member of the cleaning staff beneath a conference room table where it would not be noticed or secreted by an official visitor between the cushions of a couch. The eavesdropping device would collect and transmit room audio as long as it retained battery power or until removed or discarded. Ideally, an operation to deploy a quick plant included an advance visit to the target site to determine the best place to leave the device, identify an appropriate concealment, and determine a listening post location. Such a device could be attached by a member of the cleaning staff beneath a conference room table where it would not be noticed or secreted by an official visitor between the cushions of a couch. The eavesdropping device would collect and transmit room audio as long as it retained battery power or until removed or discarded. Ideally, an operation to deploy a quick plant included an advance visit to the target site to determine the best place to leave the device, identify an appropriate concealment, and determine a listening post location.

Concealments for quick-plant operations can be either tailored or generic. 17 17 Deployment of a generic device-say, a disposable cigarette lighter or expended ballpoint pen-requires little advance planning. OTS carried an inventory of bugged AC electrical adaptors that could be quickly installed between a lamp plug and the socket. These were available in the varied colors and styles appropriate for target countries. Deployment of a generic device-say, a disposable cigarette lighter or expended ballpoint pen-requires little advance planning. OTS carried an inventory of bugged AC electrical adaptors that could be quickly installed between a lamp plug and the socket. These were available in the varied colors and styles appropriate for target countries.18 DCI William Casey credits himself with personally deploying a generic quick plant disguised as a large needle in the office sofa of a senior Middle Eastern official during a trip abroad. DCI William Casey credits himself with personally deploying a generic quick plant disguised as a large needle in the office sofa of a senior Middle Eastern official during a trip abroad.19 The wood block represented a frequently deployed variation of a quick plant.20 Wood blocks encased audio transmitters and were designed to be placed underneath a table or desk, or as part of a chair or a replacement for sections of chair rails and crown molding. High-quality wood blocks replicated the color and type of the wood, as well as shape of the molding and appeared as a normal part of the furniture or room design. Structural wood-blocks replaced the pieces of triangular-shaped wood that provided stability and support beneath most pieces of wooden furniture. These were unlikely to be seen and required less engineering effort to conceal beyond matching the general color of the furniture. Wood blocks encased audio transmitters and were designed to be placed underneath a table or desk, or as part of a chair or a replacement for sections of chair rails and crown molding. High-quality wood blocks replicated the color and type of the wood, as well as shape of the molding and appeared as a normal part of the furniture or room design. Structural wood-blocks replaced the pieces of triangular-shaped wood that provided stability and support beneath most pieces of wooden furniture. These were unlikely to be seen and required less engineering effort to conceal beyond matching the general color of the furniture.21 Books were a variation of wood blocks, the spine of a book providing a tailored concealment cavity for a listening device. Books were a variation of wood blocks, the spine of a book providing a tailored concealment cavity for a listening device.22 A visitor to the target location could execute a quick plant by un.o.btrusively replacing a specific book with a seemingly identical edition. A visitor to the target location could execute a quick plant by un.o.btrusively replacing a specific book with a seemingly identical edition.23 When access inside the target location or to adjacent rooms proved impossible, more exotic systems enabled collection of audio from a distance. Laser microphones worked on the principle that a laser beam directed at an angle toward a gla.s.s window was reflected and could be captured at a listening post, compared with the original signal, and demodulated to recover audio. In the 1980s, OTS engineers developed a program that embedded a small prism inside window gla.s.s in key targets. The prism increased the sensitivity of the laser microphone and allowed OTS to control accurately the angle of reflection. With this prism system, the laser could be aimed at the window and the reflection would return along a parallel path to the LP. This eliminated the necessity for the transmitter and receiver to be in different locations and made detection more difficult.

A pa.s.sive resonator concealed inside a wall or piece of furniture can be targeted with a radarlike signal transmitted from an exterior post. The reflected signal is demodulated to eavesdrop on all conversations in the room. Because its power source comes from the external signal, the device can transmit indefinitely. CIA technicians saw their first resonator in 1952 when one was discovered embedded in the carved wooden Great Seal of the United States.24 Inside the halls of the CIA's Original Headquarters Building, a historical display from the Directorate of Science and Technology shows the inventiveness of CIA scientists. One device, a robotic catfish named "Charlie," was designed to be indistinguishable, when viewed from the water's surface, to channel catfish commonly found in rivers around the world. It appeared so lifelike while swimming in the water, that some feared that it might be consumed by even larger predators. Charlie's mission was unspecified, but experts speculated he could be used to swim into freshwater rivers and ca.n.a.ls to gather water samples near foreign nuclear power facilities. The mobile aquarobot could also serve as an underwater platform for eavesdropping devices.25 CIA officers abroad lived, worked, and operated under the constant awareness that at any time they could come under surveillance. Officer training included weeks of surveillance detection runs to develop and practice skills in recognizing and dealing with surveillance, either obvious or discreet.

Obvious surveillance was used when a foreign security service chose to send a message to an officer that his activities were being closely watched. Such surveillance could become aggressive, verging on hara.s.sment and intimidation. Tactics might include "b.u.mper locking," in which a trailing surveillance vehicle stayed so close that its b.u.mper actually touched the target car. On the street, surveillance watchers could walk directly in front of, behind, or adjacent to the target, staying in close proximity even in shops and buses. Slashed tires, broken windshields, and stolen car batteries conveyed the same message: "We know who you are, and whatever you are up to, we don't like it."

Aggressive actions are sometimes taken by surveillance teams to retaliate for a provocation or to thwart an operational act.26 This happened to an active young CIA officer whose operational activities aroused suspicions of the local service. The officer received an unscheduled late-night visit at his home by the country's chief of counterintelligence. After a tense discussion, the foreign chief left behind a parting compliment coupled with an unstated warning, "Mr. Paseman, you are very good. However, I suggest the remainder of your tour should be rather boring." This happened to an active young CIA officer whose operational activities aroused suspicions of the local service. The officer received an unscheduled late-night visit at his home by the country's chief of counterintelligence. After a tense discussion, the foreign chief left behind a parting compliment coupled with an unstated warning, "Mr. Paseman, you are very good. However, I suggest the remainder of your tour should be rather boring."27 Discreet surveillance, while not physically intimidating, was difficult to recognize and more to be feared. Failure to detect counterintelligence watchers could lead to operational compromise and loss of an agent. Early in the 1970s OTS engineers created tiny body-worn receivers to intercept the radio transmissions of Soviet surveillance teams. These concealed receivers, unrecognized by the KGB for several years, gave CIA officers operating in Moscow a prized capability for detecting surveillance activity.

Well-trained surveillance teams, operating in familiar areas where they control the turf, will attempt to lull the officer into the false belief that he is "black" (free of surveillance). Should the officer fail to detect such surveillance and proceed to "go operational" he could unwittingly lead surveillance to his agent or be caught during an operational act. Discreet Soviet surveillance played a key role in the compromise of major operations and the expulsion of CIA officers from the USSR.

The Hearing Device-2 countersurveillance device, with a neck loop antenna and body-worn receiver, allowed an officer to hear nearby hostile radio communications through bone conductivity by biting down on the pipestem.

Disguises offered one method of defeating the KGB's overwhelming surveillance advantages. OTS sculpted and fitted disguises for use by case officers and agents to evade surveillance and avoid recognition. Before leaving for foreign a.s.signments, case officers were trained to apply a variety of false appearances and function normally while in disguise. Each received a "light disguise kit" tailored to the officer's gender. The kit typically included items like false mustaches and beards, hairpieces, a fake wart, planar lens eyegla.s.ses, hair coloring, collapsible canes, reversible coats, shoe lifts, and dental appliances.28 Some officers, whose a.s.signment required a more elaborate disguise, received full or partial head and face disguises individually sculpted and tinted to blend fully with the wearer's skin and hair color. Some officers, whose a.s.signment required a more elaborate disguise, received full or partial head and face disguises individually sculpted and tinted to blend fully with the wearer's skin and hair color.29 Because surveillance teams relied heavily on visual indicators to track a target, quick changes in an officer's appearance-adding or removing a hat, letting hair down, putting on or taking off gla.s.ses, or reversing the color of a jacket-might cause surveillance to lose their target in crowds or on busy streets. Because surveillance teams relied heavily on visual indicators to track a target, quick changes in an officer's appearance-adding or removing a hat, letting hair down, putting on or taking off gla.s.ses, or reversing the color of a jacket-might cause surveillance to lose their target in crowds or on busy streets.

In the cat-and-mouse game between surveillance and countersurveillance,the edge traditionally went to the side controlling home territory. For the CIA this meant that they were always at a disadvantage when meeting and handling agents in high-risk or denied areas. Agents had to communicate with their handlers, and defeating surveillance was the key to their protection. Whenever OTS developed a new gadget or disguise that offered an advantage against the ever-present watchers, it would be only a matter of time before its tactical superiority was lost. There had to be a better way for agents to operate and communicate without exposing themselves to hostile surveillance and for OTS the new technology arrived in the form of digital zeros and ones.

CHAPTER 24.

Covert Communications

We are surrounded by a world of secret communications . . .

-Eric Cole, Hiding in Plain Sight America's intelligence services (CIA, FBI, and some military elements) recruited foreign spies with the access and opportunity to procure (which is to say, steal) secret information considered vital to U.S. national security. However, without an ability to communicate securely with his handler, the spy and his purloined secrets are worthless. Spies were most vulnerable to being caught not while procuring the information, but when attempting to pa.s.s their secrets to a third party. Every agent required his own tailored covcom that fit his circ.u.mstances and the kind of information he collected. A film ca.s.sette filled with photographs of cla.s.sified memos represented a different covcom problem than pa.s.sing printed pages of a radar system's operating manual or the actual circuit board from a missile guidance system.1 Information exchanges between agent and handler must be both secure and secret. Codes and ciphers provide levels of security while digital steganography hides the encrypted information in a cloak of electronic invisibility. Information exchanges between agent and handler must be both secure and secret. Codes and ciphers provide levels of security while digital steganography hides the encrypted information in a cloak of electronic invisibility.2 In the last half of the twentieth century the "Holy Grail" of covcom was envisioned as a secure system of two-way, reliable, on-demand exchange of voice, text, and data 24/7 from and to any location. The message need not necessarily be encrypted, but the communication process must present a low probability of detection and interception. Once concluded, the exchange would leave no record of having occurred or any telltale electronic footprint. Such a system would be used "from anywhere to anywhere" in the world for an agent to "talk" to his handler, CIA Headquarters, or even the President of the United States.

Every CIA covcom system, from the personal meeting between handler and agent to a multimillion-dollar satellite link between an agent and the DCI, consisted of three primary segments: the field set (what the agent used either to receive or send), the transmission backbone (such as shortwave, high-frequency broadcasts that carried the message), and the receiving element. Personal meetings between agent and handler required comparatively less technology while covcom through satellites was dependent on technology. 3 3 Regardless of the system, each involved integrating whatever special devices were needed with sound tradecraft at every stage of system development, delivery, and, in the case of the agent, concealment of incriminating equipment. The fewer pieces of spy gear in the agent's possession and the fewer unnatural acts he had to perform operationally, the lower was his risk of being detected. Regardless of the system, each involved integrating whatever special devices were needed with sound tradecraft at every stage of system development, delivery, and, in the case of the agent, concealment of incriminating equipment. The fewer pieces of spy gear in the agent's possession and the fewer unnatural acts he had to perform operationally, the lower was his risk of being detected.4 Through the years, the CIA's Office of Communications, Office of Research and Development, Office of Development and Engineering, and Office of Technical Service each pursued some element of covcom's Holy Grail. Their efforts resulted in the deployment of successive generations of technically sophisticated gear that advanced one or more of the following imperatives: obtain more timely information, improve security, pack the maximum amount of information into an exchange, and deliver intelligence ever more quickly to the end user.

When selecting a covert communications system, the case officer considered factors such as the agent's lifestyle, profession, ability to travel abroad, and risk tolerance. He estimated how frequently the covcom would be used, the size and aggressiveness of the local counterintelligence service, level of surveillance directed against the handler, and the number and types of covcom systems already operating in the area. Regardless of the variables, two general categories of covcom occurred between agent and handler: personal and impersonal. Each category of covcom has advantages as well as risks.

Personal meetings between an agent and handler (often a U.S. official) represent the riskiest form of covcom. Hostile governments conducted routine surveillance of foreign diplomats under the a.s.sumption that some of them were actually intelligence officers operating under official cover. Persons suspected of having an intelligence affiliation were systematically surveilled to detect signs of clandestine activities such as clearing and filling dead drops or meeting an agent. The agent, unless already under investigation, was less likely than the American to be under surveillance, but if observed in an unauthorized meeting with a foreign official, immediately was suspect and placed under surveillance.

Despite the risk, face-to-face meetings were frequently a preferred means of communication with agents. Exchange of materials was a.s.sured, conversations could address urgent issues, conflicts could be ironed out, and the agent's morale given a boost. During personal meetings, the handler was always alert for changes in the agent's att.i.tude, motivation, personality, and health. He was able to conduct hands-on agent training, modify requirements, change operational plans, and gauge firsthand the extent of any counterintelligence problems.5 Given the inherent risks, however, personal meetings in denied areas were kept to a minimum, carefully planned, and never conducted without a specific reason. The handler was always prepared for the contingencies necessary to maintain the security of the operation; meeting times, duration, and locations were selected to provide a plausible cover story for both handler and agent in case they were observed. The agenda for the meeting was scripted in advance; initial greetings were immediately followed by a standard question, "How much time do you have?" Next on the script was to agree on arrangements for the next meeting should they be interrupted.6 To minimize the counterintelligence exposure of an agent being spotted during a personal meeting, the CIA developed techniques known as "brief encounters." These involved a personal contact between the agent and handler, but minimized the length of time required for an exchange of material. In 1958, the CIA Chief of Station in Prague, Haviland Smith, developed the technique of a "brush contact" or "brush pa.s.s" while providing tradecraft training in New York City to a Czech agent.7 Smith noticed that the agent was reluctant to leave his package of secrets in a dead drop for fear it would be discovered and traced back to him. As an alternative, Smith had the agent stand just inside the entrance to the Grand Central Terminal where a person entering had the option of proceeding straight ahead to the old Biltmore Hotel or turning right and descending down a flight of stairs to the subway. Smith noticed that the agent was reluctant to leave his package of secrets in a dead drop for fear it would be discovered and traced back to him. As an alternative, Smith had the agent stand just inside the entrance to the Grand Central Terminal where a person entering had the option of proceeding straight ahead to the old Biltmore Hotel or turning right and descending down a flight of stairs to the subway.

Smith knew that at that point he would be momentarily out of sight of any trailing surveillance. If an agent was waiting at the top of the stairs and just inside the entrance, Smith could pa.s.s a newspaper to the agent, who would quickly turn around and head down into the subway while Smith proceeded straight ahead into the hotel. It worked so well that, in a training exercise, even when the surveillance team was looking for the move, as long as they were following Smith from behind, the pa.s.s could not be detected.8 Only in the unlikely chance that the hostile surveillance team had somehow antic.i.p.ated Smith's travel path and arrived ahead of him could the exchange be spotted. The counterintelligence surveillance team was never certain where Smith, who varied his routes and timing, was going and could not "set up" on him in advance. Case officers and techs identified similar locations in cities around the world where the same technique could be used. Only in the unlikely chance that the hostile surveillance team had somehow antic.i.p.ated Smith's travel path and arrived ahead of him could the exchange be spotted. The counterintelligence surveillance team was never certain where Smith, who varied his routes and timing, was going and could not "set up" on him in advance. Case officers and techs identified similar locations in cities around the world where the same technique could be used.9 In a variation of the brush pa.s.s, the moving-car delivery technique allowed an agent to drop a package covertly into the handler's slowly moving vehicle through an open window.10 The travel route selected by the handler was consistent with his normal evening routine and included a number of right-hand turns on dimly lit side streets. Following each right-hand turn, the handler's vehicle was out of sight of the trailing surveillance vehicle for a few seconds; the CIA referred to this brief window of time as being "in the gap." The travel route selected by the handler was consistent with his normal evening routine and included a number of right-hand turns on dimly lit side streets. Following each right-hand turn, the handler's vehicle was out of sight of the trailing surveillance vehicle for a few seconds; the CIA referred to this brief window of time as being "in the gap."11 The agent was instructed to stand in the shadows at the corner and watch for the handler's car to complete the turn. When the car was briefly out of sight or in the gap just following the turn, the driver would dim the car's lights as a signal to the agent. The agent then stepped to the curb and dropped the package through the open window. Immediately after making the exchange, the agent receded into the shadows and remained motionless until the trailing surveillance vehicle pa.s.sed. A concealment cavity built into the car's dashboard or floor mat was used to hide the package until the driver and vehicle returned to a safe compound. The agent was instructed to stand in the shadows at the corner and watch for the handler's car to complete the turn. When the car was briefly out of sight or in the gap just following the turn, the driver would dim the car's lights as a signal to the agent. The agent then stepped to the curb and dropped the package through the open window. Immediately after making the exchange, the agent receded into the shadows and remained motionless until the trailing surveillance vehicle pa.s.sed. A concealment cavity built into the car's dashboard or floor mat was used to hide the package until the driver and vehicle returned to a safe compound.

A higher-risk variation of the moving-car delivery occurred when the agent and handler both drove vehicles to the same traffic signal and pulled up alongside each other. With the agent's car on the right and the pa.s.senger window of the handler's car opened, the agent tossed the package into the empty seat. A moving-car exchange required thorough planning and excellent timing, but when executed properly was virtually undetectable.

Impersonal communications, those not requiring face-to-face meetings, were employed when personal meetings were excessively risky or impossible. Impersonal communications separated the agent and handler by time, s.p.a.ce, or location.12 During the initial phases of agent recruitment, face-to-face meetings between the case officer and target were often necessary, but would be phased out when the target accepted the clandestine nature of the relationship. The more hostile the operating environment, the greater was the need to shift to using impersonal communications to protect the agent. During the initial phases of agent recruitment, face-to-face meetings between the case officer and target were often necessary, but would be phased out when the target accepted the clandestine nature of the relationship. The more hostile the operating environment, the greater was the need to shift to using impersonal communications to protect the agent. 13 13 Impersonal communications using either dead drops or electronic devices offered advantages to the agent and handler and when properly executed were difficult for counterintelligence to detect. Dead drops avoided the necessity for the agent to possess an electronic transmission device, but required time-consuming surveillance detection runs by the handler. Conversely, electronic exchanges usually obviated the requirement for lengthy surveillance detection on runs but the technology could fail, and in its early years of use, often did. Other disadvantages to using impersonal communications included the handler being unable to directly a.s.sess the emotional and physical condition of the agent, and the communication stream being accidentally or intentionally interrupted or intercepted. Agents, as in the case of A. G. Tolkachev, could also decide the electronic gadget was unwieldy and stop using it, or that the amount of information pa.s.sed during any one electronic transmission was too limited.14 Dead drops are the most commonly used and most secure form of impersonal communication.15 Dead drops enable agent and handler to exchange messages, correspondence, doc.u.ments, film ca.s.settes, money, requirements, and instructions without a direct encounter. Dead drops were "timed operations" in which the dropped package remained in a location for only a short time until retrieved by either the agent or handler. Dead drops enable agent and handler to exchange messages, correspondence, doc.u.ments, film ca.s.settes, money, requirements, and instructions without a direct encounter. Dead drops were "timed operations" in which the dropped package remained in a location for only a short time until retrieved by either the agent or handler.

Dead drop sites are selected from locations to which both the agent and the handler have normal access. Public sites for dead drops ranged from parks and nature trails to stairwells, parking garages, and elevators. Site selection varied depending on the country in which the operation was taking place and the circ.u.mstances surrounding the agent. Examples might include a library that contained a shelf of little-used books or the door of a mosque where shoes of either the agent or handler would serve as the container for the material being exchanged. Private areas, such as social clubs and health clubs, were also used if they contained obscured areas where drops could be left without notice.

The ideal dead drop site was used only once, was in a location that could be precisely communicated to the agent, and provided speed of access for both the agent and handler. The site should also provide privacy so that it could be loaded and emptied without the agent and handler being observed.16 Finally, the location would be selected so that both the handler and the agent had plausible reason to be at the site and in a setting where the concealment would naturally pa.s.s unnoticed. A case officer from the 1970s who handled Polish officer Ryszard Kuklinski observed, "every CIA officer serving in a denied area should have a dog." Even in areas with constant and unfriendly surveillance, the necessity of taking the dog for walks provided excellent cover for carrying out operational acts involving signal sites and dead drops . Finally, the location would be selected so that both the handler and the agent had plausible reason to be at the site and in a setting where the concealment would naturally pa.s.s unnoticed. A case officer from the 1970s who handled Polish officer Ryszard Kuklinski observed, "every CIA officer serving in a denied area should have a dog." Even in areas with constant and unfriendly surveillance, the necessity of taking the dog for walks provided excellent cover for carrying out operational acts involving signal sites and dead drops .17 In most capital cities, such as Moscow, Vienna, Paris, Washington, and Berlin, the number of "pristine sites" that met operational requirements for dead drops was limited, since thousands of intelligence officers from different countries had worked the same areas for decades. As a result, there was continuous pressure to identify new sites for future operational use. Techs and case officers shared the responsibility to find, photograph, sketch, and maintain inventories of valid sites. The difficulty in doing so was compounded because all signal and drop sites possess the same general attributes. In response, alert counterintelligence officers could set up an observation post at likely locations and patiently wait for them to be used. Nevertheless, the value of dead drops, despite their complexity and limitations, makes them a primary tool of every professional intelligence service.

Signal sites were among several methods used to initiate a communications sequence between the agent and handler. Signals of some type usually preceded or concluded an operation and were normally linked to a specific meeting place or dead drop location. For example, a signal left at site "Alpha" may initiate a drop at site "Bravo" or a meeting at a designated park bench.

Signal sites were usually located in public places, away from the actual drop site, and positioned so that the agent or a designated observer pa.s.sed them regularly. Signposts, telephone poles, bridge abutments, and mailboxes were among the sites typically used to place a signal. Visual signal marks were made using postage stamps, white adhesive tape, masking tape, colored thumbtacks, colored adhesive-backed stickers, colored chalk, lipstick, and even crushed cigarette packs. A precisely placed soft drink can is readily visible to a pa.s.sing car, bus, or pedestrian and becomes an effective signal. The positioning of the tape, or the color of the thumbtack, chalk, or other signal could also send a danger signal or initiate an escape sequence.18 Even if the chalk mark was observed, its meaning was unknown to anyone other than the agent and handler. Even if the chalk mark was observed, its meaning was unknown to anyone other than the agent and handler.

Usually after placing the material at a dead drop site, a signal was left to communicate that the drop had been "loaded." The person unloading the drop would then confirm the presence of the signal before proceeding to the site. Once he had retrieved the materials, or "cleared the drop," a final signal might be left to communicate that the package was safe and the operation concluded. The absence of valid signals indicated a problem and forestalled either the agent or handler from approaching the site.19 Priority was always given to creating a safe and secure means for the agent to both send and receive messages. Signals were forms of codes that used symbols to communicate longer meanings. Other types of signal techniques included a "car park signal" based on the direction a car was parked, its parking location, or the direction its wheels were turned, and a "window signal" that used the raised or lowered position of a window or drapes and blinds (open, partially open, or closed) to send a message. The position of a potted plant visible to pa.s.sersby could also have been a signal depending on where it was positioned.

Calls placed through the public telephone system, while subject to monitoring, could be safely used to send signals. An example was a "silent call" or "dead telephone" signal that was received at the agent's home at a predetermined time. The caller, using a public phone in a nonalerting location, said nothing but remained on the line for a set number of seconds before hanging up. To the agent the call had meaning, but to anyone monitoring the agent's telephone lines the call had no significance. Even if it was traced to the public telephone, it could not be linked to a case officer. When executed carefully, and used infrequently, the silent call or other wordless signals were almost impossible for an adversary to decode.

Other impersonal exchanges may be undertaken using public systems such as the postal service, telephone, telegraph, newspapers, radio transmissions, and the Internet. Within public systems, covert communications are mixed with the billions of daily telephone calls, letters, postcards, telegrams, newspaper ads, e-mails, Web postings, and instant-messaging transmissions.

When personal meetings were required, a technique known as a "visual recognition signal" could safely send a coded message from the agent to handler prior to any personal contact. Typically, the agent would be instructed to appear at a busy intersection at a prearranged date and time wearing clothing whose color was meaningful to the handler, but not alertingto counterintelligence if he was under surveillance. Anyone aware of the operation and familiar with the agent's photo and instructions could observe from a distance to see if a properly attired individual appeared at the established time.

Secret writing has existed for at least 2,000 years and predates the establishment of the first European postal systems.20 Letters and postcards mailed by an agent to an accommodation address outside the country of origin were commonly used throughout the twentieth century to conceal secret writing. The technique represented an early form of steganography in which the goal was to mask the existence of a communication. The CIA used three forms of secret writing: wet systems, dry systems, and microdots . Letters and postcards mailed by an agent to an accommodation address outside the country of origin were commonly used throughout the twentieth century to conceal secret writing. The technique represented an early form of steganography in which the goal was to mask the existence of a communication. The CIA used three forms of secret writing: wet systems, dry systems, and microdots .21 Wet systems used special inks that became invisible on the paper after the writing dried; the hidden message became visible again only when a reagent matched to the ink was applied. As a simple example lemon juice was used to const.i.tute an ink and the heat from an electric light bulb or candle as the reagent. OTS packaged dehydrated heat-sensitive inks in a variety of disguised forms. Aspirin tablets made good candidates as concealment hosts because they were commonly carried and could be stored in a medicine cabinet at the agent's home without attracting attention; when dissolved in water the pills created the ink. The agent dipped a sharpened wooden stylus or toothpick into the liquid and wrote on bond paper he had prepared by rubbing with a soft cloth in all four directions. Agents were instructed to write on paper placed on gla.s.s to prevent indentations and minimize the disturbance to the fibers in the paper. After the letter had been composed and the ink dried, the agent would again rub the paper in all four directions to eliminate any traces of the message in the paper's fibers. Later the letter would be steamed and placed inside the pages of a thick book to dry.22 Agents would prepare a cover letter over the secret writing for mailing to an accommodation address outside of their home country. Agents would prepare a cover letter over the secret writing for mailing to an accommodation address outside of their home country.23 While it was most often used as an "agent-send" system, in some instances agents also received instructions by secret writing. To eliminate the complexity of developing the writing and minimize the amount of potentially incriminating reagents in an agent's possession, OTS often recommended the "scorch method." Polish military officer Ryszard Kuklinski received innocuous letters that contained hidden messages that became legible only when they were scorched with a household iron.24 With thousands of potential combinations of inks and reagents to select from, OTS produced hundreds of such systems. In an emergency, however, diluted blood, s.e.m.e.n, and even plain water could be used as an invisible ink. With thousands of potential combinations of inks and reagents to select from, OTS produced hundreds of such systems. In an emergency, however, diluted blood, s.e.m.e.n, and even plain water could be used as an invisible ink.25 Two weaknesses of wet systems were the requirement for the agent to possess the special ink and the near impossibility of removing all traces of damage to the paper's fibers. Even if the secret ink was not detected, under close scrutiny the damage to the fibers of the paper sometimes became noticeable.

Dry systems began appearing in the late 1950s as a variation of carbon typing paper. Ch