Another couple of alleged long term Cuban Intelligence Service spies have been arrested in the USA.
The Department of Justice press release gives most of the details which are being repeated without further analysis, by the mainstream media, and most blog commentators.
However, reading a copy of the actual Federal Grand Jury Indictment against Walter Kendal Myers and his wife Gwendolyn Steingraber Myers (.pdf available via CNN), reveals a few interesting details of espionage agent tradecraft and official espionage jargon, something which should be of interest to readers of William Gibson's Spook Country, which features some of the same techniques and a Cuban espionage sub-theme.
Cuban Intelligence Activities in the United States
20. The Cuban Intelligence Service (CuIS) is a general term encompassing numerous Cuban Intelligence and counterintelligence entities. A primary such entity is the Directorate of Intelligence (DI), formerly known as the Directorate of General Intelligence (DGI). It is charged with
21. CuIS spots and assesses persons within the United Slates academic community) who may be suitable for recruitment to serve a variety of roles on behalf of Cuba's interests. The most important of these roles is that of agent - that is, a person who is not an officially recognized employee of CuIS but who is aware that he or she is working for ihe Service and i;
direction, and on behalf, of CuIS.22. CuIS sometimes employs husband and wife "paired" agents to achieve its intelligence goals in the United States.
23. CuIS employs multiple code names for its agents to safeguard and protect their identities.
24. CuIS provides its agents with false identity and travel documents to facilitate clandestine travel and to facilitate flight from the United States in case of detection.
25. CuIS employs handlers in the United States, i.e.. persons who maintain some type of personal contact with CuIS agents located in the United States. Handlers receive reporting or Information from agents, provide tradecraft and communication tools for agents, and sometime direct and control agent activities based on instructions the handler has received from CuIS.
26. A brush-pass, pass, or hand-to-hand are terms used to mean a pre-arranged momentary encounter between an agent and his or her handler, or between intelligence officers, wherein written messages, instructions, or other items (e.g., a Computer thumb drive or a brief case) are quickly and surreptitiously passed between them as they cross paths. Such encounters may occur in public such as on a busy street or on the subway.
The Department of Justice press release says:
The Myers also discussed how they had passed information to CuIS agents, with both agreeing that the most secure way was "hand-to-hand." According to the affidavit, Gwendolyn Myers said her favorite way of passing information to CuIS agents involved the changing of shopping carts in a grocery store because it was "easy enough to do."
Some of the press reports e.g.via the Associated Press news wire, add the detail that she did not do this recently, due to the installation of cameras.
Court documents describe the couple's spying methods changing with the times, beginning with old-fashioned tools of Cold War spying: Morse code messages over a short-wave radio and notes taken on water-soluble paper. By the time they retired from the work in 2007, they were reportedly sending encrypted e-mails from Internet cafes.
The criminal complaint says changing technology also persuaded Gwendolyn Myers to abandon what she considered an easy way of passing information, by changing shopping carts in a grocery store. The document quoted her as telling the FBI agent she would no longer use that tactic. "Now they have cameras, but they didn't then."
N.B. this is not mentioned in the actual Indictment.
27. A personal contact, contact, or meet. are terms used to mean a face-to-face contact between an agent and his or her handler wherein operational training and details can be discussed.
28. A parole is a password or recognition phrase used between an agent and his or her handler, or between intelligence officers, to identify each other,
Clandestine Shortwave Radio Communications
29. CuIS has maintained clandestine Communications with its officers, handlers, and agents operating outside Cuba by broadcasting encrypted radio messages at certain high frequencies (i.e., shortwave frequencies).
CuIS broadcasts such encrypted shortwave radio messages in Morse Code or by a voice reading a series of numbers.
See the Wikipedia entry on the Cuban Atención Numbers Station
31. KENDALL MYERS and GWENDOLYN MYERS maintain in their possession an operable shortwave radio of the same make used by CuIS agent Ana Belen Montes. The radio was manufactured between approximately 1983 and 1986.
32. KENDALL MYERS knows Morse Code.
Wikipedia entry for Ana Belen Montes
Ana Belen Montes (Born February 28, 1957) is a former senior analyst at the Defense Intelligence Agency (DIA) in the United States. On September 21, 2001, she was arrested and subsequently charged with Conspiracy to Commit Espionage for the government of Cuba. Montes eventually pleaded guilty to spying, and in October, 2002, she was sentenced to a 25-year prison term followed by 5 years of probation
[...]
58. It was further part of the conspiracy that in or around 2006, KENDALL MYERS and GWENDOLYN MYERS would and did suspend international travel to meet with their CulS handlers because of reasons of operational security.
59. It was further part of the conspiracy that, because of a perceived threat to their clandestine activities in 2006, KENDALL MYERS and GWENDOLYN MYERS would and did destroy or dispose of certain clandestine foreign agent tradecraft items, other than their shortwave radio, in order to protect their clandestine activities from disclosure or prosecution.
60. It was further part of the conspiracy that even after their decision to suspend international travel to meet face-to-face with their CulS handlers, KENDALL MYERS and
GWENDOLYN MYERS would and did continue to maintain Communications with CuIS representatives through e-mail messages employing code words and phrases sent to an e-mail account employing a false name.
62. It was further part of the conspiracy that beginning in April 2009, KENDALL MYERS and GWENDOLYN MYERS would and did meet with, and respond to tasking from, an individual purporting to be a Cuban intelligence officer but who was, in fact, an FBI undercover source.
[...]
CuIS Shortwave Communications to KENDALL MYERS and GWENDOLYN MYERS's Händler
j. On or about November 26,1996, CuIS sent an encrypted shortwave radio message to a handler responsible for KENDALL MYERS and GWENDOLYN MYERS (hereinafter co-conspirator "C") instructing the handler to take advantage of an upcoming pass (or brief exchange of Information) with an agent to study the area of the "new residence" and to study the location of the interception of agent "123," also known äs GWENDOLYN MYERS. KENDALL MYERS and GWENDOLYN MYERS moved residences on or about January l. 1997.
[...]
1. on or about January 15, 1997, CuIS sent an encrypted shortwave radio message to co-conspirator "C" informing co-conspirator "C" that the agents would be decoding radio messages with a new floppy disk and that CuIS had alerted the agents by radio as well.
Was this a one time pad on a (now obsolete) floppy disk, or were they using something like PGP public key encryption software ?
m. On or about February 2, 1997, CuIS sent an encrypted shortwave radio message to co-conspirator "C" informing co-conspirator "C" that, because of a problem recovering a report of the agents, a pass (or brief exchange of information) was being planned with the agents wherein they would repeat the information that had been lost.
n. On or about February 26, 1997, CuIS sent an encrypted shortwave radio message to co-conspirator "C" informing co-conspirator "C" of a specific tasking sent by another intelligence officer, referred to as "GOD," to the agents concerning the collection of information of interest to CuIS.
This handler "C" does not seem to have been arrested, perhaps because he is now back in Cuba, some 14 years later.
How were handler "C"'s encrypted or coded Cuban Numbers Station messages decoded or betrayed ?
Presumably they used a different cryptographic key, to those intended for the Myers ?
The broadcasts of the Cuban (and other) Numbers Stations are presumably all recorded, so that old messages from Cuba could be read if the cryptographic systems are compromised in the future.
N.B. there is no mention of any intercepted or decoded shortwave messages sent by the Myers..
o. On or about March 22,1997, CuIS sent an encrypted shortwave radio message to co-conspirator "C" instructing co-conspirator "C" to make a personal contact with agent "634,"also known äs GWENDOLYN MYERS, to train on the use of the "Iomega" (a data storage device).
Presumably an IOMEGA manufactured ZIP Drive, an early market leader in external portable "high capacity" (circa 1997) floppy disk drives etc. now part of EMC.
Such technology has been superceded by high capacity USB flash memory or hard disk devices
KENDALL MYERS and GWENDOLYN MYERS's 1995 Clandestine Meeting with Fidel Castro in Cuba
q. In or about January 1995, KENDALL MYERS and GWENDOLYN MYERS traveled to Cuba via Mexico under false names for the purpose of meeting with their CuIS handlers and representatives.
r. In or about January 1995, while staying in a small house in Cuba, KENDALL MYERS and GWENDOLYN MYERS were visited by Fidel Castro. Fidel Castro spent the evening with the [sic] KENDALL MYERS and GWENDOLYN MYERS and talked with them through an Interpreter.
So despite the Myers' extensive travel in Latin America and the Caribbean, this implies a certain lack of Spanish language skills.
[...]
KENDALL MYERS and GWENDOLYN MYERS's Continued Clandestine E-mail Communication with CulS
bb. On or about December 22,2008, a CulS representative sent an e-mail to KENDALL MYERS and GWENDOLYN MYERS that employed both a false name and code language to disguise the source and content of the e-mail. The e-mail asked KENDALL MYERS and GWENDOLYN MYERS whether they were prepared to travel to Mexico.
cc. On or about December 29, 2008, KENDALL MYERS and GWENDOLYN MYERS responded by e-mail to the December 22, 2008 e-mail message from a CulS representative. In their return e-mail, KENDALL MYERS and GWENDOLYN MYERS employed code language to disguise the content of the e-mail. KENDALL MYERS and GWENDOLYN MYERS's return e-mail stated that they were "delighted to hear from you," but indicated that they had not yet made travel plans for the new year and would get back in touch soon as they had done so.
dd On or about March 16, 2009, a CuIS representative sent another e-mail to
KENDALL MYERS and GWENDOLYN MYERS that employed both a false name and code language to disguise the source and content of the e-mail. The sender of the e-rnaill again invited KENDALL MYERS and GWENDOLYN MYERS to travel to Mexico.
ee. On or about March 27,2009, KENDALL MYERS and GWENDOLYN MYERS responded by e-mail to the March 16,2009, e-mail message from a CuIS representative. In their rectum e-mail, KENDALL MYERS and GWENDOLYN MYERS employed code language to disguise the content of the e-mail. In their return e-mail, KENDALL MYERS and GWENDOLYN MYERS stated a desire to "visit to see them in person" but their schedule did not allow for a trip to Mexico at the time. KENDALL MYERS and GWENDOLYN MYERS instructed the sender of die e-rnail to keep them informed of opportunities lo travel to Mexico in the future.
So were the Cuban Intelligence Services trying to get the Myers to escape from the USA ?
Note that none of these emails seem to have been actually Encrypted e.g. Hushmail, PGP etc, but simply used "code language" phrases in plain text.
There is no mention of any attempt to use anonymous re-mailers or open proxies or other techniques, to hide the true source or destination of the email messages.
The Undercover Operation
gg. On April 15, 2009, KENDALL MYERS was approached in Washington, D.C., by an individual purporting to be a Cuban intelligence officer but who was, in fact, ani FBI undercover source (UCS). During that approach, KENDALL MYERS agreed to meet with the UCS later that evening at a nearby hotel to discuss KENDALL MYERS providing the UCS with Information and his opinions regarding the new administration in Washington, D.C., and changes happening in Cuba.
This contact with the FBI "Undercover Source" was only a couple of weeks after the "we need to meet face to face" emails from their Cuban spy bosses.
[...]
ii. On April 16, 2009, KENDALL MYERS and GWENDOLYN MYERS met with the UCS in a hotel room located in Washington, D.C. During the meeting, KENDALL MYERS provided bis opinions and Information responding to the tasking ftom the UCS on the previous day. KENDALL MYERS and GWENDOLYN MYERS also received from the UCS, and were trained in the use of, an e-mail account for future communication with the UCS. KENDALL MYERS and GWENDOLYN MYERS agreed to use in future meetings with the UCS a parole (or recognition phrase) that KENDALL MYERS and GWENDOLYN MYERS had used in the past. At the conclusion of the meeting, KENDALL MYERS and GWENDOLYN MYERS agreed to meet with the UCS again on April 30.. 2009, at a different hotel in Washington, D.C.jj. On April 30,2009, KENDALL MYERS and GWENDOLYN MYERS met with the ÜCS in a hotel room, located in Washington, D.C. Upon first encountering the UCS, KENDALL MYERS exchanged with the UCS fhe parole agreed-upon during the April 16,2009, meeting. During the meeting, KENDALL MYERS and GWENDOLYN MYERS received, and were trained in the use of, an encryption device for purposes of encrypting future e-mail Communications with the UCS. At the conclusion of the meeting, KENDALL MYERS and GWENDOLYN MYERS agreed to meet with the UCS again in or about June 2009 at a different hotel in Washington, D.C.
What was this "encryption device", which was supplied, not by the Cubans, but by the US FBI ?
Cryptome now has the Indictment plus two almost identical Affidavits related to this case
http://cryptome.org/myers/myers-spy-docs.zip
Additional spy tradecraft and official espionage jargon details from the Affidavits of the FBI agents:
It would be foolish of the FBI to reveal everything they know about Cuban Intelligence Service operations and methods.
The need for a visual signal and parole for the next face to face meeting, is, presumably so that another person could step into the role of handler if necessary. Presumably this could also act as a a danger signal so that either side could warn the other off, that they had spotted some surveillance etc.
The Affidavits obviously provide no clue as to how the FBI broke the encryption, or were otherwise let in on the secret of the content of these encrypted Numbers Station shortwave radio broadcast messages.