Technologies old and new played roles in cracking Russian spy ring

Anna Chapman, the alleged femme fatale who was part of a Russian spy ring, never communicated face-to-face with one of her Russian government contacts. Rather, she went to coffee shops in Manhattan, hopped on a Wi-Fi network, and chatted with the contact, who was outside the cafe but never walked in.

It was a ruse aimed at protecting the alleged spy from being spotted. Unfortunately for her, the FBI was watching, because she was communicating over an open Wi-Fi network. The FBI allegedly used its own Wi-Fi sniffing tool, which can intercept anything someone sends over the internet using a Wi-Fi network.

Based on reports delving into the case, technology  played a big role in the counter-espionage investigation that resulted in criminal complaints on Monday against 10 (and now 11) spies who allegedly lived undercover lives in the U.S. while gathering intelligence for the Russian spy service.

During one encounter that the FBI watched, the 28-year-old Chapman logged onto a Wi-Fi network at a book store while the Russian government official logged on from outside. The observers watched the same “two MAC addresses communicating” via ad hoc Wi-Fi. (NetStumbler can be used to detect ad hoc Wi-Fi networks).

The spy ring allegedly uploaded images to certain web sites. Those images contained embedded secret messages that their colleagues could download and decode. This technique is called “steganography.” Rather than encrypting data and making it unreadable, steganography hides the fact that the data is there. The Russian Foreign Intelligence (the successor to the KGB, dubbed the SVR) supplied the spies with somewhat old, non-commercially available steganography programs. The software has algorithms that conceal the secret messages by altering bits in the pixels of an image.

Allegedly, some of the images uploaded to the web sites included readable text files. Some experts say this is a relatively primitive way of hiding secrets, even if it is clever. There are an estimated 250 steganography programs available today, according to digital forensics expert Chet Hosmer at WetStone Technology. More than 100 such messages were hidden in one of the ring’s web sites in New Jersey.

There’s a new kind of steganography program, dubbed “network steganography”, that disappears after the communication ends. The Russians didn’t appear to use these more sophisticated methods, although they did use encryption on web sites and hard drives.

Interestingly, one of the targets of the ring was venture capitalist Alan Patricof of Apax Partners and Greylock. And in a Silicon Valley angle, Chapman’s internet pictures included a photo of her posing with a glass of wine between two men a the Global Technology Symposium. The Stanford University event in March cost more than $1,000 to attend. So far, authorities say they haven’t uncovered any stolen classified secrets provided to Russia by the ring.

[photos: Anna Chapman’s Facebook page]