he was Only 22 years old when the then a student of law of Washington (USA) Eric O’neill, born in 1973, he was recruited by the FBI, “because he knew turning on a computer”, to form part of the team that captured Earl Edwin Pitts, a exagente convicted of being a spy of Russia. Its mission, under the alias of Wolf-Man, was to become a “ghost”, an effective undercover dedicated to follow the suspects. Four years later, the special agent Gene McClelland called him on a Sunday morning for entrusting him with the mission of his life: to stop Robert Hanssen, an FBI agent considered to be the first ciberespía of USA, an active member of Opus Dei and who was to intervene, between numerous secret material, audio-visual archives of sexual encounters with his wife.
“it Was one of ours, and we were not prepared”, remember now O’neill in Miami, where she participated in the first summit on cyber security organized by the company Acronis and to which has been invited to THE COUNTRY together with other international media. The now lawyer and expert in information protection remember a FBI without the means, where the computers did not carry the usual programs that used any student and only had a computer for the unit to connect to the internet. “It was like a home from a large family with only one bathroom,” he quips.
Hanssen (Chicago, 1944), with training in business and computer expert, he was an FBI agent since 1976 and only three years after he began spying for the Soviet Union and continued to do so for Russia until his arrest on February 18, 2001. Pitts pointed out as a possible double agent, but the FBI lacked evidence.
The agency of american research decided at the beginning of the last decade, to appoint him chief supervisor and information security position to O’neill as her personal assistant in order to get the hang of it with a “smoking gun”. “They needed to catch him in the act”, explains the expert in cybersecurity, who has picked up your story in the book Gray Day (Crown 2019).
Eric O’neill, the cash from the FBI that allowed the arrest of Hanssen. Acronis
O’neill, won the confidence of one who was known among peers as Doctor Death. It recorded every movement and every conversation in a floppy disk (floppy disk) that he was on time every day. “We all have routines, and the criminals also,” says O’neill about the key to his work. These behaviors constant is obtained critical information: if you reduce the speed at a given location is because it is looking for a signal, a message, or if it disrupts your daily activity, it is because something abnormal is going on.
Hanssen received a day notice of your PDA (personal agenda digital). It was a reminder of the hour of prayer. Spy, exluterano that became a member of Opus Dei, regularly attended mass, and gave away a copy of Way (book of the founder of the Work, Escrivá de Balaguer) to his assistant. O’neill repaired then in a routine that would be key in the resolution of the case. His boss kept the PDA in the back pocket of the pants and left them in a briefcase next to him every time he sat down. Never took off the device. O’neill thought that the role of the electronic calendar in the life of his leader was critical.
A quote out of the sealed office of Hanssen, which would always ran away and that nobody was allowed access, was the opportunity for the team of counterintelligence access to the personal files. After the meeting, O’neill chose intentionally a route back to where I knew there would be a jam to give more time to their peers. They discovered that the FBI agent, who was given the code name the Gray Day, there was documentation sensitive, which included information about the nuclear arsenal of the united STATES, and communications with Russian agents signed Ramon García or simply as B.
But it was not enough. They could only prove that Hanssen had secret material to be managed as an “infiltrator trust” and thanks to the weak security measures established at that time. On a previous occasion it was discovered with sensitive material and claimed that it had to demonstrate the lack of protection. That was his job.
The FBI needed evidence that the target was to sell it to Russia. A subsequent registration of his vehicle allowed to find duct tape to stop signs and waterproof material to wrap that it was suspicious of an impending delivery. But it was necessary to surprise it in the act.
O’neill decided to act. He made an unexpected visit to the office of a superior, who invited him to Hanssen to practice shooting. The weapons were one of his obsessions, and he always carried one or two above. Hanssen had no time to react and, for the first time, he left the PDA in the briefcase. The wizard had only a few minutes. He entered the office, grabbed the device and ran into an office where he waited for classmates to copy the files. The information was encrypted, so they decided to clone and decrypt it later.
expand photo Eric O’neill, during the interview after the summit of Acronis Miami in which he participated.
O’neill had just enough time to return to the office and return the device. I couldn’t remember which of the four pockets of the briefcase he had picked up the PDA and decided to leave it in one of them with the fear that, if Hanssen realized, could become suspicious and flee without completing the delivery.
The spy returned sulking to his office and the first thing he did was to check that the PDA was in the bag. He called his assistant into the office and asked: “have You been in my office?”. O’neill remained calm: “The two have been. I let the memory in the tray. What about the saw?”. Hanssen kept his silence and stared at him waiting for a gesture demanding. “I don’t want you to come into my office,” settled before picking up the briefcase and leave the facilities of the FBI.
The PDA revealed when and where it is going to make the delivery: Sunday, 18 February 2001, at eight in the evening in the park, Foxstone Virginia. O’neill relates satisfied the scene: “it Was a grey day and cold. Hanssen had spent the day with his family and his friend Jack Hoschouer. Took him to the airport and we said goodbye at the boarding gate. Then you could still and there was no need to take off your shoes. When he returned, he picked up the files wrapped in waterproof material and was to a wooden bridge in the park, left the package in one of the pillars under the structure, he returned to the road and smiled. Then there appeared to the FBI agents, who surround him, pointing weapons. ‘Guns are not necessary,’ said.
The information monitored, and records later revealed an aspect up to then unknown of this member of the Opus Dei of daily mass. Robert Hanssen was recording his sexual relations with his wife and he shared with Hoschouer. Were also detected messages internet chats in which he described the details of her sexual life, and records of numerous meetings with a dancer in a club of strippers in Washington, to which, after giving valuable gifts, including a car of the brand Mercedes, which he left shortly before his arrest. They were evidence of the double life that led to Hanssen in all areas for more than 20 years and that they were foreign to the people closest to him, including his family. It was the end of the considered by the Department of Justice as “the worst disaster of intelligence in the history of the USA”.
“Any technology can be abused”
Eric O’neill left the FBI after the case and founded the group Georgetown, a research firm and security. It is also listed as an expert in national protection of the entity’s Carbon Black.
Question . Are you still linked to the counter-espionage?
Answer . My work has been to bring my experience in the capture of spies to cyber security. The major companies try to understand and predict the threats before they occur. There is the human element to identify risks and to understand what are the following threats in the chain. And, of course, is the technological component, because nothing of this can be done without the best technology.
Q. Where do you detect threats?
R . There is to spend a lot of time with computers, analysis of threats on the web dark, where to follow, buy and sell all the tools. And then performed a reverse engineering to protect and find a solution against them.
P . Is there a global solution?
R . There are many companies of cyber security with good solutions. Those that are most successful are those that have a collaborative approach to large scale. What a world safe from cyberattacks? I think that it is very difficult because of the internet. The FBI just issued a warning about malicious programs able to overcome two-factor authentication. In addition, people can be deceived only with social engineering. I think there are a couple of things that will happen in the future: we’re going to be fully adopting the cloud, because that allows you to use instantly artificial intelligence and analysis, updated throughout to address the threat when it hits and before it occurs, as well as protecting everything in the same environment; on the other hand, the passwords will disappear. These are archaic and the Achilles heel to any attack. I think that biometrics will be the great change.
P . And the entities, how they are protected?
R . To protect a company, you have to be better than the attackers, you are always going to go for the fruit low [whichever is easier to access]. There is a theory called security shift: zoom out the crime of the entity that you are protecting by doing that the security is better than that of all others. The best companies online are going to survive and thrive, and the poor will be the ones that are going to fail and go under.
Q. is There to give up privacy for security?
R . I agree with the laws of data protection. Are good. One of the primary ways to protect information is to isolate the victim, to limit the people within and outside the company who have access to it, access points. When you do this, there are more chances of protecting it. On the other hand, the use of biometrics, for example, at airports may be beneficial. Where is the limit? Any technology can be abused.
Q. What do you think the payment of ransom for kidnapping it?
R . If you don’t pay, the kidnapping has no meaning. It is preferable not to pay, but you have to take into account particular circumstances. If an entity does not have a backup of your systems you can lose a huge amount of money for a kidnapping and, perhaps, sink. You can think of then that is more profitable, as a business decision, pay $ 10,000. The kidnappers are smart and know where to attack. Even know the financial situation of the entity to ask for what they can afford. Are very quiet, meticulous, and running, for months, attacks slow where involve multiple systems, steal data, and they learn a lot about the company or the State or the city. Look for organizations that have a lot of pressure, such as cities or hospitals.
Q. what The next generation of terrorism will be cyber?
A. is Not the next generation, it already is. There are already numerous attacks to critical infrastructures that have affected the united States and other countries. The wars of the future will not be with bullets and weapons, are going to be in cyberspace.