“Walking Back The Cat”


The origin of the expression “walking back the cat” is lost in the early cold war, but it refers to the process of decompiling and recompiling intelligence after a breach, usually caused by a mole.

I’m quite sure that nowadays it’s got a lot to do with computer forensics; it’s probably a tremendous amount of fun for anyone who hasn’t got a stake in the outcome. For anyone who does, historically, it’s a slice of hell.

A Bureaucracy Demon

Looming like a scarecrow over the history of counter-intelligence investigations is James Jesus Angleton, who features as a demon-ridden bureaucracymancer in Charles Stross’ “Laundry” series. Angleton was a complicated character, who got in at the ground floor during the creation of the CIA, and stayed with it through the Kim Philby, Bay of Pigs, and other disasters. The Times says it best:

WASHINGTON, May 11— James Angleton, the erudite Central Intelligence Agency officer whose search for Soviet agents inside the Government stirred an uproar in the murky worlds of intelligence for a generation, died here this morning of lung cancer. He was 69 years old, Mr. Angleton, who joined the C.I.A. at its inception in 1947, served for more than 20 years as head of its counterintelligence office. He was forced to resign his post in 1974 by William E. Colby, then Director of Central Intelligence, who had become convinced that Mr. Angleton’s efforts were harming the agency. [nyt]

There’s a good argument to be made that Angleton’s overzealousness, and Colby’s sharp staff-cutting in counter-intelligence following Angleton’s departure (from 300 personnel to 80) had a great deal to do with the success of Robert Hanssen (FBI), Aldrich Ames (CIA), and the Walker spy ring (NSA). Depending on how you want to see things, US counter-intelligence was gutted and deep moles mooted US intelligence-gathering against the Russians for decades – or Angleton was just an overzealous paranoid genius who was ahead of his time. If you’re interested in more about Angleton, go obtain and read a copy of A Wilderness Of Mirrors [amazon] – the depth and level of indirection that Angleton got hung up in, truly has to be understood to be appreciated. The short form: A Soviet defector (credibly) claiming to be an intelligence officer was debriefed by Angleton’s team, and asserted that there were several deep-cover moles in the US intelligence apparatus. Worse, he contradicted another defector – and both sounded credible. Based on the timing this would not have been Philby, or Ames – and the defector offered some vague but tantalizing bits of information that led Angleton to suspect everyone. Or so it seemed. Then Angleton began an investigation that was a kind of Spanish Inquisition, in which careers were broken, covers destroyed, and interdepartmental warfare was heightened to a near-lethal extreme.

The upshot was that Angleton was fired. And US counter-intelligence became a shadow of what it was. And, now, I wonder if the pendulum is about to swing the other way.

There are various reports that the “Shadow Brokers” are believed (by some) to be the result of deep-cover moles. Others believe that some of the leaks are a result of data-hoarder at NSA (Hal Martin III [stderr]) whose home systems were maybe compromised by Russian hackers, and the CIA leaks may be the result of ideological leakers,  or another data-hoarder. When you start forming conspiracy theories, it gets interesting: Angleton, at least, made up cool stories like “What if the data-hoarders at NSA and CIA were encouraged to take data home by Russian deep-cover moles who remained comfortably embedded and ‘burned’ them when they were no longer necessary?” A rational person would respond to Angleton and his ilk that “with 5000 people privy to these secrets, they shouldn’t be expected to stay secret long.” [stderr]

The CIA and FBI are conducting a joint investigation into one of the worst security breaches in CIA history, which exposed thousands of top-secret documents that described CIA tools used to penetrate smartphones, smart televisions and computer systems.

Much of the material was classified and stored in a highly secure section of the intelligence agency, but sources say hundreds of people would have had access to the material. Investigators are going through those names.

The trove was published in March by the anti-secrecy organization WikiLeaks. [CBS]

The intelligence community, of course, is furious about WikiLeaks, but that’s like blaming your bathroom scale for how much you love carbs. The mole hunt has been going on for some time, I’d guess – the timing is such that Hal Martin appears to have been caught during the Cat Walking after Edward Snowden. Given the degree to which the agencies are populated with contractors and mercenaries, though, I’m amazed that they’re not leaking like a sieve already.

I’m sure they’re desperate to find a Russian they can blame. If we were back in the cold war days, the Russians would send us another Golitsyn, who’d “defect” and feed alternative facts pointing at everyone and anyone, to get the intelligence community chasing their tails. I have to figure that President Trump is ripe for a meltdown, and he’s pretty easy to manipulate.

Today’s “Putin is a chessmaster” meme, and that the Russian spies are surreally clever – those are all leftovers from Angleton and the days when the KGB strategically out-maneuvered and made fools of the CIA, FBI, and NSA. Or did they? In cyberinsurgency we call this a “denial of clue attack” – an attack in which the attack doesn’t even need to happen – you release information that makes your enemy punch themselves in the face. Then you either kick them in the knee, or go to the beach, it doesn’t matter which. Whether the “Russian hackers” meme is real or not, it’s going to do two things:

  1. Waste an inordinate amount of time
  2. Justify a great deal of money being spent

------ divider ------

I once asked a friend who was an intelligence officer at CIA, “what about Angleton?”  This friend was an old cold warrior, who officially went into the CIA after he left the Phoenix Program in Vietnam – a guy who had, literally, done prisoner exchanges at Checkpoint Charlie – he said, “Angleton was mad. But he was beautifully mad.” That was back in the day when I had CIA friends.

William Safire: “Walk Back The Cat” [nyt]

Angleton had a lot of personal quirks – he was quite a fly fisherman and used to spend a great deal of time tying his own lures. His generally obsessive and withdrawn mannerisms have been used in many spy novels: sometimes it’s a spymaster that raises orchids, and another time it’s a spymaster who smokes a great deal and always wears black formal wear.

Asked on his deathbed whether he wanted to be administered the last rites, he demurred. “I have my own religion,” he said. ‘SPIES DO HEALTHY THINGS’ – the New York Times has a pretty good sketch of Angleton. [nyt]

Kim Philby was also an interesting character. [BBC]

Anatoliy Golitsyn was the ‘defector’ who caused Angleton’s meltdown. He’s an interesting character. [wikipedia] You should read about Yuri Nosenko along with reading about Golitsyn, if you go down this path. [wikipedia]

So was Richard Sorge [stderr]

If you haven’t read Wright’s Spycatcher it’s fun, but you should know that most intelligence officers consider Wright to be a crank. [spycatcher]

Comments

  1. Pierce R. Butler says

    The Hal Martin III link is foo.

    I thought the Kim Philby story in itself sufficed to get Angleton canned: all those evenings getting drunk with the MI6 liaison to CIA, trying to figure out the identify of the mole(s) passing on secrets from both agencies, when said liaison was the mole…

    And, it seems, “Spycatcher” Peter Wright never actually caught a spy.

  2. says

    Pierce R. Butler@#1:
    – Fixed the link, thanks!

    No, it wasn’t Philby that got Angleton canned – that was probably “strike one” but all the old boys in the old boys’ network did the five martini lunches and hush hush gossip.

    The problem Angleton was up against with Philby is probably the same problem the NSA and CIA have right now: it’s not one leaker, it’s about 3. So who leaked what? Walking back the cat to see who had access to what and when used to be a huge problem, when there were only 20 people in a compartment and all the files were paper and access-logged. Now, apparently the NSA and CIA have no idea who accessed what and when – so: suppose you have Shadow Brokers release an archive that has particular file structure – you have to go back through your backup trees and find that structure, then you (maybe) have the date that the archive was made (gotta check!) – exhaustive effort. If the Shadow Brokers are FSB/KGB I wouldn’t put it remotely past them to change the file trees around and throw a few other head fakes in. It’s what I’d do, and we’re assuming that they’re infinitely evil and clever, therefore eviller and cleverer than me.

    “Spycatcher” Peter Wright never actually caught a spy.

    He thought he was, though. It looks like he was wrong.

    A russian disinformation op would really explode things right about now. Having someone come forward and burn the 5th man would be brilliant and would drive a deeper wedge between the US intelligence community and the Brits. Remember – the relationship between CIA and MI5 was pretty frosty – its was Angleton that helped thaw it. Oops.

  3. says

    I wrote:
    A russian disinformation op would really explode things right about now

    It’s good the Chinese don’t seem to have much of a sense of humor about these things, or they could really spy-troll the US right now.

  4. Pierce R. Butler says

    Marcus Ranum @ # 3: … if you enjoy spy stories, Littel’s The Once and Future Spy is all drawn from the period …

    I have it on the shelf; will promote it to top o’ the list when ready for another espio-yarn.

    A recommendation in exchange: anything by Alan Furst (who writes almost exclusively about pre/early WWII in Europe, most convincingly).

    More relative to the present, I just picked up The Billion Dollar Spy by David E. Hoffman. His The Dead Hand (recommended to me by Valerie Plame in a post-talk Q&A) struck me as informative but strongly Langley-biased, yet readable enough for me to give him a second chance. Anybody here have opinions on same?

Leave a Reply