The Spy Who Couldn't Spell
Page 2
“I’d like to come over to talk to you about an important matter,” Jechorek said.
“I’m really busy right now,” he replied. “The earliest we can do it is tomorrow.”
Jechorek, who didn’t know McCaslin too well, was reluctant to press him further.
She hung up.
“What did he say?” Carr asked her.
“He says he can’t see us until tomorrow.”
“Tomorrow? You’ve got to call him back.”
Jechorek studied the binder for a few moments. Then she reached for the phone and punched “redial.”
“Hi, Lydia,” McCaslin answered tersely.
“We are coming to see you right now,” Jechorek said. Her tone was polite but firm.
McCaslin knew at once that this couldn’t wait.
“OK, we’ll clear our schedule,” he said.
• • •
Carr and Jechorek sped along Interstate 295, leaving behind the bustle of Washington, D.C. Most of the trees along the highway were shorn of leaves, fall having blended into winter. The two agents took the exit for the NSA’s sprawling annex in Elkridge, a few miles from the Baltimore airport. Less than an hour after Jechorek’s phone call to McCaslin, the agents were in his office.
McCaslin browsed the pages with rising alarm, listening to Carr explain why he thought the mailer of the letter could be at the NSA. No counterintelligence officer wants to hear that a spy could be operating within the ranks of his own agency. But looking at the indicators that Carr had derived from his preliminary analysis, McCaslin had to confront the possibility.
There was an additional reason to trust Carr’s hunch. Over the summer, NSA’s management had announced that it would be laying off some two thousand agency employees, nearly a tenth of its workforce. The announcement came in the wake of a massive computer failure that froze the NSA’s internal communications, sparking criticism from lawmakers that the agency had grown into a gigantic, inefficient bureaucracy. McCaslin had to wonder if one of the employees facing retrenchment had decided to walk down the dark path of treason.
The immediate help that Carr and Jechorek wanted from McCaslin was a decryption of the entire letter. Carr had already faxed a copy of it to the FBI’s own cryptanalysts. To be doubly sure, he wanted the NSA to work on it in parallel. McCaslin got two of his agency’s code breakers on the job right away.
A cryptanalyst’s job is to crack coded messages in the absence of a key. In the case of the letter, since the codebook and decoding instructions were on hand, breaking out the 149 lines of coded text didn’t involve any puzzle solving. Even so, FBI and NSA cryptanalysts found the task maddeningly complex. Without the key, they would have found it practically impossible to decrypt the letter.
The writer of the letter had used an archaic encryption system dating back to the sixteenth century, which was a heyday for the development of secret writing. It was developed by an Italian cryptographer named Giovan Battista Bellaso, who was a secretary to a cardinal in Camerino and needed to communicate in code with his master when the cardinal was away in Rome. Bellaso’s cryptological was innovation, which he described in the 1553 booklet La Cifra del Sig. Giovan Battista Bel[l]aso, was erroneously attributed to the sixteenth-century French diplomat and author Blaise de Vigenère, and has popularly come to be known as the Vigenère cipher.
Codes and ciphers, though the terms are used interchangeably, are not quite the same thing. A code is a word or phrase or number that means something else: if you and I decided in advance that the word “red” means “danger” and the word “lotus” stands for “tonight,” the phrase “red lotus” would be code for “danger tonight.” By contrast, a cipher is a sequence of steps to convert a letter or digit into another symbol that, by itself, doesn’t convey any meaning. So, if we decided on a cipher that involves converting letters into numbers that correspond to the positions of the letters in the alphabet, with a dot after each letter and a star between words, “Danger tonight” would be enciphered as 4.1.14.7.5.18*20.15.14.9.7.8.20. Needless to say, this kind of cipher wouldn’t be very secure.
The Vigenère cipher, however, remained unbroken for nearly three centuries, until a German infantry officer named Friedrich Kasiski published a method for systematically attempting to crack it. The cipher’s strength lay in its use of multiple alphabets. Unlike the cipher described previously, in which the same reference set of symbols—the English alphabet, sequenced A to Z, where A is 1 and Z is 26—is used for enciphering each letter in the message, the Vigenère cipher uses a different reference set for different letters.
Take the same message: “Danger tonight.” To encipher it using the simplest form of the Vigenère method, we would first create what’s known as a Vigenère table, consisting of rows of the English alphabet written out in sequence, wherein every successive row is shifted one letter forward. So, the first row starts with A and ends with Z, the second row starts B, C, D . . . and ends with A, and so on, until the twenty-sixth row, which starts Z, A, B, C . . . and ends with Y.
We end up with a matrix of letters, 26 by 26. If we index both the columns and rows A–Z, here’s what the matrix would look like:
What the matrix represents is twenty-six sets of alphabets, the first starting with A, the twenty-sixth starting with Z. The Vigenère cipher uses this table in combination with another security feature: a key. This is a word or a phrase—agreed upon in advance between the sender and receiver of the message—that determines which particular alphabetic set is to be used as the reference for enciphering a particular letter in the message. Here’s how.
Let’s say our key is the word “BOOK.” To encipher our message, “DANGERTONIGHT,” line up the key below the plaintext, letter for letter, repeating the key as many times as necessary:
Plaintext: DANGERTONIGHT
Key: BOOKBOOKBOOKB
To encipher the letter D, find the row of alphabets on the table that starts with the first letter of the key, which is B. Where this row meets the column under D gives us the enciphered letter: E. To encipher the next letter in the message, we go to the row of alphabets starting with the second letter of the key, and we get the enciphered letter O. Following that procedure for the entire length of the message, we get a string of ciphertext that reads: “EOBQFFHYOWURU.”
The letter sent to the embassy was enciphered using the same principle of “polyalphabetic substitution,” but instead of a standard Vigenère table as the reference, the writer had used seventy-one alphabetic sets. Some of them included digits in addition to letters. He’d numbered the pages of the letter confusingly—perhaps to add another layer of security or perhaps erroneously—marking the sixth page as page 1, the fourth as page 2, and so on.
Arranging the pages in the right order, the cryptanalysts had to number the lines of coded text 1 through 149 and follow a complicated set of instructions to pick out the alphabetic set the writer had designated for each line. When this tedious task was done, the analysts had before them several pages of brevity codes strung together: JX KK 16 LX 35 . . .
The next step was to consult the codebook and substitute each of the brevity codes for the word it represented. The writer had chosen not to use codes for certain words, such as “CIA” and “espionage.” These words were enciphered in their entirety—letter for letter—and flagged within the coded text with a star or another symbol. This, too, the cryptanalysts realized, was a security measure. If the codebook ended up in the wrong hands—the writer had thought—words like “espionage” would raise an immediate alarm.
• • •
The FBI and the NSA spent the next two days breaking out the letter. When Carr read the decoded text in full, it took his breath away. Continuing on from the introductory paragraphs, the letter read:
I have been in the CIA for over 20 years and will be retiring in two years. I feel that I deserve more than the small pension I will receive
for all the years of service at the CIA.
In that vein of entitlement, it went on:
Considering the risk I am about to take I will require a minimum payment of thirteen million U.S. dollars wire transferred in Swiss francs, the exact amount, before I will risk my life. There are many people from movie stars to athletes in the U.S. who are receiving tens of millions of dollars a year for their trivial contributions. If I am going to risk my life and the future of my family, I am going to get paid a fair price. The information I am offering will compromise U.S. intelligence systems worth hundreds of billions of dollars. Thirteen million is a small price to pay for what you will receive.
The letter proceeded to list the kinds of information that this money would buy, starting with the JTENS manual, whose table of contents the spy had included in the documents intended to prove access.
This top-secret document will provide you with highly secretive information on U.S. satellites, airborne and ground intelligence systems. . . . I will also provide you with a list of the actual locations and orbits of all of the U.S. spy satellites, which can be loaded into any standard software package. This top-secret information will provide your country with the scheduled times U.S. satellites will be overhead and collecting against your country and when these systems are out of range of your country.
The text that followed laid out in painstaking detail how the transaction was to be conducted. First, to prove to the spy that the letter had been read by its intended recipient, the Libyan intelligence service was to make a small change to the country’s United Nations home page—“switch one word for another, add a comma or change some numbers.”
Next, the spy wanted the client country to place an ad for a used car in the classified section of the Washington Post. It was to say:
FORD 93 Taurus GL
Silver, loaded, sunroof
95K miles $17,000 / OBO (Or best offer)
None of the car’s details was significant. Rather, the key information the ad was to convey was an 800 number the spy had instructed Libyan intelligence to set up.
“I need you to place a representative in the USA or activate someone who is currently in the U.S. who you can trust and I can contact,” the letter said, suggesting that the intelligence service select a “loyal” Libyan student attending a U.S. college or some other trusted individual who couldn’t be easily linked to the Libyan government. “Have this person establish a 1-800 phone number in his home. He does not need to know who I am or how I got this phone number. If he is caught, he cannot compromise the entire operation.”
For an added layer of security—as if there weren’t enough layers already—the ad wasn’t supposed to list the 800 number; instead, it was to provide a phone number derived from reversing the last seven digits of the 800 number. “If 1-800-456-2738 was the number, change it to 1-800-837-2654, then drop the 1-800 and add 703. I will know to drop the 703 when I use the number.”
The spy would keep an eye out for the ad, and once it was published, he would call the 800 number and ask to speak with “John Stevens.” The Libyan representative answering the call would then provide a mailing address where the spy would mail instructions to decode a bank account number that he would send under separate cover. After confirming that a sum of Swiss francs equivalent to $13 million had been transferred into the account, the spy would FedEx the promised package of top secret information to the same mailing address. Going forward, the spy would mail a new package of information every three months, which Libyan intelligence could review and pay for. “I expect a minimum of three million dollars for each shipment of information that is good, and five million for information that is considered extremely important to your government,” the letter said.
The instructions went beyond the mechanics of the transaction: there was also helpful advice on how the Libyans could smuggle the purchased information out of the United States. The spy’s recommendation was to follow a series of steps as elaborate as those he’d spelled out for establishing contact: have somebody pick up the package from where it had been mailed, drive it to New York, and hide it in a suitcase in the closet of a rented hotel room. Leave the room key in an envelope at the front desk. Finally, have somebody from the Libyan mission at the United Nations retrieve the package from the hotel room and send it out of the country via diplomatic pouch, which by protocol is shielded from scrutiny.
Whoever had written the letter was evidently familiar with the tradecraft of espionage, perhaps even enamored of it. There was also a discernible arrogance in the message. The repetitious warnings about how to keep the operation secure, a strident declaration—early in the letter—that the price was nonnegotiable, the gratuitous counseling on how to beat U.S. counterintelligence: all were signals of the spy thinking that he knew best—not just what was good for him but also what was good for the Libyans. He also seemed to want to draw attention to how clever he was, obliquely explaining in the letter why he had chosen to market information to Libya rather than the United States’ traditional rival, Russia.
“The reason I am going to remain anonymous is that most spies are caught because when someone defects to the west, they take with them the names of all the western spies they know of,” he wrote. “This is why no one would attempt to spy for the Russians today. There are too many Russians turning over their agents to the U.S. Since I do not want to be caught, and you should not want me to be caught, I will remain anonymous.”
• • •
If the complexity of the spy’s plan was anything to go by, lifting that veil of anonymity was going to be a daunting task. It was exactly the kind of task that Steve Carr had been waiting for since he came to the FBI.
Many of the FBI’s twelve thousand agents are men and women who have dreamed of working at the bureau since they were kids. As a boy, Carr nurtured a different dream: he wanted to become a pilot. Growing up in Gaithersburg, Maryland, he was surrounded by relatives and family friends who had served in the military. His father’s father, who had fought as an infantryman in World War I, was buried at Arlington National Cemetery. Carr would badger his maternal grandfather, another World War I veteran, to narrate his battlefield experiences. A reluctant storyteller, the old man would sometimes oblige his grandson, recounting how he fought through the haze of mustard gas and how the French machine gun he used got jammed in the heat of battle, compelling him to duck and grab his pistol.
Fascinated by these accounts, Carr, eight years old at the time, enacted warlike heroics in his backyard with toy army men, throwing rocks at them and sliding them along zip lines. He would draw pictures of helicopters and planes and tell relatives and friends he was “a hundred percent certain” that he wanted to join the army when he grew up. Camping with his family on Assateague Island off the coast of Maryland, he spent hours sitting on top of a model submarine at a playground near the campsite, peering through its red periscope and pretending to launch torpedoes at imaginary U-boats gliding through the blue waters of the Atlantic. His interest in military history would grow into a passion in his adulthood, leading him to always keep a metal detector in his car while driving up and down the East Coast, so that he could hunt for and dig up Civil War relics.
By ten, Carr was hooked on flight, craning his neck to squint at the sky every time an airplane flew overhead. In seventh grade, he got into trouble at school. It angered him to see a group of classmates ganging up on a fellow student who had a severe intellectual disability. When they stole the student’s food and teased him, Carr protested: more precisely, he expressed his disapproval by hitting one of the bullies in the head with a paper-clip slingshot. The principal didn’t take kindly to Carr’s method of protest. Combined with reports of other behavioral problems and a string of bad grades, the incident helped convince his parents that military school—which Carr had shown an interest in—would be a better place for him.
Moving to the Fishburne Military School in Virginia, Carr th
rived. After college, in the late eighties, he became a helicopter pilot in the military. Although it was an exciting stint, the job didn’t quite match up to Carr’s dream of flying in combat, since the United States wasn’t engaged in any major conflicts overseas and he wasn’t deployed abroad. After five years, he decided he wanted to do something else. He left active duty to work for his father’s electrical contracting business and joined the Maryland National Guard.
One summer day in 1994, he was lounging on Bethany Beach with his wife when he spotted an old friend he had lost touch with years ago. The friend, an FBI agent, suggested that Carr give the bureau a try. Carr, who was not keen to stay tethered to the family business, decided it was a good idea. He would come to see the chance meeting as divine providence. “God was taking this cosmic baseball bat and hitting me over the head to apply,” he told colleagues after joining the bureau.
The remark reflected the kind of person Carr was: a firm believer in the idea that God was the master of his destiny. This belief was the bedrock of Carr’s outlook on life, driving his desire to serve his fellow men and women in any capacity he could. On nights and weekends, he and his wife, Michelle, provided premarital counseling to couples on behalf of his church. Serving the country—first as a military pilot and then as an FBI agent—was to Carr a way of serving God. It was as much a spiritual calling as it was a career choice. And so it was that through the last weeks of 2000, as winter’s chill deepened over Washington, D.C., Carr’s every waking hour became consumed by a zealous hunt for the spy who couldn’t spell.
• • •
Even though Carr’s hunch had pointed him to the NSA, there were no grounds to eliminate other intelligence agencies as possibilities. The day after his visit to the NSA, Carr went over to Langley, Virginia, to brief the CIA.
Counterintelligence officials there couldn’t imagine a career CIA analyst making so many spelling errors. It wasn’t just a conceited opinion, though. Like Carr, they thought the spy’s self-description as a CIA analyst was a possible red herring, and that, too, an elaborate one. The CIA newsletter that the spy had included in the bona fides even listed an agency employee whose last name was Jacobs, matching the last name that the spy had used when opening the jacobscall e-mail account. Based on a host of factors, that person was quickly ruled out as a suspect. The Alexandria address the spy had provided to register the e-mail account was the home of a woman whose last name was also Jacobs. The spy had clearly put some thought into creating the fake identity.