Like with voting, this is a scenario where adding technology, esp Internet-enabled, is just a bad idea. The less tech (and potential attacks) the better. The best ways to do espionage were those in the Cold War with people, drops, and ways of hiding stuff in other stuff. If distance is a problem, then burst radio was the best way to do it. There’s still spies being caught in the U.S. using radio. It’s probably a safe route for Chinese spies if the NSA and its wireless partners still haven’t clamped down on it domestically.
Additionally, they could just put the files encrypted in online storage from a random, hot spot. Then, send a coded version of the link via the shortwave, hidden message in mail, or drop.
This reminded me of the number stations, broadcast on short wave. Its reasonable for any civilian to have a radio and the broadcasts can be encoded with any book freely available from a library.
When it comes to keeping hidden, low tech is best tech.
Internet monitoring has gotten terrifyingly powerful - although it’s worth noting that the article doesn’t say that the Chinese found the communication channel, only that they escalated their access a lot once they’d found the channel in the first place - but radio monitoring has also advanced, with cheap and powerful software-/FPGA-defined radio and very powerful post-processing. How sure are you that radio is a good option?
@c12 has the right idea. There’s both burst transmission and number stations being used by spies in the US. Goes back to Cold War at least. Watching the prosecutions, we rarely see anyone get caught with that method described despite NSA operating the largest array of SIGINT collection in existence. That means they’re letting spies they know about continue to operate (eg poisoned intel) or they can’t find them.
Im thinking it’s the latter. If it’s analog radio, they also can’t remotely hack it like they might try with a cellphone or computer.
Like with voting, this is a scenario where adding technology, esp Internet-enabled, is just a bad idea. The less tech (and potential attacks) the better. The best ways to do espionage were those in the Cold War with people, drops, and ways of hiding stuff in other stuff. If distance is a problem, then burst radio was the best way to do it. There’s still spies being caught in the U.S. using radio. It’s probably a safe route for Chinese spies if the NSA and its wireless partners still haven’t clamped down on it domestically.
Additionally, they could just put the files encrypted in online storage from a random, hot spot. Then, send a coded version of the link via the shortwave, hidden message in mail, or drop.
I couldn’t help but compare this to the Russian(?) operatives who were communicating via coded comments on a particular Britney Spears instagram post.
This reminded me of the number stations, broadcast on short wave. Its reasonable for any civilian to have a radio and the broadcasts can be encoded with any book freely available from a library.
When it comes to keeping hidden, low tech is best tech.
Running key ciphers are bad tradecraft, use one time pads ;)
Internet monitoring has gotten terrifyingly powerful - although it’s worth noting that the article doesn’t say that the Chinese found the communication channel, only that they escalated their access a lot once they’d found the channel in the first place - but radio monitoring has also advanced, with cheap and powerful software-/FPGA-defined radio and very powerful post-processing. How sure are you that radio is a good option?
@c12 has the right idea. There’s both burst transmission and number stations being used by spies in the US. Goes back to Cold War at least. Watching the prosecutions, we rarely see anyone get caught with that method described despite NSA operating the largest array of SIGINT collection in existence. That means they’re letting spies they know about continue to operate (eg poisoned intel) or they can’t find them.
Im thinking it’s the latter. If it’s analog radio, they also can’t remotely hack it like they might try with a cellphone or computer.