What OpSec to Expect for the Kim-Trump Summit

OpSec Jun 10, 2018

A few weeks ago when North Korea "Disabled" their Nuclear Test Site at Punggye-ri, I had a talk with some of my friends at the Slack Channel for the Arms Control Wonk Podcast about some of the measures that the North Korean's were taking to preserve the secrecy of the their program, with some rather extreme measure like taking dosimeters off of journalists and I had some things to say about that on twitter. That conversation happened again after NBC published an article on what the US IC was expecting and people at the ACWP Slack thought some of the measures were pretty nifty instead of tweeting some short form idea's, I'd write a bit about what to expect and why


So what did the article mention?

There are three main points that the article mentions:

U.S. officials are concerned China has recruited informants among the waiters and other staff in Singapore’s restaurants and bars, who are paid to eavesdrop on American customers and report back to their Chinese handlers.

This isn't surprising at all. Hotel staff at the Capella Sentosa Hotel and the surrounding area in Singapore are going to by default have a lot of access to both Trump and KJU as they will be serving drinks and food, cleaning rooms and have general proximity to buffets, tea/coffee and water coolers etc where they may just so happen to over hear someone talking about something they shouldn't be talking about either in person or on the phone.

This is HUMIT 101. This should be totally expected. Yes, the US IC might be more worried about China's capability's but this is something that at a minimum everyone should expect. Especially when this is a capability that is so easy to build. It just requires money and a strategy. You blanket a key area that you want to target with you're informants and have the provide you information in exchange for cash. You find your informants by either staying at the location and following staff after work to find people who need the money. Alternatively you could hack into systems to find employee time tables etc but they won't give you a full profile of who is the right people for an informant. That requires more leg work.

Officials also expect electronic surveillance of the summit meeting sites. Americans will sweep for bugs in rooms at the Capella Hotel that could be used for side discussions, and could erect tents inside hotel meeting rooms to block any concealed cameras from viewing classified documents.

Similarly to above, this isn't surprising at all. SIGINT should be expected since it is so easily available with the proliferation of computers. For example, a suite with one of the leaders will most likely have air conditioning. But in the modern era, there are no air conditioners, there are computers that cool air to keep a space at a comfortable temperature. An implant in the aircon prior to the summit could allow you to capture video or audio with camera's and microphones or the TV's or phones in the room could have had exploits used on them so the software captures data or voice conversations, even if the phones are not in use.

Bug sweeps of the rooms should catch 99% of physical bugs, but finding out if a computer has been exploited isn't so easy. This is also standard practice of modern Espionage and again, is something that should be totally expected given the proliferation of computing devices.

Interestingly, the article mentions "tents", this is a SCIF or Sensitive Compartmented Information Facility. The whole point of these tents is that you can read and access TS//SCI information in a secure manner that maintains the confidentiality of the information in the documented.

Chinese intelligence agencies have shown the ability to penetrate mobile phones even when they are off, and U.S. officials are now told to take their batteries out when they are concerned about eavesdropping, according to a U.S. intelligence official.

But the article also mentions some interesting other scenarios:

The Chinese, who have been known to bug everything from hotel keys to the gifts given to American visitors,

This is again, is something to be expected. It should surprise no one that bugs will planted or exploits will be implanted in hostile environments be they physical or electronic environments.

According to three U.S. officials, in one recent case a top U.S. official working in China repeatedly had trouble with his hotel key card. He had to replace it several times at the front desk because it wouldn’t open his door.
He brought one of the key cards back to the U.S., where security officials found a microphone embedded inside, according to the U.S. officials.

Ok, this is kind of amazing! I'm not entirely sure how exactly this was done but I'd assume there is some form of local storage to store data, a power source for the microphone and form of flat microphone. You can even recycle the method the card uses to unlock the door via NFC or SmartCard Chip to relay data back to it's Masters.

Chinese intelligence agencies have shown the ability to penetrate mobile phones even when they are off

This is also something that should be of much surprise if you have been keeping an eye on exploits related to Intel's ME/AMT system over the past few years and it's been demonstrated that when you device is "off" it's really just in a hardware sleep. Intel themselves even admit this isn't a bug but a feature where they state:

Intel® AMT stores hardware asset information in flash memory that can be read anytime, even if the PC is powered off

Since there are known problems with Intel ME, it is possible that you could use something like a Rubber Ducky to run some exploit code, if you get close enough to a computer, you can exploit the system and have persistent access to data on the system. Informants may also be useful for this as they will have the access and may be able to get close enough to access the system.

Granted no phone runs an X86 System but regardless, similar things are in ARM chips by design that allow ARM chips to only run when instructions are received. I don't know specifically if this is what phones do when they are "off" but even if it doesn't, the chip will need something to do power management that that chip will be running, similar to Intel's ME/AMT.


What wasn't mentioned?

Curiously, I thought it was super interesting that drones where not mentioned. I don't think that we will see macro scale drones, but the technology has existed from the 70's for Micro scale drones like the CIA's Dragonfly Drone

dragonfly-drone

There's also a technology called the Laser Microphone that allows you to use a laser to turn smooth flat surfaces or even the window's themselves into microphones to record conversations. If you're interested and don't have the money to spend on the kind of solutions you might expect from actors in the Espionage space, there's guide's online to build your own!

Finally there was no mention of how data communications will be achieved since officials may not be able to use phones or get internet connections though regular sources. I woundn't be surprised if we see a US satellite dish pop up somewhere on site as well as some Harris radio's that can do both voice and data connections. This would allow US Officials to continue to have safe, encrypted access to classified data in SCIF's as well as lesser classified data. We may not even see a satellite as we could see the Harris Falcon III AN/PRC-152A which has the ability to do satellite voice and data as well as local line of sight tactical radio operations


Also, don't expect China to be just doing this. Anyone with an interest will be doing similar things. I would expect at a minimum that Japan, South Korea, France, Germany, the UK, Russia and probably Israel are for sure going to be doing something similar. And this should be expected. This is what Espionage is for. You want to confirm that what you hear from the Official is what is actually happening.

Tags

Paddy Kerley

DFCS at TU Dublin's Cyber Program and talk giver TU Dublin Hacker Soc. Mostly talks about Cyberwarfare, NatSec, Infosec, Big Safari, Arms Control, North Korea, OSINT and stuff that goes boom

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.