"Counter-espionage: "mole" detection and spies identification". Mikhail Kryzhanovsky, KGB

                                                               John Deutch

"Moles"

A “mole” is a spy inside the government, recruited or “installed” most often within the special services, by an outside government/agency. The 3 most dangerous things a “mole” can do:
1. Calculate President’s plans and decisions judging by information he’s asking for.
2. Manipulate information being sent to President, and thus influence global political decisions
3. Paralyze to some extent the government (if he’s CIA or FBI Director)

How the "mole' sees himself
  Special, even unique. Deserving. His situation (career and money) is not satisfactory. No other (easier) option (than to engage in espionage. Not a bad person. Espionage isn’t very wrong – many people
worldwide do it. His performance in his government job is separate from espionage; espionage does not discount his contribution in the workplace. Security procedures do not  really) apply to him.
 He sees his situation in a context in which he faces continually narrowing options, until espionage seems reasonable. He sees espionage as “victimless” ( government isn’t a victim!) crime. Once he considers espionage, he figures out how he might do it. These are mutually reinforcing, often simultaneous events. He finds that’s it’s easy to go around security safeguards. He belittles the security system, feeling that if the information was really important, espionage would be hard to do (the information would be better protected). He is anxious on initial hostile intelligence service contact. In the course of long term activity “mole” can reconsider his involvement. Sometimes he considers telling authorities everything. Those wanting to reverse their role aren’t confessing, they’re negotiating. Those who are “stressed out” want to confess. Neither wants punishment, both attempt to minimize or avoid punishment.

  Methods to detect a “mole"
A. Use index cards (special file) — never use computers to save this information!
Prepare a file on each officer and mark there the signs of a “mole” — has or spends too much money, asks too many extra questions; uses professional skills to check for physical and technical surveillance; has discreet contacts with foreigners; discreet copying of top secret documents; attempts to get a job in most secret departments; talks with close friends and family members about the possibility of making money as a “mole”; behavior deviations — extra suspiciousness, excitement, depression, drugs or alcohol addiction. Three signs are enough to start an investigation — the “triangulation” principle.
B. Use provocation. If a prospective “mole” is looking for a contact with the enemy and is ready to betray, and you have exact information, organize such a “meeting” for him. Do not arrest the person right away — play along, as he may give you connections to other people who are ready to betray. There’s one more provocation method: you supply the suspects with “highly classified information” and just watch what they do.
C. Use “filter” or “narrowing the circle.” Include all the officers you suspect in a “circle” and narrow it until one name is left as the most likely suspect.
D. Make a “model” of a “mole,” judging by information you have on him.
E. Recruit an insider. Recruit a “mole” inside your enemy’s intelligence service and he’ll help you to find the one inside yours (it’s called “grabbing the other end of a thread”).
F. Don’t trust anybody.

 What to Do If You Detect a “Mole”
- assess the damage
- restrict his access to classified information and start “feeding” him with fake data
- stop all operations he was involved in and create the illusion they are still in progress
- bring home officers and agents who work abroad and had contacts with him and those to whose files he had access
- start 24/7 surveillance if you’ve decided to play the game and look into his contacts
- arrest the “mole” discreetly (if you want to continue the game)
  
Effective methods to prevent treason do not exist.

How to Cover Your “Mole”
 There are special methods to cover your own “mole” and a “switch” is the most effective — it’s when you “switch” counterintelligence to other, innocent persons who work with the “mole.” You can try information “leaks” through a “double agent” — it looks like you receive top secret information through another traitor or by breaking the electronic security systems. Or you can try information “leak” through publications in big newspapers — it looks like information is not secret and is known to many people or there’s another “mole.”
 By the way, was John Deutch, Bill Clinton’s CIA Director, a Russian “mole” covered by the US President? Let's see.                                                                              
 John Deutch was born in Belgium to a Russian father and he was the only Russian CIA Director. His biography is very impressive. He graduated from Amherst College (B.A. in history and economics) and earned a B.S. in chemical engineering and Ph.D. in physical chemistry from Massachusetts Institute of Technology (MIT), where the KGB loves to recruit future scientists. He served in the following professional positions.
1970-1977 MIT Chairman of the Chemistry Department Dean of Science and provost
1977-1980 The US Department of Energy: Director of Energy Research
Acting Assistant Secretary for Energy Technology
Under Secretary
1980-1981 President’s Nuclear Safety Oversight Commission
1983 President’s Commission on Strategic Forces
1985-1989 The White House Science Council
1990-1993 The President’s Intelligence Advisory Board
1993-1994 Under Secretary of Defense for Acquisition and Technology
Deputy Defense Secretary
1995-1996 Director of Central Intelligence
1996 The President’s Commission on Aviation Safety and Security
1998-1999 Chairman of the Commission to Assess the Organization of the Federal Government to Combat the Proliferation of Weapons of Mass Destruction
Since 2000 — MIT Professor and Director for Citigroup. Awarded Public Service Medals from the following Departments: State, Energy, Defense, Army, Navy, Air Force, Coast Guard plus Central Intelligence Distinguished Medal and the Intelligence Community Distinguished Intelligence  Medal.
 John Deutch was appointed Director of Central Intelligence (DCI) by President Clinton and stayed in Langley for a short period of time, from May 10, 1995 to December 14, 1996. My professional opinion is: John Deutch, a former Russian DCI, is a Russian “mole,” and he’s not been arrested because President Clinton obstructed the investigation and pardoned this enemy of state in 2001.
Three signs are enough to triangulate a “mole” and here they are for Mr. Deutch:
1. Two days after Deutch retired from the CIA, on December 16, 1996, technical personnel discovered at his house highly classified information stored on his unclassified computer, loaded from his agency computer. He refused to explain why he violated strict security rules.
First, a normal Director of Central Intelligence doesn’t need highly classified data on his home computer, because he is a bureaucrat, not an analyst.
Second, here we have a trick — the Internet-connected computer is accessible by anyone with some technical knowledge and you don’t have to send anything — the Russians will read secret information right from your home computer. Simple.
2. In 1997 the CIA began a formal security investigation. It was determined that his computer was often connected to the Internet with no security, and that Deutch was known to leave memory cards with classified data lying in his car. Deutch used his influence to stop further any investigation and the CIA took no action until 1999, when it suspended his security clearances. He admitted finally the security breach and merely apologized.
3. In 1999 the Defense Department started its own investigation, and it appeared that in 1993 Deutch, as Defense Undersecretary, used unsecured computers at home and his America Online (!) account to access classified defense information. As Deputy Defense Secretary, he declined departmental requests in 1994 to allow security systems to be installed in his residence.
4. In 2000 Senator Charles Grassley asked the Justice Department to look into the case. There was no investigation.
5. In 2001 President Clinton pardoned Deutch. There were no comments.
Now, the question is: why is he still in the US if he’s a “mole” under suspicion? I see only one explanation - he has a very powerful friend who can give orders to Attorney General and Secretary of Defense.
P.S. Professor Deutch is still at the Department of Chemistry, MIT. In March 2006 I asked him for an interview. As far as I know, he’s still pondering that request.

 Identifying spies

If a spy is an intelligence officer working abroad under “cover” (diplomat, businessman, reporter) you can identify him by:
- following the careers of all diplomats who work at your enemy’s embassies all over the world
- recruiting a “mole” inside the intelligence service (or inside the station)
- setting up your agent for recruitment by the enemy’s station
- watching foreigners who try to make discreet contacts with native citizens with access to secrets
- making a model of a spy (professional behavior, attempts to detect surveillance, attempts to recruit sources or just get any classified information during normal meetings, “throwing away” money trying to get access to government employees, military and scientific circles)
- using secret surveillance and listening devices inside the station and practicing secret searches
If a spy is an intelligence officer working in your country under “cover” of a native citizen (or he is recruited by a native citizen) you identify him by making a model (contacts with identified spies — that’s often the only sign which points out a spy, and that’s why surveillance is very important in getting information from a “mole”).

"Counter-espionage: interrogation". Mikhail Kryzhanovsky, KGB

Interrogation is a conversational process of information gathering. The intent of interrogation is to control an individual so that he will either willingly supply the requested information or, if someone is an unwilling participant in the process, to make the person submit to the demands for information.
   Remember, people tend to:
-talk when they are under stress and respond to kindness and understanding.
-show deference when confronted by superior authority, This is culturally dependent, but in most areas of the world people are used to responding to questions from a variety of government and quasi-government officials.
-operate within a framework of personal and culturally derived values. People tend to respond positively to individuals who display the same value system and negatively when their core values are challenged.
-respond to physical and, more importantly, emotional self-interest.
-fail to apply or remember lessons they may have been taught regarding security if confronted with a disorganized or strange situation
-be more willing to discuss a topic about which the interrogator demonstrates identical or related experience or knowledge
-appreciate flattery and exoneration from guilt

 Procedure

  Before you interrogate the object, you have to gather some intelligence on him — examine his documents, read his files (if any), interrogate his partners or co-workers. Then you must establish and develop rapport, when the object reacts to your statements. Rapport may be developed by asking background questions about his family, friends, likes, dislikes; by offering incentives like coffee, alcohol, cigarettes, meals, or offers to send a letter home; by feigning experiences similar to those of the object; by showing concern for the object through the use of voice vitality and body language; by helping the source rationalize his guilt; by flattering the object. Be convincing and sincere, and you’ll control the object for sure. ( Hollywood “insists” on using the “truth serum”, but I can tell you one thing – KGB never used it, a professional interrogater does not need it. I know about tests with Oxytocin, when 130 college students were randomly given a snort of  Oxytocin or placebo. Half   were then designated “investors” and were given money. They could keep or transfer some or  all of the money to a student “trustee”, whom they did not know and could not see. The act of transferring money tripled its value, creating a big payoff for the trustee receiving it. That person could then keep it all or acknowledge the investor’s trust by  returning some portion.  The investors getting Oxytocin on average transferred more money than those getting placebos, and twice as many – 45% versus 21% - showed maximal trust and transferred it all. Oxytocin had no effect on how much money trustees shared back with their investors, suggesting that the hormone acted specifically to promote trust in situations where there was risk and uncertainty.  My conclusion is : you can you drugs like Oxytocin to improve and accelerate rapport, nothing else).
 After that you can start questioning using follow-up questions (they flow one from another based on the answer to previous questions), break-up questions (to “break” the object’s concentration, if he’s lying, by interrupting him all the time), repeated questions (to check the previous information), control questions (developed from information you believe to be true and based on information which has been recently confirmed and which is not likely to be changed. They are used to check the truthfulness of the object’s responses and should be mixed in with other questions throughout the interrogation), prepared questions developed in advance of interrogation to gain precise wording or the most desirable questioning sequence (they are used primarily for interrogations which are technical in nature), leading questions (to prompt the object to answer with the response he believes you wish to hear) to verify information. 
 There are two types of questions that you should not use - these are compound and negative questions. Compound questions are questions which ask for at least two different pieces of information and they are, actually, two or more questions in one. They allow the object to avoid giving a complete answer. Negative questions are questions which are constructed with “no,” “not,” “none.” They should be avoided because they may confuse the object and produce false information.
 Never allow the suspect to deny guilt. But it’s good if he is involved in discussion and gives you the reason why he didn’t or couldn’t commit the crime, because you can prove he’s wrong and move him towards  offering alternatives  and giving two choices for what happened; one more socially acceptable than other. The suspect is expected to choose the easier option but whichever alternative he chooses, guilt is admitted. Also, offer punishment alternatives and deals and lead the suspect to repeat the admission of guilt in front of witnesses.
Tricks:
a) “good cop / bad cop”
b)“story under a story” (after intense interrogation the object tells a different story — which is not true, either)
c) “bombing” with questions
d) pressure by not interrogating
e) “silence makes your situation worse” trick
f) “admit one small episode and that’s it” trick
g) “I help you — you help me” trick
h)   “shift”  - try to shift the blame away from the suspect to some other person or set of circumstances that  prompted the subject to commit the crime. That is, develop themes  containing reasons that will justify or excuse the crime. Themes may be developed or changed to find one to which the accused is most responsive.
 Remember, every object has a breaking point and there are some indicators that the object is near his breaking point or has already reached it. If the object leans forward and his facial expression indicates an interest in the proposal or is more hesitant in his argument, he is probably nearing the breaking point.

  If you are being interrogated,

your major objective is to buy time and use “effective talking,” disclosing information that is correct, but outdated or worthless.   I can add also a few words about  the polygraph (“lie detector”) , which measures heart rate, blood pressure, respiration rate, and skin conductivity to detect emotional arousal, which in turn supposedly reflects lying versus truthfulness. The  polygraph does in fact measure sympathetic nervous system arousal, but scientific research shows that lying is only loosely related to anxiety and guilt. Some people become nervous when telling the truth, whereas others remain calm when deliberately lying. Actually, a polygraph cannot tell which emotion is being felt (nervousness, excitement, sexual arousal) or whether a response is due to emotional arousasl or something else, such as physical exercise. Although proponents contend that polygraph tests are 90% or more accurate, tests show error rates ranging between 25 and 75 percent.  My own experience  says that you can successfully  lie to  polygraph. In 1987, while at  KGB Andropov Intelligence Institute, I was tested by “lie detector”, and I failed the first set of questions, like :” Have you ever cheated on your wife?” or  “Do you like prostitutes?”. Then I relaxed for half an hour watching  other students going through the procedure, and took the test again – this time I tried to stay absolutely indifferent  and “programmed” to lie. I won . I think, the best thing  is to use “guilty knowledge” questions to make the polygraph reliable – that is, questions based on specific information that only a guilty person would know ( such as the place where the object (a “mole”) had a “brush contact” with intelligence officer) – the idea is that guilty person would recognize these specific cues and respond in a different way than an innocent person.

"Counter-espionage: surveillance". Mikhail Kryzhanovsky, KGB

 Physical surveillance.

Methods

1. “One line” - officers follow the object forming a line behind him and passing him one by one.
2. “Two lines” - officers form two lines on both sides of the street.
3. “Circle” - officers block the area and start searching (used in case they lose the object).
4. “Fork” - one officer (a car) moves in front of the object, another one — behind, other officers (cars) move along parallel streets.
5. “Box” - used when the object enters supermarket, hotel, restaurant. One or two officers follow the object, the others wait for him at the exits.
6. “Demonstration” - officers demonstrate their presence to press the object and lower his activity.
7. “Provocation” - officers attack the object, beat him, steal (secret) documents. Often used to lower his activity if he’s trying to play James Bond.
8. “Outstrip” - officers do not follow the object because they know exactly where he’s going.
9. “Football” - officers pass the object to each other (car — a group — bicyclist — car…)
10. “Movie” - the crew watches the object in stages: first day — to the subway only, second day — from subway to his office, etc. (used abroad). The crew has to have a female member if they are watching a woman (she could use the ladies room for a secret meeting) and members of various ethnicities (white, black, Latino) because the object could go to a specific ethnic area.

 If you’re the object and you’ve noticed surveillance:

Don’t rush, move at the same speed.
Relax at the nearest bar (and relax the crew).
Don’t show how professional you are by trying to disappear, otherwise they could intensify surveillance or even neutralize you (smash your car, beat you up).
Postpone the operation you were engaged in .
Use a “draught” if you need to see your agent no matter what. Change lanes (if you are driving), stop the car and then drive left or right.
If you don’t see surveillance, that means either there’s no surveillance or you’ve failed in counter-surveillance. Discreetly watch the agent who’s coming to meet you and try to detect any possible surveillance; or you may have been “outstripped.”

Surveillance crew mistakes:
The same crew follows the object all day long.
The object “rules” the crew and calculates it (he moves faster — the crew moves faster).
A crew member is too noticeable (unusual dress, haircut, disabled parts of the body, too fat or too skinny, too ugly or too pretty).
The crew starts to search possible hiding places for espionage evidence right after the object leaves (and he may be watching).
The crew leaves traces after a secret search of the object’s house (office).
The crew does not report its mistakes or the fact that they’ve lost the object.
The crew is not professional (using childish tricks like jumping out of a subway train just before the doors close).

Technical Surveillance

1.  Visual surveillance. Done through special holes in the ceilings and walls, through the windows from the opposite building (car) or by installing the camera inside the house (you can substitute something, like a clock, for the same thing but “stuffed” with a camera or recorder.) You can use informant as well to watch the object outside his house (especially if you want to do a secret search).
2.  Listening devices. The easiest thing is to listen to the object’s phone (record all calls, including those dialed “by mistake”).  If you work inside his apartment, make sure you equip the room where he usually talks. Attention: avoid widespread mistake when your agent keeps the listening device on his body; install a miniature device in his clothes or shoes, because the object could try a test and ask the agent to take off his clothes or invite him to the sauna or pool.
3. If you are working abroad, listen 24/7 to local counterintelligence surveillance radiofrequencies.
4. Reading the mail. When you control the object’s mail, remember he could use multiple addresses and PO boxes. Open all the letters with no return address or PO box. Watch when you open the letter — the object could leave a tiny piece of paper, hair, etc. to check if anybody opened the letter. Analyze the text carefully — there could be a cipher or the words with double meaning (jargon), especially when you read mafia mail.
5. Combination of above-mentioned methods