Unbreakable Code: Chasing an Intelligence Specialist Gone Rogue

 


On the morning of the first Monday in December 2000, FBI Special Agent Steven Carr hurried out of his cubicle at the bureau’s Washington, D.C. field office and bounded down two flights of stairs to pick up a package that had just arrived by FedEX from FBI New York. Carr was 38 years old, of medium build, with blue eyes and a handsome face. He was thoughtful and intense, meticulous in his work, driven by a sense of patriotic duty inherited from his father — who served in World War II — and his maternal and paternal grandfathers — who both fought in World War I. Because of his aptitude for deduction and his intellectual doggedness, he’d been assigned to counterintelligence within a year after coming to the FBI in 1995.

Carr laid out the contents of the package in front of him: a sheaf of papers running into a few dozen pages. They were from three envelopes that had been handed to FBI New York by a confidential informant at the Libyan consulate in New York. The envelopes had been individually mailed to the consulate by an unknown sender.

Breathlessly, Carr thumbed through the sheets. Based on directions sent from New York, he was able to sort the papers into three sets corresponding to the three envelopes. All three had an identical cover sheet, at the top of which was a warning in all caps. “THIS LETTER CONTAINS SENSITIVE INFORMATION.” Below, it read, in part:

“This letter is confidential and directed to your President or Intelligence Chief. Please pass this letter via diplomatic pouch and do not discuss the existence of this letter in your offices or homes or via any electronic means. If you do not follow these instructions the existence of this letter and its contents may be detected and collected by U.S. intelligence agencies.”

In the first envelope was a four-page letter with 149 lines of typed text consisting of letters and numbers. The second envelope included instructions on how to decode the letter. The third envelope included two sets of code sheets. One set contained a list of ciphers. The other, running to six pages, listed dozens of words along with their encoded abbreviations: a system commonly known as brevity codes. Together, the two sets were meant to serve as the key for the decryption.

Carr flipped through the letter, skimming the alphanumeric sequence. It looked like gibberish, like text you might get if you left a curious monkey in front of a keyboard. There was no way to make sense of it without the code sheets and the decoding instructions. By mailing the three separately, the sender had sought to secure the communication against the possibility that one envelope might get intercepted by a U.S. intelligence agency. Carr saw that the sender had included a message in typed, plain text in each envelope, informing the consulate of the other two envelopes in the mail and instructing the receiver of the message to place a car ad in the Washington Post if any of the other envelopes failed to arrive. The sender had not anticipated that all three envelopes could fall into the FBI’s hands.

FBI New York had already decoded a few lines of the letter. Carr’s pulse quickened further as he read the deciphered text.

“I am a Middle East North African analyst for the Central Intelligence Agency. I am willing to commit espionage against the U.S. by providing your country with highly classified information. I have a top secret clearance and have access to documents of all of the U.S. intelligence agencies, National Security Agency (NSA), Defense Intelligence Agency (DIA), Central Command (CENTCOM) as well as smaller agencies.”

To prove that this wasn’t a bluff, the sender had included in all three envelopes an identical set of government documents, 23 pages in all, some marked “CLASSIFIED SECRET,” some “CLASSIFIED TOP SECRET.” Most of them were aerial images taken by U.S. spy satellites, showing military sites in the Middle East and other parts of the world: air defense systems, weapons depots, munitions factories, underground bunkers. Some of the documents were intelligence reports about regimes and militaries in the Middle East. It was evident from the markings on these images and reports that they had been printed after being downloaded from Intel Link, a classified network of servers that constituted the intelligence community’s Internet.

There were some additional documents. One was a monthly newsletter of the CIA, circulated internally among agency employees. Another was the table of contents of the Joint Service Tactical Exploitation of National Systems, a classified manual to help the U.S. warfighter take advantage of the country’s reconnaissance satellites and other intelligence-gathering technologies. The manual had been compromised before by another spy — an NSA cryptologist named David Sheldon Boone, who had sold it to the Soviet Union a decade earlier. In the years since, as the United States reconnaissance capabilities had evolved, the manual had been updated a number of times. The table of contents the sender had included in the package were from the manual’s most recent version. It would be valuable even to an adversary already in possession of the JTENS that Boone had given away.

Also among the documents were aerial photographs of Gaddafi’s yacht in the Mediterranean Ocean. They had been taken from a low-flying aircraft deployed not by the United States but by a foreign intelligence service. How the sender of the package could have acquired them was unclear.

Carr studied the pages in stunned silence, oblivious to the comings and goings of colleagues around him. He had never seen anything like this before. Since joining the squad, he had followed up on dozens of letters tipping the FBI off to potential espionage. Most came from anonymous sources at U.S. intelligence agencies accusing a co-worker or colleague of being a spy. Rarely did such “point and pin” letters lead to the discovery of a real threat: more often than not, they turned out to be a case of erroneous judgment by the tipster, or a case of bitter workplace jealousy.

What Carr had in front of him seemed anything but a false alarm. The sender of the envelopes was no doubt a bona fide member of the U.S. intelligence community, with access to “top secret” documents, intent on establishing a clandestine relationship with a foreign intelligence service. The person had, in fact, already committed espionage by giving classified information to an enemy country. Carr might as well have been looking at a warning sign for a national security threat flashing in neon red.

Despite his excitement, Carr filed the sheets neatly into a binder before stepping into his supervisor’s office. “Lydia,” he said, sliding the binder across her desk. “You have to look at this.”

Jechorek leafed through the pages. A short-haired, bespectacled woman in her early 50s, her quiet manner belied a tough-as-nails personality. She had gotten hooked to law enforcement early in life; joining her father — a police officer — on surveillance runs and drawing sketches of murder suspects while still a sophomore in high school. Now a veteran of counterintelligence, Jechorek was best known for having led the FBI’s investigation of Jonathan Pollard, the spy who was caught selling U.S. secrets to Israel in the ’80s.

Carr explained to her why FBI New York had couriered the pages to Washington. In the portion of the coded letter that agents in New York had deciphered, they had found an email address the sender wanted to use for further communication. With special permission from the U.S. Attorney General, the nation’s top law enforcement official, the agents asked the email service provider to let them pry into the account: jacobscall@mail.com.

They discovered that the account had been created four months earlier, on August 3, using Internet access from a public library in Prince George’s County, Maryland. In the account registration, the user had identified himself as “Steven Jacobs,” having a residential address in Alexandria, Virginia. The account had been accessed half a dozen times from public libraries around Washington, D.C. There were no emails in the account except for test messages the person had sent to himself, and a reply from the Fraud Bureau in response to an inquiry he had made about an online company that sold fake IDs. From the accesses, the New York agents were certain that the individual lived somewhere in the greater Washington, D.C. metropolitan area.

“What are we going to do?” Jechorek asked, the urgency in her tone mirroring Carr’s. It was imperative that the FBI find this person as quickly as possible. Perhaps it was already too late.

Carr showed her a matrix of clues he’d built from his gleaning of the pages. The system of brevity codes the sender had used — along with the concern for operational security — pointed to somebody with a military background. That surmise was founded on Carr’s own experience in the military: before coming to the FBI, he had spent 11 years in the U.S. Army and the National Guard, where he had used brevity codes in training exercises to communicate with fellow troops. In Carr’s estimation, the sender of the envelopes likely had a more sophisticated knowledge of cryptology than just brevity codes. He had a “top secret” security clearance, which was marginally helpful, since it reduced the potential suspect pool from a few hundred thousand workers in the U.S. intelligence community who have a “secret” security clearance to a more limited population, on the order of tens of thousands, with the higher level of clearance. He also had access to Intel Link. And he was likely married, with children, as evidenced by a line in the letter, stating: “If I commit espionage, I will be putting myself and family at great risk.”

There was one other thing: The man was a terrible speller.

Scanning the six pages of brevity codes, Carr spotted one misspelled word after another. The sender had evidently put this codebook together by first printing out the typed letter in plaintext, then cutting out individual words and pasting them alongside abbreviations that he’d printed out separately on other sheets. Carr could deduce that because the words didn’t line up perfectly with the individual abbreviations. But the disorderliness in alignment was hardly as glaring as the misspellings, though. Here was a person who had gone to great lengths to accomplish “op sec,” but failed to run a basic spellcheck.

For the moment, though, Carr was focused on another set of clues: the locations of the public libraries the sender had accessed the jacobscall email account from. He’d marked them with pins on a large map of the Washington, D.C. metropolitan area. The pins were clustered in and around the towns of Bowie and Crofton in Maryland. The intelligence agency in closest proximity was the National Security Agency.

Located in Fort Meade, Maryland, the NSA has thousands of military employees, many with a background in cryptology, many with homes in the towns of Bowie and Crofton. Carr’s hunch was that the mole was likely from within the NSA’s ranks, even though he’d introduced himself as a CIA analyst. That line — and the CIA newsletter in the materials he had sent — was possibly a red herring.

“We need to call Mac,” Carr said.

Jechorek picked up the phone and dialed Robert McCaslin, the head of counterintelligence at the NSA.

“Hello,” McCaslin answered. An old-timer in counterintelligence circles, he spoke with the deep authoritative voice of someone who’s not used to being challenged.

“I’d like to come over to talk to you about an important matter,” Jechorek said.

“I’m really busy right now,” he replied. “The earliest we can do it is tomorrow.”

Jechorek, who didn’t know McCaslin too well, was reluctant to press him further.

She hung up.

“What did he say?” Carr asked her.

“He says he can’t see us until tomorrow.”

“Tomorrow? You got to call him back.”

Jechorek studied the binder for a few moments. Then she reached for the phone and punched “redial.”

“Hi, Lydia,” McCaslin answered, tersely.

“We are coming to see you right now,” Jechorek said. Her tone was polite but firm.

McCaslin knew at once that this couldn’t wait.

“Ok, we’ll clear our schedule,” he said.  

From THE SPY WHO COULDN’T SPELL: A Dyslexic Traitor, an Unbreakable Code, and the FBI’s Hunt for America’s Stolen Secrets by Yudhijit Bhattacharjee, to be published on November 1 by New American Library, an imprint of Penguin Publishing Group, a division of Penguin Random House LLC. Copyright © 2016 by Yudhijit Bhattacharjee.