The Ecuador Embassy Bug (and French PRISM)

…aaand we have photos of the bug in the Ecuadorean Embassy. Highest resolution shot: https://twitter.com/bbhorne/status/352558192359788544/photo/1

“Now pay close attention.”

The media states this is a GSM-based transmitter, so I’m guessing the white rectangle in the middle is a SIM card. That ought to give you an idea of scale. At the top left, a square with a yellow center is presumably the transformer converting 230V mains to low voltage for the circuit. Wires run from the box itself to the outlet, though it’s not at all clear why there are two each of red and black.

It looks like the bug is located inside an electrical outlet box, with the circuit board hidden between where the two prongs from the plug would go. That’s consistent with press reports.

The media also states this was found in an electrical outlet behind a bookshelf. In other words, the buggers took care to put the device where it was at least a little more difficult to get to, which makes sense.

Since this is a GSM transmitter, it’s a good choice for an untraceable bugging operation. I suspect the manufacturer (Surveillance Group Limited, according to reports) sells these in large numbers, so there’s plenty of plausible deniability as to whether it was them, a government agency they work with (which is probably all of them), or a private entity (Rupert Murdoch anyone?) that paid “cash cash no receipts.”

Even if the cell networks have logs of who the bug was calling (or who called the bug), tracing numbers of people who don’t want to be traced is a bear unless you’re, well, GCHQ in this case. And if they decide to help I’ll eat my hat.

Still, there are a few things we can learn from this.

First, this is a great choice for “easy to find” in the bugger’s “easy to find, hard to find, not gonna find” tryptch. GSM transmitters of any stripe are readily detectable by the simplest devices, and this thing was placed in a truly classic bug hiding spot.

But really, no electronics were necessary to find this thing — checking the outlets is one of the very first places you look for bugs!

In fact, I would go so far as to say this thing may well have been /meant/ to be found. It’s both obvious and reveals precious little about technical surveillance tradecraft.

Second, it seems a safe bet this was planted after Julian Assange’s arrival at the embassy. Assuming the Ecuadoreans have a policy of halfway regular sweeps (which it sounds like they might) and Assange has a healthy level of paranoia (which is about as certain as the sun rising tomorrow morning), it seems hard to believe otherwise.

Therefore, the question — how’d it get in? Operating under the assumption that the bugging occurred while the embassy was occupied by a 24/7 white-haired Australian watchman on a hair trigger, there are a number of theories. But the location points to one possibility.

An outlet box behind a bookshelf is an excellent place for a TV crew member to be poking around for a little while while everyone else is distracted by “lights, camera, action!” And there certainly have been plenty of those.

As it happens, this bug looks like it would be extremely fast to get in place, assuming you knew what model outlet box was in place. Looking at the design of the cover, with the pins mounted to the back instead of the front, it’s possible the cover just pulls away with no tools.

In that case, installation is a matter of yanking off the old cover, inserting the two pins for power, and pushing the new cover into place. 30 seconds at most given training.

But, remembering the rule of threes here… (in actually it’s more like a rule of three or more, when the real pros get involved ten or twenty bugs per room is not unheard of)

How might someone have gotten access long enough to plant this and more?

The simplest answer is to do it over time: compromise someone who has regular access, and have them plant one after the other. You would need only arrange a distraction for them to be able to work — the principle of misdirection is sadly quite effective even against vigilant people.

Depending on the nighttime security of the embassy, a night operation is also possible. Home invasions occur all the time when people are sleeping, some burglars even do it deliberately. Furthermore, I’ve discussed unusual means of brainwave entrainment here extensively. Presumably one or more could be adapted to ensure someone stays in a deep Delta state while dastardly deeds are done.

French PRISM: I believe I’ve mentioned the French love of doing it their own way, just because they’re French. It seems that applies to mass surveillance to: http://www.guardian.co.uk/world/2013/jul/04/france-electronic-spying-operation-nsa

https://twitter.com/bbhorne/status/352558192359788544/photo/1

http://news.yahoo.com/ecuador-seeks-londons-help-over-embassy-bugging-235150986.html

http://www.corpwatch.org/article.php?id=15851
” “spy microphone” that was found on June 14 inside a small white box that was placed in an electrical outlet behind a bookshelf. ”

https://twitter.com/CancilleriaEc/status/352557992492802049
“The device was found inside an electrical power box hidden behind a library, in the ambassador’s office”

http://www.telegrafo.com.ec/actualidad/item/microfono-hallado-en-la-embajada-de-ecuador-en-londres-es-de-procedencia-britanica.html

“The minister of affairs, presented the microphone to the press and said that this was found hiding in an electrical box mounted on the wall. This device work
with GSM networks, ie carrying a SIM card, which receptaba the call receiver and listen to conversations inside the office.

Patino said the device belongs to the company Survillance Group Limited, a British company specializing in surveillance and espionage. He also announced that
the Ecuadorian government also requested the assistance of the British government to investigate the details of the device.”

Advertisements
%d bloggers like this: