Spy vs. Spy

The Mission
We were in a midsized town on the East Coast of the United States, performing an espionage simulation as part of a full-scope penetration test of a Fortune 500 manufacturing company. I led the team that also included Stan and Tony. We were targeting one of the major facilities of the company. The primary target of the attack was the computer facility; however, the whole facility was fair game.

You probably wouldn't notice the people on my team on the street, which is what makes us perfect for the job. Stan is the Russian defector whom I mentioned earlier in the book. He was a full colonel in the GRU, the Russian military intelligence organization frequently described as the evil twin of the KGB, prior to his defection. He was one of the GRU's most effective spymasters in its history. Tony, who looked like an innocent country boy, was previously a military counterintelligence officer. Ironically, he was responsible for following Russian spies at one point in his career. I was to perform the black bag operations. Between the three of us, we had dozens of years of intelligence and security experience.

@13769 Stan, Tony, and I met for breakfast and I briefed them on our potential targets. I told them that we were supposed to meet with the security manager in his office in about an hour. The first task was to get to his office without his assistance. This was not supposed to be easy.

I was at the facility about a month before, when I was given a mini-tour. I knew that there was a gate around the perimeter of the facility, with guards stationed at the gate entrances. There were also guards at the entrance of the building we were focusing on. Getting into facilities guarded in this manner was my area of responsibility.

The plan was to try the direct route. I decided that on the first day we should take only one car. I timed it so that we would drive through the perimeter gate during the morning rush hour. As luck would have it, there were two lanes going into the facility. The guards stood next to the right lane, so we took the left lane. We went by the first checkpoint easily.

I parked near the primary target and we walked over to the building. The guard desk was to the left and in front of it was a table with temporary badges -- the typical name tags that you write your name on, peel off the back, and stick on your shirt. There was an inner set of doors that required an access card to unlock. Of course during the morning rush, there were a lot of people going through, many holding the door open for the person behind them.

Not knowing what the process was, I walked over to the guard desk and said I was there to meet with someone. He told me to write my name on a temporary badge and he would buzz me in. He noticed that I had a computer bag with me and told me I should fill out a form that logged in my computer. The idea was that someone would inspect my computer bag on the way out to see whether I was trying to steal a computer, but that inspection never happened.

I filled in the form with some fake information. I wrote my name on a badge and grabbed a couple of extra badges for Stan and Tony. I whispered to them to just tailgate behind someone else walking through the inner door. The guard told me that he would "buzz me in" when I walked over to the door, but that turned out to be unnecessary; I just walked in behind someone else.

I met Stan and Tony inside the door in a wide, long hallway. The Computer Operations Center, as well as the support staff and security manager, were in the basement of the building. I walked my partners over to a staircase that led downstairs. We arrived at the security manager's office before he did.

We met to determine the specific tasks we would perform and also to set up a containment strategy if anyone "caught" us. Our primary target was access to critical computer servers, whose names we were given, as well as any information about future manufacturing plans. We were to also find out what other information was readily available to people who use hostile intelligence tactics.

Further breaking down the test, I was responsible for physical access to critical facilities. Tony would perform the traditional social engineering activities, such as pretext telephone calls and open-source information gathering. Stan was to do what he did best: figure out how a traditional intelligence operative might find people to steal information for him.

We suspected that the company had experienced many espionage incidents in the past, and were formally told just that. There was indication that foreign governments sponsored some of the espionage, but much of it was sponsored by well-financed competitors. Stan's experience was uniquely suited for the task.

Read the rest of Chapter 6 from Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day