Sign up to myFT Daily Digest to be the first to know about Cyber Security news.
Behind the closed doors of British intelligence, the era of Smiley’s People is giving way to a future of Smiley’s Facebook friends.
Digital disruption is sweeping through the world’s second-oldest profession — spying — and the UK is repurposing its intelligence services with a £1.5bn annual top-up for security available for the first time this year.
For the Secret Intelligence Service, or MI6, which supplies foreign intelligence, this translates into its biggest ever recruitment drive, with as many as 1,000 new staff over the next four years, a 40 per cent rise.
The increase is partly driven by the more threatening geopolitical environment, with a growing challenge from Russia and China and the metastatic resurgence of global jihadism.
But broader, social and technological changes are having a lasting impact — and demanding more fulsome changes to the very nature of spycraft itself.
British security officials, in conversations with the Financial Times over the past few months, have painted a consistent picture of their trade: technology that empowered spooks for the past two decades is changing their business profoundly.
Last week, Alex Younger, the chief of MI6, still known by the moniker “C” (with which, in green ink, he traditionally signs all his correspondence), spelt out the shift in a rare public speech with fellow spymasters in Washington.
“The information revolution fundamentally changes our operating environment,” said Mr Younger. “I am in charge of a human intelligence service but it is as true for us as for anyone else. I would go so far as to say that in five years’ time there will be two sorts of intelligence services: those that understand this fact and have prospered and those that do not and have not. I am determined that MI6 will be in the former category.”
For spies, Mr Younger said, “the digital world is a very interesting combination of an existential threat and a golden opportunity”.
The threat is existential. Secrecy, wrote MI6’s first head, Captain Sir Mansfield Smith-Cumming, was “the first, last and most necessary essential” of everything the agency did and stood for. That may no longer hold true — at least, not in the way we understand it now.
In an age of facial recognition software, big data analysis, ubiquitous online identities and smartphones that spew out trails of data, the cover of any handler is far harder — if not impossible — to maintain.
“The days in which intelligence officers could plausibly adopt different identities and personas are pretty much coming to an end,” said Nigel Inkster, the former director of operations at MI6 and now director of transnational threats and political risk at IISS, the think-tank. “Forensic capabilities, facial recognition, biometrics, DNA — all these things make moving around in foreign environments much more of a challenge.”
The days in which a week of “dry-cleaning” — evading tails and thwarting counter-intelligence efforts — was sufficient to safeguard a crucial meeting are over, he added.
It is not simply a question of keeping details offline, either, but the opposite: individuals or identities without deep, broad online presences are precisely those likely to raise suspicion.
“The challenge of having a credible digital footprint is significant,” Mr Inkster said. Fake Twitter or Facebook accounts alone do not make the grade. “Wherever we go in today’s world we leave a digital footprint — a digital exhaust.” This too — a long, false trail of location services on a mobile phone that adds up with an individual’s fake back-story, for example — needs to be taken into account.
The relative ease with which hostile states can hack other states’ data is already a problem. The names and details of CIA agents were not among the millions stolen by Chinese hackers in the breach of the US government Office of Personnel Management files last year. But that, in itself, could have proved useful: case officers claiming to work for the state department in embassies abroad, for example, whose details were not among the OPM state department employee records, may have been instantly cast into suspicion.
The data revolution is also bringing opportunities, the UK’s spymasters stressed.
“It used to be all about the cocktail party,” one former SIS field intelligence officer told the FT. “You would have to work a room and find out everything you could — working out what someone’s soft spots might be. It could take months to try and identify who to try to recruit and who not to.”
But now people pour their identities on to social media. Data analysis can reveal a host of characteristics that can be used as selectors for the targeting and recruitment of agents with far greater accuracy than old methods. An adulterous Iranian nuclear scientist, for example, or a gay Russian intelligence officer.
Running those sources is now easier too, officials said. One of the biggest problems for intelligence in both the cold war and in the war on terror was maintaining contact with deeply embedded sources without compromising them. Now, encryption allows messages to be transmitted by agents with relative confidence in their secrecy.
The potential gains from a single source with the right access have risen. The crown jewels of intelligence — documents and primary source material — can be far more widely accessed because so much is now digitised. That makes their exfiltration much easier. Even relatively low-level sources can have remarkable access, noted one counter-intelligence official — just look at Edward Snowden, he said.
Open-source information has become an invaluable part of intelligence analysis in its own right, helping to flesh out sensitive covert reporting and add weight to it in a way that was often difficult before: situational awareness around political or social shifts in countries — from riots to revolutions — can now be analysed in a more meaningful way by spies with powerful data-crunching tools and cultural savvy, for example. Even specific intelligence questions can be addressed substantially by open source intelligence: who shot down MH17, for example.
Shifts such as these, said Mr Younger, “throw everything up in the air . . . we have to fundamentally look at the way we do intelligence . . . the nexus of technology and human intelligence is a big part of our future”.
Get alerts on Cyber Security when a new story is published