David Cornwell died last week at the age of 89. As John le Carre, Cornwell transformed the spy story. His New York Times obituary credited him with “Cold War thrillers [that] elevated the spy novel to high art by presenting both Western and Soviet spies as morally compromised cogs in a rotten system full of treachery, betrayal and personal tragedy.”
Le Carre’s “heroes” were the antithesis of the spies who dominated the popular and cinematic imagination. They weren’t cartoon action figures, whose shot and chaser was a bullet and a beverage. Instead, explained the Times, they were “lonely, disillusioned men whose work is driven by budget troubles, bureaucratic power plays and the opaque machinations of politicians — men who are as likely to be betrayed by colleagues and lovers as by the enemy.” While le Carre gets the credit, other writers — Len Deighton (my personal favorite) and Brian Freemantle, to name two — created similarly cynical, rumpled and gray characters, who were much more than they seemed and never failed to best their establishment “betters.” That was often a result of their insight into and understanding of the human condition, born of — or perhaps responsible for — that inferior social status. They recognized and knew each other in an encounter — unlike their superiors, who never saw the threat they posed.
To call these protagonists “heroes” requires some work. They are the good guys because they look like us; accordingly, we credit their intentions and dismiss their flaws. They are also British, which means that they plied their craft in the service of a country that was struggling to remain relevant — one that had, in Dean Acheson’s reckoning, “lost an empire and failed to find a role.”
That struggle might provide insight into recent allegations of Russian espionage. The attempted poisoning of opposition leader Alexi Navalny, like other high-profile assassinations, appears to be the work of a government that isn’t very concerned about deniability. (And the confession of one of the alleged participants in a prank phone call from Navalny has undercut the official statements of innocence.) The use of novichok, a nerve agent developed by Russia and apparently its tool of choice for political murders, is President Vladimir Putin’s reminder to the world that Moscow remains a formidable and determined adversary. His geopolitical priority is ensuring that Russia does not become a strategic afterthought, an effort to remain relevant that resembles that of le Carre’s spymasters. In le Carre’s work, that led to mistakes and blunders, however, and failed to restore London to its former glory. What lessons might strategists glean from those tales and tragedies?
Le Carre’s spies would be disoriented by contemporary tradecraft. The historical knowledge and psychological insight that guided Cold War mole hunts would have been useless against the hack of SolarWinds, a massive cyberattack against Western governments and the private sector. The insertion of malware on a software update for SolarWinds’s network monitoring tools created “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations,” according to the Cybersecurity and Infrastructure Security Agency (CISA) at the U.S. Department of Homeland Security. Other companies’ software was also compromised, including that of Microsoft, potentially affecting more than 300,000 customers around the world. Dmitri Alperovitch, a leading cybersecurity expert, called it “the most consequential cyberespionage campaign to date.”
“Fortunately” (those quotation marks, again), the hack appears to have been a classic intelligence gathering effort, designed to penetrate defenses and acquire information rather than disrupting or destroying computer systems and associated hardware. Experts aren’t sure, however, as they don’t know how many systems have been compromised or the full extent of the damage. The CISA alert notes that “It is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have not yet been discovered.”
The U.S. government has been outraged — at least those parts of the government responsible for defending against such intrusions. Intelligence officials, on the other hand, have begrudging admiration for the Russian effort. It appears to be a traditional (albeit 21st-century) initiative, intended to collect information and therefore perfectly legitimate. That community reacted similarly to the 2015 theft of over 22 million personal records from the U.S. Office of Personnel Management, widely believed to have been the work of Chinese hackers.
The SolarWinds attack was a supply chain hack, the penetration of an equipment supplier before its products were delivered to the end user. Creating a built-in vulnerability like this is the holy grail of espionage. Brad Smith, president of Microsoft, has called for a global norm to prohibit such attacks, but that is unlikely: One of the most successful U.S. espionage programs of the Cold War was a 20th-century version of this attack. Then, the CIA controlled (via cutouts) a Swiss company selling encryption devices to governments around the world. No government intelligence agency is likely to give up on similar opportunities.
The SolarWinds exploit overshadowed reports of a similar operation on computers in the African Union (AU) headquarters in Addis Ababa, Ethiopia, allegedly by Chinese hackers. According to Reuters, Japanese researchers warned AU officials in January that surveillance cameras at the organization were sending videos of “offices, parking areas, corridors, and meeting rooms” to China every night in a data dump. If that sounds familiar, you are recalling a 2018 report by French journalists that AU computers were sending copies of their contents to China every night.
China denied both charges. The AU response was more revealing. Its officials were silent, both last week and in 2018. Reuters cited a former AU official who explained that there would be no response from the AU because it needed Chinese support “to keep the organization running.” In other words, they suppressed outrage over this offense because of the needs of the larger relationship with China. There’s a context and a lesson that the West needs to ponder.
Recent reporting on the Navalny assassination attempt revealed another twist on contemporary spycraft that doesn’t quite fit le Carre’s world. CNN worked with Bellingcat, the investigative and citizens intelligence group, to identify who was involved in the attack and provide a minute by minute timeline of their activities. The result is a granular narrative of Russian involvement that reads like spy fiction. Bellingcat has also exposed Russia’s role in the downing of Malaysian Airlines Flight 17 in 2014 by pro-Russian Ukrainian separatists and provided a similarly detailed expose of the individuals and organizations behind the 2018 poisoning (also with novichok) of former Russian spy Sergei Skripal in England.
Bellingcat uses open source intelligence (OSINT) — flight manifests, telephone logs and other documents — to tell the tale. Some of the data is in public databases; others can be found on the Dark Web. Bellingcat explains that much of the data it used for the Navalny investigation isn’t available in the West “but in Russia, is readily available either for free or a fairly modest fee.” They blame “poor data protection measures.” (The explanation of their methods is eye-opening and well worth a read; it’s at https://www.bellingcat.com/resources/2020/12/14/navalny-fsb-methodology. It offers workshops to teach its methods and tradecraft.)
OSINT is an old technique, turbocharged by the internet. It lost favor during the Cold War when spy agencies shifted focus and budgets to human intelligence (HUMINT) and signals intelligence (SIGINT) collection. The tsunami of data created by continuous connectivity and social-media inspired transparency, married to powerful computers that can mine it, has reinvigorated this endeavor. Layer that again with information illicitly obtained from databases and the potential is virtually unlimited. In this world, countless pieces of information yield a mosaic that offers as complete and compelling an answer as any single definitive data point. Mole hunting might be easier, after all.
I first thought that le Carre’s spies would be adrift in this world. But it takes insight to turn data into intelligence. Le Carre’s greatest creations possessed an extraordinary ability to see the world through the eyes of their adversaries — to show empathy — which gave them a professional advantage and simultaneously turned them into tragic figures. They might be more unhappy and unhomed in a digital world, but they would be useful and deadly nevertheless.
Brad Glosserman is deputy director of and visiting professor at the Center for Rule Making Strategies at Tama University as well as senior advisor (nonresident) at Pacific Forum. He is the author of “Peak Japan: The End of Great Ambitions” (Georgetown University Press, 2019).
In a time of both misinformation and too much information, quality journalism is more crucial than ever.
By subscribing, you can help us get the story right.