The Protege — “Possibly the Worst Intelligence Disaster in U.S. History”

Speaker 1: Hacking is nothing more than the necessary evolution of espionage.

Speaker 2: Of all of the lies in this story, and there are a lot of lies in any story about spy craft and unprecedented decades long intelligence leaks in the FBI, Of all of the lies in the story, the weirdest concerns the Beach Boys.

Speaker 1: He said that he got the Beach Boys to come play in that courtyard.

Speaker 2: Two guys, FBI agents Robert Hansen and Eric O'Neil, are sitting somewhere inside the FBI. And Robert, older of the two, tells Eric this story about how he was responsible for the time the Beach Boys came to Quantico and played a show in the courtyard of the FBI. Roberts says, I'm the guy that made the call that made that happen.

Speaker 1: And I called BS. I'm like, there's no way that happened. And I just wouldn't he he was swearing up and down that it was him. He made the call. It happened.

Speaker 2: This was a lie. Weirdly, in the nineteen eighties, the Beach Boys did actually play a courtyard gig at Quantico. I looked this up after the interview. Jeffrey Foskett, the guitarist for the band called his friend who is an FBI intelligence analyst to let him know that the then vocalist for the group wanted to quote rock the FBI headquarters

Speaker 1: Hell, yeah.

Speaker 2: And asked his friend if he could arrange for a concert. That part really did happen.

Speaker 1: And I just, like, all agreed to disagree. And then later, you know, when I was getting debriefed by the squad, I asked about that, and they were like, oh, yeah. They came and played here.

Speaker 2: But the part where Robert Hanssen called them and had anything to do with it was a lie, a pretty weird lie. That's because Robert Hanssen was a liar. But boy Scott, what a liar he was.

Speaker 3: I I don't know. Lying about the beach boy is pretty big.

Speaker 1: I don't

Speaker 3: know what else he could have done at a place like the FBI.

Speaker 2: Well, let me tell you. For twenty two years, the FBI had been investigating a mole, a spy somewhere inside the federal law enforcement apparatus selling secrets. Someone had been stripping The US of some of its most sensitive national security assets. The identities of Soviet double agents, many of whom were actually executed. The existence of a multimillion dollar eavesdropping tunnel under the embassy in DC. Highly classified details regarding US nuclear war strategies, continuity of government plans, big white knuckle stuff. And gradually over the years, the evidence they painstakingly collect into the identity of this mole all kinda points itself at veteran officer Robert Hanssen. Mhmm. The lied about the Beach Boys guy. And the window to catch Hansen is rapidly closing. He's mere months away from retirement. And as such, a scheme is hatched. If I may, a pretty wacky one.

Speaker 1: It was beyond wacky. And and just to put a little point on that, they had to give Hansen basically his dream job to entice him to come back to headquarters and take the job.

Speaker 2: Bringing us into that room with Robert, the suspected spy who didn't know he was suspected, and Eric O'Neil, his seeming protege.

Speaker 3: Seeming.

Speaker 2: Seeming.

Speaker 1: Seeming.

Speaker 2: Eric, the guy that we're talking to this episode, was in that room with Hansen for one reason. As a matter of fact, the whole room existed for one reason. The entire department they were a part of existed for one reason, which was to catch Hansen before it was too late. The room, the department, the job, Robert, and Eric were there to do, which was ironically catching moles, was all of it a ruse to catch the biggest mole of all, Robert Hansen. Spy versus spy.

Speaker 1: There will always be spies. The trusted insider is still one of the most dangerous breaches for any organization. And that if you don't prepare and and now we're talking about cybersecurity. Ahead of the event, if you wait for that pressure situation, then, you will lose.

Speaker 2: So this is my conversation with former FBI agent, author, and cybersecurity expert Eric O'Neil, the guy that they put into that room with Robert to try and take him down. The protege. The protege. You ready to get into it?

Speaker 3: Let's do it.

Speaker 2: Let's do it. This is the story of what has been described by the US Department of Justice as possibly the worst intelligence disaster in US history. And the time our interview spent two months in a psychological pressure cooker trying to finally catch him. Here on Hacked. Eric, thank you for taking the time to talk with me.

Speaker 1: Jordan, it's good to be here on Hacked.

Speaker 2: I have a bunch of stuff I wanna talk with you about. But I wanna start with a story that I know you have told before. You haven't told it to me. It concerns your relationship with a guy named Robert Hanssen.

Speaker 1: My claim to fame.

Speaker 2: Is the early two thousands. Let's go back just before that. Just set the scene a little bit. What was your job before the Hansen situation? What does an investigative specialist at the FBI do? What's the day to day of that look like?

Speaker 1: Certainly. So I was a field undercover field operative. My job was to pursue investigations and counterintelligence and counterterrorism. So counterintelligence being the science of catching spies and thwarting foreign intelligence officers trying to do everything from steal information to recruiting sources here in The United States. And counterterrorism is obviously stopping terrorists mostly from blowing things up, but it could also be a biological attack. It could be getting funding to people who would harm others, and and all the things you can think that terrorists might do, which wasn't also always foreign terrorism. It was also domestic as well. So my job from day to day would be typically to get assigned to Target. The analysts at headquarters or the field office, primarily, would assign us a target. And then in a team situation, we would track that target and investigate the target, learn every single thing about their lives, their likes, their wants, their desires. Literally, how many times they checked their watch or tied their shoes over the course of a day, who they met, who they spoke to, whether they like coffee or tea or shopping at big stores or small boutiques. We could even listen to them sleep. We had those people completely in pocket, so we could learn about them, investigate them, and then, of course, call in a SWAT team with guns anytime there had to be a rest and then fade into the shadows, which is why my squad were called ghosts. We were never seen, or if we were seen, we had so much detailed disguise training, you never knew we were there. So that was my day to day. And so, you know, the the transition to the Hansen case was was complex for me because my my day to day job was to be separate and apart from my target. I would use telephoto lenses. I would use vehicular or surveillance, foot surveillance training. I would use, as I said, disguises so that if the person saw me, then I looked different every single time. So I was always blending in, and I was always avoiding getting noticed by my target. And then suddenly, in the Hansen investigation, I was face to face with my target.

Speaker 2: Yeah. You're right there in the room with him. You're this young guy. I think you were 26 before all of this starts kind of happening. And like you said, you're you're watching people from a distance. You made reference, and I just wanna dig in on this for a second, to you you could literally listen to people sleep, I think is what you you just said. How what is the mechanism by which you would do that? Are we talking bugs? Are we talking

Speaker 1: Right. We could deploy all sorts of technology. You know, you have k. A few different techniques and tactics. One is the human intelligence and the surveillance work that we could do, which could be physically following a person using, vehicular surveillance, which means you're following their car. There's a actual science to that to make sure that you're not spotted. In particular if you're following a very trained foreign intelligence officer like a Russian, for example, who are some of the best, you know, they are actually looking for people following them because they're trying to clean themselves before they do their active espionage. And then there were quite a bit of technology we used, and I can't really get into a lot of it. I I do talk about some of it that I was allowed to talk about by the FBI in my first book, Gray Day, and more of it in my second book, Spies, Lies, and Cybercrimes. If you wanna read those books or listen to the audio if you like my voice, you'll hear some of that. But a lot of the techniques and tactics we use, I have to take to my grave because they are still top secret.

Speaker 2: So you get yanked out of this one role. Probably, like, worked out how to do it. You got them pretty good at it, and they say, we're gonna pull you into something a little bit different. Seemed like it was something bigger, something maybe with higher stakes inside of the bureau. Like, why do you think they picked you?

Speaker 1: Well, I was a veteran undercover operative, so I knew how to track and investigate spies. And the FBI had a horrible conundrum with Robert Hanssen. So just to set the stage a little bit, it turned out that Hanssen was the most devastating spy in US history, certainly in FBI's history. For over twenty two of his twenty five year career in the FBI, he was Russia's top mole in The US intelligence community. And the entire intelligence community, that includes the FBI, CIA, NSA, military intelligence, everyone that had anything to do with counterintelligence had been hunting for a mole that we knew was highly placed somewhere in the intelligence community. We had nowhere no idea where. Right? And the FBI had bet that it was the CIA, which was a mistake.

Speaker 2: Oh, interesting.

Speaker 1: We'd all been going after yeah. We'd all been going after the spy that we only knew with the code name, Graysuit. And, you know, it it ended up being Hanson, but we didn't know until the very end of his career, right before he was about to hit his mandatory retirement when the FBI, with a little bit of hard work and a lot of luck, put together a FBI CIA task force to recruit a source in Russia who would maybe confirm for him for them that this CIA case officer they were after was Graysu. And to their amazing shock and surprise, when they received this slim file of information from a former KGB intelligence officer who had just saved his file, right, for a rainy day, decided that at the end of his career, he was gonna sell it, move to The US, get in witness protection, sit on a beach for the rest of his retirement. They opened the file, and it pointed directly to Robert Hanssen. And hearts fell within that little room of agents who received that data because Hanssen, at one point, as one of the top Soviet analysts, was put in charge of catching himself and made sure the FBI never came close. In fact, he sent the FBI on hundreds of wild goose chases, to protect himself. So there were a lot of people who realized that their entire career in chasing Grey Suit had been a complete waste of time, because he was in the room with them steering them the wrong direction. He was a pretty bad guy. And and just, you know, going through the damage that he did, some of the things were giving up our nuclear secrets during the Cold War. We would have been at a deficit if there actually had been a nuclear war. Our continuity of government plan where you send the president, vice president, and everyone in the cabinet if there is a catastrophic attack. So that would allow the Russians to, to hit the head, right, if they did decide to commit an act of war against The United States. Also, undercover operations, undercover operatives whose covers were blown. And between 1984 and 1985, which we call the year of the spies, sort of that middle of those two years, we lost every single asset in Russia. We were completely blind during the Cold War. We were losing the intelligence game. And that, those deaths and, arrests, many of them were pressed into hard service, were shared by Robert Hanssen and a CIA spy named Aldrich Ames, who just passed away a few days ago. So he was a bad guy. I get I could spend our entire time, Jordan, just talking about what he did, but it's not really what he did that matters as much as how he did it. He was able to steal information from computer systems in the FBI that were never built to defend. And so in order to catch a cyber spy, you needed a hacker, and that's where I came in. I wasn't just a spy hunter and undercover operative who knew how to, investigate spies. I also, had gotten a little notoriety by writing computer programs that made my life and my squad's life easier. And so they realized that I was the only person who could possibly do the undercover job, although there were there was an entire squad of agents who there were three three squads working the Hansen case at the end of it, and one of them bet against me. The the squad running me bet for me, and so I so fortunately, they made some money, and I think the other squad abstained. But, you know, they needed someone who could catch a spy and turn a computer on. And because the FBI was so behind in computerization in 1999, 2000, that, you know, they they didn't have a lot of options, and I was their best bet.

Speaker 2: I don't wanna go off on a tangent about how often these cases turn on who's betting against who, though I'm curious. Like, I I would love to know the, like, internal betting brackets inside of the FBI on what case is gonna go which direction.

Speaker 1: Well, you know, at least the squad running me bet on themselves.

Speaker 2: Yeah. Sure.

Speaker 1: Because I ended up winning the case. I found the smoking gun. It was an impossible task, and somehow I managed to succeed despite the entire deck being stacked against me. Hansen being far more highly trained, suspicious this even before I set foot in this brand new section that the FBI built just for him at FBI headquarters. I mean, not only built this section for him, built the entire room, ninety nine thirty in FBI headquarters that that we would stage the investigation, promoted him to executive service, you know, gave him staff, that was me, for the first time in many years, brought him back to headquarters. He hadn't worked in headquarters in many years, and this was at a point when he had three months to retire. So imagine how suspicious you have to be. And I had to withstand that because the only point of attack he had was the only other person in that room, and that was me.

Speaker 2: Okay. I wanna I wanna drill in on that little period of time because I find this so interesting. The evidence points to Hansen. He's this mole. He's been operating for years. The fallout of this has been catastrophic. He's retiring in three months. We need to hatch a scheme. And they hatch this plan, which is kind of where you enter into the story of room, 9930.

Speaker 1: Right.

Speaker 2: They set up a fake department dedicated to finding spies. They put Hansen, the suspected spy, in that department. They put you in there to spy on him, which means you're spying on the secretly spying in his capacity as a spy investigating spies.

Speaker 4: Right.

Speaker 2: This is respectfully a very wacky scheme.

Speaker 1: It was beyond wacky. And and just to put a little point on that, they had to give Hansen basically his dream job to entice him to come back to headquarters and take the job. So for for much of his career, Hansen, and and this is incredibly ironically, had been banging a drum that the FBI was behind in computerization, had not practiced good cybersecurity, and was going to be breached by an in by a mole inside the FBI. Right. Basically, he was warning them that everything he'd been doing his entire career was going to happen. Yeah. And they ignored him, which made him angry. So he was a disgruntled employee. And so what they did is they gave him his dream job. They put him in charge of building cybersecurity for the FBI, which took, you know, that took some some real confidence on the part of the FBI because they essentially gave him access to everything, put him in charge of something that, could be incredibly devastating to the FBI if that data were lost. And then, of course, looked around for the person who knew how to, you know, go undercover and turn a computer on because we had to sell the job of building cybersecurity for the FBI. So, actually, that was my first job in cybersecurity was the most sophisticated, and important investigation the FBI has ever run.

Speaker 2: So you find yourself sitting there in a room with a guy who's lecturing you in a sense on how to catch a mole and the importance of cybersecurity while himself being a cybersecurity vulnerability and a mole. You know, day one, the irony strikes you. Day two, you gotta start getting kind of annoyed at the arrogance. Like, I would be annoyed at the arrogance of that. Were you annoyed?

Speaker 1: Oh, certainly. I I mean, he was a he was a textbook narcissist, which I was able to turn against him. He had to be right on everything. He would pontificate forever. It was clear that he wanted to mold someone in his image, but I used that I used that as as an asset in the investigation. But, you know, there was a point where you either sink or swim in these things. When you go undercover, you have to fully go undercover. You have to dive into it. In fact, you have to believe it so much that you forget that you're undercover sometimes, that that your reactions always fit because be because there's something a normal person would do, because you've you've sort of suspended your disbelief that you're undercover. Right? To use a Shakespearean quote. You know, and it's interesting because I just, I I am still friends with Ryan Phillippe who played me in the movie Breach. So Universal made a movie about this. It was such a huge case when it broke, that that's about me going undercover to catch Hansen. And recently, the two of us got together, and we had a conversation about the intersection between working undercover and being a Hollywood actor and how they are very similar. The the way that you per you prepare for a role and then, you know, engage in that role when you're acting so much that the audience believes that that is a that it's true. It's the same thing undercover. You have to believe it. You have to believe the lie you're spinning and telling. Otherwise, your cover gets blown. You'll be you'll be spotted, especially by someone as adept as Hansen. So while I I didn't like the guy, most of most of it in my mind, I was thinking, like, he's a horrible boss. Right? Not he's a spy. And, you know, even going into the case, I wasn't told anything other than we suspect him of espionage, which was critical. Yeah. They didn't wanna give me any information that I could mistakenly reveal. Right? You tell your undercover asset only what they need to know. It was later, maybe the midpoint of the investigation before I caught him, that I, you know, my desire to be there was flagging. I I, you know, I actually asked at one point to be taken off the case because it was just disrupting my entire life. I was in law school at the time. I just gotten married before I got put on this case, and and that we we had a pretty bad honeymoon year. Let's put it that way. And, then they told me more detail. An actual detail from information I had gathered during the investigation that they didn't let me into right away. And that reignited my desire to catch him, to bring him to justice for what he'd done.

Speaker 2: I wanna get to that moment when you bring him to justice, but you said something interesting. You you were talking about, you know, you identified there there's some narcissism at play here. Let's just call it what it is. You figure out a way to turn against him. I wanna understand that moment. Like, you've you've described Hansen as a human lie detector. He's doing stuff that's it's very cinematic. He's like watching your pupils and Yeah. You know, your pulse and your breathing. And I was reflecting on the stress that that would have to put into your life to be day to day going into a room with a narcissistic human lie detector. What were moments during that time where you thought, I'm cooked. This guy knows. He's just playing with me. Take me through that.

Speaker 1: But but there were you you couldn't allow yourself. So you you walk this wire as a spy, as someone who's undercover trying to catch a spy in any kind of special ops world. Right? This wire between suspicion and paranoia. So you always have to be suspicious. I always had to wonder, you know, is he on to me? You know, am I pushing a little hard here? Am I laying on a little thick? But I couldn't allow myself to fall into paranoia. If I walked into that room believing he could beat me at any given time, it's over for me. You you have to have the supreme confidence in yourself, and I learned that on the street working undercover. When you're when you're tracking a target, you have to know that that target didn't get away, that that target didn't see you. You have to feel that supreme confidence in yourself, and it's something that's been useful to me throughout the rest of my my life and career. But here, every time I kinda girded myself before walking in Room 9930 and there were moments where I knew he was in there, and I would take a minute just to breathe and think and and get get get kind of into character, right, and prepared for the the misery I was gonna subject to myself to for the next eight to ten hours. I I would have to believe in myself. It started there. And my most important role well, actually, this is the the cadence that they gave me. Right? Number one, Eric, don't screw up because you're the biggest point of failure in this entire investigation. So your first job is not to make a critical mistake that makes him think that this is a, a trap, and then, you know, the likely event is he shoots you and runs. Right? So really didn't wanna make that mistake.

Speaker 2: He shoots you and runs.

Speaker 1: Yeah. Then he he flees. You know? Yeah. He he, you know, if I had screwed up, he he might have ended up, right now, today, maybe he's, you know, in an apartment with Edward Snowden in Moscow eating caviar and drinking vodka. I don't know. But that was number one. Number two was critical as gain his trust. You can't investigate someone in a face to face investigation like this without gaining their trust. They have to trust you. They have to believe you, and then they tell you things. So gaining his trust was that critical thing I had to do. And number three, of course, was find the smoking gun and catch him, which all of this is impossible. You know? As as now a lawyer, you know, legal cases, you don't find smoking guns. As an investigator, investigations, you don't find smoking guns. It's very rare. And here, that's what we needed, and we needed it fast. So gaining his trust meant I exploited that narcissism to realizing that he just really wanted someone to shape and mold. He wanted to be a mentor. He really did. End of his career, you know, he's he's he's facing retirement. This is his last chance in the FBI to really mold and shape someone in his own image, and I I let him access that. I I let I became that person for him, kinda like the Robin to his Batman, right, in his mind. And, and I let it happen. You you know, and part of gaining his trust was going to church together. I think one of the main one of the main reasons I was picked was also because I'm Catholic, and a practicing Catholic, and and his religion was critical to him. And so I can remember the the the biggest amount of scrutiny I got from Hansen during that entire case is, you know, he would take me to church in the middle of the day at the at this little chapel in the back of a, Christian information center. Right? I thought it was a bookstore, and in the back, there was a chapel, and they had church every day. And he's watching me like a hawk as saying the the Our Father. Right? And, I was, like, thanking sister Rose, you know, from kindergarten that I I knew that prayer back and forth. So that was one of the first times I felt completely confident in the case.

Speaker 2: The narcissism means he wants to be seen as knowledgeable, his expertise to be honored, so you present yourself as the protege. I'm I'm willing. I'm interested. I I wanna learn everything you have to teach me.

Speaker 1: Certainly. But you know what? Jordan, he was also a bully.

Speaker 2: In what way?

Speaker 1: And so you had to do it right. You couldn't be a toady because a bully, you know, will just take advantage of a toady and never really think of them as an equal. So I had to also I had to play it very carefully. I had to challenge him. Right? So so I couldn't just say, oh, that's so great. You're so amazing. Yeah.

Speaker 2: I can't be sick of fans

Speaker 1: there. BS.

Speaker 2: Yeah.

Speaker 1: Right. I said there's no way that happened. You you are just you're spinning some kinda crazy tale. That is lunacy.

Speaker 2: There's no way there's a spy in this department for decades. Right.

Speaker 1: Make him have to prove it. And, like, one of the things he told me was that he, he himself, Robert Hanssen, reached out and was the person that got the Beach Boys to come play at FBI headquarters. So if you ever been to DC, head FBI headquarters is a monstrosity of a building. And after after 09:11, they closed off the courtyard. It it takes, like, two city blocks, and you used to be able to walk right through. Any any person could walk right through under FBI Headquarters. There was a huge courtyard. It was for the public, and it's a shame that, because of terrorism, you know, no one can go through that courtyard anymore. But he said that he got the Beach Boys to come play in that courtyard for Washington, DC, and everybody crowded around FBI headquarters. It was this huge party. And I called BS. I'm like, there's no way that happened. And I just wouldn't he he was swearing up and down that it was him. He made the call. It happened. It was a big feather in his cap, and, and I just, like, I'll agree to to disagree. And then later, you know, when I was getting debriefed by the squad, I asked about that, and they were like, oh, yeah. They came and played here. I said, really? That's the crazy thing to me. I know he's lying, but I couldn't believe that the Beach Boys the Beach Boys came and played, under FBI headquarters once upon a time.

Speaker 5: So with the This is

Speaker 2: a total tangent. They did come and play. Did he make that did he make the call? No. He

Speaker 1: had nothing to do with it.

Speaker 2: Oh. So he started with the truth, which is pretty wild.

Speaker 1: You know? Yeah. Every every little bit of every great lie uses a kernel of truth. And, of course, there there he was. He would lie all the time. And, but I had but calling him on it, pushing back gained respect.

Speaker 2: Right. It's kinda what you wanted a protege. You want them to be their own person. It Right. You wanna be able to see yourself in them. And if you think that you're this very clever, you know, person, sure, it's what you wanna see.

Speaker 1: Exactly.

Speaker 2: So I wanna dig into the tech a little bit as we move towards the takedown and and where this all goes. It's 2001. From the way you've described, it sounds like the FBI is a very, paper and pencil kind of place. Hansen, meanwhile, is more tech literate. So are you. In the middle of this story is a Palm Pilot, which is just a a great little piece of tech nostalgia. Tell me about the Palm Pilot and the role all that plays in this.

Speaker 1: Well, the the the PalmPilot. Right? The PalmPilot. The pinnacle of personal data engineering

Speaker 2: It's got a stylus.

Speaker 1: Circa 1998 to 2001. Right?

Speaker 2: Yes.

Speaker 1: Yes. And it was a it for anyone who is not Gen x, younger than Gen x, it it was your first personal data assistant. It's a clunky device. You flip open the top, and there's a screen. There were no touch screens back then, so you pulled out a plastic stick that we called a stylus, and you just tapped it. And after tapping it for a long time, you would get the data in. It was honestly probably easier just to have a little notebook in your pocket and write addresses and things in there. But, Hanson loved the thing, absolutely loved it, said that it's the only way to organize your life. Anyone who is an executive has one of these devices, and you're nothing but a do good, no nothing, useless clerk. So you don't have a device like this, and you'll never amount to anything. That was what he told me. So I went and got one. Yeah. I requisitioned one from the Office of Science and Technology, which is we ostensibly work for that division, our section, and got two. I got a he he had a Palm three x. I got two Palm fives. So it was slimmer, and you could, you know, play games on it. It had Minesweeper and Sure. That kinda crap. And and, it it was a little faster when you plugged it into Outlook and synced your email, and he didn't want it. He shoved it back across the Destiny, and he said that I've encrypted my palm myself, and I'll keep this one. Thank you.

Speaker 2: Oh, interesting.

Speaker 1: In fact, he said something like these idiots at the FBI couldn't crack this encryption on their best day.

Speaker 2: He's not subtle, is he?

Speaker 1: And that was the moment I knew well, that was the moment I knew that I had to get it away from him. I had to take that palm pile away from them. We had to find out what was on it. You encrypt information you don't want others to see. That's one of the key ways to protect data. And so I knew we had to get away from it. The problem was it was always in his left back pocket, and the only time it was ever not in his back pocket is when he sat down at his desk, and then he would put it into one of the four identical pockets in his shoulder bag, his briefcase. And then as he stood up like clockwork, he would retrieve the palm and put it back in his back pocket even before he gained his feet. So that's a routine. And when you're trained as an undercover operative, you are always looking for routines because all of us use routines to protect information devices. I mean, like, one routine as you get home, and then you, you know, park your car, and then you go in the house, and you hang your keys on the hook, or you put them in the basket. Because if you don't, when you leave, they're where? Gone. So routines are, critical, and spotting them can help you catch a spy.

Speaker 2: I am still struck by the moment where he's giving you shit for the type of Palm Pilot and saying, like, if you don't have one, you're just, like, a clerk. It's like he say he sounds he sounds like a dick.

Speaker 1: Yeah. But he's a he was let me put it this way. You didn't wanna work for him.

Speaker 2: In

Speaker 1: fact, no one wanted to work for him, which is why he he before being brought into this case, he'd been exiled to the state department liaison role

Speaker 2: Oh.

Speaker 1: Where he had nothing to do. They were just parked him until he he retired.

Speaker 2: Okay.

Speaker 1: And at one point, as the legend goes, and you can look up the legal case because, I I'm pretty sure she sued the FBI. One of the secretaries, we had them back then, that was in his section. So she she worked for his squad, challenged him on something, and then tried to leave before he gave her leave to leave, and she he grabbed her by the arm and threw her to the ground so violently, she tore a tendon or a muscle in her arm. And you know, you just, he had a temper, and he wasn't shy about lashing out.

Speaker 2: Starting some new isn't just hard. It can be downright terrifying. You put a lot of work into a thing. You're not entirely sure it's gonna work out. You're taking a huge leap of faith. I've started a few things. Now I know I was right for believing in, you know, the idea, the product, despite all of those fears and hesitations. But boy, does it sure help when you have a partner like Shopify on your side. Shopify is the commerce platform behind millions of businesses around the world and 10 of all e commerce in The US. From household names like, well, hacked podcasts merch, to brands just getting started, you can get started with your own design studio with hundreds of ready to use templates. Shopify helps you build a beautiful online store that matches your brand style. Did I mention that that iconic purple shop pay button is used by millions of businesses around the world? I don't know why I wouldn't. I should. It's why Shopify has the best converting checkout on the planet. It also helps boost conversions, meaning less carts, sort of getting abandoned in the parking lot, and more sales for you. It's time to turn those what ifs into sign up for your $1 per month trial at shopify.com/hacked. Go to shopify.com/hacked. One more time, that's shopify.com/hacked.

Speaker 5: This Father's Day, do more with dad and spend less with low prices guaranteed at the Home Depot. Get him fired up with a new grill and accessories, like the next grill five burner for just $299 so you can spend more time together while he becomes the grill master he was always meant to be. Or build memories with savings on top brand power tools so you can tackle projects side by side. Give more and do more together this Father's Day with help from The Home Depot. Exclusions apply to homedepot.com/price match for details.

Speaker 6: When you finally find your thing, you want the whole world to know about that thing. So you use a thing called Canva to make it an even bigger and better thing. Whether you want to create flyers for that thing, make presentations for that thing, or design merch for that thing, you can do anything. So people can see your thing, feel your thing, love your thing. The next thing you know, it's a thing. Canva, the thing that makes anything a thing.

Speaker 4: Study and play. Come together on a Windows 11 PC.

Speaker 7: And for a limited time, college students get the best

Speaker 4: of both worlds.

Speaker 7: Get the Unreal College Seal, everything you need to study and play with select Windows 11 PCs. Eligible students get a year of Microsoft three sixty five premium and a year of Xbox Game Pass Ultimate with a custom color Xbox wireless controller. Learn more at windows.com/studentoffer. While supplies last, ends June 30, terms at aka.ms/collegepc.

Speaker 2: I wanna talk about the kind of this is like heist sort of moment in the middle of this story, this this little window of the time where you you you decide you're gonna get a hold of this palm pilot, and you're gonna clone it and try and get it back to him. Take me through that that part of the story, this little tiny window of time that you have where if you're a second late, the mission's over.

Speaker 1: So we decided I I I sat down with, Kate, who was the special agent on the squad that was running me, that was giving my information, giving me my tasks, who was essentially my handler, right, as the undercover operative, and Rich Garcia, who was the section chief, in FBI headquarters, but also one of the only other people in headquarters because the case was run out of Washington field office, that knew that this was happening. And, and and that was my go to. If everything fell apart, I could I could get to his office. Right? And and Rich was always very heavily armed, especially as this case was being run right under his nose. And I said, look, we gotta get this away from him, and the three of us hatched a plan. And here's how it went. I waited until we were both in his office, and I sent a text where he couldn't see under the decks that we were there on on my SkyTel alphanumeric pager, which isn't really a text, but let's just call it that for convenience. And Garcia comes in unannounced with a assistant director that had been read into the case just for this. And they walk into Hansen's room, into his office, slam $20 on his desk, and say, you and us, the shooting range right now, I bet you that 25 targets out of five we can beat. And Hansen tries to say no, and he tries to beg off, and he says he's too busy. And the assistant director, who is his boss, right, his boss's boss, says that wasn't a request. Get your gear. Let's go. Now Hansen's mad. And when you get someone mad, you can sometimes break a routine, And it worked. He stands up. He grabs his he holsters his firearm, grabs his eye protection, ear protection, and trudges off after them, and for the first time, forgets that PalmPilot. So we're on Room 9930 in the 9th Floor. And I know that the shooting range is all the way down in the Sub Basement, and I had timed how long it would take if I ran and hit the elevators right at the the second I hit the button to get from that range up to the 9th Floor. So I'd planned ahead. Planning is critical in any you know, in in everything we do, right, if you wanna be successful. And as soon as he's down there shooting, I get another text saying he's in pocket, and I go to the bag, and there's the PalmPilot. And not only PalmPilot, the data card and a floppy disk. I I've rifled the bag and went through all four pockets, ran down three flights of steps, handed over to a tech team that started copying it one to one. And, yes, the the data card was SanDisk data card and the palm were encrypted, and And they said, we're just going to copy it one to one and then crack it later. I said, great. Get it done. And as this is happening, I get another text saying out of pocket coming to you. So I actually have seen the CCTV footage. He he sends his target down range. He empties a clip. He brings it back. It's a wonderful little grouping of shots. He was a dead shot. Holsters his firearm. He doesn't even pull the paper off of the, the the target clip and just abruptly leaves, probably because he touched his bottom and realized he didn't have his PalmPilot and was wondering how much do I actually trust Eric. So he's on his way up. These guys aren't done, and I'm freaking out a little bit. And I told them that I need the devices. They're like, we're almost done. Don't worry. I said, you don't understand. He's armed and angry. I'm not armed. I'm not gonna win. He's gonna shoot me. So I do get it up there. So I I grabbed the devices. I ran, and, I managed to get into the office moments before him. I kneeled down in front of his back, felt really good about myself, and I realized I had three devices and had gone through four pockets, and I had no clue. I couldn't remember for the life of me, which they came out of. So I'm trying to figure out this mad scramble like this. I think this one here, and I think the floppy disk was next to the palm, but the the data card definitely wasn't and wasn't on this side of the bag or the other side. And I know that Hansen is the most meticulous person on on Earth, so, you know, it has to be perfect Mhmm. Or he'll know. And as I'm just trying to figure this out and remember, I hear him coming through the door. So I just dropped off a three devices, you know, zipped all four pockets. I probably made the sign of a cross and said a prayer and ran to my desk and sat there, trying not to sweat, and and put the best poker face I've ever put on my face. He swarms through the office, glares at me, slams his door, and, of course, I hear zip. And at that point, I was thinking I should not be here. I should be out I should be running down to Rich Garcia's office. Right? Right? The escape hatch. But I knew that, in that that paradigm of suspicion and paranoia, if I wasn't there when he came out, I I think he would have been pushed so far into paranoia that he would have cut and run. We knew at that point he was going to make a final drop. We knew at that point he was the spy we were after. We just had to catch him at that final drop. That was the smoking gun we needed, that information. I was just betting everything it was on the Palm Pilot. So even if I got it wrong, I had to talk him in, or else, you know, this case would never be over. And, he comes out of his office. He leans over my desk, and he asks me point blank, were you in my office? And I told him, yeah, I was. I put a memo in your inbox, which I had, right, as a pretext, just in case. And he just holds that look, seeing if I'll break. I don't. And, and he leaves for the day. He tells me, I never want you in my office again, and he leaves for the day. And then as soon as he closed that door, then I let myself fall apart. Right? And within about a week and a half, he is on this bridge in Foxstone Park in Vienna, Virginia. He stands on the bridge and makes sure that he's all alone. It's the Sunday before President's Day in February. He looks around, and when he feels he's alone, he reaches into a sport coat for his, package of secrets. He slides him under the bridge, which has been his drop site for his career, and then, leaves the way he walked in, sets a signal on a sign to let the Russians know he's loaded the drop. And then as he approaches his car, two vans screech to a halt, and FBI agents jump out and point guns at him, to arrest him. He drops his keys, raises his hands, and he says, the guns are not necessary. And then he says, in a very handsome way, what took you so long? And he was arrested and then, plead guilty to espionage against The United States.

Speaker 2: And he says, what took you so long? This is not an important detail. But do you think that was off the top of do you think that was off the dome? Had he rehearsed that in front of the mirror? How long do you think he'd been planning if and when this all goes down? I know what I'm gonna say.

Speaker 1: I I think I I truly think he didn't believe he was gonna get caught, but he always had to be in control. And by saying that, he was taking back control. Like, maybe you caught me, but you're the screw ups because I got away with it for over twenty two years. Mhmm. Right? And and by the way, we not you know, talk about a win. We not we not only knew when he where he would be at that park in Foxtone Park to load his last drop, but when? At 07:13 at night, because the PalmPilot is a big digital calendar. And once we decrypted it, that was the smoking gun that told us where he would be and when so we could record him making that final drop to the Russians. It was such a slam dunk airtight case. Yeah. Even his attorney who was the best attorney, the Plato Contreras, who was, like, the attorney every big spy hired. Right? You know, told him you don't have a you don't have a hope. In fact, our best bet here is to to make sure you don't get the death penalty.

Speaker 2: The Palm Pilot. You made reference. This is his calendar. The Palm Pilot is what led you to know he was going to be doing this drop on this bridge, which is how you finally caught him. Do you remember what it was inside of the Pompa lately? What is the calendar event for that? Do drop for Russian spy craft? Like, what does it say to let you know this happened?

Speaker 1: I don't exactly know. What what he did is he would put various dates in there because

Speaker 2: Got it.

Speaker 1: The way that the way the espionage at this level worked still does in some cases, but, you know, now all espionage has changed. My entire first book is about that. Right? But in the old days, you would have a pattern of, scheduled dead drops and signal sites, and the goal is to never be in the same location. The intelligence officer is never in the same location in time as your asset. So you're constantly doing your surveillance detection runs, looking for signals, saying the drop is loaded, going and collecting the information, then you do you go out another day, you set your signal, you do your SDR, You load the money in a different drop site, and then your asset goes through the same process and picks it up. But all these dates have to be coordinated usually like a year in advance. So what Hanson would do is he would put them into his PalmPilot, the dates of these things, and, he had some sort of math. It was like a multiple, so it was never the actual date, but some of the earlier information I was able to steal from him gave us that multiple. So we were able to decrypt the PalmPilot, see all the dates plugged in, multiply it by his number, and then, find out when he was going to make that last drop. And we were shocked in that it was literally right around the corner. So we it was just great serendipity that we were able to execute that last operation and get that palm in time.

Speaker 2: You were able to decrypt it. We skipped over that part of the story where he's talking all of this big game about how well encrypted this Palm Pilot is, and you were able to decrypt it.

Speaker 1: Well, not me personally, but, yeah, analysts at the and, you know, like, I'm not exactly sure who at the FBI, you know, whether it was a team at the FBI or whether they leaned on the NSA. Remember, you know, the the government has all those assets. Right? They can say, hey, guys. This thing's encrypted, and then the NSA just crushes it. Right? Yeah. Right. So, so I I would suspect, but, but yeah. So they were able to decrypt his bomb pilot, break the encryption, and then, see those dates?

Speaker 2: So 2023, Hansen, he he dies at his cell. After that point, and this is kind of truly, truly done, what is the legacy of all of this?

Speaker 1: Well, the legacy is the fact that there will always be spies, that the trusted insider is still one of the most dangerous dangerous, breaches for any organization. And, you know, more specifically, that if you don't prepare, and and now we're talking about cybersecurity, ahead of the event, if you wait for that pressure situation, then, you will lose. Because, cyber espionage, cybercrime, cyberattacks right now, which is the way that espionage happens today, and, you know, if you read my second book, Spies, Eyes, and Cybercrime, I prove that cybercriminals have modeled spies. They've taken the best tactics and techniques from espionage, and they've deployed it. In fact, they've hired spies, intelligence officers to come work for them, these cybercrime syndicates and groups. So they have they are working with the best of the best, saying the only difference now between cyber espionage and cybercrime is the outcome. Mhmm. They use all the same tactics. The difference, of course, is that spies wanna steal information and not let you know they've done it, while while cybercriminals do the same reconnaissance, infiltration, quiet exploitation, theft of secrets, and then at the very end, they crash and burn everything, you know, lock you with encryption, destroy data, and then they either wanna ransom your key back to you or they're selling your data back, right, that they've stolen and they, you know, they they promise to delete it or not give it to your competitor or not publish it all over the place. We call that double extortion. So the lessons from Hansen are that you have to prepare for these things. You can't just blindly think it's not going to happen to me because it will.

Speaker 2: I wanna talk about these two groups as we sort of wrap up. You've spent your, you know, post FBI career in cybersecurity focusing on the on the spy side of things first. If there was, like, a Robert Hansen type operating today with digital communication and AI and deepfakes at his disposal, what does that look like today?

Speaker 1: Yeah. Today, and and I do talk about this at length in my new book. Today, the majority of espionage, whether it is done with virtual trusted insiders. Right? So you can have a Robert Hanssen. We have cases where and and I highlight some of them in the book where an individual goes rogue because he's mad and steals data. Right? And, you know, usually, you have to extract it at some way. They're they're saving it to thumb drives. I do talk about one organization that was prepared so they could see that thumb drives were connected to their data, that this engineer was accessing stuff he shouldn't. Right? And reported it to the FBI, and they they did a, an investigation and caught him. But, it's more likely that you will have what's called what I've called a coined the term a virtual trust insider. A rogue spy who externally has co opted the identity of one of your employees. And that's a very fancy way to say they stole their username and password, And they're they're they're using your access in your data and stealing information as you, and you don't even know it. Right? Because you were sloppy, because they were incredibly clever, because they tricked you, and they were able to steal your username, password, and often even your two factor authentication and become you in in the environment, and then either steal information or smash it. This is what happened to, MGM the MGM Grand of Hotels in in, Vegas. It it was a ten minute phone call by a cybercrime group called Scattered Spider who are adept at fooling people in with with basically the modern version of the prank call. You just make a lot of money with it. They were able they did a lot of research and reconnaissance, and they were able to determine who were the systems engineers for MGM. And then going through a lot of social media, they learned all about them. So they they knew the child the answers to challenge questions, and they called the help desk as that person and said, I've been locked out. I need help getting locked in. And within a ten minute phone call, they got the they they got the username confirmed, the password reset, and the two factor authentication reset to something they controlled. Then they were able to, access MGM's systems as the system's administrator and and cause insane mayhem. And the next thing you know, you couldn't check into a hotel, Slot machines weren't working. Your your keycard didn't work in, you know, in the Cosmo, in the MGM Grand, and, in in so many of the hotels because it turns out MGM owns like half the hotels in Vegas. Or your keycard opened every door in the entire hotel. You couldn't make a reservation for dinner. You couldn't, make a reservation to get into the hotel. There were lines at the doors. They were sending guests to other hotels. It was complete mayhem. They were putting cases of water in elevators just in case they got stuck between two floors and they couldn't get to them for hours. Could you imagine that? Yeah. And all because of a cyberattack. So, you know, the fact is that, you know, your identity is so critical, and what spies wanna do is just become you. Make you the bad guy, and you don't even know it.

Speaker 2: We, we tell a lot of cybersecurity stories on this show, and they almost always turn on some moment of social engineering.

Speaker 1: Yes. And

Speaker 2: when I think back to the two of you, Room 9930, and that little that that back and forth, I'm struck by how much social engineering and spy craft are almost kind of synonyms for one another.

Speaker 1: They are. And so my point when I say, in my first book and then again in my second, and every time on on stage, there are no hackers. There are only spies. Hacking is nothing more than the necessary evolution of espionage. My point is that anytime you're dealing with a cyber attack, you are dealing with espionage. You are dealing with social engineering. You are dealing with a trade craft that spans thousands of years and has been perfected into deceiving you into believing that a lie is true and just handing over the keys to your information. And so the only way to defend yourself against these sort of attacks is to become a spy hunter. And so my second book is the is a lot of thrilling stories and all the stories of how this works so that you learn how it works. So if you read Spy Size and Cybercrime, it's written from the perspective of a counterintelligence agent, And the idea of of that kind of training, like the training I got at Quantico, was you have to recognize the attack. You have to see it coming. You can't block a punch if you don't even see it coming towards your face. Right? So I break down the ways that cyber criminals are attacking us, modeling spies into a couple of buckets. Deception, right, because all espionage runs on an engine of deception. Infiltration, you know, you're gonna find your way in quietly without, without your victim knowing. Impersonation and confidence schemes, those are the kind of attacks that are incredibly successful, whether it's a spear phishing email or an AI deepfake that tells you what you wanna hear. And then, of course, exploitation and destruction. Very often, cyber criminals are destroying things on their way out. They're destroying your backups. They're destroying your data. They wanna be the only ones who have your data, so you have to buy it back. And I call the acronym DICE because it's memorable. And each one of those is a teaching moment so that you can see it coming, so you understand you're under attack, because if you can't even see it coming, then you can't defend against it.

Speaker 2: Eric, I appreciate you taking the time to to talk with me. You got a new book out, like you said, Spies, Lies, and Cybercrime, Cybersecurity Attacks to Outsmart Hackers and Disarm Scammers. Where can where can people find that book?

Speaker 1: Certainly. So, you can read all about both of my books on my website. It's eric o'neill dot net. 2l's and and O'neill. Obviously, they're wherever books are sold. If they're not at your local books bookstore, ask them why. You can get it on Amazon, and you can follow me weekly. I do a newsletter that keeps the book alive. I continually talk about new cyberattacks, what you need to know. I do a cyber tip of the week, a spy hunter tip of the week to help you defend against the attacks. And the newsletter is at, erico'neil.net/newsletter, or you can find it on my website if you just click the top banner.

Speaker 2: Eric, thanks for chatting with me. It was a lot of fun.

Speaker 1: Jordan, it's been my pleasure. Thanks for having me on.

Speaker 4: There's a new way to sweet greet. Meet wraps. Handheld, hearty, and made for life on the move. With bold chef crafted flavors, fresh ingredients, and over 40 grams of protein, they're built to satisfy without slowing you down. Try wraps today in the app or at order.sweetgreen.com, available at all participating locations.

Speaker 2: When When I found out I was gonna be a parent, I immediately felt a lot of anxiety and worry. So I went on to BetterHelp to try to look for a therapist to help me with that.

Speaker 8: My relationship with my family and with my boyfriend and with myself were suffering. I really needed help. I was ruminating a lot. Really getting those thoughts out to a therapist and getting feedback was just life changing.

Speaker 2: Discover what BetterHelp online therapy can do for you. Visit betterhelp.com today.