Intelligence: Virtual Honey

Archives

July 22, 2020: The Indian military continues to have problems with its personnel being recruited as spies by Pakistani agents pretending to be an Indian woman looking for love. This is called a “honey-trap” and it is a classic espionage technique that has adapted to the Internet Age. This new version involves Pakistani agents operating via the Internet to engage Indian military personnel and then persuade or entraps them to be a regular supplier of information. The latest case was unusual in that the man honey-trapped in 2019 later agreed to provide more information on an ammunition depot and a firing range. Eventually, with the aid of a friend, this new spy offered to collect and email even more information and get paid for it. Both men were civilian employees of the army. The honey-trap victim received about a thousand dollars and passed on $120 to the associate he recruited. Both men were arrested in 2020 and are being prosecuted for espionage.

The honey-trap in this case was in the form of a Facebook page and WhasApp account set up the Pakistani handler to represent an attractive Hindu woman. The Facebook page is used to attract men with a military connection and the Pakistani intel operative running the Facebook account screens Indian men seeking to find likely candidates for development and recruitment. This is classic “social engineering” and also classic spy craft.

Before the Internet it was more time consuming and dangerous for an agent to go out looking to sources among the enemy. Pakistan and, to a lesser extent India, have developed this method to a high degree of effectiveness even though both Indian and Pakistani troops are warned of the existence of this sort of thing and the risks of getting caught in a honey-trap.

The Pakistanis have been very creative in their use of honey-traps. This was demonstrated in early 2018 when a female Pakistani agent called an Indian army staff officer serving in the headquarters of a unit stationed in northern India. The Pakistan spy said she was from the Army Wives Welfare Association but was informed that the officer she wanted was away from the office. Her call was transferred to a 25-year-old corporal. The Pakistani agent found the corporal suitable for entrapment and during their brief phone call persuaded him to contact her via her Internet accounts on WhatsApp and Instagram to continue their conversation. That was how the Pakistani agent “developed” the corporal as a provider of information on Indian army troop movements.

Indian military intelligence was, by then, well aware of how these Pakistani “honey traps” worked and knew what signs to look for. Soon the Indian counterintelligence operatives were monitoring the corporals’ activities and did so for over five months before making an arrest. None of the information the corporal passed on was of high value so Indian intelligence was apparently hoping to gather more information on this female Pakistani agent and what kinds of tradecraft (techniques) the Pakistanis were currently using. In more and more of these Pakistani honey trap efforts, it turns out to be Indian counterintelligence that is the major player.

Most casual observers, who just see these events described, fail to realize that most of the data obtained from the corporal was low-grade stuff and that the Indians involved detected the honey trap early and simply monitored it to obtain more data on how Pakistan intelligence operated and noting what they were asking for. If something truly important was requested the honey trap op would be shut down.

The Indian military has proved very vulnerable to these honey trap tactics, but in part that was because the Pakistanis tried it a lot and had a hard time getting to and entrapping really good sources of information. Such cases must involve officers with access to important and closely held information. These officers were regularly warned to be careful and were given updates on entrapment techniques. In response the Pakistanis modified their tactics in late 2018 by having agents go after more young enlisted soldiers and seducing low-grade information from them in the hope that this might lead to something more useful than detailed photos of equipment and information about unit locations and operations from a junior soldiers’ perspective. A lot of what junior troops could provide could be easily found on the Internet, without hacking into well protected databases.

In early 2019 it was revealed that Indian counterintelligence had uncovered a honey trap campaign that had already apparently ensnared dozens of Indian soldiers seduced into providing information. In some cases, cash payments (under a hundred dollars) were involved as well. But the main idea was to develop many low-ranking troops who could be used for extended periods to provide low-level data that Indian counterintelligence operations would not detect. That may have been too optimistic because the Indians were trying to monitor a lot of these low-level honey trap victims to turn the tables on the Pakistanis and gather information on the growing number of Pakistani male and female operatives who carry out these operations from the safety of Pakistan.

All this was another battle in the decades long espionage war between Pakistan and India. Just like the more conventional wars, Pakistan has fought with India since both states were created, Pakistan has never won any clear victories. Intelligence operations tend to be sustained, not episodic like past wars between  Pakistan and its larger (by about six times in terms of population and GDP, somewhat less in military terms) neighbor. Pakistan can take credit for accomplishing more than the size discrepancy indicates but this, like many Pakistani military actions, seem directed more at impressing Pakistanis in general than in doing any significant damage to their chosen archenemy.

What the Pakistanis have had a hard time with is using more sophisticated and effective honey traps capable of recruiting officers. There was a case where two officers (one air force, one army) were arrested after getting caught stealing, or attempting to steal, classified documents for a girlfriend they met on the Internet. A common venue for these seductive intel operatives is Facebook, which lends itself to the honey trap technique. The Internet has made it easier for this social engineering technique to work because instances of men and women meeting each other virtually are so common. A skilled intel operative can then seduce secrets out of the victims, who are usually men, but women have been entrapped as well. Since Internet access via cell phones became so common in Asia after 2010 the “virtual honey trap” has become more popular in many parts of the world. By “virtual” is meant that military men are seduced by virtual women via social networks where the recruiters use photos and talk of eventual physical contact in exchange for digital photos of documents sent via encrypted apps like WhatsApp.

The use of virtual honey traps first became known when it was used against Indians by Pakistan. But these techniques were also used against other nations (Taiwan, South Korea and Japan) by China. The most details are available about the use of these techniques by Pakistan against India. These details began to emerge after 2012. It all began when India became more effective at catching traditional Pakistani spies. Over the years India learned how to quickly detect, identify and arrest these spies as well as their Pakistani handlers. As a result, Pakistan began switching from using agents inside India to recruiting and managing spies via the Internet. The highly trained Pakistani agents could remain safe in Pakistan and develop techniques to find and manage Indian spies via the Internet. India still catches these traditional spies but has come to discover that there are a lot more of them. Since 2015 over a dozen have been arrested. This included four post office employees who were intercepting mail sent from one Indian base to another and looking for salable information. That was passed on to Pakistan, which paid well for this stuff. Often the information was literally phoned in using hard-to-trace SIM card supplied by the Pakistanis.

Pakistan accepted the risk of these spies getting caught because the payoff was often considerable. For example, in early 2015 Indian police arrested an employee (a cameraman) for the government defense research organization (DRDO) and accused him of spying for Pakistan. The suspect was accused of passing on information about missile research and tests and doing so for up to ten months. The suspect admitted that he had met with ISI (Pakistani intelligence) agents in India several times in 2014. Apparently, this man was caught because Indian intelligence was monitoring ISI agents. It’s unclear why the Indian man agreed to be a spy, although money appears to be the most likely motivator.

Honey traps are less frequently encountered in South Asia and the most common method is still simply offering cash. An Indian army clerk was arrested earlier in 2014 for doing that. In early 2013 India police arrested four Indians and accused them of working for ISI and passing on information and documents for at least three years. That spy cell mainly operated near the Nepal border and cash was the main motivator.

Pakistan is constantly seeking Indian military personnel willing to spy for cash or sex. Even most Indian Moslems have no love for Pakistan and thus ISI concentrates on the greed, need or blackmail approach to recruiting Indian agents. India does the same in Pakistan, but India is a far larger target and has more secrets Pakistan wants. The virtual honey pot, however, has turned out to be very effective and apparently cheaper than the traditional methods of offering cash and using physical contact (between foreign handler and local recruited agent). More effective forms of encrypted Internet communication also help as does the fact that so many of the people targeted have smartphones and regularly access the Internet via those devices.