Diplomatic Security Should Return to Basics

In his diplomatic dispatches to the Foreign Office in London, he correctly summed up the Trump administration as “clumsy and inept.” However, the leak of Darroch’s cables resulted in his resigning his position, an event that further worsened relations between London and Washington.

In this current age of encryption applications and cloud computing, the old countermeasures employed to ensure diplomatic security are largely being left by the wayside. In days of yore, the diplomatic pouch, which contained dispatches from ambassadors and ministers around the world to their own governments, was protected by various international conventions. With the advent of the telegraph, telephone, facsimile, computer, and data networks, diplomatic “cables” were encrypted by various means.

In the past, diplomatic security has been particularly critical in countries where there is no official diplomatic representation. The very presence of what are known as “gray embassies” is classified and the compromise of dispatches from these unofficial missions can result in major physical threats to “official cover” and “non-official cover” diplomatic personnel. After the Arab-Israeli war on 1967, the US, Britain, and West Germany maintained such “gray embassies” in certain Arab nations – Egypt (United Arab Republic), Syria, Sudan, Iraq, Yemen – that severed relations over perceived US, British, and West German support for Israel. There are suggestions that Israel maintains such gray embassies in Saudi Arabia, the United Arab Emirates, Qatar, Bahrain, and Iraq (the latter used as a conduit for contact with Iran).

In 1917, during World War I, a breakdown in diplomatic security resulted in a major rupture in relations between Sweden, Argentina, and Germany. It was discovered by US Secretary of State Robert Lansing that Count Luxburg, the German chargé d’affaires in the Argentine capital, was using telegraphs sent to Stockholm by the Swedish Legation and Minister Baron Löwes to embed covert messages to Berlin related to the German U-boat campaign against Allied shipping. The revelation about the Swedish role also infuriated the Argentine government since part of the German campaign was to sink Argentine ships, leaving no traces of German involvement with the hope that the Argentines would blame the British and Americans.

Another diplomatic leak in 1917, prior to US entry into World War I, was that of the telegram sent by German Foreign Secretary Arthur Zimmermann to the German Legation in Mexico City proposing a German-Mexican military alliance that would seek to recover Texas, Arizona and New Mexico for Mexico. Publication of the contents of the diplomatic cable enraged Americans and helped President Woodrow Wilson to propel the US into World War I on the side of the Allies. It was later discovered that the encrypted telegram had been decrypted by British cipher analysts.

The most recent example of a breakdown in diplomatic security was the release to the British press of classified and personal cables from Sir Kim Darroch, the career diplomat ambassador to the United States, and the British Prime Minister and Foreign Secretary. Such diplomatic dispatches are expected to provide select government leaders with honest assessments of the political leadership in the countries to which they are accredited. In Darroch’s case, he did what countless ambassadors and ministers have done throughout the long history of ambassadors, ministers, plenipotentiaries, and diplomatic envoys. In his diplomatic dispatches to the Foreign Office in London, Darroch correctly summed up the Trump administration as “clumsy and inept.” However, the leak of Darroch’s cables resulted in his resigning his position, an event that further worsened relations between London and Washington.

British Foreign Office official Sir Alan Duncan told the House of Commons that the compromise of Darroch’s cables were not the result of computer hacking. In 2011, the US ambassador to Mexico, Carlos Pascual, resigned after WikiLeaks revealed one of Pascual’s classified cables to Washington that bluntly assessed the in-fighting between the Mexican Army and Navy regarding the military crackdown on Mexican narcotics lords. The leaked cables described the lack of faith the US embassy in Mexico City had for not only the Mexican Army, but also the National Action Party (PAN) administration of President Felipe Calderón, in the war on drug trafficking and the Mexican drugs cartels.

Calderón’s lashing out at Pascual was similar, but not as crude as Donald Trump’s criticism of Darroch. Calderón said of Pascual: “That man’s ignorance translates into a distortion of what is happening in Mexico and affects things and creates ill feeling within our own team.” In the case of Darroch, Trump called the ambassador “wacky,” a “very stupid guy” and a “pompous fool.” Trump also called Prime Minister Theresa May “foolish” for ignoring his advice on the implementation of Brexit.

Regardless of the speculation about who leaked Darroch’s cables or how they were compromised to the press, there should be a re-thinking about how such communications are protected during transmittal and the classification and need-to-know requirements that accompany them. There were suspicions in London that it was former British Foreign Secretary Boris Johnson who leaked the cables as a way to give him a leg up on becoming Britain’s next Prime Minister. The political intrigue had Johnson working secretly with Brexit Party leader Nigel Farage in a conspiracy that would see Farage pressing Brexiteers in the Conservative Party backing Johnson against his chief rival, Foreign Secretary Jeremy Hunt. In return, a Prime Minister Johnson would nominate Farage as the British ambassador in Washington. During the 2016 presidential election, Farage actively campaigned in the United States for Trump.

If Johnson – as a former Foreign Secretary – still had access to Darroch’s cable traffic, it would represent a catastrophic failure in security. The United States saw a similar compromise of classified documents in October 2003 when former Bill Clinton national security adviser Sandy Berger used his past position to remove from the National Archives classified National Security Council documents by hiding them in his socks and underpants. The original, uncopied, and non-inventoried documents Berger removed were critical to the work of the National Commission on Terrorist Attacks Upon the United States, also known as the 9/11 Commission.

One of the most-effective cryptographic methods that have long been employed by diplomats and their security advisers to ensure maximum security for classified and sensitive diplomatic messages is the use of the One-Time Pad (OTP), a virtually unbreakable cipher. The plain text stream of a single message is paired with random key stream characters. The One-Time Pad existed before the computer. One-Time Pads contained the key streams, usually blocks of five numbers, for example, “02685,” “41087,” “24061,” and so on. In some cases, blocks of random letters were used. Soviet and other intelligence agencies relied on such OTP booklets to encrypt specific messages to their higher operational commands. After an OTP key stream page was used, it was completely destroyed to ensure that the encrypted message could not be decrypted by adversary signals intelligence agencies intercepting the coded number radio traffic or telephonic voice messages. The OTP booklets used by espionage agencies and diplomats arrived at foreign embassies and legations via inviolable diplomatic pouches, always carried by a foreign ministry official possessing diplomatic passports.

With the advent of email, text messaging, and other convenient means of communications, the security protocols assigned to the transmittal and storage of diplomatic dispatches has waned. Mils Electronic of Austria, the only major company that manufactured One-Time Tape, or OTT, encryption machines used to convert plaintext into 5-bit digital codes – a technological improvement on the old One-Time Pad systems, went out of business in 2018 after undergoing a management “restructuring” in 2017. MILS Electronic, which began operations in Trier, Germany in 1947 and moved to Austria in 1967 to escape pressure to weaken its products for Western surveillance from NATO, was always a bugbear for the US National Security Agency (NSA) and its counterpart, the German Federal Intelligence Service (Bundesnachrichtendienst, or BND). MILS was founded as Reichert-Elektronik in Trier by Willi Reichert, a cryptographer for the German Wehrmacht during World War II. Reichert helped invent the famous Enigma-1 portable encryption machine that utilized three coding wheels that, while providing strong encryption, were ultimately vulnerable to Allied cryptanalysis attacks.

It may be more than coincidental that in 2018, the year that MILS, along with its cryptographic maintenance support for its customers ended, the European Commission’s headquarters in Brussels also suffered a breach for thousands of its diplomatic cables. Many were classified as confidential, secret and “tres secret” (top secret). Among other things, the compromise revealed that Chinese President Xi Jinping referred to Trump’s “bullying” that was reminiscent of a “no-rules freestyle boxing match.”

Regardless of the demise of MILS Electronic, diplomats should realize that one-time pad technology remains the safest means to protect sensitive cables or messages during transmittal. As for personnel security, which was clearly compromised in the case of Wikileaks by US Army Private Chelsea Manning and in Darroch’s case by friends of Johnson and Farage, a system of strict need-to-know and access controls for former officials is paramount.

The security of diplomatic communications can make the difference between war and peace. As long as it is given low priority, there will be future ambassadors like Darroch and Pascual.

Diplomatic Security Should Return to Basics

0 thoughts on “Diplomatic Security Should Return to Basics

Leave a Reply

Your email address will not be published. Required fields are marked *