Hacker Lexicon: What Is a Dead Drop?

A mainstay of spycraft still has plenty of relevance in the digital age.

For almost three years starting in the fall of 2015, a 56-year-old Chinese-American tour guide named Xueha “Edward” Peng would periodically carry out a strange errand: Every few months, he’d book a room at a certain designated hotel—first in California and later in Georgia—and leave $10,000 or $20,000 in cash in the room, inside a dresser drawer or taped to the bottom of a desk or TV stand. Later, he’d come back to the room and search out an SD card similarly taped to the underside of a piece of furniture, sometimes in a package like a cigarette box. He’d pick it up, leave, and later board a flight to Beijing, where he’d personally deliver the card full of classified secrets to his handlers at China’s Ministry of State Security.

According to court documents, Peng was carrying out a practice intelligence agents and pawns like Peng have used for years, known as a “dead drop.” That term of art was helpfully defined by the FBI special agent who would later sign the criminal complaint charging Peng with espionage: “A dead drop is a method of spycraft used to pass items or information between two individuals using a secret location thus not requiring them to meet directly, so as to maintain operational security.” Peng agreed to plead guilty to the charges on November 25.

A dead drop, in other words, is a coordinated handoff in which a source leaves a physical object—papers, data, cash, or even secret machine or weapons parts—in an agreed-upon hiding spot. The recipient can then retrieve them more easily, and with less chance of being spotted, than they could in a simple meet-up. As old-school as that trick may sound in an age where gigabytes of digital contraband flow freely around the internet, Peng’s case shows that the venerable dead drop remains a very viable tool of the spy trade.

“A dead drop is a way to control exactly how and when a package is delivered and who has the the ability to pick it up.”

RUNA SANDVIK, SECURITY CONSULTANT

As rarely used and paranoid as they may sound, dead drops still benefit those who want to send information or an object to a recipient undetected or anonymously, says Runa Sandvik, a security consultant who has worked as the senior director of information security at The New York Times and a developer for the anonymity software Tor. “Meeting a reporter or a source in person may not be ideal. You can send something in the mail, but then you’re trusting another party, and the mail service may be able to inspect and review the contents before it’s delivered,” says Sandvik, who adds that she has, in fact, helped to arrange a dead drop between a reporter and a source in the past. “A dead drop is a way to control exactly how and when a package is delivered and who has the the ability to pick it up, to control more of the variables and never have to meet in person.”

For intelligence agencies, dead drops have been mainstay for decades. Vladimir Rezun, a defector from the USSR’s GRU military intelligence agency who wrote a series of books about his experience under the pen name Viktor Suvorov, describes in his memoir Inside the Aquarium how setting and checking dead drops was a core part of his routine as a Soviet spy in the 1970s.

“Every free moment we have is given over to looking for these dead drop sites,” Rezun wrote. “We poke about in corners. A spy needs hundreds of these places, the sort of where he can be absolutely sure of being alone and know that he has nobody on his heels, where he can hide secret papers and objects and be quite certain that no children from the street or chance passers-by will find them, that there’s not going to be any building work going on and that there will be no rats or squirrels, no snow or water to damage what has been hidden. A spy has to have many such dead drops in reserve and must never use the same place more than once.”

Both CIA agent Aldrich Ames and FBI agent Robert Hanssen, who betrayed their employers to become double agents for the KGB in the 1980s, used dead drops to feed secrets to their handlers, too. Hanssen, for instance, would hide documents and computer disks in a bag of trash hidden under a footbridge over a shallow stream in a Northern Virginia park. He’d then place a piece of tape on a signpost in the park to signal to his Soviet contacts that he’d “loaded” the dead drop and that they should check it.

In more recent years, cryptographers and privacy-focused software developers have been working to replicate the anonymity and stealth of a physical dead drop in digital form. The software tool SecureDrop, which WIRED uses along with several other news outlets, allows sources to send tips and documents to journalists over the anonymity network Tor. In theory, that covers their tracks and cuts the forensic trail just as completely as a dead drop, without any risky physical legwork and allowing for much longer distances. (The name of the original SecureDrop prototype was, appropriately, DeadDrop.)

article image

The Grand Tor: How to Go Anonymous Online

BY ANDY GREENBERG

But when a source and recipient want to exchange a physical item, software isn’t enough. The Russian Anonymous Marketplace, the most popular dark web drug market in Russia until it was taken down by law enforcement two years ago, used a combination of Tor and dead drops to help dealers distribute their wares to customers. Once a buyer and seller found each other on the Tor-protected market site and made a deal in private chats, many of the site’s Moscow-based dealers would offer to leave the buyer’s amphetamines, ecstasy or heroin in a dead drop somewhere in Moscow, usually communicated via GPS coordinates and a photo. Some users on the site complained in reviews that overly imaginative dealers had forced them to trek through the woods—one wrote of being startled by a moose in the process—or required them to find the exact city bus where their drugs were hidden under a seat.

All of which is to say that, even in the digital age, dead drops—for espionage, journalism, or even geocached drug deals—aren’t obsolete just yet. That plastic bag in the ditch in your local park or envelope taped to the bottom of your bus stop’s bench may be more interesting than it looks.

All Rights Reserved for ANDY GREENBERG

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.