In 2017, the National Security Agency (NSA) used its official Twitter account to send coded messages to a Russian contact who claimed to have stolen NSA data from a hacker group called The Shadow Brokers.
The NSA sent nearly a dozen coded messages throughout the year, with each tweet appearing benign but containing a hidden message for the Russian contact.
Some of the tweets were self-promotional, while others celebrated historical facts. The exact number of coded messages sent by the NSA and its associates through Twitter is not specified, but it is known to be around a dozen.
The NSA’s communications with the Russian contact were part of a deal in which the agency paid $100,000 in hopes of obtaining information about The Shadow Brokers.
However, the Russian contact did not deliver the promised documents but instead provided links associating Donald Trump with Russians.
The deal ultimately fell through, but not before the first $100,000 installment of a $1 million agreement was paid.
Spy agencies have a long history of using public outlets to deliver secret messages, such as numbers stations or cryptic classified ads. Now, however, they’ve adapted to the internet era. Both the New York Times and the Intercept have learned that the National Security Agency used Twitter to send “nearly a dozen” coded messages to a Russian contact claiming to have agency data stolen by the Shadow Brokers. Reportedly, the NSA would tell the Russian to expect public tweets in advance, either to signal an intent to make contact or to prove that it was involved and was open to further chats.
The tweets were sent throughout 2017. Some were the usual self-promotion, including advocacy for the FISA section authorizing the NSA’s warrantless mass surveillance. Others were slightly arbitrary historical facts, such as celebrating the 177th anniversary of the telegraph patent. It’s not clear how many of these messages were crafted just for talking to the Russian versus ordinary posts.
The social network communiqués didn’t amount to much. The NSA paid about $100,000 to the Russian in hopes of recovering Shadow Brokers data, but cut off the deal when he instead presented info claiming to link President Trump and associates to Russia. Only some of that information was verifiable, and the NSA was reportedly concerned this could be part of a Russian government campaign to sow chaos in the American administration.
It’s unknown how common this practice is, both on other social networks and from other agencies. However, it wouldn’t be surprising if there have been other instances. This lets intelligence bureaus orchestrate clandestine communications with little effort, and no way of knowing about the secret meaning (outside of leaks like this, of course) if you’re not directly involved.