02-05-2025
From typewriters to TikTok: how espionage evolved from ink to algorithms
Analysis: The lessons from Cold War operation Project Gunman carry a disturbing resonance in the face of today's digital espionage
In the early 1950s, the Cold War was at its height, and tensions between the United States and the Soviet Union were escalating. Amid the nuclear arms race and ideological battles, both sides were locked in a relentless struggle for intelligence, trying to outwit and outmanoeuvre each other at every turn. Interestingly however, one of the most audacious acts of espionage came not from high-tech equipment or clandestine spies, but from something far more mundane: a typewriter.
At the U.S. Embassy in Moscow, American diplomats believed they had implemented robust security measures to protect their communications. The typewriters they used to write confidential documents appeared completely ordinary, nothing about them suggested they were anything but typical office equipment. But in a stroke of ingenuity, the Soviet Union had managed to weaponise these seemingly benign machines. The Soviets had covertly inserted listening devices into the typewriters, allowing them to capture every keystroke made by American diplomats.
The Soviets compromised U.S. Embassy typewriters by secretly implanting keystroke loggers-tiny, sophisticated bugs that transmitted typed data via radio signals to nearby listening posts. Most likely introduced through supply chain infiltration or discreet on-site tampering by unauthorised personnel, these hidden devices operated undetected for years, quietly transmitting classified information. The U.S. remained oblivious as its most sensitive diplomatic and military communications were intercepted in real time.
From Cybernews, The Spy Hack That Made US a Superpower: Project Gunman
The operation, later revealed as Project Gunman, was an extraordinary example of hardware-based espionage, relying on a combination of technical craft and deceptive simplicity. It wasn't the kind of sophisticated digital hack that would dominate headlines in the decades to come - it was a physical, in-person infiltration, where the most basic office tools were turned into tools of national sabotage. The Soviets had successfully harvested a wealth of classified information, including critical military strategies and diplomatic secrets. This covert operation stayed undetected for a remarkably long time, proving just how vulnerable even the most secure communication systems can be when overlooked by those who use them.
The Soviets' ability to transform a piece of office equipment into a tool of surveillance was a masterstroke of subversion, providing an early example of how easily trusted technologies can be turned against their users. The principle of deception remains critical in modern intelligence operations, where adversaries routinely manipulate the technologies we trust to conduct surveillance, gather intelligence, and influence our actions.
The lessons from Project Gunman carry a disturbing resonance in the face of today's digital espionage and cybersecurity threats. Take TikTok, the popular Chinese-owned social media platform, which has become the focal point of global concerns about data security. TikTok isn't merely an app for dance videos and viral trends-it is a massive data collection machine. The app collects a staggering amount of personal data, far beyond what most users realise: location information, browsing habits, device identifiers, and even biometric data, including facial recognition and voiceprints.
From RTÉ Radio 1's Today with Claire Byrne, Signal security saga: more trouble for Pete Hegseth
TikTok's parent company, ByteDance, is based in China, raising serious questions about how the Chinese government might gain access to this treasure trove of data. Critics fear that the app's massive user base makes it an ideal tool for conducting global surveillance on a scale previously unimaginable. In this context, TikTok becomes not just a social platform but a potential tool for influence and information operations.
The typewriters of the Cold War era have been replaced by our smartphones, social media apps, and everyday digital services, each of which could be exploited by foreign actors to compromise national security or manipulate public opinion. It's important to note that while many social media platforms collect vast amounts of user data, the concern with TikTok lies in the potential access that certain nations may have to this information.
Indeed, the U.S. government has expressed significant concern over the potential risks posed by TikTok, citing China's surveillance laws that could compel ByteDance to hand over user data for espionage, political manipulation, or national security threats. Under Chinese law, any company operating within the country can be legally forced to assist with government data requests, leading critics to argue that, despite ByteDance's claims of independence, the company could still be subject to Chinese government pressure.
From DW News, Could TikTok 'go dark' in the US? Another 75-day reprieve granted
These concerns were voiced through official statements, hearings, and legislative actions, with lawmakers, intelligence agencies, and security experts warning about the potential misuse of TikTok's data. Congressional inquiries and public warnings raised alarms, prompting discussions on the possibility of banning the app or forcing the sale of its U.S. operations. The bipartisan push to ban TikTok in the U.S. was based on the belief that TikTok's data harvesting capabilities posed a significant threat to national security, as this treasure trove of data could be weaponised by the Chinese government to gain unprecedented insight into the personal lives of millions of Americans.
The ripples of these malpractices are still being felt, as recent revelations show that senior members of the Trump administration used Signal to share sensitive, and at times classified information - including war plans - while unaware that their conversations were being eavesdropped on. This raises serious questions about the context of using commercially available apps for secure communication, and the broader implications for both individual privacy and national security. Signal's end-to-end encryption has long been touted as a gold standard for protecting private communications. It is used globally by activists, journalists, and even government officials to safeguard their messages from surveillance. However, the use of Signal by high-ranking officials, including those with access to sensitive government information, underscores a troubling potential vulnerability: reliance on commercially available apps for secure communication, when these apps are not subjected to the same level of scrutiny or accountability as classified government systems.
A key vulnerability also comes from metadata, which is data about data. Even with strong encryption, metadata can reveal who is communicating with whom, when, and from where. While Signal's encryption may prevent unauthorised users from easily intercepting the messages, the fact that these individuals were using an external, third-party application to discuss critical security issues points to a deeper vulnerability: reliance on commercial platforms that could, intentionally or inadvertently, expose sensitive data to foreign adversaries. At the end of the day, Signal is a tool, and if you misuse a tool, bad things will happen.
Drawing from the lessons of Project Gunman, we can see how vulnerabilities in communication tools - whether physical or digital - can have far reaching consequences. TikTok highlights the risks of data collection on a massive scale. What started as a fun, user-centric app has become a vehicle for potential political manipulation, with its data being accessible to foreign powers. In contrast, Signal presents a different challenge: while it provides secure, encrypted communication, it remains a third-party app that could still be compromised through misuse. The use of Signal by high-ranking officials shows that even encrypted platforms carry inherent risks, such as accidentally granting unauthorised parties access to highly classified material.
It's crucial to recognise the eerie symmetry between the past and present. Once, secrecy was something we guarded with locks, codes, and vigilance. Today, we give it away - freely, carelessly - with every tap, swipe, and click. The typewriter's keystrokes were once stolen in silence; now, the buttons we press willingly record our lives in plain sight. And that data - our thoughts, habits, desires - isn't just collected. It's watched, analysed, and weaponised by those who understand its power better than we do.
The technology may have evolved, but the risks of data interception and exploitation remain deeply rooted in the nature of human interaction with devices. The past reminds us that if we aren't careful, the tools we trust most can become weapons in the hands of others. And just as the U.S. government had to reckon with the consequences of its blind trust in the unassuming typewriter, so too must we carefully consider the risks of the technologies we now rely on for communication and decision-making in an increasingly interconnected world.
