Keyloggers in electric typewriters: how Soviet intelligence agents monitored US diplomats.
• Did you know that the world's first keylogger appeared in the 1970s ? It all started with Soviet intelligence agents who placed bugs in the IBM Selectric typewriters of American diplomats to monitor their business correspondence.
• Such implants (bugs) were a real engineering marvel. Portable devices were sewn into a metal plate running the entire length of the machine, which allowed the bug to be hidden from prying eyes. Such a device could only be detected using X-ray equipment, and the location of the bug had to be known exactly. Interestingly, the bug could record all letters and numbers, but did not record spaces, indents, or hyphens. The transmission of information received by the bug was carried out in real time!
• The bugs were discovered after more than 10 tons of equipment seized from the U.S. embassies in Moscow and the U.S. consulates in Leningrad were dismantled and analyzed and returned to the United States. The implants were found in only 16 typewriters from 1976-1984 . The search for the bugs began only after the U.S. received information about similar devices from "partners" who had been subjected to the same type of "attack" by the USSR. For eight years, the bugs remained undetected and transmitted information to Soviet intelligence.
• The operating principle of the bugs was not entirely clear. Some experts believed that it determined the difference in time for printing each symbol. In Selectric -type machines, to print each specific letter, the ball with symbols had to make a revolution. And printing each symbol takes a certain amount of time, different from the time required to print any other symbol. According to experts, the device transmitted the sounds of printing, and Soviet specialists identified them, deciphering the document printed by the Americans.
• In fact, the device installed by the USSR intelligence officers was more advanced and independently determined the printing symbols. The bug determined some features of the movement of the typewriter mechanism, and the magnetic energy received by the device's sensors was converted into a digital electrical signal. The signals were compressed into a four-bit sequence. The bug could store up to 8 four-bit symbols. When the buffer overflowed, the bug's transmitter transmitted the information to the intelligence officers' receiving device.
• There were some peculiarities in the operation of the device. For example, the bug could not record pressing keys that did not rotate the ball with symbols. That is, the space, indent and some other text editing keys were not recorded.
• There were 5 variants of bug models. Three types worked with direct current and contained up to 10 batteries. The other two types worked with alternating current and reported whether the machine was on or not. Some elements of the machine were used as an antenna. The first three models of bugs were autonomous.
• Each device had a magnetometer that converted the mechanical energy of keystrokes into magnetic perturbations. The electronics in the device responded to these perturbations, analyzed the data received, and transmitted the data to the nearest receiver. The data was transmitted via a radio channel. The implant could be controlled remotely. The installation of the bug by a qualified mechanic took only about half an hour. The bugs were equipped with a microcircuit that was very advanced for that period.
• Remote control was needed to turn off the bugs when inspection commissions arrived at US embassies and consulates. Over time, the US developed devices that could detect such bugs, but the problem was that to detect a spy device, the machine had to be turned on, the bug turned on, and the detector tuned to a specific radio frequency. Soviet engineers tuned the bugs to frequencies used by local TV stations.
➡️
https://arstechnica.com/how-soviets-used-ibm-selectric-keyloggers-to-spy-on-us-diplomats
