Gray Day: My Undercover Mission to Expose America's First Cyber Spy
By Eric O'Neill
Crown; hardcover, 304 pages; $27.00; available Tuesday, March 26
Eric O'Neill is a cybersecurity expert and former FBI counterterrorism and counterintelligence operative. He founded the Georgetown Group, the premier investigative and security services firm; serves as national security strategist for Carbon Black; and is the General Counsel for Global Communities, an international charity. He lectures about espionage and national security, cybersecurity, hacking and fraud. and has appeared as a national security expert on CNN and Fox.
In the new book, Gray Day, O'Neill writes of going to work at the FBI's newly created Information Assurance Section, where he was taught by his supervisor, veteran agent Robert Hanssen. It was early 2001 and the world was on the cusp of the digital revolution. This two-man division was tasked with modernizing the FBI's woefully out-of-date and inadequate cybersecurity system, or so it seemed.
O'Nell takes readers inside the high-stakes pressure-packed Room 9930, where he spends each day alone with Hansson. O'Neill has to deal with Hansson's oversized ego and bursts of rage, but he also witnesses the brilliant maneuverings and manipulations he has used for years to stay one step ahead of the FBI.
Hanssen takes a liking to O'Neill and discovers he is an apt pupil, and he begins to teach him the game of spy craft, exposing the flaws and failures of the agency's systems, which he's been able to exploit his new student was paying.
"The spy is always in the worst possible place" was the first lesson given O'Neill, and he termed it "Hanssen's law." In reality, O'Neill knew just how true this maxim really was: his new boss was a spy and he was most definitely in the worst possible place, with unhindered access to some of the FBI's most classified and highly sensitive intelligence.
There was suspicion in the agency that Hanssen was acting as a Russian mole, sharing everything from details about United States weapons systems to the names and identities of American operatives.
At twenty-six years old, O'Neill was recruited for the case of a lifetime, tasked with spying on a master spy and bringing to justice one of the most damaging double agents in American history.
In Gray Day, O'Neill recounts those fateful months spent with Hanssen in an edge-of-your-seat, tension-packed narrative that rivals the greatest spy novels and films. A dramatic tale of spy vs. spy, it is also a cautionary tale that pulls back the curtain on the world of cyberespionage.
As recent events have made perfectly clear, from the Equifax breach to the global Wanna Cry pandemic to threats from China and Russia, cyber espionage us one of the greatest threats we face when it comes to national, corporate, and personal security.
O'Neill uses "Hansson's Law" of "The spy is always in the worst possible place" as a guide to teach about how to keep our information safe in an increasingly digital world.
Gray Day is told in a series of entries in chronological order, such as this one from Thursday, January 18, "After Hansson left the office and the door closed behind him, I counted to a hundred and then walked around to look back at my desk form Hanssen's perspective. Two additional desks presented the illusion that the FBI would assign more staff to Hanssen's tiny section. I had chosen my desk over the other two because it sat in a camera blind spot.
The thought of analysts watching my every move throughout the day had given me the shivers: I was used to being on the opposite end of the camera. After Hanssen's hands-on-my-shoulders trick, I regretted that decision.
"Ghosts are trained to live in the shadows, to not get familiar with our targets. A ghost lives a covert professional life, relying on telephoto lenses, disguises, quick-change outfits, and the ability to disappear into a crowd. We think fast on our feet, are always ready with multiple excuses and explanations, and only show our golden FBI shield when all other options have been extinguished. Breaking cover equals failure.
"I had to remind myself that I was still undercover now. Even though Hanssen knew my true name, I still had a role to play. Still, working undercover as Eric O'Neill lacked all the gravitas of my former alias: Werewolf. As a ghost, I hadn't associated with many agents after my time with Donner's squad; I'd stayed buried where they couldn't learn my name. This is because names are power, and because every now and then an agent went rogue, like Earl Pitts had, and the FBI needed unknown operatives to tail the traitors.
"Code names are typically two syllables because at the FBI, the greatest administrative agency in the world, we have issues with field radio transmission. Remember your childhood games with walkie-talkies? Super-expensive FBI field radios weren't much better in the year 2000. Only one person could transmit at a time, so you needed to count one second before transmit at a time, so you needed to count one second before transmitting and one second after you finished in order to make sure everything you sent made it to the other radios. This delay in transmissions and reception birthed radio codes to simplify the whole process, along with the practice of saying 'over' when you finished speaking. We say '10-7' instead of 'I'm taking a break' and '10-8' when we come back into the surveillance. We use two-syllable names, like Werewolf, to identify ourselves. This way if someone reaches out on the radio and either cuts themselves off early or gets 'stepped on' by someone else keying in, the 'were' or the 'wolf' would still come through.
"So why Werewolf? Code names are given, not chosen. Early in our training, my academy class had stumbled into the Boardroom and instantly fallen in love. There are many secrets for the intrepid explorer to discover in the FBI Academy at Quantico: a library, a screening room, a store, a weight room, a martial-arts dojo and boxing floor, a computer lab, a forensics lab, a devilish obstacle course called the Yellow Brick Road, and Hogan's Alley, a movie-set town the FBI commissioned Hollywood to build in order to train agents. But none of those places had beer.
"The Boardroom was the FBI Academy's bar. It had a military break-room feel, with American flags hung on the wall, and it dished up bland pizza, spicy wings, and beers from half a dozen taps. Patches from the many national and international police students who attended the FBI National Academy police training school ringed the walls Like something out of a science-fiction movie, the FBI Academy students wore identical blue polo shirts and tan Royal Robbins tactical pants. Fourteen wooden boards that looked pulled from a fence hung on the wall, and each had a different letter carved in the center and painted in gold: THE BOARDROOM.
"When my new squad stumbled into the Boardroom, we found a second home. After we had sampled all the beers on tap, someone looked out the tall windows and mentioned that the weak fluorescent lights couldn't dim the majesty of the full moon. Before I could stop myself, I climbed up on a table, threw back my head, and howled. I'd carry the name Werewolf for the next five years.
"Code names also protect ghosts from intercepted radio transmissions or eavesdropping. And just as we mask ourselves, we hide the names of our targets. Hanssen became Gray Day. Investigators never used his true name when referring to the case in order to protect from prying ears, or those who might hear the name by accident. Even in the halls of the FBI, diligence meant holding your trust close to the vest.
"Hanssen posed an enormous problem to the FBI. We couldn't rely solely on surveillance to catch him. He had evaded dedicated spy hunters who had flipped countless stones throughout the intelligence community to examine what crawled out. He knew the FBI's blind spots and had only needed five minutes and a whiteboard to demonstrate the ACS's flaws. In the big-game-hunter world of espionage, Hanssen was a lion."