B (16:54)

Yeah, so Robert Hanssen was the most devastating spy in FBI history and one of the most devastating spies in US History. He spied for the Soviets and then the Russians for over 20 years. Yeah, over 20 years. He started first volunteering to the GRU, which is their military intelligence, in the early 1980s. And then circa 1985, he volunteered to the then KGB. And he just compromised so many sensitive intelligence operations, human sources, the tunnel that we tried to dig underneath the Soviet embassy at the time. So he was just utterly devastating. And he was an FBI agent. So I physically worked with him during my time when I worked in Washington.

A (17:49)

D.C. well, tell us about that. You're working with someone in the agency. And is it fair to say that for certainly at the beginning you thought that this was just any other colleague?

B (18:02)

Absolutely. There was nothing that in his behavior that would indicate that he was such a devastating spy. Now we knew that there was a spy that was going on because there were a number of operations that had been rolled up unexplained that there was a spy at the CIA named Robert, I mean, Aldrich Ames, who actually recently just passed away a couple weeks ago. And so once he was arrested, they debriefed him to see what he compromised. And then there was this whole big list of operations that Ames had no connection to. So that we knew that there was another spy in the U.S. intelligence community. But we didn't know where that was. Initially, we thought it was in the CIA. And we were investigating a CIA officer for a number of years that had connections to, let's say, 85% of those hundred, let's say, you know, operations that were compromised. So we thought we had the right guy. But then it turned out it really was not at the CIA. It was at the FBI, and it was Robert Hanssen.

A (19:15)

What was your role then? I mean, this is 25 years ago. Today is the anniversary of his arrest. What was your experience level and role in the agency then?

B (19:26)

So I was just a street agent on one of the counterintelligence squads at the Washington field office investigating, investigating the svr, which is the current Russian intelligence service. So we investigated the intelligence officers that were stationed under diplomatic cover at the embassy that would handle any penetrations into the US Government. So we were tracking the intelligence officers. We had seen that they were doing operational activity and other things that were indicative of agent handling, but we just didn't know who that was. One of the agents on my squad work with Mike Rochford, who, if you haven't read his story or saw him at the spy Museum, I recommend all listeners to go check out Mike Rochford. But he. At the end of the day, one of my squad mates and Mike Rochford put together an operation where we recruited a former KGB officer that actually was the Moscow handler of this penetration of the US Government that we were searching for. In that agent provided us basically the dossier and other materials to help us identify who this penetration was. So Mike led that operation, and we were able to get those materials and what we thought it was, the CIA officer. Now we got these materials. And so this was, I guess, circa the fall of 2000, so let's say November 2000. And we got all these materials that were passed, and they were all FBI documents. And we were like, wait a second. This doesn't appear like a penetration of the CIA. This appears like this is a penetration of the FBI. And two main pieces of evidence that we got there was. One was a tape recorded message between the penetration and the KGB handler that occurred many years ago, that it was a phone call that the KGB had recorded. And one of the analysts at headquarters had worked with Robert Hansen for many years, and he listened to that tape and he said, that's Bob Hansen. And so we were like, okay, now. Okay, now we have a problem. And this really sounds like Bob Hanson. And then we also got a trash bag that was used to wrap materials that the spy had passed. And we were able to extract a fingerprint from that, which came back to Bob Hanson. So now we knew Bob Hanson was the spy, and now we needed to prove it because we had all these other materials. And to try to get, like a former KGB officer to testify in trial, that's a little bit difficult. So really, Louis Free at the time was the FBI director. He's like, you have to arrest this guy. So my job and a lot of my squad was we were out with the SSGs, which is the FBI Special Surveillance Group. And we were following Hanson, you know, day to day, 24 hours a day, from November of 2000 until his eventual arrest. So just basically really learning the patterns. And then we had other groups that were putting microphones in his office. You may have saw the movie Breach, or read other material where Hanson was working at the State Department at the time that we identified. So we had to move him back to FBI headquarters where we had a little bit more control over him and his comings and goings, and we could do some searches and really see what he was doing to try to get that evidence.

A (23:22)

Tell us about the day of his actual apprehension, lead us up to that moment, because you were there.

B (23:30)

Yeah, so this was fascinating. So we had did a covert search and we had backed up his Palm Pilot, which was, you know, you and I remember, state of the art time. Yeah, exactly. Way back in the day. And Hansen loved technology, so he put everything in his Palm Pilot, including messages from the Russians to him. So we had identified new dead drop sites and new signal sites. So when we got those, I went out and did all the photographs of those sites. So the photographs that you see that were released by the FBI, yours truly took them. You could see my shadow in some of them. So I used to like to say I was in the shadows. But we knew that one of the dead drop sites was called Ellis, the codename Ellis, and that was at Foxstone park in Vienna, Virginia. So it was going to be underneath the bridge. And the signal site was this sign right at the beginning. So we knew that that was a dead drop site. And then in his Palm Pilot, he had on this date, February 18th, which was a Sunday. He had Ellis at 8pm was the time. So we thought, well, the dead drop is going to happen at 8pm on that Sunday. So, you know, the FBI director again was like, look, we want to catch him in the act. We want to get him dropping materials to the Russians. So. So we all prep for that. So my job was I was part of Arrest Team two. So we had two arrest teams. One that was more of our SWAT team, that was our main one that wanted to get. And then my team was the backup arrest team. And if he came out one end of the park, and then my team was to get the Russian, if the Russians were going to go and do the dead drop and drop materials or money. So we thought it was going to happen at 8pm at night. So this is how things just luck happens, you know. So we, we actually weren't going to get on site until 6:00pm, like, so we're like a couple hours early. But we decided really that we're going to get on site at 3 o'.

A (25:54)

Clock.

B (25:54)

So we were like, hey, let's just go out and do it. So Hanson had one of his friends over and he was going to take him to Dulles Airport. So we're following him. He drops him off at Dulles Airport. We think he's probably going to go back home because the drop isn't going to be until the evening. But he comes back and he veers off his normal way home. And he stops at Pike Plaza in Virginia there. And he pulls in to the parking lot and he gets out of his car and he pops his trunk. And we can see him that the SSGs and the surveillance are going around. We could see him wrapping the materials for the dead drop. And we're like, hey, this is happening now. This is game time. So your adrenaline starts running and rushing, and, you know, we have a plane up that's following him as well. And so we see him wrap it up, get back in his car and driving over to the park, and he parks a little bit away from it, and he starts walking into the park. And we had special train surveillance people in the park with, you know, eyes on the bridge. And they were in, you know, sniper ghillie suits so they could fit in. And so again, you know, your adrenaline is going. He goes in, you know, we hear that he placed the drop and then he starts walking back out. And as he's coming out of the park, walking back to his cars, that's where we get go take him down. And that's where we all just kind of swarmed in. And you can see in the videos the SWAT guys with the, with the machine guns there that we took him into custody and put handcuffs on him and finally arrested them.

A (27:44)

Help me understand the feelings of you and your colleagues, because my guess would be there's a mix of a feeling of betrayal but that's balanced with professionalism, that this is part of the game. The espionage is part of the game that all nations play. Can you unpack that for us? Yeah.

B (28:07)

It's a weird feeling, Dave, to be quite honest with you, because you work with a colleague and you think that everybody at the FBI or everybody in the intelligence community is doing the right thing for God and country wants to protect the American people. And then to have somebody that is betraying all your work to a enemy, a foreign country in compromising sources, people that you've convinced the spy for us, and then those people getting killed because their names are compromised to the Russians, that is a weird feeling that just people don't experience. So it's really hard to put those words except this sense of betrayal, but at the same time, that professionalism, that, look, we were very proud that we were finally able to identify him and bring him to justice because in another couple months he was going to retire and it would have been so much more difficult to be able to prosecute him or to bring him to justice. So it was this sense of betrayal, but also this great sense of achievement that we were able to uncover somebody that had been anonymous even to the Russians for 20 years. So your emotions go really across the spectrum.

A (29:33)

Well, Keith, thank you so much for taking us back there. It's, I guess, an interesting thing to note in our nation's history. 25 years since the arrest of Robert Hanson.

B (29:46)

Thanks, Dave. It's always a pleasure talking with you.

A (30:03)

What's your 2am Security worry? Is it do I have the right controls in place? Maybe Are my vendors secure? Or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. And it fits right into your workflows. Using AI to streamline evidence collection, flag risks, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and finally get back to sleep. Get started@vanta.com cyber. That's V A N T A dot com cyber. Maybe that's an urgent message from your CEO, or maybe it's a deepfake trying to target your business. Doppel is the AI native social engineering defense platform fighting back against impersonation and manipulation as attackers use AI to make their tactics more sophisticated. Doppel uses it to fight back, from automatically dismantling cross channel attacks to building team resilience and more Doppel outpacing what's next in social engineering? Learn more@doppel.com that's-o P E L.com. And finally, in what may be the most 2026 sentence uttered by a defense official, the Netherlands defense secretary has suggested that an F35 fighter jet can be jailbroken, just like an iPhone. Gies Tuenman made the remark on a Dutch podcast when asked whether European operators could modify the jet's software if the US ever decided to cool the transatlantic friendship. The F35, he noted, is a shared project with British engines and American components, implying mutual dependence. And if updates stopped, well, he hinted, creative solutions exist. Security experts were a bit less breathless. One researcher pointed out that unlike iPhones, F35s are not available on ebay, and the lack of a tinkering community makes public jailbreaks unlikely. The jet's software is tightly managed through Lockheed Martin's logistics system, with only Israel allowed to run custom code. Still, in an era of kill switch rumors and shifting alliances, the idea of rebooting a fighter jet like a smartphone carries a certain dark charm. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly. I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco. Foreign. Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling, or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effortless, transform complexity into simplicity, and give your team time to focus on what really matters, helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire.