Spies in History: Virginia Hall, The Most Dangerous Allied Agent in France

VAhall

Figure 1. Virginia Hall being awarded the Distinguished Service Cross by Bill Donovan, chief of the Office of Strategic Services on September 23rd, 1945 (CIA Museum)

Virginia Hall’s tale of heroism was forged out of her great deeds during World War II, and her story is one of a lifelong determined adherence to the pursuit of her ambitions. Her robust educational background had brought her to Europe in the 1920s to study at the Ecole des Sciences Politiques in Paris, the Konsularakademie in Vienna, including other stints at universities in Strasbourg, Grenoble, and Toulouse.

She had dreams of working for the U.S. Foreign Service, and after initial setbacks of failing to pass the U.S. Foreign Service exam in 1929 and 1930, she decided to get some hands-on experience and joined the staff at the U.S. Embassy in Warsaw, Poland to work as a consular clerk. Her work as a consular clerk took her across Europe, from Poland to Turkey, Italy, and eventually Estonia. While in Turkey, Hall was in a hunting accident where her shotgun misfired and resulted in her left leg needing to be amputated from below the knee. She went back to the United States in February 1933 to recover from the injury and ended up being fitted with a wooden prosthetic, which she named “Cuthbert.”

However, this would not set her back in her goals. Just over a year later, after having learned to walk all over again, she wrote to the U.S. Department of State asking to be reinstated and ended up being offered a position at the American consulate in Venice, Italy at the end of 1934. Hall asked to complete the U.S. Foreign Service exam again in 1937, but she received a letter from the U.S. Department of State rejecting her on the grounds of her amputation – they required that all applicants be “able-bodied.” Her gender was also against her, as only six out of the 1500 commissioned U.S. Foreign Service officers at the time were women. Still, Hall continued her consular work and moved to Tallinn, Estonia where she worked at the U.S. Legation. From Tallinn, she made one last appeal to the Assistant Secretary of State requesting a waiver to take the Foreign Service exam. When her appeal was turned down, she decided that it was time to re-evaluate and so she went to Paris in May 1939.

Just thirty-three years old, Hall was living in Paris when World War II broke out on September 1st, 1939. Rather than flee the incoming onslaught, she enlisted in the French ambulance corps (Services Sanitaires de l’Armee) as a private, and ended up driving ambulances during the so-named “Phony War”, which lasted from September 1939 to May 1940. With French defeat impending, she evacuated to London and ultimately found her true calling.

Hall was recruited into the Special Operations Executive (SOE) by Vera Atkins, who was the special assistant to the head of Section “F” in the SOE. Atkins talked to Hall at a dinner party and found her to be a good fit because of her language proficiency with French and German as well as her ability to work under pressure. Furthermore, the things that had obstructed her from a career in the U.S. Foreign Service – her gender and disability – were generally regarded as assets to the SOE. As an American woman before the United States entered the war, Hill could move freely about France relatively inconspicuously.

After completing the SOE’s agent training program, Hill formally became a SOE special agent in April 1941. She arrived in France on August 23rd, 1941 as an undercover agent using the identity of Brigitte LeContre, a reporter for the New York Post. Hall went beyond the standard six month long SOE field tenure to serve a full fifteen months in Lyon, France.

While in Lyon, Hall organized, funded, supplied, and armed the French resistance. Furthermore, she rescued downed Allied airmen and ensured their safe return to England, oversaw an SOE parachute drop, provided courier service for other agents, and obtained supplies for clandestine presses. She also orchestrated escapes for POW from German and Vichy French prisons.

Halls extraordinary efforts did ultimately lead her to the attention of the Gestapo and the French Vichy Police, but they were never able to find out exactly who she was – they had enough information to know that they were looking for a woman with a limping gait, but they thought she was French Canadian.

The illusion of the Vichy French government collapsed when U.S. and British forces invaded North Africa in 1942 and German troops took complete control of France. The Gestapo there was under the command of a man named Klaus Barbie, who uttered the famous quote: “The woman who limps is one of the most dangerous Allied agents in France. We must find her and destroy her.”

Hall’s position had the stakes raised, and she had no choice but to escape France. In November 1942, Hall arranged a Spanish guide to take her and a few other SOE agents through the Pyrenees Mountains to Spain. This journey would have been difficult for anyone to make in the winter and Hall did it with a prosthetic leg.

However, Hall’s group was arrested at the Spanish border because they did not have the right paperwork to enter the country. She was imprisoned for a few weeks and managed to get out after she had a freed inmate smuggle a letter to the U.S. Embassy. Hall was released shortly thereafter and entered into service at the SOE office in Spain, where she was responsible for setting up a new network of agents and safe houses. When she returned to London in July 1943, she was made a Member of the Order of the British Empire. The British government had wanted to honor her contributions with greater ceremony, but she declined on the basis that too much pomp and circumstance would compromise her work as an operative.

After all of this, Hall still wanted to return to France to continue helping the resistance. The SOE was not enthusiastic about sending her back to occupied France, so Hall sought out something more. On March 10th, 1944, Hall joined the U.S. Office of Strategic Services and by the end of the month was back in France (codenamed Diane) under the guise of an old lady. To facilitate her disguise, her hair was dyed grey, she wore extra clothing to give the illusion of heavier bodyweight, and walked with an extra swing in her step to hide her usual gait.

Because she could not be part of a parachute drop due to her prosthetic leg, she was taken into Brittany by speedboat at night. She and one other agent landed on shore in a dinghy at night. It was there that Hall began her second stint of operations in war-torn France. She eluded the Gestapo by moving from village to village in rural France, organizing the French Resistance network all the way.  Between July 14th, 1944 and August 14th, 1944, Hall sent 37 radio messages to London, ranging in topics from where the German army was located to arranging airdrops of food, money, radio equipment, medical supplies, etc. (Payment, p. 21)

By the time the Allied troops stormed the beaches of Normandy in Operation D-Day, Hall and her network – more than 1500 men strong – was ready. (Elder, DIA) Highlighted in the Memorandum for the President (created May 12, 1945) is Hall’s joint effort with two American officers in successfully organizing, arming and training three FFI battalions that took part in a number of engagements with the Nazis as well as acts of sabotage resulting in the destruction of bridges, supply trains, and enemy communications. Furthermore, Hall provided radio communication between London and Haute Loire resistance forces, transmitting and receiving operational and intelligence information. The memorandum calls this “…the most dangerous type of work…” (Archives) and yet Hall completed it unyieldingly.

Virginia Hall was awarded the Distinguished Service Cross by the chief of the OSS on September 23rd, 1945 for her efforts in aiding the liberation of France. Not only was this important for the prestige of the award but also because she made history in becoming the first civilian woman to earn it. After the war, Hall got married in 1950 to a man named Paul Goillot, whom she met in France as a result of a parachute drop that she organized, and went on to continue her career in intelligence with the CIA until mandatory retirement in 1966. She passed away sixteen years later on July 12th, with a legacy of determination, bravery, and service.

Sources:

Review of The Wolves at the Door (Judith L. Pearson) by Hayden B. Peake

American Women Spies of World War II by Simone Payment

WANTED: The Limping Lady, Smithsonian Magazine

Virginia Hall, National Women’s History Museum

Faces of Defense Intelligence: Virginia Hall – The “Limping Lady” by Greg Elder

Not Bad for a Girl from Baltimore: The Story of Virginia Hall

This article was written by Kristina Weber, Content Supervisor of Centry. She holds a Bachelor’s Degree in History from the University of Calgary.

Cyber is the New Cold War

The Cold War between the West and the Soviet Union was a period of tension, skirmishes, and proxy wars during the period of 1947 to 1991.  Any of these had the potential, at any time, to erupt into full scale and possibly thermonuclear war.  Both sides knew about the Cold War.  They knew that they were in it, and had deep understanding of what was at stake.

Fast forward to today.  Tensions between the West and (primarily) Russia are higher than they were at any point since the end of the Cold War.  Russia is increasingly threatened by ever expanding influence, and borders, of NATO, the European Union, and US influence.

Espionage

Then

Both sides of the Cold War engaged in significant activities of spying.  The objective was quite direct- to collect knowledge and secrets from the other side and leverage that information to an advantage.  The techniques included:

  • Human intelligence – using and/or compromising people to obtain secrets
  • Signals and Communications Intelligence – listening in on other’s communications
  • Technology Intelligence – Industrial spying including clandestine photography, theft of technology, etc.

The field of counter-intelligence was developed to counter these types of espionage.

Now

During the 2016 USA election campaign, a group known as Fancy Bear (assumed to be controlled by the Russian government) was responsible for hacking both the Democratic National Convention and Republican National Convention in the USA.  Similar attacks were conducted to steal communications as recently as the French national election, and UK’s GCHQ uncovered evidence that Fancy Bear intended to target every server in Whitehall, the Home Office, Foreign Office, Ministry of Defence as well as every major TV broadcaster.

Another group known as APT 10 (likely China government backed) recently unleashed a sustained campaign against Managed Services Providers in Japan and elsewhere. The compromise of MSP networks provided broad and unprecedented access to many of their customer’s communications.

The USA announced recently that it laid charges against four men, two of whom are Russian intelligence officials, accusing them of the massive data breach of Yahoo.com, which compromised the communications of half a billion user accounts.

Propaganda 

Then

Propaganda is biased, misleading, or false information that is used to promote a specific political perspective, create fear, or cause instability.  People of cold war era age will remember posters trumpeting the threat of the “Red Menace” and the fear surrounding the prospect of nuclear war.

Now

Propaganda now takes the form of fake news, twitter bots and social media.   During the USA elections, the Brexit vote, and other European elections, a large number of probably automated bots were posting and spreading so much fake news as to drown out the impact of actual events.  These bots continue to be made to spread the propaganda chosen by their creators.  With such a low cost and high potential for impact, propaganda has attained new heights of influence.

Testing and Probing 

Then

A common event during the cold war would be for one side to launch a small, limited incursion or attack on the other side, specifically to test missile detection and defense capabilities. These were generally calculated to be threatening enough to warrant a response, but not enough to cause an escalating round of counter-attacks.

Now

In December 2015 and again in December 2016, the power grid in Ukraine was brought down by an unknown third party hacker. At one point, over thirty substations and 225,000 people were without heat and light due to these compromises.

In April 2017, a Russian Telecommunications provider started to advertise that it was host to over 50 different financial organizations IP addresses, causing communications destined for those addresses to be transmitted to them – and not their rightful destinations.  The protocol that the internet uses to determine routing between companies is called BGP, and this event is known as a BGP hijack.  While this type of event can be caused by a misconfiguration of equipment, this occasion seems suspicious – in that the list of IP addresses affected contained a very large percentage of ‘high value’ targets.   While this event lasted only a few minutes, the response of the global internet could be measured and assessed.

Proxy Wars 

Then

In the Cold War era, several tactics were used by both sides with the goal of gaining the upper hand or destabilizing the other. For example, the Soviet Union armed and supported insurgency during conflicts and civil wars in places like Greece, Korea, Vietnam, Afghanistan, Angola, etc. Invariably, the West aligned with the other side. The effect was that two world powers utilized third party conflicts to attack the interests and/or territorial holdings of each other.

Now

In the new world, much of our existence, valuables, and secrets exist in information, databases, and cyber space. The cold war has evolved as well – in many respects, cyber is the new proxy war.

In 2010, the Stuxnet virus was discovered.  Stuxnet was created to damage Iran’s nuclear weapons program by causing logic controllers running Uranium centrifuges to overspeed and self destruct.

In 2014, a group that called itself the “Guardians of Peace,” infiltrated and stole vast amounts of internal data, communications, and intellectual property from Sony Pictures.  US intelligence as stated that they believe this was a state sponsored attack led by North Korea.

We have seen WikiLeaks evolve from a whistleblowing website to a Propaganda machine releasing politically motivated information, at well chosen times to attempt to influence the outcome of elections in the USA, UK, Germany, France and others.

The New Reality

We are already in the midst of a cyber based cold war, and have been for some time now.  The opponents are well hidden, and have significant capability and motivation.

This article was written by Dave Ehman, an expert in Cyber Security, Aerospace and It technology, and the CTO of Centry.

For more content like this, follow @CentryCyber on Twitter!

3 Examples of Business Risk & How They Can Manifest

Compliance Risk arises from violations of laws, regulations, codes of conduct, and standards of practice. It can impact an organization’s ability to operate, potentially leading to legal penalties, loss of finances, and a decrease in reputational standing among other things.

Even if your business is completely lawful and ethical in its own operations, it can still be exposed to compliance risk by – for example – associating with another business that has been identified on sanctions lists or other international watch-lists.

There are steps companies can take to screen against hits on sanctions lists, but what we are seeing with the Russian sanctions specifically, is that it goes a little deeper than just the name of an entity or individual on a list. Russian sanctions include narrative and sectoral sanctions, which basically means that if an individual is on a watch-list, not only can an organization not associate with them, they also cannot associate with any company or affiliation under the individual’s name. As such, not only does an organization have to vet the subject against the list, they must also be aware of the individual’s footprint in the world.

Economic & Political Risk occurs when conditions such as government regulation, exchange rates, and political stability will affect an investment or the profitability of a business.

According to the World Economic Forum, the biggest economic risks of today have been formed out of the aftermath of the Global Financial Crisis of 2008. Among the top risks are unemployment/underemployment issues, social instability, state crisis, and large-scale migration. For example, public discontent is on the rise in Venezuela where demonstrations against corruption have been taking place. This may pose a risk to organizations and personnel operating in the area.

Reputational Risk is the threat of loss as a consequence of damages to an organization’s reputation, i.e. in lost revenue, increased costs, decreased shareholder value, etc. or as a result of an adverse or criminal event. A company’s reputation may help or hinder them in acquiring business partners.

A real world example of reputational risk is the damage that was done to Shell when it overstated its proven oil and gas reserves. The problem arose from Shell’s own interpretation of proven reserves being different from that of regulators, and over time that created a large rift. After the company announced that it would be starting a review, shareholders were concerned about the value of their investment and brought in the SEC and FSA to look at the stated reserves in more detail. What they found was that the figures were incorrect – up to 20% less than what Shell had previously reported.

What did Shell do right in this circumstance? Their cooperation with regulators in terms of opening their books ultimately helped to limit the size of the fines. However, what Shell should have done different was to own up to the error quickly, rather than letting it carry out for an extended period of time.

Furthermore, there was more reputational damage done when the considerable size of the severance packages to the Chairman and Head of Exploration was discovered. Giving huge payoffs to them seemed more like a reward than a punishment, which further deteriorated shareholder trust.

Sources:

https://risk.thomsonreuters.com/en/risk-solutions/ofac-sanctions.html

https://www.weforum.org/reports/the-global-risks-report-2017

Reputational Risk: A Question of Trust

A Look into Geopolitics

The reach of geopolitical instability runs far and wide, and according to World Economic Forum’s Global Risks Report 2017, there are five factors currently weighing on the integrity of it:

The first is that collective, international cooperation is giving way to unilateral or transactional methods of handling foreign policy. This trend is on the rise just as a handful of issues such as global debt, growth, and climate change are on the rise and requiring collaborative action. The WEC fears that if these problems go unacknowledged, the brunt of their burden will fall upon fragile communities – which would create a whole new range of issues to deal with.

Secondly, the intertwined nature of our international system means that domestic level risks can become global affairs. The example discussed in the GRR17 report is the Syrian Civil War, where failures of governance led to civil conflict, which caused mass exodus out of the country to the surrounding regions. This has affected other countries, already with their own issues with growth and inequality, and it can fuel radicalization as well as violent acts.

Third is that the integrity of international relations is compromised with a declining sense of trust and good faith. The current atmosphere of heightened suspicion can exacerbate domestic tensions via accusations of outside influence on domestic issues, such as deliberate media manipulation and threat gestures from militaries.

The fourth factor is that there is a heightened risk of conflict as a new arms race is developing regarding technological innovation. Cyberspace is also a domain of conflict, which has organizations beefing up their cyber security. Meanwhile, the Arctic and deep oceans are also potential realms of conflict with remote vehicle access. Since research for these things takes place in the private sector, there’s no established system for enforcing responsible behavior.

Finally, the fifth issue is that our global institutions for governing international security is slow and reactive, while these risks are growing quickly.

Geopolitical instability can result in more than just hot or cold conflict between countries. One of the key factors is how it can affect the global market.

McKinsey & Company conducted a survey on globalization, and among the results, nearly all respondents said that they expected the global economy would experience tumult due to geopolitical volatility, and that the potential disruptions would be not only more severe, but more likely. This can hurt company profits and affect people on a more personal level if things such as lay-offs were required to combat financial issues.

84% of organizational executives, according to the survey, believe that geopolitical instability will have a significant impact on global business. It is actually ranked just as important as trends that have ranked high in previous years surveys, e.g. growth of consumers in emerging markets.

A way to address this is to have clear policy in place to address global instability. However, only 13% of respondents said that their organizations had taken active steps to deal with this. The greater focus has been on big data, consumer-empowering technology, and cyber-security.  

Ultimately, geopolitics are something to keep up with and stay informed on to prevent being taken by surprise when there are significant turns. With measures in policy taken, the impact may be somewhat alleviated.

Sources

http://www3.weforum.org/docs/GRR17_Report_web.pdf

http://www.mckinsey.com/business-functions/strategy-and-corporate-finance/our-insights/geostrategic-risks-on-the-rise