The Russian Man (RU6)

From HFUnderground

Revision as of 14:20, 25 July 2019 (view source) The Wrigley Guerrilla (Talk | contribs) m (moved Russian 6 to Russian 6 () ← Older edit		Revision as of 14:21, 25 July 2019 (view source) The Wrigley Guerrilla (Talk | contribs) Newer edit →
Line 1:		Line 1:
-	[[Image:Priyom.png|thumb|right]]	+	'''Spy Numbers Stations''' are shortwave radio stations that are speculated to have been broadcasting since World War I.  The true origin and purpose of them are unknown.  A popular theory is that these stations are intended for spies in the field using a One Time Pad.  Another theory is that they are used in drug smuggling operations.
-	Although this operator is not identified, it is believed to be a Russian intelligence agency with big resources, who can support development and operation of many modes and schedules transmitting from several sites, including operations based in Moscow, the Russian Far East, and Cuba.	+	[[Image:Numbers stations map.gif|center|A map showing several locations of Number Stations]]
-	Voice stations of this operator support a wide choice of language:	+	== Description and operation ==
		+	Number stations are shortwave transmissions from foreign intelligence agencies to spies in the field of foreign countries. Since the fact of operating a number station is technically a state secret, there have been very few confirmations from government organizations - those that have were the Czech Office for Foreign Relations and Information (we also obtained a Top Secret document), Polish Institute of National Remembrance and the Swedish Security Service SÄPO. Usage of number stations has additionally been confirmed by former Cold War spies, and the cases of Kim Hyon-hui (1987), Erwin van Haarlem (1988), The Cuban Five (1998) and Andreas and Heindrun Anschlag (2011).
-	English (E06, E17)	+	Number stations transmit encrypted messages in forms of groups of numbers, or less commonly letters, using either automated voice (many languages), Morse code or digital signals. While the encryption method used for most number stations is unknown, some have used and others are widely believed to use one-time pad - mathematical addition of a set of random numbers (the key) to the plaintext, which can be used only once, and must be destroyed after usage. Some of the stations are believed to transmit pre-defined codebook instructions.
-	German (G06)	+	Number stations offer a powerful advantage in our modern world: practically complete anonymity. The recipient of the message can be almost anywhere in the world, and receive instructions without fear of being traced through a phone call or internet connection. All the recipient needs is a shortwave radio and to be in the right place at the right time.
-	Russian ([[S06]])	+	The first account of a number station, as reported in ENIGMA Newsletter Issue #12, was from the Austrian Kurzwelle Panorama magazine dating from World War I. The BBC were noted for sending messages to people overseas which where coded messages to SOE agents during WW2. From then on encrypted messages broadcasted with creepy automated voices have been being sent with stations appearing and disappearing as political events changed over the last 60 years. The amount of active stations has significantly decreased since the late 1990s, though number stations are still actively used by countries such as Russia, Poland and Cuba.
-	Spanish (V06)	+	ENIGMA naming system
-	French (V23)	+	The most popular number station naming system was devised by the European Numbers Information Gathering and Monitoring Assocation (ENIGMA), a number station research group active in 1993-2000, and later maintained by ENIGMA 2000. It was created to solve ambiguities in number station reporting, and classifies stations by language or type of signal. Each ENIGMA designator consists of an alphabetic prefix followed by an ordinary number.
-	The last two ones, although inactive, are still maintained, possibly kept available for being brought back into operation. V06 was heard in test transmissions as late as 2016. V23 received new, male voice samples as early as 2010, and was heard in test transmissions in 2016 and 2017.	+	Current prefixes:
-	It also supports several speeds for its morse station M14, high-speed versions of which are sometimes referred to as M24.	+	E - English language voice broadcasts
-	Finally, it runs widespread regularly scheduled operations of several high-speed, advanced digital modes supporting redundant integrity features and versatile modular encapsulation layers, among which at least F01 and F06 are identified and understood.	+	G - German language voice broadcasts
-	The 5-figure-group messages carried by the digital modes share the same metadata header as the presumed Russian diplomatic transmissions known under M42, formerly operated by FAPSI. Links or infrastructure sharing between these agencies seem possible.	+	S - Slavic language voice broadcasts
		+	V - Voice broadcasts in all other languages
-	== Format ==	+	M - Morse code
-	Analog stations (voice and morse) follow the same identical format.	+	F - Frequency-shift keying digital modes
-	The 00000 outro is a characteristic format feature unique to this operator. It is present in the analog format, and also most deliberately in the digital F01, which uses a dedicated padding character but still includes one 00000 outro group. It is also present in F06, which uses 0-digit padding but always includes at least a whole five-0 group as outro, and counts four 00000 5-figure groups in null messages.	+	P - Phase-shift keying digital modes
-	Postambles repeating metadata already given in the preamble are another feature which, among currently active stations only this time, is particular to this operator. The analog format has a preamble and a postamble that are identical and contain a number unique to the message transmitted, followed by the group count. Digital formats similarly feature a 5-group metadata header and a postamble repeating the serial number of the message transmitted, followed by the group count.	+
-	This operator exhibits a variant following a special format, known as E06a and S06b for analog stations, and also observed in F01 and F06 transmissions.	+	XP - Russian 7 digital modes
		+	HM - Hybrids of analog and digital modes
-	== Scheduling and operating habits ==
-	The analog stations follow the common habit of sending a repeat transmission on a different frequency one hour after the initial transmission. Digital stations follow the common habit of sending two repeat transmissions on different frequencies, spaced by 10 minutes, after the initial transmission.	+	== Active Spy Numbers Stations ==
		+	*[[V2]] Attencion Cuba
		+	*[[HM01]] Cuba
		+	*[[S06]] Russian Man, Russia
		+	*[[V13]] New Star Radio Taiwan
		+	*[[V24]] South Korea
		+	*[[V26]] China
		+	*[[M94]] South Korea
		+	*[[X06]] Mazielka, Russia
		+	*[[XUP]] Pulser, N. America
		+	*[[G2 (Swedish Rhapsody)]] Poland
-	Transmissions that send traffic, i.e. not a null message, are repeated on the next day at the same times on the same frequencies. This is a characteristic scheduling feature unique to this operator.	+	== Inactive Spy Numbers Stations ==
		+	*[[E10]] [[MOSSAD]] Israel
		+	*[[E3]] [[Lincolnshire Poacher]] Malta
		+	*[[M25]] KKN family, USA and worldwide
		+	*[[G03 (The Gong Station)]] East Germany
-	Digital stations share the operational characteristic of repeating the message contents in an automated loop for approximately 7 minutes. This is in contrast to some Russian diplomatic transmissions (M42) that share format similarities with this numbers station operator, but however do not exhibit this automated looping behavior.	+	== Parody Spy Numbers Stations ==
		+	[[Image:LadySpy.png|right|120px]]
		+	*[[Attention 69 Numbers Station]]
		+	*[[Brother Stair Numbers]]
		+	*[[Roman Numerals Numbers Station]]
		+	*[[WBNY]]
-	Analog stations share the obscure operational habit of maintaining schedules that only send obviously fake messages. These fake messages sometimes contain obviously non-random numbers, or sometimes repeat some same old identical contents that has been seen on these schedules for years. Sometimes the same known fake message is even reused across the different stations.	+	== Unknown/anonymous spy number station ==
		+	*[[XM Whales (The Backwards Music Station)]]
		+	== See also ==
		+	* [[Cuban Intelligence Radio Stations/Operations]]
		+	* [[Soviet/Russian Strategic Communication/Warfare Units]]
		+	* [[The Russian Man (RU6)|The Russian Man]]
		+	* [[DGI]]
		+	* [[Havana Moon]]
		+	* [[Pedro]]
		+	* [[ENIGMA]]
		+	* [[ENIGMA2000]]
		+	* [[Langley Pierce]]
		+	* [[Numbers stations in popular culture]]
-	== Grouped transmissions ==	+	==External links==
		+	*[http://en.wikipedia.org/wiki/Number_stations Numbers Station (Wikipedia)]
		+	*[http://en.wikipedia.org/wiki/The_Conet_Project The Conet Project (Wikipedia)]
		+	*[http://irdial.hyperreal.org/ Conet Project downloads]
		+	*[http://www.spynumbers.com Spy Numbers]
		+	* [http://www.simonmason.karoo.net/page30.html Simon Mason's website]
-	During some tests of this operator, the different voice stations appear successively on the same frequency during the same transmission, sending similar test contents.	+	==Further reading==
-	Similarly, digital stations share test frequencies.	+	* Langley Pierce: "Intercepting Numbers Stations", Interproducts, Perth, UK, ISBN 0-9519783-4-9, 1994.
-	On December 5th, 2017, transmissions took place on the test frequency 8140 kHz: two test messages of S06 ID 975 were repeated several times throughout the day, and among them, one F01 null message was also transmitted. S06 voice was transmitted in J3E mode without a carrier, but when it wasn't transmitting, a carrier regularly appeared, alternating between centered on 8140 kHz, and shifted down 250 Hz ready to transmit F01.	+	* Havana Moon: "[http://wrgpmusic.no-ip.org.nyud.net/UnoDosCuatro.pdf Uno, Dos, Cuatro - A Guide to the Numbers Stations]", Tiare Publications, Lake Geneva, ISBN 0-936653-06-X, 1987
-	Every weekday, a group of stations transmit over the Pacific area, each transmission at the top of a successive hour. This peculiar Pacific weekdays network groups together stations F01, F06, S06 and M14.	+	* Simon Mason: [http://www.simonmason.karoo.net/SECRET_SIGNALS.doc Secret Signals] (The Euronumbers Mystery), Tiare Publications, ISBN 0-936653-28-0.
-	Shared schedules	+	* Harry L. Helms, W5HLH: "How To Tune The Secret Shortwave Spectrum", TAB Books, ISBN 0-8306-1185-1, 1981.
		+	* Don Schimmel: "The Underground Frequency Guide", HighText, ISBN 1-878707-17-5, 1994
-	E06 ID 832 occasionally appears as an analog replacement on the schedule of F06 ID 50046, and transmits in place of it, exhibiting the non-OTP message features specific to this schedule.	+	[[Category:Radio station lists]]
-	Conversely, E06 ID 537 was replaced by F01 transmissions at least once.	+	[[Category:Spy stations|!]]
-		+
-	Two sporadic transmission schedules have also seemingly seen similar replacements: F06 ID 90017 by S06 ID 348, and F01 1945z by E06 ID 734.	+
-	M14 ID 381 and F06 ID 20021 shared the same weekly schedule, using the same times and frequencies: M14 would send on weeks 1 and 3, and F06 would send on weeks 2 and 4. This schedule was very active with both stations sending messages, although no correlation could be established between the traffic patterns and message contents of the two stations. However at some point, both stations of this schedule simultaneously stopped sending any traffic, and then sent only null messages during months on; then in September 2015, both stations simultaneously stopped transmitting at all, effectively ending this shared schedule.	+
-	Operation errors	+
-		+
-	On June 1st, 2016, during a scheduled broadcast of F06 ID 90073, an F01 null message was mistakenly transmitted on the first two slots, before correctly sending an F06 null message on the third slot.	+
-		+
-	In his Radio Intrigue report #63, [[Don Schimmel]] relates an incident where an M14 null message was mistakenly transmitted instead of an M42 transmission. However this is not entirely conclusive, as M42 also includes presumed diplomatic transmissions that are linked to this operator but are not believed to be directly included in its numbers station activities; and the particular details of the M42 transmission in this incident are not identified.	+
-		+
-	On July 20th, 2017, a regular scheduled transmission of G06 ID 329 sent a null message using the E06 voice instead. Conversely, on April 18th, 2019, a regular scheduled fake message E06 transmission was sent using the G06 voice. (Both transmissions ended with a leaked Windows XP shutdown sound.)	+
-	On October 17th, 2014, an S06 transmission simultaneously sending on a different frequency was leaked through the audio of a regular G06 transmission.	+
-		+
-	On March 13th, 2018, a sporadic E06 ID 729 transmission simultaneously sending on a different frequency was leaked through the audio of a scheduled S06 ID 480 transmission.	+
-		+
-		+
-	== Activity breakdown ==	+
-		+
-	Much of this operator's activity goes through its advanced digital modes, F06 and F01; especially considering the significant share of analog schedules that are in fact only dedicated to the fake message operations.	+
-		+
-	The activity of this operator is mostly based in western Russia, with Moscow and Smolensk as main sites; digital transmissions are foremost based in Moscow, while Smolensk operates many of the analog schedules. It also operates sites with lower activity in Orenburg, Chita, and also in Havana, Cuba. Until 2019 it also ran a daily transmission network featuring all modes, from an unidentified site in the Russian Far East over the Pacific area.	+
-		+
-		+
-	== Encryption modes ==	+
-		+
-	The prime option for encryption would be one-time pads, and it seems reasonable to think that it would be used on most schedules. However, some of the schedules of digital stations F01 and F06 share a set of features that point to something incompatible with one-time pads.	+
-		+
-	In affected schedules, the encrypted part of the messages starts with a triple timestamp header, which is encrypted with a key that gets reused year long, message after message within the schedule, and produces visibly similar and even identical groups across different messages. For example, the 4th, 8th and 12th groups will almost always remain constant. This is the clearest sign that at least this part of the messages does not use one-time pads.	+
-		+
-	According to information sourced by Numbers & Oddities, one of the metadata header fields is a one-time pad parameter that would point to a resource unique to a given recipient. In affected schedules, a recurring well-known bogus value (36987), or other anagrammed bogus-looking values, sometimes appear in this field.	+
-		+
-	In the protocol of the F01 mode, the metadata header, which contains the one-time pad parameter, holds an optional place, and can be featured or not depending on the schedule. Although data is lacking to conclusively confirm this, it can be theorized that this optional header is always absent in affected schedules, because the one-time pad parameter value it carries is bogus and unnecessary.	+
-	In affected schedules, messages always have even group counts.	+
-	Test frequencies	+
-		+
-	This operator has several known frequencies on which it runs test, training, drill transmissions... Analog formats use 7353, 8140, 9073, 9300, 9463, 10270, 10755, 13530, and 19460 kHz, and use a number of known test IDs: 801 (7353, 9300, 9463 kHz) and 975 (8140, 10755 kHz). Digital formats use 6780, 7992, 8140, 9300, and 13530 kHz.	+
-		+
-		+
-	== Operation quirks ==	+
-		+
-	Most of the visible quirks can be attributed to operations from the Smolensk site - which include regular G06 schedules and all G06, E06 and M14 schedules sending fake messages. Unlike with other sites, they are operated in a partially manual way: they use a different warmup procedure and start transmissions a few minutes off the schedule; and M14 transmissions use MCW modulation instead of ICW. Transmissions from Smolensk are also particularly prone to errors, and regularly leak Windows XP shutdown sounds at the end of the last broadcast of the day, and sometimes other Windows XP system sounds as well. Occasionally, they will transmit using voice samples in the wrong language.	+
-		+
-		+
-		+
-	== Sources ==	+
-		+
-	(Text from Priyom.org)	+

---

Revision as of 14:21, 25 July 2019

Spy Numbers Stations are shortwave radio stations that are speculated to have been broadcasting since World War I. The true origin and purpose of them are unknown. A popular theory is that these stations are intended for spies in the field using a One Time Pad. Another theory is that they are used in drug smuggling operations.

Contents 1 Description and operation 2 Active Spy Numbers Stations 3 Inactive Spy Numbers Stations 4 Parody Spy Numbers Stations 5 Unknown/anonymous spy number station 6 See also 7 External links 8 Further reading

Description and operation

Number stations are shortwave transmissions from foreign intelligence agencies to spies in the field of foreign countries. Since the fact of operating a number station is technically a state secret, there have been very few confirmations from government organizations - those that have were the Czech Office for Foreign Relations and Information (we also obtained a Top Secret document), Polish Institute of National Remembrance and the Swedish Security Service SÄPO. Usage of number stations has additionally been confirmed by former Cold War spies, and the cases of Kim Hyon-hui (1987), Erwin van Haarlem (1988), The Cuban Five (1998) and Andreas and Heindrun Anschlag (2011).

Number stations transmit encrypted messages in forms of groups of numbers, or less commonly letters, using either automated voice (many languages), Morse code or digital signals. While the encryption method used for most number stations is unknown, some have used and others are widely believed to use one-time pad - mathematical addition of a set of random numbers (the key) to the plaintext, which can be used only once, and must be destroyed after usage. Some of the stations are believed to transmit pre-defined codebook instructions.

Number stations offer a powerful advantage in our modern world: practically complete anonymity. The recipient of the message can be almost anywhere in the world, and receive instructions without fear of being traced through a phone call or internet connection. All the recipient needs is a shortwave radio and to be in the right place at the right time.

The first account of a number station, as reported in ENIGMA Newsletter Issue #12, was from the Austrian Kurzwelle Panorama magazine dating from World War I. The BBC were noted for sending messages to people overseas which where coded messages to SOE agents during WW2. From then on encrypted messages broadcasted with creepy automated voices have been being sent with stations appearing and disappearing as political events changed over the last 60 years. The amount of active stations has significantly decreased since the late 1990s, though number stations are still actively used by countries such as Russia, Poland and Cuba.

ENIGMA naming system

The most popular number station naming system was devised by the European Numbers Information Gathering and Monitoring Assocation (ENIGMA), a number station research group active in 1993-2000, and later maintained by ENIGMA 2000. It was created to solve ambiguities in number station reporting, and classifies stations by language or type of signal. Each ENIGMA designator consists of an alphabetic prefix followed by an ordinary number.

Current prefixes:

E - English language voice broadcasts

G - German language voice broadcasts

S - Slavic language voice broadcasts

V - Voice broadcasts in all other languages

M - Morse code

F - Frequency-shift keying digital modes

P - Phase-shift keying digital modes

XP - Russian 7 digital modes

HM - Hybrids of analog and digital modes

Active Spy Numbers Stations

• V2 Attencion Cuba
• HM01 Cuba
• S06 Russian Man, Russia
• V13 New Star Radio Taiwan
• V24 South Korea
• V26 China
• M94 South Korea
• X06 Mazielka, Russia
• XUP Pulser, N. America
• G2 (Swedish Rhapsody) Poland

Inactive Spy Numbers Stations

• E10 MOSSAD Israel
• E3 Lincolnshire Poacher Malta
• M25 KKN family, USA and worldwide
• G03 (The Gong Station) East Germany

Parody Spy Numbers Stations

• Attention 69 Numbers Station
• Brother Stair Numbers
• Roman Numerals Numbers Station
• WBNY

Unknown/anonymous spy number station

• XM Whales (The Backwards Music Station)

See also

• Cuban Intelligence Radio Stations/Operations
• Soviet/Russian Strategic Communication/Warfare Units
• The Russian Man
• DGI
• Havana Moon
• Pedro
• ENIGMA
• ENIGMA2000
• Langley Pierce
• Numbers stations in popular culture

External links

• Numbers Station (Wikipedia)
• The Conet Project (Wikipedia)
• Conet Project downloads
• Spy Numbers
• Simon Mason's website

Further reading

• Langley Pierce: "Intercepting Numbers Stations", Interproducts, Perth, UK, ISBN 0-9519783-4-9, 1994.
• Havana Moon: "Uno, Dos, Cuatro - A Guide to the Numbers Stations", Tiare Publications, Lake Geneva, ISBN 0-936653-06-X, 1987
• Simon Mason: Secret Signals (The Euronumbers Mystery), Tiare Publications, ISBN 0-936653-28-0.
• Harry L. Helms, W5HLH: "How To Tune The Secret Shortwave Spectrum", TAB Books, ISBN 0-8306-1185-1, 1981.
• Don Schimmel: "The Underground Frequency Guide", HighText, ISBN 1-878707-17-5, 1994