177 that could be hacked into from the outside. It will be recalled that the NSA threat officer had cited these failures in his 1996 report on NSA vulnerability. He also said that efforts of the Russian Intelligence Services to use false flag recruitments provided the KGB with “a learning experience.” The KGB had learned that hacking by itself could not breech the NSA’s protective stove-piping. He predicted that its next logical move would be to “target insider computer personnel.” These false flag recruitment would aim at, in his view, system administrators, computer engineers and cyber service workers who were either already inside the NSA or who had a secrecy clearance that would facilitate getting jobs with NSA contractors. Even with an appropriate false flag, the task of finding such a “Prometheus” was daunting. There were some five thousand civilian technicians at the NSA of all political stripes. Finding the one who met its espionage requisites was the equivalent of seeking the sharpest needle in the proverbial giant haystack. For espionage purposes, however, recruiters did not have to find the sharpest needle, or any particular one; they just needed to find any needle in a position to cooperate. They could hone a willing recruit over time to do the job at hand. The size of the haystack could also be reduced to more manageable proportions by hacking into the personnel records of the intelligence workers seeking to renew their security clearance. The Internet provided the SVR with just this opportunity. As discussed in the previous chapter, holes in the security of the computer networks of the US Office of the Office of Personal Management, USIS and the websites of the companies supplying the NSA with independent contractors had made the background checks on American intelligence workers available to the Chinese and presumably other adversary intelligence service hackers since 2011. If the SVR had access to this personnel data, the research for a candidate