Spies are trusted insiders with access to the information that their masters require. The special means of obtaining and covertly communicating stolen secrets are called tradecraft. Espionage tradecraft techniques have always taken advantage of the technologies of their time. The requirements of good tradecraft are that they must be simple, secure, and surreptitious. Digital Tradecraft is the new form of covert communications and surreptitious unauthorized access to sensitive data with the advent of inexpensive, powerful, easy to use, networked computers combined with relatively new software technologies. There are two aspects to the requirement that a tradecraft activity be innocuous – Cover for Status, and Cover for Action. In the context of Digital Tradecraft, cover for status means that an agent employing a tradecraft technology must have a reasonable, non-espionage explanation for possessing the software tool or technology. Cover for action means that the agent has a non-espionage explanation for using the software tool or technology in a way that is consistent with the agent’s total cover identity. There are now digital equivalents for a number of the more traditional forms of espionage tradecraft that support clandestine communications: encryption software, anonymous remailers, steganography software, and Internet telephony software. There are new digital technologies that can provide surreptitious unauthorized access to data in spite of security countermeasures: network exploitation technologies, sniffed network logins and passwords, network “back doors,” trojanized software, and miniaturized data storage devices. With the development of specialized technical counterintelligence and security countermeasure techniques, there is an unprecedented opportunity to identify and neutralize espionage activities. 16 endnotes