Friday, November 2, 2018

Spies Like Us, Con't

Yahoo News is reporting a major story today on how in 2009 the CIA got so complacent with their online system used to secretly recruit foreign assets in Iran, China, North Korea and elsewhere that they had no idea how easy it was to compromise.  That led directly to the deaths of dozens of CIA assets worldwide during Obama's first term, and culminated in Edward Snowden's 2012 defection to Russia with the crown jewels of US intelligence operations.

One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility — part of Iran’s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.

The mole hunt wasn’t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran. “It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”

“Everyone was using it far beyond its intention,” said another former official.

The risks posed by the system appeared to have been overlooked in part because of it was easy to use, said the former intelligence officials. There is no foolproof way to communicate — especially with expediency and urgency — with sources in hostile environments like Iran and China, noted the former officials. But a sense of confidence in the system kept it in operation far longer than was safe or advisable, said former officials. The CIA’s directorate of science and technology, which is responsible for the secure communications system, “says, ‘our s***’s impregnable,’ but it’s obviously not,” said one former official.

By 2010, however, it appears that Iran had begun to identify CIA agents. And by 2011, Iranian authorities dismantled a CIA spy network in that country, said seven former U.S. intelligence officials. (Indeed, in May 2011, Iranian intelligence officials announced publicly that they had broken up a ring of 30 CIA spies; U.S. officials later confirmed the breach to ABC News, which also reported on a potential compromise to the communications system.)

Iran executed some of the CIA informants and imprisoned others in an intelligence setback that one of the former officials described as “incredibly damaging.” The CIA successfully exfiltrated some of its Iranian sources, said former officials.

The Iranian compromise led to significantly fewer CIA agents being killed than in China, according to former officials. Still, the events there hampered the CIA’s capacity to collect intelligence in Iran at a critical time, just as Tehran was forging ahead with its nuclear program.

U.S. authorities believe Iran probably unwound the CIA’s asset network analytically — meaning they deduced what Washington knew about Tehran’s own operations, then identified Iranians who held that information, and eventually zeroed in on possible sources. This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.

A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.

Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.

A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.

The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

And while the Iranians and Chinese cleaned house, the Russians, led by Putin, ran with it and cooked up an even more dastardly counter-intelligence plot that eventually led to Edward Snowden's defection with the keys to the NSA's kingdom and from there, the ability to freely compromise the US government at will, along with an operation to put one of their key enablers in the White House.

All because we decided Gulf War internet security technology and sloppy spycraft were still "probably" good enough ten years later.

Jesus wept.

No comments:

Post a Comment