What's new

The CIA's communications suffered a catastrophic compromise. It started in Iran.

TheImmortal

SENIOR MEMBER
Joined
Mar 11, 2017
Messages
7,091
Reaction score
-12
Country
United States
Location
United States
The CIA's communications suffered a catastrophic compromise. It started in Iran.

Zach Dorfman and Jenna McLaughlin

Yahoo NewsNovember 2, 2018, 9:00 AM GMT
9c9234768f60d26f3517805052346571

Yahoo News photo illustration; photos: AP (2), Getty Images (2).
In 2013, hundreds of CIA officers — many working nonstop for weeks — scrambled to contain a disaster of global proportions: a compromise of the agency’s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.

“When this was going on, it was all that mattered,” said one former intelligence community official. The situation was “catastrophic,” said another former senior intelligence official.


From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired — despite warnings about what was happening — until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.

The disaster ensnared every corner of the national security bureaucracy — from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs — forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.

In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials can’t operate freely, such technical failures are an ever present danger and will only become more acute with time.

“When these types of compromises happen, it’s so dark and bad,” said one former official. “They can burrow in. It never really ends.”

A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. “You start thinking twice about people, from China to Russia to Iran to North Korea,” said the former official. The CIA was worried about its network “totally unwinding worldwide.”

Yahoo News’ reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious — even catastrophic — and will persist for years.

e2ac49c46ec38210ccc4df97a3c46615

More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The government’s inability to address the communication system’s insecurities until after sources were rolled up in China was disastrous. “We’re still dealing with the fallout,” said one former national security official. “Dozens of people around the world were killed because of this.”

*****

One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility — part of Iran’s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.

The mole hunt wasn’t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran. “It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”

“Everyone was using it far beyond its intention,” said another former official.

The risks posed by the system appeared to have been overlooked in part because of it was easy to use, said the former intelligence officials. There is no foolproof way to communicate — especially with expediency and urgency — with sources in hostile environments like Iran and China, noted the former officials. But a sense of confidence in the system kept it in operation far longer than was safe or advisable, said former officials. The CIA’s directorate of science and technology, which is responsible for the secure communications system, “says, ‘our s***’s impregnable,’ but it’s obviously not,” said one former official.

By 2010, however, it appears that Iran had begun to identify CIA agents. And by 2011, Iranian authorities dismantled a CIA spy network in that country, said seven former U.S. intelligence officials. (Indeed, in May 2011, Iranian intelligence officials announced publicly that they had broken up a ring of 30 CIA spies; U.S. officials later confirmed the breach to ABC News, which also reported on a potential compromise to the communications system.)

Iran executed some of the CIA informants and imprisoned others in an intelligence setback that one of the former officials described as “incredibly damaging.” The CIA successfully exfiltrated some of its Iranian sources, said former officials.

6ad23a2969111920c300c797e97be995

The Iranian compromise led to significantly fewer CIA agents being killed than in China, according to former officials. Still, the events there hampered the CIA’s capacity to collect intelligence in Iran at a critical time, just as Tehran was forging ahead with its nuclear program.

U.S. authorities believe Iran probably unwound the CIA’s asset network analytically — meaning they deduced what Washington knew about Tehran’s own operations, then identified Iranians who held that information, and eventually zeroed in on possible sources. This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.

A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.

Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.

A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.

The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

20bf8775052a6ea44780657b17a7348e

U.S. intelligence officials were well aware of Iran’s formidable cyber-espionage capabilities. But they were flabbergasted that Iran managed to extirpate an entire CIA spy network using a technique that one official described as rudimentary — something found in basic how-to books.

But the events in Iran were not self-contained; they coincided roughly with a similar debacle in China in 2011 and 2012, where authorities rounded up and executed around 30 agents working for the U.S. (the New York Times first reported the extirpation of the CIA’s China sources in May 2017). Some U.S. intelligence officials also believe that former Beijing-based CIA officer Jerry Lee, who was charged with spying on behalf of the Chinese government in May 2018, was partially responsible for the destruction of the CIA’s China-based source network. But Lee’s betrayal does not explain the extent of the damage, or the rapidity with which Chinese intelligence was able to identify destroy the network, said former officials.

U.S. officials believe that Chinese intelligence obtained physical access to the transitional, or temporary, secret communications system used by the CIA to correspond with new, unvetted sources — and broke through the firewall separating it from the main covert communications system, compromising the CIA’s entire asset network in that country, Foreign Policy reported earlier this year.

It’s not clear whether China and Iran cooperated, but the former officials said the communications systems used in both countries were similar. The two governments may have broken the system independently. But Iranian, Chinese and Russian officials were engaged in senior-level communications on cyber issues around this time, recalled one former senior intelligence official —interactions that were “very suspicious in hindsight.”

The CIA declined to comment. The Iranian Mission to the UN did not respond to requests for comment.

Some U.S. intel officials took the interactions as an indicator of enhanced open coordination among these countries, and even a nascent alliance against the U.S. and its Five Eyes intelligence partners, this person said. (U.S. officials also believe Chinese officials subsequently shared information about its penetration of the secret CIA system with their Russian counterparts.)

“Our adversaries dramatically upped their game” in their offensive hacking operations, including those geared toward cracking the U.S. covert communications platforms, during this period, said another former senior intelligence official. This almost certainly included information sharing between these countries on U.S. covert communications techniques, said multiple former officials — the makings of a real-life “axis of evil.”

There were discrete signs of potential cooperation. Around the time of the purges of CIA informants in Iran and China, senior counter-espionage officials from China’s Ministry of State Security visited their counterparts in Tehran, said four former U.S. officials.

a3f6a434efa2d956263cf1f0ebbd4809

Some officials believe the two countries engaged in a trade — perhaps with Iran providing China with the technical information needed to pinpoint signs of online activity on the communications system, in exchange for military hardware, speculated one former official. “That’s the spy service way,” said another former official.

With dawning horror, U.S. officials realized that once Iranian or Chinese intelligence officials were able to pinpoint CIA assets within their own borders, they were almost certainly capable of zeroing in on similar digital signatures in other countries, former officials said.

Former officials said the fallout from the compromises was likely global in scope — potentially endangering all CIA sources that used some version of this internet-based system worldwide.

“You establish these networks that are obviously critical to our ability to really understand what our adversaries are up to — there’s a pride in that — and when something that valuable starts to fall apart, the concern is, ‘Are we developing a house of cards?’” said one former senior official. “A lot of bells went off” during this time, said this person, because “whatever methods and procedures we were using were in jeopardy because of what the Chinese and Iranians had determined. You find that you’re blind.”

These multiple, overlapping failures of the communication system created systemic problems for the agency. “There was a cascade of effects that flowed outward” from the initial breaches, said another former intelligence official. “Part of the problem was trying to figure out the second and third order of effects.”

Repairing this breach had to be approached with extraordinary delicacy because attempted fixes can expose sources. Iran or China could then target and flip those CIA sources, or use information about them as bargaining chips with other intelligence services, former officials said. Around this time, Iranian intelligence officials also began aggressively pitching CIA officers to become double agents —meaning that they had somehow identified agency personnel, potentially through this wider compromise, said one former intel official.

b42bb451df9aa3729494466d23aad1da

One country where the impact appears to have been contained is Russia. CIA officials who focus on Russia knew about the China ordeal and quickly adjusted their communications with sources accordingly, some of the former officials said. Aspects of the CIA’s Russia operations have historically been walled off from the rest of the agency, which likely helped minimize the damage. But the issue was so acute in the Middle East that the CIA was forced to suspend its use of internet-based covert communications systems there several times.

The problems were exacerbated by increasingly aggressive Iranian cyber-espionage. The Iranians “were very good tactically,” one former official said, and were adept at “breaking into low-level communications in the field, such as between Iraqi forces and their American counterparts.”

Starting around 2013, Iranian cyber experts seemed to be tracking CIA agents outside their own borders, including in Yemen, where Iran eventually compromised the internet-based covert communications system there, said one of the former officials. During this time, emergency meetings had to be scheduled at the agency because the Iranians had “hacked into systems outright that had nothing to do with them,” said this person — that is, those beyond Iran itself.

“Iran was aggressively going out to hunt systems down,” the former official said. “They weren’t just protecting themselves anymore.”

*****



As Iran was making fast inroads into the CIA’s covert communications system, back in Washington an internal complaint by a government contractor warning officials about precisely what was happening was winding its way through a Kafka-esque appeals system.

In 2008 — well before the Iranians had arrested any agents — a defense contractor named John Reidy, whose job it was to identify, contact and manage human sources for the CIA in Iran, had already sounded an alarm about a “massive intelligence failure” having to do with “communications” with sources. According to Reidy’s publicly available but heavily redacted whistleblower disclosure, by 2010 he said he was told that the “nightmare scenario” he had warned about regarding the secret communications platform had, in fact, occurred.

Reidy refused to discuss his case with Yahoo News. But two former government officials directly familiar with his disclosure and the investigation into the compromises in China and Iran tell Yahoo News that Reidy had identified the weaknesses — and early compromise — that eventually befell the entire the covert communications platform.

0698ddae2ff2eb72d58415a1be4cbd41

Reidy’s case was complicated. After he blew the whistle, he was moved off of his subcontract with SAIC, a Virginia company that works on government information technology products and support. According to the public disclosure, he contacted the CIA inspector general and congressional investigators about his employment status but was met with resistance, partially because whistleblower protections are complicated for federal contractors, and he remained employed.

Meanwhile, throughout 2010 and 2011, the compromise continued to spread, and Reidy provided details to investigators. But by November 2011, Reidy was fired because of what his superiors said were conflicts of interest, as Reidy maintained his own side business. Reidy believed the real reason was retaliation.

In his 2014 appeal to the intelligence community inspector general, first published by McClatchy News, Reidy describes the first signs of compromise in stunning detail — though it was unclear at the time, because of what was redacted, what issue he was addressing. “As our efforts increased, we started to notice anomalies in our operations … sources abruptly and without reason ceasing all communications with us,” he wrote.

Something, he realized, was deeply wrong with the agency’s human sources network. The “U.S. communications infrastructure was under siege,” he wrote. Reidy warned that the problem wasn’t limited to a single country — it extended to everywhere the CIA operates. Close to 70 percent of operations at the time were potentially compromised, he noted. In other words, an entire class of CIA agents — those using some iteration of the online system — was in danger. “CIA is aware of this,” he wrote. “The design and maintenance of the system is flawed.”

Reidy’s complaint wasn’t fully addressed for many years. But when the wide-scale arrest of sources in Iran happened, the CIA eventually launched an investigation. The deaths in China sent investigators into overdrive. Teams from the CIA, the FBI and the House Permanent Select Committee on Intelligence scrambled to try to figure out what had happened — and how to stem the damage.

“Can you imagine how different this whole story would’ve turned out if the CIA [inspector general] had acted on Reidy’s warnings instead of going after him?” said Kel McClanahan, Reidy’s attorney. “Can you imagine how different this whole story would’ve turned out if the congressional oversight committees had done oversight instead of taking CIA’s word that he was just a troublemaker?”

Irvin McCullough, a national security analyst with the Government Accountability Project, a nonprofit that works with whistleblowers, put the issue in even starker terms. “This is one of the most catastrophic intelligence failures since September 11th,” he said. “And the CIA punished the person who brought the problem to light.”

The roll-up of the CIA’s networks reignited debates within the U.S. intelligence community about the merits of high-tech versus low-tech methods of communicating with sources. Within some corners of the intelligence world, “there was widely held belief that technology was the solution to all communications problems,” according to one of the former officials. Proponents of older methods — such as chalk marks, burst communications, brush passes and one-time pads — were seen as “troglodytes,” said this official.

The failure of the communication system was discussed extensively in closed-door hearings at the House and Senate Intelligence committees, according to several former officials. “Some of the senators and congressman went nuts about this, and they should have,” one of them said.

9d20e76c4b798c30ba49d0709e624960

A spokesperson for the Senate Intelligence Committee declined to comment. The House Intelligence Committee did not respond to requests for comments.

One of the central concerns among those familiar with the scope of the breakdown is the institutions responsible for it were never held accountable. Doing a comprehensive investigation isn’t easy, “but you have an absolute obligation to do that, because if you don’t, all you’re doing is rolling the dice with future lives,” said one former senior official.

Even several years after the breach, the concern within the intelligence community is accountability.

“When we continuously allow things like this to happen, and Congress doesn’t do anything, and the institutions don’t do anything, you’re going to have worse issues,” said another former official.

“People will say, ‘I went to the inspector general and it didn’t work; I went elsewhere and it didn’t work.’ People will see it as a game. It will lead to corruption, and it will lead to espionage. When people see that the system is corrupt, it affects everything.”

In the end, said the former official, “our biggest insider threat is our own institution.”

_____
https://www.google.com/amp/s/www.ya...rophic-compromise-started-iran-090018710.html
 
Pretty stunning article. Just a few months ago I was in awe at the Chinese counter-espionage op against the CIA, I'm happy to see Iran has similar capabilities.

Depending on what you believe, China was able to uncover the network via Iran intelligence service.

If that is the case that means Iran got something in return, maybe assistance on air defense (Bavar-373) or blueprints for jet engines or something else.
 
Iranian Intelligence minister acknowledged the hack:

Intel minister: Iran identified 290 CIA spies, made arrests
Fri Apr 19, 2019
ca3e5eb8-edef-4300-8ef4-19eee9605c41.jpg

Iranian Intelligence Minister Mahmoud Alavi speaks before weekly Friday prayers sermons in the Iranian capital Tehran on April 19, 2019. (Photo by IRNA)

Iran has identified 290 CIA agents across different countries, forcing the U.S to form a special committee to reassess its cloak-and-dagger operations, Intelligence Minister Mahmoud Alavi says.

"CIA operatives in those countries were identified and arrested and the contacts of the US intelligence agency with its sources were disrupted in such a way that a committee to assess the failure was set up in America," Alavi said during Friday prayers in Tehran.

He touched on what numerous US spy experts have said about the major intelligence defeat, making reference to a specific November 2018 Yahoo News article that had interviewed numerous American spy experts over the “incredibly damaging” incident.

The article claimed that Iranian intelligence had gained access to a secret CIA communications system, allowing Iranians to not only discover and detain US assets in the country, but also probably share key findings with Chinese and Russian authorities.

“When these types of compromises happen, it’s so dark and bad,” said a former official speaking to Yahoo.

“When this was going on, it was all that mattered,” said another former intelligence community official describing the gravity of the American intelligence setback.

CIA officials were consequently worried about the network “totally unwinding worldwide”, according to the article.

“Iran was aggressively going out to hunt systems down,” said one former official. “They weren’t just protecting themselves anymore.”

Referring to the article, Iran’s intelligence minister specifically highlighted a quote from American national security analyst Irvin McCullough, who described the major American intelligence setback as "one of the most catastrophic intelligence failures” since the September 11 attacks in 2001.

Alavi said that further details of the operations would be publicized soon,
A similar successful counter operation was carried out against Britain's MI6 intelligence service, he said, adding detailed information about it will also be made public in the near future when deemed appropriate.



The Iranian minister added that the breakthrough comes as his ministry has shifted from focusing on defensive operations to conducting offensive counter-intelligence operations, some of which had even “expanded deep” into Israel.

“There was an outcry in Israel; some members of their cabinet were cooperating with the Intelligence Ministry of the Islamic Republic of Iran”, said Alavi.


PressTV-Ex-Israeli minister gets 11 years in jail 'over spying for Iran'

Former Israeli energy minister Gonen Segev is sentenced to 11 years in prison on charges of spying for Iran.


Alavi went on to highlight some of the ministry’s other successful intelligence operations, saying that they had “traumatized” foreign services.

“In one of these cases, the Intelligence Ministry’s counter-espionage [force] successfully identified a company that was slipping defective parts into a sensitive center, neutralized it and discovered the defective parts,” he said.

The sabotage operation could have led to a "humanitarian catastrophe" if it wasn't dealt with, Alavi said.

The Iranian intelligence chief added that as much as 114 Takfiri terrorist teams, 116 Mujahedin-e-Khalq Organization (MEK) teams, 44 teams seeking to overthrow the Iranian government and 380 drug smuggling teams had also been busted in the past year alone.

He added that the operations of 188 other groups were neutralized, including a recent case where four people were arrested southwest of the country along with 15,000 AK-47 rounds.
 
The CIA's communications suffered a catastrophic compromise. It started in Iran.

Zach Dorfman and Jenna McLaughlin

Yahoo NewsNovember 2, 2018, 9:00 AM GMT
9c9234768f60d26f3517805052346571

Yahoo News photo illustration; photos: AP (2), Getty Images (2).
In 2013, hundreds of CIA officers — many working nonstop for weeks — scrambled to contain a disaster of global proportions: a compromise of the agency’s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.

“When this was going on, it was all that mattered,” said one former intelligence community official. The situation was “catastrophic,” said another former senior intelligence official.


From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired — despite warnings about what was happening — until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.

The disaster ensnared every corner of the national security bureaucracy — from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs — forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.

In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials can’t operate freely, such technical failures are an ever present danger and will only become more acute with time.

“When these types of compromises happen, it’s so dark and bad,” said one former official. “They can burrow in. It never really ends.”

A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. “You start thinking twice about people, from China to Russia to Iran to North Korea,” said the former official. The CIA was worried about its network “totally unwinding worldwide.”

Yahoo News’ reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious — even catastrophic — and will persist for years.

e2ac49c46ec38210ccc4df97a3c46615

More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The government’s inability to address the communication system’s insecurities until after sources were rolled up in China was disastrous. “We’re still dealing with the fallout,” said one former national security official. “Dozens of people around the world were killed because of this.”

*****

One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility — part of Iran’s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.

The mole hunt wasn’t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran. “It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”

“Everyone was using it far beyond its intention,” said another former official.

The risks posed by the system appeared to have been overlooked in part because of it was easy to use, said the former intelligence officials. There is no foolproof way to communicate — especially with expediency and urgency — with sources in hostile environments like Iran and China, noted the former officials. But a sense of confidence in the system kept it in operation far longer than was safe or advisable, said former officials. The CIA’s directorate of science and technology, which is responsible for the secure communications system, “says, ‘our s***’s impregnable,’ but it’s obviously not,” said one former official.

By 2010, however, it appears that Iran had begun to identify CIA agents. And by 2011, Iranian authorities dismantled a CIA spy network in that country, said seven former U.S. intelligence officials. (Indeed, in May 2011, Iranian intelligence officials announced publicly that they had broken up a ring of 30 CIA spies; U.S. officials later confirmed the breach to ABC News, which also reported on a potential compromise to the communications system.)

Iran executed some of the CIA informants and imprisoned others in an intelligence setback that one of the former officials described as “incredibly damaging.” The CIA successfully exfiltrated some of its Iranian sources, said former officials.

6ad23a2969111920c300c797e97be995

The Iranian compromise led to significantly fewer CIA agents being killed than in China, according to former officials. Still, the events there hampered the CIA’s capacity to collect intelligence in Iran at a critical time, just as Tehran was forging ahead with its nuclear program.

U.S. authorities believe Iran probably unwound the CIA’s asset network analytically — meaning they deduced what Washington knew about Tehran’s own operations, then identified Iranians who held that information, and eventually zeroed in on possible sources. This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.

A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.

Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.

A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.

The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

20bf8775052a6ea44780657b17a7348e

U.S. intelligence officials were well aware of Iran’s formidable cyber-espionage capabilities. But they were flabbergasted that Iran managed to extirpate an entire CIA spy network using a technique that one official described as rudimentary — something found in basic how-to books.

But the events in Iran were not self-contained; they coincided roughly with a similar debacle in China in 2011 and 2012, where authorities rounded up and executed around 30 agents working for the U.S. (the New York Times first reported the extirpation of the CIA’s China sources in May 2017). Some U.S. intelligence officials also believe that former Beijing-based CIA officer Jerry Lee, who was charged with spying on behalf of the Chinese government in May 2018, was partially responsible for the destruction of the CIA’s China-based source network. But Lee’s betrayal does not explain the extent of the damage, or the rapidity with which Chinese intelligence was able to identify destroy the network, said former officials.

U.S. officials believe that Chinese intelligence obtained physical access to the transitional, or temporary, secret communications system used by the CIA to correspond with new, unvetted sources — and broke through the firewall separating it from the main covert communications system, compromising the CIA’s entire asset network in that country, Foreign Policy reported earlier this year.

It’s not clear whether China and Iran cooperated, but the former officials said the communications systems used in both countries were similar. The two governments may have broken the system independently. But Iranian, Chinese and Russian officials were engaged in senior-level communications on cyber issues around this time, recalled one former senior intelligence official —interactions that were “very suspicious in hindsight.”

The CIA declined to comment. The Iranian Mission to the UN did not respond to requests for comment.

Some U.S. intel officials took the interactions as an indicator of enhanced open coordination among these countries, and even a nascent alliance against the U.S. and its Five Eyes intelligence partners, this person said. (U.S. officials also believe Chinese officials subsequently shared information about its penetration of the secret CIA system with their Russian counterparts.)

“Our adversaries dramatically upped their game” in their offensive hacking operations, including those geared toward cracking the U.S. covert communications platforms, during this period, said another former senior intelligence official. This almost certainly included information sharing between these countries on U.S. covert communications techniques, said multiple former officials — the makings of a real-life “axis of evil.”

There were discrete signs of potential cooperation. Around the time of the purges of CIA informants in Iran and China, senior counter-espionage officials from China’s Ministry of State Security visited their counterparts in Tehran, said four former U.S. officials.

a3f6a434efa2d956263cf1f0ebbd4809

Some officials believe the two countries engaged in a trade — perhaps with Iran providing China with the technical information needed to pinpoint signs of online activity on the communications system, in exchange for military hardware, speculated one former official. “That’s the spy service way,” said another former official.

With dawning horror, U.S. officials realized that once Iranian or Chinese intelligence officials were able to pinpoint CIA assets within their own borders, they were almost certainly capable of zeroing in on similar digital signatures in other countries, former officials said.

Former officials said the fallout from the compromises was likely global in scope — potentially endangering all CIA sources that used some version of this internet-based system worldwide.

“You establish these networks that are obviously critical to our ability to really understand what our adversaries are up to — there’s a pride in that — and when something that valuable starts to fall apart, the concern is, ‘Are we developing a house of cards?’” said one former senior official. “A lot of bells went off” during this time, said this person, because “whatever methods and procedures we were using were in jeopardy because of what the Chinese and Iranians had determined. You find that you’re blind.”

These multiple, overlapping failures of the communication system created systemic problems for the agency. “There was a cascade of effects that flowed outward” from the initial breaches, said another former intelligence official. “Part of the problem was trying to figure out the second and third order of effects.”

Repairing this breach had to be approached with extraordinary delicacy because attempted fixes can expose sources. Iran or China could then target and flip those CIA sources, or use information about them as bargaining chips with other intelligence services, former officials said. Around this time, Iranian intelligence officials also began aggressively pitching CIA officers to become double agents —meaning that they had somehow identified agency personnel, potentially through this wider compromise, said one former intel official.

b42bb451df9aa3729494466d23aad1da

One country where the impact appears to have been contained is Russia. CIA officials who focus on Russia knew about the China ordeal and quickly adjusted their communications with sources accordingly, some of the former officials said. Aspects of the CIA’s Russia operations have historically been walled off from the rest of the agency, which likely helped minimize the damage. But the issue was so acute in the Middle East that the CIA was forced to suspend its use of internet-based covert communications systems there several times.

The problems were exacerbated by increasingly aggressive Iranian cyber-espionage. The Iranians “were very good tactically,” one former official said, and were adept at “breaking into low-level communications in the field, such as between Iraqi forces and their American counterparts.”

Starting around 2013, Iranian cyber experts seemed to be tracking CIA agents outside their own borders, including in Yemen, where Iran eventually compromised the internet-based covert communications system there, said one of the former officials. During this time, emergency meetings had to be scheduled at the agency because the Iranians had “hacked into systems outright that had nothing to do with them,” said this person — that is, those beyond Iran itself.

“Iran was aggressively going out to hunt systems down,” the former official said. “They weren’t just protecting themselves anymore.”

*****



As Iran was making fast inroads into the CIA’s covert communications system, back in Washington an internal complaint by a government contractor warning officials about precisely what was happening was winding its way through a Kafka-esque appeals system.

In 2008 — well before the Iranians had arrested any agents — a defense contractor named John Reidy, whose job it was to identify, contact and manage human sources for the CIA in Iran, had already sounded an alarm about a “massive intelligence failure” having to do with “communications” with sources. According to Reidy’s publicly available but heavily redacted whistleblower disclosure, by 2010 he said he was told that the “nightmare scenario” he had warned about regarding the secret communications platform had, in fact, occurred.

Reidy refused to discuss his case with Yahoo News. But two former government officials directly familiar with his disclosure and the investigation into the compromises in China and Iran tell Yahoo News that Reidy had identified the weaknesses — and early compromise — that eventually befell the entire the covert communications platform.

0698ddae2ff2eb72d58415a1be4cbd41

Reidy’s case was complicated. After he blew the whistle, he was moved off of his subcontract with SAIC, a Virginia company that works on government information technology products and support. According to the public disclosure, he contacted the CIA inspector general and congressional investigators about his employment status but was met with resistance, partially because whistleblower protections are complicated for federal contractors, and he remained employed.

Meanwhile, throughout 2010 and 2011, the compromise continued to spread, and Reidy provided details to investigators. But by November 2011, Reidy was fired because of what his superiors said were conflicts of interest, as Reidy maintained his own side business. Reidy believed the real reason was retaliation.

In his 2014 appeal to the intelligence community inspector general, first published by McClatchy News, Reidy describes the first signs of compromise in stunning detail — though it was unclear at the time, because of what was redacted, what issue he was addressing. “As our efforts increased, we started to notice anomalies in our operations … sources abruptly and without reason ceasing all communications with us,” he wrote.

Something, he realized, was deeply wrong with the agency’s human sources network. The “U.S. communications infrastructure was under siege,” he wrote. Reidy warned that the problem wasn’t limited to a single country — it extended to everywhere the CIA operates. Close to 70 percent of operations at the time were potentially compromised, he noted. In other words, an entire class of CIA agents — those using some iteration of the online system — was in danger. “CIA is aware of this,” he wrote. “The design and maintenance of the system is flawed.”

Reidy’s complaint wasn’t fully addressed for many years. But when the wide-scale arrest of sources in Iran happened, the CIA eventually launched an investigation. The deaths in China sent investigators into overdrive. Teams from the CIA, the FBI and the House Permanent Select Committee on Intelligence scrambled to try to figure out what had happened — and how to stem the damage.

“Can you imagine how different this whole story would’ve turned out if the CIA [inspector general] had acted on Reidy’s warnings instead of going after him?” said Kel McClanahan, Reidy’s attorney. “Can you imagine how different this whole story would’ve turned out if the congressional oversight committees had done oversight instead of taking CIA’s word that he was just a troublemaker?”

Irvin McCullough, a national security analyst with the Government Accountability Project, a nonprofit that works with whistleblowers, put the issue in even starker terms. “This is one of the most catastrophic intelligence failures since September 11th,” he said. “And the CIA punished the person who brought the problem to light.”

The roll-up of the CIA’s networks reignited debates within the U.S. intelligence community about the merits of high-tech versus low-tech methods of communicating with sources. Within some corners of the intelligence world, “there was widely held belief that technology was the solution to all communications problems,” according to one of the former officials. Proponents of older methods — such as chalk marks, burst communications, brush passes and one-time pads — were seen as “troglodytes,” said this official.

The failure of the communication system was discussed extensively in closed-door hearings at the House and Senate Intelligence committees, according to several former officials. “Some of the senators and congressman went nuts about this, and they should have,” one of them said.

9d20e76c4b798c30ba49d0709e624960

A spokesperson for the Senate Intelligence Committee declined to comment. The House Intelligence Committee did not respond to requests for comments.

One of the central concerns among those familiar with the scope of the breakdown is the institutions responsible for it were never held accountable. Doing a comprehensive investigation isn’t easy, “but you have an absolute obligation to do that, because if you don’t, all you’re doing is rolling the dice with future lives,” said one former senior official.

Even several years after the breach, the concern within the intelligence community is accountability.

“When we continuously allow things like this to happen, and Congress doesn’t do anything, and the institutions don’t do anything, you’re going to have worse issues,” said another former official.

“People will say, ‘I went to the inspector general and it didn’t work; I went elsewhere and it didn’t work.’ People will see it as a game. It will lead to corruption, and it will lead to espionage. When people see that the system is corrupt, it affects everything.”

In the end, said the former official, “our biggest insider threat is our own institution.”

_____
https://www.google.com/amp/s/www.ya...rophic-compromise-started-iran-090018710.html
The CIA's communications suffered a catastrophic compromise. It started in Iran.

Zach Dorfman and Jenna McLaughlin

Yahoo NewsNovember 2, 2018, 9:00 AM GMT
9c9234768f60d26f3517805052346571

Yahoo News photo illustration; photos: AP (2), Getty Images (2).
In 2013, hundreds of CIA officers — many working nonstop for weeks — scrambled to contain a disaster of global proportions: a compromise of the agency’s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.

“When this was going on, it was all that mattered,” said one former intelligence community official. The situation was “catastrophic,” said another former senior intelligence official.


From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired — despite warnings about what was happening — until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.

The disaster ensnared every corner of the national security bureaucracy — from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs — forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.

In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials can’t operate freely, such technical failures are an ever present danger and will only become more acute with time.

“When these types of compromises happen, it’s so dark and bad,” said one former official. “They can burrow in. It never really ends.”

A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. “You start thinking twice about people, from China to Russia to Iran to North Korea,” said the former official. The CIA was worried about its network “totally unwinding worldwide.”

Yahoo News’ reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious — even catastrophic — and will persist for years.

e2ac49c46ec38210ccc4df97a3c46615

More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The government’s inability to address the communication system’s insecurities until after sources were rolled up in China was disastrous. “We’re still dealing with the fallout,” said one former national security official. “Dozens of people around the world were killed because of this.”

*****

One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility — part of Iran’s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.

The mole hunt wasn’t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a state actor like China or Iran. “It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”

“Everyone was using it far beyond its intention,” said another former official.

The risks posed by the system appeared to have been overlooked in part because of it was easy to use, said the former intelligence officials. There is no foolproof way to communicate — especially with expediency and urgency — with sources in hostile environments like Iran and China, noted the former officials. But a sense of confidence in the system kept it in operation far longer than was safe or advisable, said former officials. The CIA’s directorate of science and technology, which is responsible for the secure communications system, “says, ‘our s***’s impregnable,’ but it’s obviously not,” said one former official.

By 2010, however, it appears that Iran had begun to identify CIA agents. And by 2011, Iranian authorities dismantled a CIA spy network in that country, said seven former U.S. intelligence officials. (Indeed, in May 2011, Iranian intelligence officials announced publicly that they had broken up a ring of 30 CIA spies; U.S. officials later confirmed the breach to ABC News, which also reported on a potential compromise to the communications system.)

Iran executed some of the CIA informants and imprisoned others in an intelligence setback that one of the former officials described as “incredibly damaging.” The CIA successfully exfiltrated some of its Iranian sources, said former officials.

6ad23a2969111920c300c797e97be995

The Iranian compromise led to significantly fewer CIA agents being killed than in China, according to former officials. Still, the events there hampered the CIA’s capacity to collect intelligence in Iran at a critical time, just as Tehran was forging ahead with its nuclear program.

U.S. authorities believe Iran probably unwound the CIA’s asset network analytically — meaning they deduced what Washington knew about Tehran’s own operations, then identified Iranians who held that information, and eventually zeroed in on possible sources. This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.

A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.

Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.

A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.

The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

20bf8775052a6ea44780657b17a7348e

U.S. intelligence officials were well aware of Iran’s formidable cyber-espionage capabilities. But they were flabbergasted that Iran managed to extirpate an entire CIA spy network using a technique that one official described as rudimentary — something found in basic how-to books.

But the events in Iran were not self-contained; they coincided roughly with a similar debacle in China in 2011 and 2012, where authorities rounded up and executed around 30 agents working for the U.S. (the New York Times first reported the extirpation of the CIA’s China sources in May 2017). Some U.S. intelligence officials also believe that former Beijing-based CIA officer Jerry Lee, who was charged with spying on behalf of the Chinese government in May 2018, was partially responsible for the destruction of the CIA’s China-based source network. But Lee’s betrayal does not explain the extent of the damage, or the rapidity with which Chinese intelligence was able to identify destroy the network, said former officials.

U.S. officials believe that Chinese intelligence obtained physical access to the transitional, or temporary, secret communications system used by the CIA to correspond with new, unvetted sources — and broke through the firewall separating it from the main covert communications system, compromising the CIA’s entire asset network in that country, Foreign Policy reported earlier this year.

It’s not clear whether China and Iran cooperated, but the former officials said the communications systems used in both countries were similar. The two governments may have broken the system independently. But Iranian, Chinese and Russian officials were engaged in senior-level communications on cyber issues around this time, recalled one former senior intelligence official —interactions that were “very suspicious in hindsight.”

The CIA declined to comment. The Iranian Mission to the UN did not respond to requests for comment.

Some U.S. intel officials took the interactions as an indicator of enhanced open coordination among these countries, and even a nascent alliance against the U.S. and its Five Eyes intelligence partners, this person said. (U.S. officials also believe Chinese officials subsequently shared information about its penetration of the secret CIA system with their Russian counterparts.)

“Our adversaries dramatically upped their game” in their offensive hacking operations, including those geared toward cracking the U.S. covert communications platforms, during this period, said another former senior intelligence official. This almost certainly included information sharing between these countries on U.S. covert communications techniques, said multiple former officials — the makings of a real-life “axis of evil.”

There were discrete signs of potential cooperation. Around the time of the purges of CIA informants in Iran and China, senior counter-espionage officials from China’s Ministry of State Security visited their counterparts in Tehran, said four former U.S. officials.

a3f6a434efa2d956263cf1f0ebbd4809

Some officials believe the two countries engaged in a trade — perhaps with Iran providing China with the technical information needed to pinpoint signs of online activity on the communications system, in exchange for military hardware, speculated one former official. “That’s the spy service way,” said another former official.

With dawning horror, U.S. officials realized that once Iranian or Chinese intelligence officials were able to pinpoint CIA assets within their own borders, they were almost certainly capable of zeroing in on similar digital signatures in other countries, former officials said.

Former officials said the fallout from the compromises was likely global in scope — potentially endangering all CIA sources that used some version of this internet-based system worldwide.

“You establish these networks that are obviously critical to our ability to really understand what our adversaries are up to — there’s a pride in that — and when something that valuable starts to fall apart, the concern is, ‘Are we developing a house of cards?’” said one former senior official. “A lot of bells went off” during this time, said this person, because “whatever methods and procedures we were using were in jeopardy because of what the Chinese and Iranians had determined. You find that you’re blind.”

These multiple, overlapping failures of the communication system created systemic problems for the agency. “There was a cascade of effects that flowed outward” from the initial breaches, said another former intelligence official. “Part of the problem was trying to figure out the second and third order of effects.”

Repairing this breach had to be approached with extraordinary delicacy because attempted fixes can expose sources. Iran or China could then target and flip those CIA sources, or use information about them as bargaining chips with other intelligence services, former officials said. Around this time, Iranian intelligence officials also began aggressively pitching CIA officers to become double agents —meaning that they had somehow identified agency personnel, potentially through this wider compromise, said one former intel official.

b42bb451df9aa3729494466d23aad1da

One country where the impact appears to have been contained is Russia. CIA officials who focus on Russia knew about the China ordeal and quickly adjusted their communications with sources accordingly, some of the former officials said. Aspects of the CIA’s Russia operations have historically been walled off from the rest of the agency, which likely helped minimize the damage. But the issue was so acute in the Middle East that the CIA was forced to suspend its use of internet-based covert communications systems there several times.

The problems were exacerbated by increasingly aggressive Iranian cyber-espionage. The Iranians “were very good tactically,” one former official said, and were adept at “breaking into low-level communications in the field, such as between Iraqi forces and their American counterparts.”

Starting around 2013, Iranian cyber experts seemed to be tracking CIA agents outside their own borders, including in Yemen, where Iran eventually compromised the internet-based covert communications system there, said one of the former officials. During this time, emergency meetings had to be scheduled at the agency because the Iranians had “hacked into systems outright that had nothing to do with them,” said this person — that is, those beyond Iran itself.

“Iran was aggressively going out to hunt systems down,” the former official said. “They weren’t just protecting themselves anymore.”

*****



As Iran was making fast inroads into the CIA’s covert communications system, back in Washington an internal complaint by a government contractor warning officials about precisely what was happening was winding its way through a Kafka-esque appeals system.

In 2008 — well before the Iranians had arrested any agents — a defense contractor named John Reidy, whose job it was to identify, contact and manage human sources for the CIA in Iran, had already sounded an alarm about a “massive intelligence failure” having to do with “communications” with sources. According to Reidy’s publicly available but heavily redacted whistleblower disclosure, by 2010 he said he was told that the “nightmare scenario” he had warned about regarding the secret communications platform had, in fact, occurred.

Reidy refused to discuss his case with Yahoo News. But two former government officials directly familiar with his disclosure and the investigation into the compromises in China and Iran tell Yahoo News that Reidy had identified the weaknesses — and early compromise — that eventually befell the entire the covert communications platform.

0698ddae2ff2eb72d58415a1be4cbd41

Reidy’s case was complicated. After he blew the whistle, he was moved off of his subcontract with SAIC, a Virginia company that works on government information technology products and support. According to the public disclosure, he contacted the CIA inspector general and congressional investigators about his employment status but was met with resistance, partially because whistleblower protections are complicated for federal contractors, and he remained employed.

Meanwhile, throughout 2010 and 2011, the compromise continued to spread, and Reidy provided details to investigators. But by November 2011, Reidy was fired because of what his superiors said were conflicts of interest, as Reidy maintained his own side business. Reidy believed the real reason was retaliation.

In his 2014 appeal to the intelligence community inspector general, first published by McClatchy News, Reidy describes the first signs of compromise in stunning detail — though it was unclear at the time, because of what was redacted, what issue he was addressing. “As our efforts increased, we started to notice anomalies in our operations … sources abruptly and without reason ceasing all communications with us,” he wrote.

Something, he realized, was deeply wrong with the agency’s human sources network. The “U.S. communications infrastructure was under siege,” he wrote. Reidy warned that the problem wasn’t limited to a single country — it extended to everywhere the CIA operates. Close to 70 percent of operations at the time were potentially compromised, he noted. In other words, an entire class of CIA agents — those using some iteration of the online system — was in danger. “CIA is aware of this,” he wrote. “The design and maintenance of the system is flawed.”

Reidy’s complaint wasn’t fully addressed for many years. But when the wide-scale arrest of sources in Iran happened, the CIA eventually launched an investigation. The deaths in China sent investigators into overdrive. Teams from the CIA, the FBI and the House Permanent Select Committee on Intelligence scrambled to try to figure out what had happened — and how to stem the damage.

“Can you imagine how different this whole story would’ve turned out if the CIA [inspector general] had acted on Reidy’s warnings instead of going after him?” said Kel McClanahan, Reidy’s attorney. “Can you imagine how different this whole story would’ve turned out if the congressional oversight committees had done oversight instead of taking CIA’s word that he was just a troublemaker?”

Irvin McCullough, a national security analyst with the Government Accountability Project, a nonprofit that works with whistleblowers, put the issue in even starker terms. “This is one of the most catastrophic intelligence failures since September 11th,” he said. “And the CIA punished the person who brought the problem to light.”

The roll-up of the CIA’s networks reignited debates within the U.S. intelligence community about the merits of high-tech versus low-tech methods of communicating with sources. Within some corners of the intelligence world, “there was widely held belief that technology was the solution to all communications problems,” according to one of the former officials. Proponents of older methods — such as chalk marks, burst communications, brush passes and one-time pads — were seen as “troglodytes,” said this official.

The failure of the communication system was discussed extensively in closed-door hearings at the House and Senate Intelligence committees, according to several former officials. “Some of the senators and congressman went nuts about this, and they should have,” one of them said.

9d20e76c4b798c30ba49d0709e624960

A spokesperson for the Senate Intelligence Committee declined to comment. The House Intelligence Committee did not respond to requests for comments.

One of the central concerns among those familiar with the scope of the breakdown is the institutions responsible for it were never held accountable. Doing a comprehensive investigation isn’t easy, “but you have an absolute obligation to do that, because if you don’t, all you’re doing is rolling the dice with future lives,” said one former senior official.

Even several years after the breach, the concern within the intelligence community is accountability.

“When we continuously allow things like this to happen, and Congress doesn’t do anything, and the institutions don’t do anything, you’re going to have worse issues,” said another former official.

“People will say, ‘I went to the inspector general and it didn’t work; I went elsewhere and it didn’t work.’ People will see it as a game. It will lead to corruption, and it will lead to espionage. When people see that the system is corrupt, it affects everything.”

In the end, said the former official, “our biggest insider threat is our own institution.”

_____
https://www.google.com/amp/s/www.ya...rophic-compromise-started-iran-090018710.html

Awesome !
 
Pretty stunning article. Just a few months ago I was in awe at the Chinese counter-espionage op against the CIA, I'm happy to see Iran has similar capabilities.
Also there's pattern i'm seeing regarding US-led espionage against Iran- The US seems to go to large/advanced extents to penetrate Iran, so when there's a "mistake" such as the MQ 170 drone incident, if Iran is able to disrupt it, there is usually a "spoil of war" that bigger states like Russia and China will pay alot for. THen Iran "charges" then for this valuable "info". THe intelligence world is as fascinating as its scary..
 
And another blow to U.S, this time CIA lost 17 Iranian national agents while the identity of several of it's U.S national CIA officers were exposed.





Analysis: Did the US Central Intelligence Agency lose 17 spies in Iran? | intelNews.org
July 23, 2019 by Joseph Fitsanakis

If the announcements from Tehran are to be believed, the United States Central Intelligence Agency lost at least 17 spies in Iran in the months leading up to March 2019. According to Iran’s Ministry of Intelligence, the Islamic Republic busted an alleged “CIA network” operating in sensitive private sector companies and government agencies that relate to defense, aerospace and energy. At least some of the 17 alleged spies have reportedly been sentenced to death, though their exact number remains unknown.

Officials in Tehran said on Sunday that all of the purported spies are Iranian nationals and were lured by the CIA with promises of receiving visas to enter America. Others were already in possession of visas and were “blackmailed” to spy for the US in order to have them renewed by the US Department of State, according to Iranian media reports. Visa applicants were allegedly carefully selected based on their work in critical areas such as Iran’s nuclear program or defense procurement.

A government-sanctioned documentary, which aired on Iran’s state owned television on Monday, claimed that the 17 spies did not know each other, but all had been trained independently in clandestine tradecraft. This allegedly included setting up and using secret communications systems, as well as carrying out dead drops without being detected. Dead drops utilized containers made to look like rocks, which were located “in parks and other mountainous areas” in Iran and elsewhere in the Middle East, according to Iranian officials. Some of the assets communicated with their handlers while attending science conferences through- out Europe, Africa and Asia.

The Iranian television documentary claimed that the 17 arrests had “dealt a lethal blow to US foreign intelligence”. But US President Donald Trump said in a tweet that Tehran’s allegations were “totally false” and contained “zero truth”, just “more lies and propaganda” from Tehran.

Who is right? To begin with, there is no question that the CIA recruits heavily in Iran, given that the Islamic Republic is one of America’s —indeed the world’s— primary intelligence targets. What is more, since 1979, when Washington lost its embassy in Iran, the CIA have found it more difficult to collect accurate information from inside the energy-rich country. Therefore, the need for dependable assets inside Iran has increased exponentially, and has become even more pressing now, given the importance placed on Iran by Donald Trump. Additionally, the descriptions of CIA asset acquisition operations by the Iranians ring true. In the absence of an embassy and diplomatic immunity, it is dangerous for CIA case officers to operate inside Iran, so the spy agency recruits many of its assets from among Iran’s Westernized elite that is able to travel abroad.

But losing 17 assets in one big sweep sounds fantastical. If it is true, it would signify one of the biggest intelligence-collection disasters in the CIA’s 72-year history. Furthermore, given that —as the Iranians themselves have said— the 17 alleged spies did not know each other, it would have taken a massive amount of counterintelligence resources to detect, build cases and apprehend 17 separate foreign assets. What is more likely to have happened is that the Iranians detected a small number of CIA spies —possibly no more than two or three— and then slowly extended their counterintelligence investigation to incorporate those three individuals’ close associates, relatives, or even spouses. At that stage, Iranian authorities would have used their investigative privileges to target employees of agencies or companies with access to sensitive information who are deemed too pro-Western, have a history of making critical remarks of the Iranian government, etc. That is probably how the investigation grew to incorporate so many alleged spies.

What is more worrying for the CIA is that the Iranians appear to have visually identified a number of CIA case officers, whose job is to recruit and handle foreign assets. These are ostensibly US Department of State diplomatic personnel who are stationed in countries such as Austria, India, Turkey and Zimbabwe. But the Iranians claim that these diplomats are in fact official-cover CIA personnel and have now publicized their faces. At one point during Monday’s television program, a blonde Caucasian woman is seen advising an unidentified man about how to avoid surveillance by Iranian intelligence officers in the United Arab Emirates. She is speaking Farsi with an unmistakable American accent. If the Iranians are right, it means that these individuals will need to be recalled back to Washington as soon as possible and that their overseas careers are now at an end, since foreign counterintelligence services know that they are in fact intelligence officers. Additionally, the safety of their assets and foreign contacts will need to be reassessed on a case-by-case base, and many human-intelligence operations —some of them many years in the making— will need to be terminated. Thus, if the Iranians are telling the truth, many offices at the CIA’s headquarters in Langley, Virginia, will be in recovery mode for many months to come.
 

Pakistan Affairs Latest Posts

Back
Top Bottom