Slashdot Mirror
Iranians Compromised a Highly Sensitive CIA Covert Communications System in 2011 by Using Google Search: Report (yahoo.com)
In 2011, Iran was able to use Google's search functionality to hack into a secret CIA communication network that was being used to contact agents and informants around the world -- a breach that appears to have triggered the exposure and execution of Agency sources in China and Iran, Yahoo News reported Friday.
The link only points to a page demanding (not requesting) access to my device. Is there an accessible link?
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
In 2013, hundreds of CIA officers â" many working nonstop for weeks â" scrambled to contain a disaster of global proportions: a compromise of the agencyâ(TM)s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.
âoeWhen this was going on, it was all that mattered,â said one former intelligence community official. The situation was âoecatastrophic,â said another former senior intelligence official.
From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired â" despite warnings about what was happening â" until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.
The disaster ensnared every corner of the national security bureaucracy â" from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs â" forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.
In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials canâ(TM)t operate freely, such technical failures are an ever present danger and will only become more acute with time.
âoeWhen these types of compromises happen, itâ(TM)s so dark and bad,â said one former official. âoeThey can burrow in. It never really ends.â
A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. âoeYou start thinking twice about people, from China to Russia to Iran to North Korea,â said the former official. The CIA was worried about its network âoetotally unwinding worldwide.â
Yahoo Newsâ(TM) reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious â" even catastrophic â" and will persist for years.
More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The governmentâ(TM)s inability to address the communication systemâ(TM)s insecurities until after sources were rolled up in China was disastrous. âoeWeâ(TM)re still dealing with the fallout,â said one former national security official. âoeDozens of people around the world were killed because of this.â
***** EAT AT JOE'S
One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility â" part of Iranâ(TM)s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.
The mole hunt wasnâ(TM)t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a s
Come on guys, if you can google it, it's not "hacking".
In fact, "hacking" isn't even about computer security; if you think it is you lack Clue and are likely spouting nonsense. Which is exactly what most of the "computer security" s'kiddies do for a living. So here: Somebody left the door wide open, and instead of pointing to the culprit you find some other idiots to point to, just to deflect the blame. Syeah right, "hacking". Nope, sheer unadulterated incompetence.
Seems insecure.
Maybe we should go back to typewriters.
Wow, they really need to stop picking up those USB drives people leave at the airport.
They made sure Google indexed their malware web site Shemales4CIA.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
If you consider USA evil — more evil than Iran and China — then you are in a wrong place. Learn Chinese and Farsi and fuck off to that part of the world, both physical and virtual...
In Soviet Washington the swamp drains you.
Google didn't do anything but index web pages. The CIA controllers who didn't take the extremely simple and well-known measures to prevent indexing are the ones who were evil.
It's like saying car manufacturers are evil because someone used their product to rob a bank. Only the bank opened up the vault as a drive-through instead of actually securing it in any way.
TL;DR the CIA and Iran/China used convenient tools on the internet for spycraft. The CIA didn't use it prudently however, and got agents and informants killed due to their carelessness.
Most of the methods Iranians used would have been familiar to George Smiley. They looked at what the Americans obviously knew about Iran and figured out who could have told them. Then they leaned on those people and found out how they were communicating with the CIA.
This is where Google came in. These people were using phony websites to communicate with the CIA, and Iranian intelligence used Google to uncover similar websites. Then they hacked into those websites after which they had the keys to the kingdom.
It was the CIA's reliance on a bodged-together, vulnerable system that killed those assets. They used it even after they'd been warned by their own analysts in 2008 that it had been compromised.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Why is this data even available to Google or any public connection for that matter? Stupid...
Well, I'm not totally sure, but it seems to me that covert human operatives on foreign soil need some way to communicate "in the clear" with their handlers. This means that the idea was to communicate over public networks.... Thus the use of public webpages...
Google is in the business of scanning and cataloging public pages then providing links based on search criteria.
However, why somebody didn't prevent these pages from being scanned though any number of available methods is beyond me..
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
There was still some old fashioned spying going on. Without a double agent to show the Iranians a sample website, they never would have figured out which strings to search for.
The bigger question is, did Iran share this information with China and Russia? If so, what did they get in exchange?
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
It sounds like the problem was the CIA was sloppy and made all their web pages similar enough they were easy to Google. Iran and China then rounded up everyone frequenting those pages.
Why don't they just use public pages? The internet has no shortage of discussion forums, many of which must be frequented by millions of people, even in Iran and China.
the compromised communications system tried to work by "security through obscurity"-- it used publicly-visible websites that were indexable and searchable, and didn't realize that once one was compromised, you could look at what was on it, and use well-crafted search terms to find them all.
I love that movie - Spy Game // Brad Pitt & Robert Redford. good stuff for a Friday. might have to pull out the VHS and watch it again on my VCR.
And neither the first nor last example.
The future of real warfare between states isn't limited to military force. It's likely that any military actions will be preparatory and sustaining, but not decisive. Attacks on infrastructure, denial of access to critical information and resources, and isolation from allies can all be accomplished with information technology.
This example is most instructive in that it shows how states with limited resources in some areas can be capable, even formidable adversaries in others. The US has the most capable military assets available, with only a few (but notable) exceptions where adversaries have sufficient assets to cause major losses to US forces and potentially prevail in regional conflicts. But in so-called 'cyber' warfare, the US has no discernible advantage. Relatively small, impoverished, or militarily weak states have equal capabilities. And non-state players can be just as capable.
For the US, the only real hope is that it has undisclosed capabilities, which is entirely likely, or that it will focus on developing those. Sadly, unlike military force, which takes in some instances a generation to develop new and overwhelming advantages, cyber warfare changes year,y, actually, monthly, and these advances are shared virtually instantly among allies, requiring no factories, manufacturing techniques, or natural resources beyond manpower, intellect, and thought. Ask aerospace engineers - it takes so much less time to devise a new weapon system than it does to actually manufacture and refine it to the point of usefulness. And cyber warfare is cheaper too, by every measure, to develop and deploy.
I'm confident in assuming that the US and others have the means to detect and monitor electronic communications among allies and adversaries worldwide, with few exceptions. And they constantly have to refine those methods to keep up with the changing landscape. And the only way to do that is to deploy an intercept system that captures everything, everywhere, all the time, and keeps it for analysis and exploitation. All this means our government is compelled to violate our privacy and civil rights, if not explicitly, then implicitly, as it captures all the things always, just to be able to find the enemy's vulnerabilities and secrets.
It's a nasty business. We have no other choice. Our enemies will certainly do so, and without a shred of restraint. If they can prevail at our expense, they will indeed. And this example shows that there is no hope of ever turning back from this state. It will only get worse. All attempts to secure our information systems will only succeed in making it more difficult to find the enemy. They will use all security measures to improve their methods. But we must improve security, no matter, for all the other reasons. A vicious circle, one impossible to stop.
deleting the extra space after periods so i can stay relevant, yeah.
That was actually in the news three years ago, but because of secrecy, the details of exactly what he warned about was left out. Now we know: https://www.mcclatchydc.com/ne... or https://www.thestate.com/news/...
"The CIA case involves former contractor John Reidy, who asserts he was punished after warning of a “catastrophic failure” in the spy agency’s operations. “It was a recipe for disaster,” Reidy wrote in his appeal, which was redacted by intelligence officials. “We had a catastrophic failure on our hands that would ensnare a great many of our sources.” His lawyer, Kel McClanahan, said Reidy was in charge of identifying foreign sources and systems in the telecommunications and computer fields that would be of interest to U.S. intelligence agencies.
Reidy also was responsible for developing intelligence operations against those targets, his lawyer said. McClanahan said his client is not permitted to discuss the case in more detail even with him because the CIA says the information is classified.
Reidy asserts that he first detected vulnerabilities in a CIA program in 2006, according to the appeal filing obtained by McClatchy. Signs of the problems included “anomalies in our operations and conflicting intelligence reporting that indicated several of our operations had been compromised,” he wrote, adding that he noticed “sources abruptly and without reason ceasing all communications with us.”
Why don't they just use public pages? The internet has no shortage of discussion forums, many of which must be frequented by millions of people, even in Iran and China.
MMOs. MMOs make the perfect medium for covert communication. Think about how many hundreds, if not thousands of games there are that allow communication between players, many with world-wide player bases. You have behemoths like WoW with multiple servers in multiple regions down to $2 cellphone games. Even if a country were able to go through the arduous task of figuring if or what game is being used, simple tradecraft basics make monitoring difficult. It could be coded messages, set times to meet, or even something as simple as sending/giving a player a certain item or buying/selling an item at a certain price had different or predetermined meanings. Unless a target is already under surveillance and their machine is compromised an agency would have to covertly find/add a back door or crack and track every game available (and with VPNs and other methods even games NOT available) within it's borders.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
You mean Reddit isn't an MMO?
OR search Spy Games clips on YouTube before you settle down to watch your favorite VHS on your still-functional VCR.
You can scan for Dinner Out while you're at it. They don't make movies like *that* anymore.
Enjoy =)
WARNING: Smartphones have side effects--most of them undocumented.
Google didn't even screw up, it worked as intended.
the compromised communications system tried to work by "security through obscurity"-- it used publicly-visible websites that were indexable and searchable, and didn't realize that once one was compromised, you could look at what was on it, and use well-crafted search terms to find them all.
Who thought "security through obscurity" was a viable option when people's lives literally hung in the balance?
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
So how did Russia get the names of US agents, one former FSB and one current FSB, and one hotel cleaner, six days after Trump got the unredacted piss memo with the names of those agents in?
I'm not sure what your point is. The article here is about one intelligence failure, which was in 2011. You're asking about a different intelligence failure, six years later. The existence of one intelligence failure doesn't say much about the other one.
...There is ONE article by "Zach Dorfman and Jenna McLaughlin" and this is it. Just because you read it, don't assume its true.
Yes, it is one article. Once you read it, however, you see that there were earlier articles on the same leak which just didn't have the actual details. :
https://www.pulitzer.org/files/2015/national-reporting/mcclatchy/10mcclatchy2015.pdf. (alternate source: https://www.kentucky.com/news/...)
Or here: https://www.emptywheel.net/201...
Or here: https://www.thestate.com/news/...
and you think that it was evil for the west to find out what Iran and Chinese leaders were up to?
I prefer the "u" in honour as it seems to be missing these days.
chances are, that the CIA did not realize that they were exposed to the net. I doubt that they would have done that, with ppl's lives hanging in the balance.
I prefer the "u" in honour as it seems to be missing these days.
30 Chinese assets executed. Iranians use Google to break into a classified information system. Covertly funded "Friendly rebels" become ISIS. Obama was one of the worst presidents ever.
If you dig down into the references, you see that the first realization that there was a problem dates back to 2006, two years before Obama was elected:
Reidy asserts that he first detected vulnerabilities in a CIA program in 2006, according to the appeal filing obtained by McClatchy. source: https://www.thestate.com/news/...
You could argue that, but I doubt that you would win, esp. as other nations deal with your gov's Belt/Road. The nations that deal with you are finding out exactly how wonderful China REALLY is.
For example, if we were in CHina, you could not have posted the the opposite without your gov knowing and punishing you for it.
Pakistan had to give CHina a port and must alllow a number of the oil pipes that America was accused of wanting (which had ZERO value to the west, but huge value to China).
Sr Lanka had to give CHina a port, and is now importing far more than they export
In fact, CHina has forced many other nations to turn over their resources such as oil wells, ports, etc to pay the debt that they owe China.
Venezuela, Djibouti, Tajikistan, Kirghistan, Lao, Maldives, Mongolia, and Montenegro are just a few that your nation is controlling.
I prefer the "u" in honour as it seems to be missing these days.
But if a gun is used, it is the fault of the gun manufacturer. So if Smith & Wesson is responsible for shooting, then Google is responsible for this.
"-1 Troll" is the apparently the same as "-1 I disagree with you."
"CIA Exposed a Highly Sensitive Communications System on the Public Internet, Where it Could be Compromised by Iranians Simply Using Google Search"
David Gould
main(i){putchar(340056100>>(i-1)*5&31|!!(i<6)<< 6)&&main(++i);}
You might think that but it is highly probable this was intentional. These are under cover agents, if they were visiting "hidden" websites from some of these countries that could have been detected. Going to technically open websites, even if obscure, might not raise the same type of red flags.
I'm just guessing from the article that this was a "push" type site so those visiting it didn't actually identify themselves so what appears to have happened is the foreign agencies discovered the sites purpose and monitored who visited it. So hidden or visible they found the agents by monitoring who went there from their countries.
I think the screw up here was in not regularly rotating sites much like you rotate a cypher key. There should have been some procedure for frequently changing sites so that the agents weren't regularly visiting the same places.
Great flick!
Or many of the other letter agencies of US Govt? I am very concerned that all my tax money is not really getting a good ROI. I think we all have a very lofty ideal of what those agencies are capable of but it may be a bogus ideal that is formulated by Movies and TV and not based on reality.
There wasn't only one public facing website, there were hundreds of them, probably one for each potential source. But once the Iranians discovered one of them, they used Google to find similar websites, and then started to monitor them, as the sites shared some technicalties, being built by the same organization, probably with the same tools and maybe they even shared some elements.
This strikes me as a fundamental point. The further away you get from an understanding of first principles, the easier for common mode failures to occur -- and I think it ties as well into a failure of imagination about those failure modes as a direct result of lack of familiarity with them. It's easy to say "low tech is a solved problem, so let's focus on all the sexy high-tech stuff"; but low-tech pattern recognition can bite you just as easily, if not moreso.
Hire a Linux system administrator, systems engineer,
But if a gun is used, it is the fault of the gun manufacturer.
Actually, by law, if a gun is used in a crime it is explicitly not the fault of the gun manufacturer.
The 2005 "Protection of Lawful Commerce in Arms Act" makes gun manufacturers immune from liability for use of their guns.
http://time.com/4967018/las-vegas-shooting-gun-lawsuits/
https://en.wikipedia.org/wiki/Protection_of_Lawful_Commerce_in_Arms_Act
https://www.snopes.com/fact-check/gun-manufacturers-crimes-products/
However, why somebody didn't prevent these pages from being scanned
Because that would have bumped them up a notch on a list of suspicious sites. A storefront or other site that would be expected to want a good position in search engine listings, but tries to hide instead.
Why not use a combination of request attributes (or looks for some whitelisted client certificates) to switch the behavior of the web site from innocuous to the CIA portal. There are a number of different techniques one can use to present one face to Google and the world an another to trusted users.
Have gnu, will travel.
With the raw data that our personal tracking devices contain and share with the phone company,
As a spy, you want your observable behavior to blend in with the crowd. Hiding (too much) is just as suspicious as standing out.
This is why everyone needs to use secure communications and encryption*. Of course, this makes law enforcement snooping that much more difficult. One has to balance the safety of our friends working in hostile countries with the possibility that some people might abuse security to swipe some Disney content. It appears that Mickey Mouse won out over some lives in this case.
*It would be interesting to see if the CIA portals were set up on secure web sites.
Have gnu, will travel.
Yes, the person who set us on that path and unnecessarily invaded Iraq was actually the good guy.
Come on, Google as a tool was about as important as they fact that they used the internet developed by US own DARPA. Oh, and they likely used Intel or AMD CPUs, and probably US made Windows or Linux, paired Chrome or Edge or Firefox too.Or maybe they used an iPad, so let's change the headline to using Apple.
The article makes it sounds like Google was the weakness here. If it wasn't for Google search, they would have used other tools with the same result. While interesting news, the headline on Slashdot is just sensationalism - notice the linked article does not have Google in the headline, or any other splashy company names.
I'm not even sure they hacked those websites. I think they just logged which IPs connect to those domains, and then spied on those.
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
MAD Mag Spy vs. Spy comic. And with the bombs
The English and French owned the Suez canal, until they didn't.
China will learn the hard way. Right now they are building, when the building is done, they will learn about kleptocracies too.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Who thought "security through obscurity" was a viable option when people's lives literally hung in the balance?
Who knew you could search the internet?
How dare they even think about using counterespionage techniques against the US! Don't they know that they are just supposed to do nothing and let the US win? /s
When the UK spied on German troop trains in WW1 it used local people who had a reason to be in the area and who would not be noticed.
The UK had the best spies in position to spy on passing troop trains.
The Germans waited for the information collected to be passed back up spy networks and found the spies.
The UK failed at having a good way to pass information back quickly and with no way of getting detected.
During WW2 UK spies had poor radio and code security skills.
The ability to detect radio use and long term code use kept decrypted was something the UK took time to understand.
The "internet" is not used in the same ways as in the USA all over the world.
Habits and traits stand out given nations have total control over all their own internal internet use.
Once a plausible way of talking to the CIA is found using the internet is detected then nation will be all over that to find more people talking to the CIA in the same way.
Understand the culture you are spying on. Talk to all the anthropologist in the CIA and work out what kind of normal internet sites get visited a lot.
Expect people who are tempted to spy for the USA to be under constant watch. When the CIA can work out who will spy for them, so can that nation.
Visiting a strange web site not many other people in that nation have found/used will stand out when a nation watches its security cleared workers.
Never tell political leaders about what is found when spying. They will tell the press for political reasons and the world will know. The nations been spied on then only have a very short list of who to follow and find all the spies.
Stop talking to political leadership about what is found in real time. Politicians entire party structure is set up to talk to people. Don't tell the politicians secrets that uncover spies still in place.
Domestic spying is now "Benign Information Gathering"
You are perfectly aware that guns do not have safety regulations anywhere as seriously cars.