Iranians Compromised a Highly Sensitive CIA Covert Communications System in 2011 by Using Google Search: Report

In 2011, Iran was able to use Google's search functionality to hack into a secret CIA communication network that was being used to contact agents and informants around the world -- a breach that appears to have triggered the exposure and execution of Agency sources in China and Iran, Yahoo News reported Friday.

This

In 2013, hundreds of CIA officers â" many working nonstop for weeks â" scrambled to contain a disaster of global proportions: a compromise of the agencyâ(TM)s internet-based covert communications system used to interact with its informants in dark corners around the world. Teams of CIA experts worked feverishly to take down and reconfigure the websites secretly used for these communications; others managed operations to quickly spirit assets to safety and oversaw other forms of triage.

âoeWhen this was going on, it was all that mattered,â said one former intelligence community official. The situation was âoecatastrophic,â said another former senior intelligence official.

From around 2009 to 2013, the U.S. intelligence community experienced crippling intelligence failures related to the secret internet-based communications system, a key means for remote messaging between CIA officers and their sources on the ground worldwide. The previously unreported global problem originated in Iran and spiderwebbed to other countries, and was left unrepaired â" despite warnings about what was happening â" until more than two dozen sources died in China in 2011 and 2012 as a result, according to 11 former intelligence and national security officials.

The disaster ensnared every corner of the national security bureaucracy â" from multiple intelligence agencies, congressional intelligence committees and independent contractors to internal government watchdogs â" forcing a slow-moving, complex government machine to grapple with the deadly dangers of emerging technologies.

In a world where dependence on advanced technology may be a necessary evil for modern espionage, particularly in hostile regions where American officials canâ(TM)t operate freely, such technical failures are an ever present danger and will only become more acute with time.

âoeWhen these types of compromises happen, itâ(TM)s so dark and bad,â said one former official. âoeThey can burrow in. It never really ends.â

A former senior intelligence official with direct knowledge of the compromise said it had global implications for the CIA. âoeYou start thinking twice about people, from China to Russia to Iran to North Korea,â said the former official. The CIA was worried about its network âoetotally unwinding worldwide.â

Yahoo Newsâ(TM) reporting on this global communications failure is based on conversations with eleven former U.S. intelligence and government officials directly familiar with the matter who requested anonymity to discuss sensitive operations. Multiple former intelligence officials said that the damage from the potential global compromise was serious â" even catastrophic â" and will persist for years.

More than just a question of a single failure, the fiasco illustrates a breakdown that was never properly addressed. The governmentâ(TM)s inability to address the communication systemâ(TM)s insecurities until after sources were rolled up in China was disastrous. âoeWeâ(TM)re still dealing with the fallout,â said one former national security official. âoeDozens of people around the world were killed because of this.â

***** EAT AT JOE'S

One of the largest intelligence failures of the past decade started in Iran in 2009, when the Obama administration announced the discovery of a secret Iranian underground enrichment facility â" part of Iranâ(TM)s headlong drive for nuclear weapons. Angered about the breach, the Iranians went on a mole hunt, looking for foreign spies, said one former senior intelligence official.

The mole hunt wasnâ(TM)t hard, in large part, because the communications system the CIA was using to communicate with agents was flawed. Former U.S. officials said the internet-based platform, which was first used in war zones in the Middle East, was not built to withstand the sophisticated counterintelligence efforts of a s

Blame America

[mi]

Google was used to expose evil.

If you consider USA evil — more evil than Iran and China — then you are in a wrong place. Learn Chinese and Farsi and fuck off to that part of the world, both physical and virtual...

Re:Blame America

[radja]

I consider US spies committing crimes in other countries evil.

Re:Blame America

[BringsApples]

I feel ya, but when your sig says "In Soviet Washington the swamp drains you" then you have to admit there may be a reason for a slightly different usage of the word 'evil' that you just don't associate with, but is still valid for others to associate with.

Re:Ooops

Google didn't do anything but index web pages. The CIA controllers who didn't take the extremely simple and well-known measures to prevent indexing are the ones who were evil.

It's like saying car manufacturers are evil because someone used their product to rob a bank. Only the bank opened up the vault as a drive-through instead of actually securing it in any way.

TL;DR the CIA and Iran/China used convenient tools on the internet for spycraft. The CIA didn't use it prudently however, and got agents and informants killed due to their carelessness.

Actually Google had very little to do with this.

[hey!]

Most of the methods Iranians used would have been familiar to George Smiley. They looked at what the Americans obviously knew about Iran and figured out who could have told them. Then they leaned on those people and found out how they were communicating with the CIA.

This is where Google came in. These people were using phony websites to communicate with the CIA, and Iranian intelligence used Google to uncover similar websites. Then they hacked into those websites after which they had the keys to the kingdom.

It was the CIA's reliance on a bodged-together, vulnerable system that killed those assets. They used it even after they'd been warned by their own analysts in 2008 that it had been compromised.

Long Article, Quick Summary

[Thelasko]

This is a really long article that can be summarized in about two paragraphs:

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

There was still some old fashioned spying going on. Without a double agent to show the Iranians a sample website, they never would have figured out which strings to search for.

The bigger question is, did Iran share this information with China and Russia? If so, what did they get in exchange?

Re:Long Article, Quick Summary

[XXongo]

This is a really long article that can be summarized in about two paragraphs:

Well, plus one more very important paragraph:

In 2008 — well before the Iranians had arrested any agents — a defense contractor named John Reidy, whose job it was to identify, contact and manage human sources for the CIA in Iran, had already sounded an alarm about a “massive intelligence failure” having to do with “communications” with sources. According to Reidy’s publicly available but heavily redacted whistleblower disclosure, by 2010 he said he was told that the “nightmare scenario” he had warned about regarding the secret communications platform had, in fact, occurred

They were told there was a problem. They ignored it, and fired the person who told them.

Re:Long Article, Quick Summary

[TimMD909]

They were told there was a problem. They ignored it, and fired the person who told them.

At least they didn't force him to live out the rest of his days in Russia...

Re:Ooops

[XXongo]

Google didn't even screw up, it worked as intended.

the compromised communications system tried to work by "security through obscurity"-- it used publicly-visible websites that were indexable and searchable, and didn't realize that once one was compromised, you could look at what was on it, and use well-crafted search terms to find them all.

and worse Ooops

[XXongo]

And more oops: a CIA employee named John Reidy figured out that there was a leak and warned about it two years before. His information was ignored, and he was removed from his job.

That was actually in the news three years ago, but because of secrecy, the details of exactly what he warned about was left out. Now we know: https://www.mcclatchydc.com/ne... or https://www.thestate.com/news/...

"The CIA case involves former contractor John Reidy, who asserts he was punished after warning of a “catastrophic failure” in the spy agency’s operations. “It was a recipe for disaster,” Reidy wrote in his appeal, which was redacted by intelligence officials. “We had a catastrophic failure on our hands that would ensnare a great many of our sources.” His lawyer, Kel McClanahan, said Reidy was in charge of identifying foreign sources and systems in the telecommunications and computer fields that would be of interest to U.S. intelligence agencies.

Reidy also was responsible for developing intelligence operations against those targets, his lawyer said. McClanahan said his client is not permitted to discuss the case in more detail even with him because the CIA says the information is classified.

Reidy asserts that he first detected vulnerabilities in a CIA program in 2006, according to the appeal filing obtained by McClatchy. Signs of the problems included “anomalies in our operations and conflicting intelligence reporting that indicated several of our operations had been compromised,” he wrote, adding that he noticed “sources abruptly and without reason ceasing all communications with us.”

Re:why

[Nidi62]

Why don't they just use public pages? The internet has no shortage of discussion forums, many of which must be frequented by millions of people, even in Iran and China.

MMOs. MMOs make the perfect medium for covert communication. Think about how many hundreds, if not thousands of games there are that allow communication between players, many with world-wide player bases. You have behemoths like WoW with multiple servers in multiple regions down to $2 cellphone games. Even if a country were able to go through the arduous task of figuring if or what game is being used, simple tradecraft basics make monitoring difficult. It could be coded messages, set times to meet, or even something as simple as sending/giving a player a certain item or buying/selling an item at a certain price had different or predetermined meanings. Unless a target is already under surveillance and their machine is compromised an agency would have to covertly find/add a back door or crack and track every game available (and with VPNs and other methods even games NOT available) within it's borders.