Dozens of Spies Killed Thanks To Flawed CIA Comms System

A flawed online communications system developed by the CIA was exposed to Google’s web crawlers, ultimately leading to the execution of dozens of spies. 

The unnamed platform was cracked by Iranian intelligence after a tip-off by a double agent revealed the website they used to communicate with their CIA handlers. Google searches allowed them to locate other secret CIA websites and, from there, start to pick apart the entire spy network.

This all started in 2009 after Tehran went looking for US moles following the announcement by the Obama administration of the discovery of a secret underground enrichment facility. However, the impact was felt globally, most probably after Iran shared its intelligence with China, a move which ultimately led to an estimated 30 CIA spies being executed by Beijing and the collapse of its network there.

This “catastrophic” chain of events led to 70% of the CIA’s spy network potentially exposed to compromise at one point between 2009-13, according to the report. The after-effects are apparently still being felt today.

The problem stemmed from over-confidence among US officials in the use of the platform in hostile states like Iran and China where rigorous state monitoring makes it difficult to communicate in secret.
“It was never meant to be used long term for people to talk to sources,” said one former official. “The issue was that it was working well for too long, with too many people. But it was an elementary system.”
Another issue highlighted by the report was the lack of accountability for the failure in the intelligence services, and the sacking of a whistleblower who first brought the problem out into the open back in 2011.
“Our biggest insider threat is our own institution,” remarked a former official.

Infosecurity:      Image: Nick Youngson

You Might Also Read: 

How Did Iran Find CIA Spies? They Googled It!:

Iranian Political Influence Campaign Goes Global:

« Neither US, Russia Or China Will Sign Macron's Cyber Pact
Darktrace Describe The Alarming Future AI Attack Scenario »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Encore Media Group

Encore Media Group

Encore Media Group provide an international enterprise technology event series exploring IoT, Blockchain AI, Big Data, 5G, Cyber Security and Cloud.

GV

GV

GV provides venture capital funding to bold new companies in the fields of life science, healthcare, artificial intelligence, robotics, transportation, cyber security and agriculture.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

PrivacySavvy

PrivacySavvy

PrivacySavvy's mission is to provide you with all the information that you need to ensure that your internet privacy is intact, your devices are secure, and that any time you step online, you’re safe.

Trava Security

Trava Security

Trava simplifies cyber risk management for business owners and IT professionals. Automated assessments, mitigation advising, and data-driven cyber insurance.

Stefanini Group

Stefanini Group

Stefanini is a global IT services company providing a broad range of solutions for digital transformation including automation, cloud, IoT and cybersecurity.

Pragma Strategy

Pragma Strategy

Pragma is a CREST approved global provider of cybersecurity solutions. We help organisations strengthen cyber resilience and safeguard valuable information assets with a pragmatic approach.

Identity Management Institute (IMI)

Identity Management Institute (IMI)

Identity Management Institute (IMI) provides professional training and certification in cyber security with a focus on identity and access management, identity theft, and data protection.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Opkalla

Opkalla

We started Opkalla because we believe IT professionals deserve better. We help our clients navigate the confusion in the marketplace and choose the solution that is right for your business.

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.