The CIA Discovers It Has A Mole

Uploaded on 2018-01-22 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

The arrest of former CIA case officer Jerry Chun Shing Lee sheds light on a shadowy counterintelligence drama that has been playing out for nearly eight years. 

Starting around 2010, the Central Intelligence Agency saw some of its most valuable spies inside China go down. This does not mean “going down” in a perp-walk-to-the-courthouse sort of way. This is China: They were executed. 

One was reportedly shot right outside the government building where he worked, just to make sure his coworkers got the message. The lucky ones were imprisoned. According to The New York Times, 18 to 20 CIA sources were blown, making it one of the most damaging counter intelligence losses in agency history. The story of Lee’s arrest is still developing, but much is already clear. 

First of all, Jerry Chun Shing Lee wasn’t some back-room paper-pushing bureaucrat at Langley. He was a “case officer” whose job was helping to recruit foreign spies to spill secrets to the United States. He was supposed to create moles, not become one.

It also appears the Chinese government probably gained access to highly classified information about US assets through electronic means, a mole, or both

According to press reports, intelligence officials have been sharply divided about how exactly all of this valuable intelligence got into Beijing’s hands. News of Lee’s arrest suggests that a mole was involved but certainly does not rule out other possibilities or people.

The FBI has not yet run this case to ground. According to the affidavit by FBI Special Agent Kellie R. O’Brien released recently, FBI agents searched through Lee’s belongings while he stayed at hotels in Hawaii and Virginia in August 2012. 
Those searches found two little books filled with big secrets that included the true names of Chinese assets, operational notes from clandestine meetings, as well as covert CIA facility locations. Now, more than five years later, Lee has been arrested only for unlawful retention of national defense information, not for handing that information over to a foreign government. If there’s another shoe, it hasn’t dropped yet.

It’s also clear that the damage done is big. In addition to blown assets, which take years to develop, and compromised information, which likely revealed American intelligence tradecraft, the organisational aftershocks for the CIA will be significant. 

Counter-intelligence failures are the ultimate betrayal, when one of the agency’s own, someone inside the circle of trust who swore an oath and promised to serve, turns against country and cause. Lee’s coworkers and others are undoubtedly asking themselves what they could or should have known. 

Investigations are undoubtedly exploring what early warning indicators might have been missed and what more could have been done. The heat will be on to learn the right lessons for the future and to tighten security protocols. All of these steps are important and necessary. But it’s a delicate thing, dealing with betrayal. 

Counter intelligence taken too far can create a debilitating, distrustful culture where suspicions run wild, careers can be destroyed, and truth can get lost.  

How do we know? Because we have seen this before. For 20 long years, CIA counter intelligence efforts were led by a boozy paranoid named James Angleton who was seared by the discovery that one of his dearest friends in British intelligence, Kim Philby, was actually a Soviet mole. Philby was eventually sacked and fled to Moscow. Angleton was convinced the Russians had more Philbys in the United States, and he spent his life on a relentless quest to find them, trusting no one, suspecting everyone, and ruining the lives of many. 

At the end of his career he was widely viewed as cagey, uncontrollable, isolated, and drunk. Decades later, the CIA’s own historian charitably described Angleton as someone whose “negatives outweighed his positives.”

The final pages of Lee’s spy story haven’t been written yet. But history suggests some useful lessons about how they should not end.

DefenseOne

You Might Also Read: 

CIA Chief - Trump Picks Pompeo:

US Intelligence Agencies Fear Insiders As Much As Spies:

Secret Arrest Of A National Security Agency Contractor:

 

 

« How To Handle A Cyber Crisis
Insiders Are Behind Most Business Cybersecurity Incidents »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

InAuth

InAuth

InAuth Security Platform delivers advanced device identification, risk detection, and analysis capabilities to help organizations limit risk and reduce fraud.

Infortec

Infortec

Infortec provide consultancy and solutions for the protection of digital information and the management of computer resources.

Axiomtek

Axiomtek

Axiomtek is a leading design and manufacturing company in the industrial computer and embedded field.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Arkphire

Arkphire

Arkphire provide solutions across every aspect of IT to help your business perform better.

Ascent Cyber

Ascent Cyber

Ascent Cyber provide simple and stress-free solutions to protect your business and its customers from the worries and costs of cybercrime.

Fireblocks

Fireblocks

Fireblocks is a digital asset security platform that helps financial institutions protect digital assets from theft or hackers.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resonance Security

Resonance Security

Resonance offers powerful cybersecurity aggregation software that makes protecting against full spectrum cybersecurity threats effortless no matter what your technical level, budget, or scope.

Halo Security

Halo Security

Halo Security is a fast, easy, and scalable external attack surface management platform that gives security leaders deep visibility into their internet-facing assets.

Grey Market Labs

Grey Market Labs

Grey Market Labs is a special place. It is a data privacy and security skunkworks.

Harmonia Holdings Group

Harmonia Holdings Group

Harmonia Holdings Group was born in 2006 with the vision to bring innovation and change to the federal IT sector.