Jump to content

Search the Community

Showing results for tags 'cia'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 7 results

  1. GENEVA, Switzerland (AFP) — Swiss politicians have voiced outrage and demanded an investigation after revelations that a second Swiss encryption company was allegedly used by the CIA and its German counterpart to spy on governments worldwide. People walk in the front of the Credit Suisse bank at the tram stop Paradeplatz at the square’s centre in Zurich, Switzerland “How can such a thing happen in a country that claims to be neutral like Switzerland?” co-head of Switzerland’s Socialist Party, Cedric Wermuth, asked in an interview with Swiss public broadcaster SRF late Thursday. He called for a parliamentary inquiry after an SRF investigation broadcast on Wednesday found that a second Swiss encryption firm had been part of a spectacular espionage scheme orchestrated by U.S. and German intelligence services. A first investigation had revealed back in February an elaborate, decades-long set-up, in which the CIA and its German counterpart creamed off the top-secret communications of governments through their hidden control of a Swiss encryption company called Crypto. SRF’s report this week found that a second but smaller Swiss encryption firm, Omnisec, had been used in the same way. That company, which was split off from Swiss cryptographic equipment maker Gretag in 1987, sold voice, fax and data encryption equipment to governments around the world until it halted operations two years ago. SRF’s investigative program Rundschau concluded that, like Crypto, Omnisec had sold manipulated equipment to foreign governments and armies. Omnisec meanwhile also sold its faulty OC-500 series devices to several federal agencies in Switzerland, including its own intelligence agencies, as well as to Switzerland’s largest bank, UBS, and other private companies in the country, the SRF investigation showed. Espionage within Switzerland? The findings unleashed fresh outrage in Switzerland, which is still reeling from the Crypto revelations. “This shows that the problem is broader than just one company and we still have no answers on the political responsibility aspect,” Wermuth said. Hans-Peter Portman, a parliamentarian with the Liberal Party, agreed, saying he was particularly concerned to learn “Swiss businesses are likely implicated and possibly affected.” “This raises the question of espionage even within the country,” he told SRF. An investigation by the Swiss parliament’s Control Delegation into the Crypto case concluded earlier this month that Switzerland’s own intelligence service had benefitted from the information gathered by its foreign counterparts through the encryption firm. According to the revelations in February by SRF, the Washington Post and German broadcaster ZDF, Crypto served for decades as a Trojan horse to spy on governments worldwide. The company supplied devices for encoded communications to some 120 countries from after World War II to the beginning of this century, including to Iran, South American governments, India and Pakistan. Unknown to those governments, Crypto was secretly acquired in 1970 by the U.S. Central Intelligence Agency together with the then West Germany’s BND Federal Intelligence Service. Together they rigged Crypto’s equipment to be able to easily break the codes and read the government customers’ messages. Citing a classified internal CIA history of what was originally called operation “Thesaurus” and later “Rubicon,” the reports said that in the 1980s the harvest from the Crypto machines supplied roughly 40 percent of all the foreign communications US code-breakers processed for intelligence. Source
  2. Joshua Schulte accused of leaking classified data from his case to family members and the press while in a New York detention center. US prosecutors are preparing new charges against a former CIA coder who was indicted earlier this year in June for leaking classified CIA material to WikiLeaks, in what later become known as the Vault7 leaks. According to new court documents filed late Wednesday, October 31, US prosecutors plan to file three new charges against Joshua Schulte for allegedly leaking more classified data while in detention at the New York Metropolitan Correctional Center (MCC). Prosecutors say they first learned of Schulte's behavior back in May, when they found out that "Schulte had distributed the Protected Search Warrant Materials to his family members for purposes of dissemination to other third parties, including members of the media." The prosecution held a court hearing in May and initially warned the suspect about his actions, a warning they found Schulte ignored. The US government says that "in or about early October 2018, the Government learned that Schulte was using one or more smuggled contraband cellphones to communicate clandestinely with third parties outside of the MCC." A search of his housing unit performed by FBI agents revealed "multiple contraband cellphones (including at least one cellphone used by Schulte that is protected with significant encryption); approximately 13 email and social media accounts (including encrypted email accounts); and other electronic devices." Investigators said they confirmed Schulte used the phones and that he, among other things, "transmitted classified information to third parties, including by using an encrypted email account." Now, the US government is seeking a superseding indictment that includes two additional charges on top of the 13 he was charged in June. An email to Schulte's attorney seeking comment on these new charges was not answered before this article's publication. Earlier this week, Schulte also sent a letter to his case judge accusing the US government of torture and inhumane detention conditions. In the letter, Schulte claims the MCC had interfered with his defense, accused the MCC of keeping him and fellow prisoners in the cold with improper clothing, and that he's forced to wash in dirty showers. The full letter, which was filed and later pulled from the court docket, is available here. Schulte also mentioned in the letter that he's been placed in solitary confinement without an explanation following an investigation. With yesterday's filing, the investigation and Schulte's solitary confinement now appear to be related to the new charges the government plans to bring forward. According to a criminal complaint and indictment against Schulte, US prosecutors initially accused Schulte of leaking classified CIA documents, wiki pages, and source code to a media organization in 2017. Schulte allegedly obtained those files while working at the CIA in 2016, and later leaked the files to WikiLeaks, which published weekly tidbits of those files as part of a year-long Vault7 series. US investigators tracked down and arrested Schulte in August 2017. A search of his home and electronic devices also found a cache of over 10,000 images that the government classified as child pornography. He was also charged for receipt, possession, and transportation of child pornography. He was released on bail but re-arrested in December 2017 after he breached his pretrial release conditions by using the Internet, and namely Tor, without supervision. US authorities also say that Schulte lied to FBI investigators, and also "caused damage without authorization to a CIA computer system by granting himself unauthorized access to the system, deleting records of his activities, and denying others access to the system," in the process of obtaining the confidential files and hiding his tracks. Source
  3. The post-9/11 hunt for Al Qaeda saw former cybersecurity foes finally unite. The @stake story was a strange shotgun union of two powerful and growing forces: venture capital and hacking. In its short arc, @stake established an enormously important precedent for security: that outsiders could go into big companies and make the systems and products there safer. Perhaps more importantly, @stake hackers dispersed and founded many more companies in the next few years, and they became security executives at Microsoft, Apple, Google, and Facebook. But those same years revealed psychological fragmentation in the movement along with the physical diaspora. The cDc of Def Cons 1998 through 2001 had ridden the crest of a wave of hacker sensibility. Each year the crowds grew in number, young, irreverent, and on the cusp of mass recognition, if not big money. That short period was as important for technology culture as the Summer of Love, in 1967 San Francisco, was for the hippies. Laird Brown's hacktivism panel in the summer of 2001 set a high-water mark for that kind of enthusiasm, for open-source, idealistic efforts to protect people even from their own government. But any youthful protest ethic faces a challenge when its adherents need to find jobs and pay their bills. That concern increased in 2001, one year into the great bust that followed the dot-com boom. Not everyone could get a job with @stake or other boutiques. But it was a second, more direct blow that scattered young hackers in different directions for many years: the terrorist attacks on the World Trade Center and the Pentagon. Those driven primarily by money were already paying less attention to ethical quests, such as the fun and games in keeping Microsoft honest. Now, in the months after the 9/11 attacks, those driven largely by causes also had a strong contender for their attention: rallying against the worst attack on American soil since Pearl Harbor. This was true for rank-and-file hackers, who took assignments from the military or intelligence agencies, and even cDc's top minds, including Mudge. Mudge had instant credibility, since he had taught government agents and they used his tools. Government red team penetration-test leader Matt Devost, who had covered cDc in a report given to a presidential commission on infrastructure protection, used L0pht tools to break into government networks. Spies loved Back Orifice and BO2k because if they left traces behind, nothing would prove US government responsibility. Two years before 9/11, an intelligence contractor I will call Rodriguez was in Beijing when NATO forces in the disintegrating state of Yugoslavia dropped five US bombs on the Chinese embassy in Belgrade, killing three. Washington rapidly apologized for what it said had been a mistake in targeting, but the Chinese were furious. In a nationally televised address, then Chinese vice president Hu Jintao condemned the bombing as "barbaric" and criminal. Tens of thousands of protestors flowed into the streets, throwing rocks and pressing up against the gates of the American embassy in Beijing and consulates in other cities. The US needed to know what the angry crowds would do next, but the embassy staffers were trapped inside their buildings. Rodriguez, working in China as a private citizen, could still move around. He checked with a friend on the China desk of the CIA and asked how he could help. The analyst told Rodriguez to go find out what was happening and then get to an internet café to see if he could file a report from there. Once inside an internet café, Rodriguez called again for advice on transmitting something without it getting caught in China's dragnet on international communications. The analyst asked for the street address of the café. When Rodriguez told him exactly where he was, the analyst laughed. "No problem, you don't have to send anything," he explained. "Back Orifice is on all of those machines." To signal where he wanted Rodriguez to sit, he remotely ejected the CD tray from one machine. Then he read everything Rodriguez wrote as he typed out the best on-the-ground reporting from Beijing. Rodriguez erased what he had typed and walked out, leaving no record of the writing. Even before 9/11, Mudge had been talking to Richard Clarke and others at the National Security Council. Often, Mudge argued for privacy. The government had wanted to put location tracking in every cell phone as part of Enhanced 911 services, for example. Mudge told the NSC that the privacy invasion was unnecessary, that information from cell phone towers would be good enough for any serious official need. One day in February 2000, after a rash of denial-of-service attacks that bombarded big websites with garbage traffic so that regular users couldn't connect, Richard Clarke brought Mudge into a White House meeting with President Bill Clinton and a bunch of CEOs. "It was, I think, the first meeting in history of a president meeting people over a cyber incident," said Clarke, who had organized it to show White House responsibility on the issue and build the case internally for more government oversight. After answering Clinton's questions on what was fixable and what wasn't, the guests walked out of the office. The CEOs saw the reporters waiting and prepared their most quotable platitudes. Instead, the press swarmed Mudge, as even those who didn't know him assumed that the guy who resembled a Megadeth guitarist was a hacker meeting with the president for good reason. "Of course Mudge stole the show," Clarke said. But in order to be taken seriously, Mudge had to tell the truth. Once, an NSC staffer brought him in and asked what he knew about a long list of terrorists and other threats. What did he know about Osama bin Laden? About the group behind the sarin attack in the Japanese subway? About the Hong Kong Blondes? At that one, the blood drained from Mudge's face. "What do you mean?" he asked. "We've been informed it's a small, subversive group inside China that's helping dissidents with encrypted communications," the staffer replied. "I've heard of them," Mudge offered. "What can you tell us?" the staffer persisted. Mudge figured the government hadn't put a lot of resources into the goose chase because signals intelligence and other sources would have turned up nothing and convinced seasoned professionals that it was a red herring. But he didn't want the country to waste any energy that could go toward supporting real people in need. He shrugged and looked straight at the staffer. "We made them up," Mudge admitted. After 9/11, Mudge went into overdrive. President Bush was warned that a cyberattack would have been worse than the planes, and he listened. Mudge then started exploring what a "lone wolf" terrorist hacker could do. "I'm finding ways to take down large swaths of critical infrastructure. The foundation was all sand. That rattled me," Mudge said. Looking into the abyss exacerbated Mudge's severe anxiety, his tendencies toward escapist excess, and his post-traumatic stress disorder, which had its roots in a violent pre-L0pht mugging that had injured his brain. He went into a spiral and eventually broke down. "Ultimately, I just cracked a bit," Mudge said. He spent days in a psychiatric ward. (Anxiety and burnout in the face of the near-impossible, high-stakes task of defending networks was not yet recognized as a major industry problem, as it would be a decade later.) Unfortunately, some of Mudge's treatment compounded the situation. As is the case with a minority of patients, his antianxiety medications had the opposite of the intended effect. Eventually, Mudge fired his doctors, experimented with different medications and therapy, and worked his way back to strong functionality. But when he returned to @stake after many months, it was too fractious and uninspiring for him to be enthusiastic about reclaiming his post. The dot-com bust had forced layoffs of L0pht originals while managers were drawing huge salaries. The emphasis was on the wrong things. Outside of @stake, hackers began disappearing from the scene for six months or more. When they came back, they said they couldn't talk about what they had been doing. Those who went to work for the intelligence agencies or the Pentagon, temporarily or permanently, included many of the very best hackers around, including a few present or former cDc members and many of their friends in the Ninja Strike Force. They wanted to protect their country or to punish Al-Qaeda, and in many cases they got to work on interesting projects. But many of them would not have passed the background investigations required for top secret clearances. To get around that problem, a large number worked for contractors or subcontractors. One way or another, a lot of their work went into play in Afghanistan and Iraq. Some hackers felt great fulfillment in government service. Serving the government in the wake of the terror attacks gave them a chance to fit in when they hadn't before, united by a common cause. But for too many of this cohort, what started with moral clarity ended in the realization that morality can fall apart when governments battle governments. That was the case with a cDc Ninja Strike Force member I will call Stevens. As Al-Qaeda gained notoriety and recruits from the destruction, the US Joint Special Operations Command, or JSOC, stepped up the hiring of American hackers like Stevens. Some operatives installed keyloggers in internet cafés in Iraq, allowing supervisors to see when a target signed in to monitored email accounts. Then the squad would track the target physically as he left and kill him. After 9/11, the military flew Stevens to another country and assigned him to do everything geek, from setting up servers to breaking into the phones of captured terrorism suspects. Though he was a tech specialist, the small teams were close, and members would substitute for each other when needed. Sometimes things went wrong, and decisions made on the ground called for him to do things he had not been trained in or prepared for mentally. "We did bad things to people," he said years later, still dealing with the trauma. Others had similar experiences. A longtime presenter at hacking and intelligence community gatherings, former clergyman Richard Thieme, gave talks about the burdens of protecting secrets that should be known and about the guilt suffered by people made to carry out immoral orders. After he asked people to send in their stories, some listeners provided accounts like Stevens's. "It occurs to me how severely the trajectory of my own career has taken me from idealistic anarchist, to corporate stooge, to ambitious entrepreneur, to military/intelligence/defense/law enforcement adviser," wrote one. "Many cyber guys started out somewhere completely different and then somehow found themselves in the center of the military-industrial complex in ways they would never have been prepared for." Once there, the difficulty in keeping secrets is "potentially more extreme because the psychological make-up and life-story of the cyber guy would not have prepared him for it." Wrote another: When one joins an intelligence service at the start of one's career, one is involved in low level, apprentice-like, tasks and assignments usually far removed from traumatic action or profound moral considerations, much less decisions. In the course of a career such actions/decisions slowly grow into being, almost imperceptibly for many people. One may suddenly "awake" to where one is and realize that he/she had not been prepared for this, and also realize that one is now deeply into the situation, perhaps well beyond a point that one would have stepped into if it had been presented from the start. If this is the case, it's too late to turn back. When you are on the ground, Thieme said, "the rules people think they live by are out the window." People who score too high on morals tests are rejected by intelligence services, he said, because a conscientious whistle-blower is even more dangerous than an enemy mole. Excerpted from Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World, by Joseph Menn Source
  4. When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014, no one inside that federal agency could have predicted the potential scale and magnitude of the damage. Over the next six months, those hackers — later identified as working for the Chinese government — stole data on nearly 22 million former and current American civil servants, including intelligence officials. The data breach, which included fingerprints, personnel records and security clearance background information, shook the intelligence community to its core. Among the hacked information’s other uses, Beijing had acquired a potential way to identify large numbers of undercover spies working for the U.S. government. The fallout from the hack was intense, with the CIA reportedly pulling its officers out of China. (The director of national intelligence later denied this withdrawal.) Personal data was being weaponized like never before. In one previously unreported incident, around the time of the OPM hack, senior intelligence officials realized that the Kremlin was quickly able to identify new CIA officers in the U.S. Embassy in Moscow — likely based on the differences in pay between diplomats, details on past service in “hardship” posts, speedy promotions and other digital clues, say four former intelligence officials. Those clues, they surmised, could have come from access to the OPM data, possibly shared by the Chinese, or some other way, say former officials. The OPM hack was a watershed moment, ushering in an era when big data and other digital tools may render methods of traditional human intelligence gathering extinct, say former officials. It is part of an evolution that poses one of the most significant challenges to undercover intelligence work in at least a half century — and probably much longer. The familiar trope of Jason Bourne movies and John le Carré novels where spies open secret safes filled with false passports and interchangeable identities is already a relic, say former officials — swept away by technological changes so profound that they're forcing the CIA to reconsider everything from how and where it recruits officers to where it trains potential agency personnel. Instead, the spread of new tools like facial recognition at border crossings and airports and widespread internet-connected surveillance cameras in major cities is wiping away in a matter of years carefully honed tradecraft that took intelligence experts decades to perfect. Though U.S. technical capabilities can collect reams of data, human intelligence remains critical. In 2016, for example, a high-level Russian asset recruited by the CIA confirmed that Russian President Vladimir Putin had personally ordered plans to interfere in the 2016 U.S. presidential election. After fleeing to the United States, that same covert source was forced to relocate because of his digital trail. Without the ability to send undercover intelligence officers overseas to recruit or meet sources face to face, this type of intelligence might all but disappear, creating a blind spot for U.S. policymakers. During a summit of Western intelligence agencies in early 2019, officials wrestled with the challenges of protecting their employees’ identities in the digital age, concluding that there was no silver bullet. “We still haven’t figured out this problem,” says a Western intelligence chief who attended the meeting. Such conversations have left intelligence leaders weighing an uncomfortable question: Is spying as we know it over? Some have tried to address this crisis. Within the last decade, the CIA assembled a diverse group of intelligence personnel to create the Station of the Future — an ambitious Silicon Valley-style startup costing millions and nestled within a diplomatic facility in Latin America where a team of top spies tried to imagine, build and test innovative tools and techniques that could withstand the digital barrage. But the project, which has not been previously reported on, was battered by bureaucratic resistance and hollowed out by financial and administrative neglect; it died an unceremonious death over the last few years. What began as a bold experiment was eventually reduced to what other agency officials saw as simply an expensive proposal to design an open-office floor plan for CIA outposts around the world, say two former intelligence officials. The Station of the Future was just one crack at tackling the challenges wrought by a world defined by pervasive digital footprints, biometric trackers and artificial intelligence — challenges that have bedeviled U.S. intelligence agencies and divided their senior leadership. So serious is the concern about biometric tracking that in late December the Defense Department’s chief intelligence official co-signed a memo, obtained by Yahoo News, advising all military personnel to avoid using consumer DNA kits, noting worries about surveillance, among other security concerns. These problems are now being recognized by Congress as well. “Very few people, maybe shepherds in rural Afghanistan, don’t leave some form of digital trace today,” Rep. Jim Himes, who leads the House Intelligence subcommittee on advancing technology, told Yahoo News. “And that poses real opportunities in terms of identifying bad guys … but it also poses real challenges [in] keeping our people from being identified.” Though the FBI and CIA declined to comment, current and former national security officials who spoke with Yahoo News said efforts to address these issues are underway. CIA Director Gina Haspel, who served decades undercover herself, has doubled down in support of sending spies overseas to track “hard targets,” like Russia and Iran. These changes come at a critical time for the intelligence community. President Trump has made no secret of his disdain for his own intelligence agencies — an attitude underlined by his push to publicly name the anonymous CIA whistleblower whose complaint sparked the ongoing impeachment proceedings. Whether the U.S. intelligence agencies will be able to make these radical changes is unclear, but without a fundamental transformation, officials warn, the nation faces an unprecedented crisis in its ability to collect human intelligence. While some believe that a return to tried and true tradecraft will be sufficient to protect undercover officers, others fear the business of human spying is in mortal peril and that the crisis will ultimately force the U.S. intelligence community to rethink its entire enterprise. The following account, based on interviews with more than 40 current and former U.S. and Western intelligence officials, reveals previously unreported CIA and FBI cover programs and operations, and details U.S. intelligence agencies’ deep relationship with the private sector in facilitating these efforts. These officials, most of whom requested anonymity to discuss sensitive government matters, also described high-level deliberations within U.S. spy agencies about the digital threat to cover, and how U.S. adversaries are themselves responding to digital pressures and opportunities. Many believe that, despite the numerous benefits provided by technology, the protection of undercover spies’ identities is becoming next to impossible. “The foundations of the business of espionage have been shattered,” says Duyane Norman, a former senior CIA official and architect of the Station of the Future project. “We haven’t acknowledged it organizationally within CIA, and some are still in denial. The debate is like the one surrounding climate change. Anyone who says otherwise just isn’t looking at the facts.” The beginning of the CIA’s cover and tradecraft crisis dates back to at least February 2003, when a Muslim cleric known as Abu Omar disappeared off the street in Milan. He didn’t resurface until 2004, when he called his wife from Cairo to tell her about his kidnapping, detention and torture at the hands of the CIA. Italian investigators, eager to get to the bottom of the audacious abduction on their streets, were later able to track a web of cellphones communicating only with each other in close proximity to the disappearance, leading them to a series of hotel bills, credit card statements and other identifying indicators, according to a 2007 investigation unveiled at an annual hacker conference in 2013. Italian authorities charged 23 Americans, including the CIA’s former Milan station chief, for their roles in the scheme — most in absentia. While Omar was just one target of the CIA’s aggressive post-9/11 antiterrorism campaign, several former intelligence officials described the Milan operation’s aftermath as a “come to Jesus” moment that revealed just how vulnerable the agency’s operators were to technology. At the time, some undercover officials naively believed that methods like using potato chip bags would mask cellphone signals, and operatives were generally “freewheeling,” according to one former senior intelligence official. In the space of a few short years, the rapid advance of technology, including nascent international surveillance systems, increasingly endangered the CIA’s traditional human intelligence gathering. Singapore was one example, recall three former intelligence officials. By the early 2000s, the agency ceased running certain types of operations in the Southeast Asian city-state, because of the sweeping digital surveillance there. The Singaporeans had developed a database that incorporated real-time flight, customs, hotel and taxicab data. If it took too long for a traveler to get from the airport to a hotel in a taxi, the anomaly would trigger an alert in Singaporean security systems. “If there was a gap, they’d go to the hotel, they could flip on the TVs and phones and monitor what was going on” in the room of the suspicious traveler, says the same former senior intelligence official. “They had everything so wired.” “You used to be able to fly into a country on one name and have meetings in another,” recalls this person. “It limited a lot of capabilities.” The Singaporean Embassy in Washington did not respond to a request for comment. Those concerns spread to other places, like London, where CCTV cameras are omnipresent, and the United Arab Emirates, where facial recognition is ubiquitous at the airport. Today there are “about 30 countries” where CIA officers are no longer followed on the way to meetings because local governments no longer see the need, given that surveillance in those countries is so pervasive, said Dawn Meyerriecks, the CIA’s deputy director for science and technology, in a 2018 speech. In the 2000s, the explosion in biometrics — such as fingerprints, facial recognition and iris scans — propelled the conversation forward, according to multiple former intelligence officials. U.S. intelligence agencies concluded that in many parts of the world, within a short time, all alias work would likely become impossible. These fears were largely borne out, say former CIA officials — especially in “hard target” countries like China and Iran. But this trend also affected CIA operations in friendlier countries. By 2012, recalls one former official, some officers were temporarily forbidden to travel for missions in the European Union over fear of exposure, due to widespread sharing of airport biometric data between EU member states. “Facial recognition and biometrics make it very difficult to travel in alias,” says Mike Morell, former acting CIA director and host of the “Intelligence Matters” podcast. The rise in popularity of consumer DNA kits, which allow people to send in samples of their own DNA, is a growing part of the biometrics problem. Even if an undercover operative hasn’t used a consumer DNA kit, it’s highly likely, say experts, that one of their close relatives has. The Pentagon’s Dec. 20 warning to members of the military not to use these kits appears to be partly in response to that threat. Greg Hampikian, a biologist at Boise State University and a leading DNA expert, says that with the advent of commercial genetic databases, exposing a spy or other covert operative could be as easy as taking a saliva sample from a cigarette butt or a drinking cup. A suspicious foreign government could send the sample in and potentially find out if the person has been operating under an assumed name. “It’s right out of a spy novel,” he says. For spy services, biometric data has become a highly valued currency — leading to a widespread and ongoing campaign by the U.S. and its allies, as well as hostile states, to hack into biometric databases from important airports worldwide. The U.S. has spearheaded breaches of its own, successfully hacking biometric data from the Dubai and Abu Dhabi airports, says a former official. Stealing biometric databases is an attractive strategy for other countries as well. In one case, Chinese intelligence successfully hacked into the biometric data from Bangkok’s airport. “The Chinese have consistently extracted data from all the major transit hubs in the world,” says another former senior official. The Chinese Embassy in Washington did not respond to a request for comment. Even before the explosion in biometrics, the CIA sought to take advantage of the new digitized era of border control, working with, and training, other allied countries in the mid-2000s on how to use certain software to identify false passports and other forged documentation, say two former officials. But aside from the obvious information-sharing benefits of this arrangement, officials also discussed inserting a secret backdoor into the software that would allow the agency to surveil participating countries’ passport control systems — and to manipulate the program to allow CIA operatives to slip in and out of these countries undetected, the officials say. Something like these alterations was carried out, says one of the officials, with CIA operatives “moving more freely in and out of Middle Eastern countries than they should have been able to.” CIA officials also concluded that the days of operating under multiple personas in a single country were over, and began moving toward a “one country, one alias” rule. Undercover officers could no longer fly into a country on one passport and use a separate ID to check into a hotel, and all future trips to that country had to be conducted under the same fake identity. “It’s made the work much harder,” says a former senior agency official, who recalled a time when he possessed multiple fake IDs he kept in a safe for use within the country where he was based, as well as fake passport stamps. “You can’t do that now.” Starting in 2009, the CIA learned an even more devastating lesson when the Iranian intelligence services, looking for a mole that had given up details on Tehran’s nuclear program, uncovered the agency’s web-based covert communication tools. The discovery set off a deadly chain of events, leading to the exposure — and in some cases death — of CIA sources in China and around the world, according to an investigation by Yahoo News in 2018. The game was changing for undercover officers and their assets. “It’s extremely difficult now to run cover operations when so much is known and can be known about almost everybody,” says Joel Brenner, a former top counterintelligence official. “Now you show up at the border of Russia, they’ve got your high school yearbook out there where you wrote about your lifelong ambitions to work for the CIA. All that stuff is digitized.” America’s adversaries were also forced to adapt. By the early 2010s, Chinese intelligence operatives started adopting old-school Russian-style tradecraft, like dead drops in the woods or “brush passes,” which involve surreptitiously exchanging objects in a public place, says one former senior intelligence official. “It was unheard of for the Chinese,” says this person. “The conclusion was that they felt the world was too digital and traceable.” U.S. officials believed that Chinese intelligence may have shifted to more low- or no-tech methods after cracking the CIA’s covert communications system around this time, or because of training with their Russian counterparts, says this person. Russian intelligence operatives, meanwhile, began shifting their meetings with sources to countries with less sophisticated biometric systems, say two former senior officials, favoring certain Central and South American countries. Peru was one such meeting place, says one of these former officials. In the United States, Russian and Chinese intelligence operatives have also transitioned into operating more under their true names, says this former senior official. “The Russians,” says this person, “have moved to traveling in plain sight.” Nothing — not even the CIA’s most secretive human intelligence gathering programs — has been spared from this digital onslaught. In the years after 9/11, the CIA invested heavily in sending more officers under nonofficial cover known as NOCs (pronounced “knocks”), who lack diplomatic recognition, into targeted areas, including al-Qaida strongholds, in order to glean on-the-ground information that CIA officers posing as diplomats might have trouble securing. The CIA was responding to lawmakers who slammed the agency for relying too heavily on “embassy cocktail parties” over embedding in extremist groups. The committees “pushed money on us,” recalls a former senior intelligence officer. Even so, while Congress pressed the CIA to use more NOCs, who often pose as businesspeople, the intelligence oversight committees were concerned about the officers’ security. In the 2006 Intelligence Authorization Act, the Senate Intelligence Committee demanded a report from the CIA that would address “the emerging threats posed by technological developments to NOC operations.” By the late 2000s, Congress’s ambitions were dashed. These deep-cover spies working outside the embassies often didn’t speak local languages, their cover identities didn’t make sense and they were often stationed far away from anyone they might try to recruit. The effort was dubbed a “colossal flop,” according to the L.A. Times. It was a “failed multi-billion dollar” program “shot through with waste, fraud, and abuse,” according to a 2015 lawsuit filed by a former NOC. Top CIA executives tasked a senior agency official in charge of the NOC program to initiate a vast paring back of these types of deployments, and instituted a moratorium on new recruitments — earning the enmity of a generation of CIA officials working under him, fairly or not, say two former senior officials. “Some of the NOCs out there were fat, dumb and happy, taking advantage of being a spy and a businessman,” recalled a former senior official. In response to this downsizing, the agency searched for cheaper, more flexible alternatives to NOCs, ramping up its use of diversified cover officers, foreign nationals who are recruited to spy for the agency, often in areas where it is difficult for Americans to operate, say four former officials. Described by these officials as a sort of “asset on steroids,” these undercover officers undertake polygraphs and are given limited clandestine training, but are contractors rather than career employees, like NOCs. Around 2010, the FBI also began experimenting with new ways of maintaining cover, particularly when trying to recruit foreigners on U.S. soil, through a new initiative known as the National Security Recruitment Program, according to five former officials. The FBI program, which has not been previously reported on, involved close cooperation with the CIA’s National Resources Division, the agency’s clandestine domestic operational wing. The program deployed U.S. officials under very light cover, with false backstories and business cards but lacking online footprints or connections to long-running brick-and-mortar undercover operations. That way, officials could approach individuals who had potentially useful information with some level of plausible deniability. The CIA helped provide funding for the FBI program, and FBI and CIA officials paired up in major American cities. While the program was successful, it was met with bureaucratic pushback and was ended by 2014 amid a turf battle, say former officials. One roadblock, say former senior officials, was the bureau’s long-standing national program for creating legends — that is, fake backstories and identities — and cover, known as Stagehand. The program, based out of Los Angeles, Chicago, Atlanta and other major American cities, sets up and maintains undercover FBI operations. Stagehand employees purchase cars, rent office space, buy homes, design cover identities for FBI officials, create fake companies and buy real ones, say six former officials. The bureau employs former real estate brokers, physicians and dentists, among others, who become FBI agents but can assume their former jobs as needed, recalls a former senior official. “The deepest layer [of cover] might begin years before you even use it,” the official says. But the program was saddled by bureaucratic red tape and was sometimes “sloppy,” says one former senior official. A second former senior official recalls the closure of an undercover operation based out of a 100-person office space in the San Francisco Bay Area because of “careless activity by FBI employees” and “possible digital compromise.” In recent years, the bureau has stopped relying on Stagehand for especially sensitive counterintelligence operations because of fears that the entire program has been compromised, says one former senior official. In a 2017 letter to then-FBI Director James Comey, Sen. Chuck Grassley raised concerns about a potential compromise of Stagehand. A whistleblower alleged that “every single investigation or criminal prosecution that involved Stagehand between 2008 and 2011 was compromised, and the identities and sensitive information of FBI undercover agents were disclosed to foreign governments,” wrote Grassley. A Miami real estate broker who worked with Stagehand and was convicted of embezzling over $60,000 in FBI funds was the source of the potential compromise, according to a 2016 letter from the FBI to Grassley provided by the senator’s office to Yahoo News. As a result, the Stagehand operations in Miami “were dissolved; assets were liquidated and personnel reassigned,” and “field offices that had received Stagehand services were made aware of potential compromise,” said the letter. Meanwhile, as these efforts faltered, the CIA was looking toward its past to engineer its future. That meant that, by the early 2010s, the agency was once again ramping up its NOC programs — this time with a focus on recruiting and deploying spies in technical fields, such as predictive analytics or data brokerage, according to former officials. But the immense amount of data publicly available — with everything from retirement accounts to Social Security numbers being searchable online — increased the danger for undercover intelligence officers. The NOC program, which was always expensive, was becoming even riskier, a concern that has prompted ongoing conversations within the agency about whether it’s worth the investment, according to two former officials. One former NOC who served in China as an undercover businessman in the mid-2010s approached Congress with specific concerns about the program, says a former national security official. The NOC was frustrated that his colleagues lacked experience in the field, didn’t speak local languages and were expected to recruit unrealistic targets, like top political figures or very senior businesspeople. The NOC believed there were fundamental problems with the program, says the same former official, as the people working at headquarters assigned to design legends had “no idea how business and finance work.” By mid-decade, the agency concluded that the best way to hide was in plain sight. Nowadays, say former officials, NOCs must truly “live their cover” — that is, actually work as the professional engineer or businessperson that they present themselves to be. NOCs live and work under their true names, say former officials, though they are known to their CIA counterparts by a pseudonym. Fewer than 10 percent of individuals within the CIA’s Directorate of Operations regularly use alias passports or credit cards, says a former senior official. The intelligence community has developed sophisticated “backstopping” procedures, which seed a cover story through web traffic, emails and other digital channels. But in an interconnected world, “good backstopping can be defeated in a Google search,” says one former senior intelligence official. Because of that reality, the use of front companies for NOCs has become increasingly untenable, necessitating closer coordination and cooperation with private American businesses for the placement and recruitment of NOCs, say former senior officials. It’s not always easy, however. “The CIA is very good at this, but they are getting the door slammed in their face,” says one former senior official. In Silicon Valley, recalls another former senior official, it was difficult to convince these companies to participate. The situation got worse in 2013, when Edward Snowden, an intelligence contractor, gave a trove of classified documents to journalists, exposing the extent of tech companies’ cooperation with the National Security Agency. “Before, it was hard,” says this person, and “it was harder to do post-Snowden.” Even a switch of employer, or an unexplained gap in one’s résumé, can be a giveaway to a foreign intelligence service, say former officials. In response, the agency has also shifted to recruiting individuals within the companies they already work at, and, with the approval of corporate leadership, secretly transitioning those persons onto the CIA payroll, and training them intermittently and clandestinely, far from any known CIA facility. Sometimes, when these individuals are finished working for the agency, they simply transition back to a full-time job for the company where they already “work.” In one recent case, a NOC who had worked at a U.S. company as a “full-time career employee” and was transitioning out of his CIA work was “softly landed” back into another position at the same firm — with the agency paying for his moving expenses and a government severance package, says a former senior intelligence official. The agency, which former officials say recruits and emplaces NOCs in the technology, finance and film industries, among other sectors, targets both major U.S. corporations and smaller U.S. companies, which are sometimes preferred because they are not beholden to shareholders. Often, say former officials, only a few select executives within a company are aware of its relationship with the agency and the “real” identities of the people in their employ. To encourage or reward cooperation from businesses, agency officials will sometimes provide special, tailor-made briefings to executives on the political and economic climate of countries of business interest to that company, say two former officials. “There is a serious legal and policy process” in place at the CIA to manage these relationships, says a former official. Otherwise, “you could break industries.” By President Barack Obama’s second term, conversations and concerns about cover were ricocheting through executive offices at U.S. intelligence agencies. A special roundtable group was assembled at the CIA’s Directorate of Operations to work through the challenges wrought by the advancing digital age. And top FBI and CIA intelligence executives met together repeatedly to discuss how, and if, the practice of undercover human intelligence work could survive the 21st century. The digital threat to cover “was a major issue, even before I arrived at the agency,” says Avril Haines, who served as CIA deputy director from 2013 to 2015. “One way to frame our approach to the many challenges posed by technology was to ‘do less, but do it better,’ which meant focusing on what was most important and then spending the time and resources needed to keep it secret. We had conversations with other allied services who were experiencing similar challenges.” In late 2015, then-CIA Director John Brennan also created a new Directorate for Digital Innovation to focus on threats in the digital world and “safeguard the cover of our clandestine officers,” as part of Brennan’s wide-ranging modernization effort for the agency. It was “over 10 years” overdue, says a former CIA official, who believed its impact was stymied by turmoil within the agency over the broader reorganization. By this time, massive amounts of digital records were being stolen — by insiders like Snowden and by adversaries like China, which also targeted private companies like Anthem, Marriott and others, in addition to spearheading two breaches into the OPM, which were revealed in 2015. The full extent of that theft, which included personal disclosure forms, clearance adjudication data and perhaps other linked intelligence community databases, has never been revealed. “Part of the discussions we had was, post-OPM hack, we didn’t realize that digitizing government records profoundly changed the threat profile,” says a former senior national security official. The intelligence community did not fully understand how much of its own information was stored outside its own walls until personal data began being stolen by China en masse, says a former senior intelligence official. For the bureau, the single biggest takeaway from these high-level discussions, say two former senior officials, was the need to create programs where undercover employees would have no link to the FBI whatsoever. That meant no training at the FBI Academy in Quantico, Va.; no history of overt FBI work before being selected for undercover assignments; and no data trail of text messages or emails linking these personnel to the bureau in any form. It required a “monumental change in thinking,” says one of these former officials . Generational issues have also frustrated officials. Recruitment to the CIA of younger people, particularly those born in the age of social media, has become more difficult, say former officials, with the agency lacking clearly defined policies for social media use. The CIA has adopted a position of “we’re not going to help you, but you better not do it wrong,” says one former agency official. Until a few years ago, agency officials were still counseling younger employees to quit social media, even though such behavior could be seen as suspicious, say former officials. The CIA still considers a Facebook friendship a “close and continuing relationship” for security purposes, say multiple former officials. Bureaucratic slip-ups also remain a routine threat to cover. On at least one occasion, when the CIA sent a new alias package to an embassy overseas, the documents were placed on the desk of a foreign national employed there who was presumed to be working for the local hostile foreign intelligence service, says a former senior CIA official. CIA officers stationed in embassies were also provided with new cars and flat-screen TVs, unlike “real” diplomats, says the same person, a fact that frustrated diplomatic security officers. But progress has been made on other fronts, say former officials, particularly in the creation of legends and alias documentation that can withstand digital scrutiny. The CIA’s alias documents are “the best in the world,” says a former senior official, because they’re real. For example, employees travel to the DMV to receive actual drivers’ licenses. At the CIA, a program called Checkpoint provides “tailored identity and travel intelligence products,” according to an agency document that WikiLeaks published in 2014. By midway through the Obama administration, the CIA and FBI were creating “extensive digital legends with increasing sophistication,” as one former senior official puts it, with cooperation from key government agencies like the Social Security Administration, Health and Human Services and the IRS. U.S. intelligence agencies also work with “friendly digital companies,” like commercially available ancestry databases, to alter personally identifying information, say former officials, and also backdate work histories. Concerned about digital leakage, and cognizant of the need to strictly quarantine deep-cover intelligence officials from their organizations, U.S. officials have adopted a strategy of “eclipsing” these individuals slowly into their cover identities before they are allowed to undertake their missions. The CIA and FBI both concluded that every person connected to these organizations’ “black side” undercover programs had to be completely sealed off from the rest of their colleagues, say former officials. This firewall is an immensely complex undertaking in a world where electronic emissions from a single cellphone traveling, say, from CIA headquarters in Virginia to an unmarked office building nearby could blow multiple undercover operations. The FBI has also struggled with this transition. As of a few years ago, “none of this was completed yet, and none of it was even remotely being done easily,” says a former senior official. The CIA, at least, had its own past practices to draw from, especially in its training of NOCs, say former officials. Years ago, the school for NOCs was entirely quarantined from that for normal future CIA operations officers, who undertake rigorous instruction at “the Farm,” a Williamsburg, Va.-area base, say two former senior officials. NOCs “never came to the East Coast” and were trained at separate secret facilities, says one of these former officials. But because of their often “rebellious” attitudes in the field, and in order to “increase their behavioral consistency,” senior CIA officials decided to move their instruction to the Farm. This move produced better-trained NOCs but also increased the threat of exposure. As of recently, the programs were sealed off from each other again, says a former senior official. The pressures of the digital age have led the CIA to favor flexibility and deniability. The agency has formed a new reserve officer program to allow spies to work in the private sector, especially the tech industry, says a former intelligence official. The program is designed to allow those operatives to maintain their clearances so they can return seamlessly to the agency after a few years, says this person. Another measure the CIA has used involves paying companies to gather intelligence for the government without even knowing it. In the last several years, the CIA has ramped up its use of “cutouts” to pay third parties to gather intelligence for them unwittingly, posing as data brokers looking into trends in the oil and gas industries, for example, says the same former official. The intelligence community needs to “think creatively about” intelligence collection, says Rep. Himes, who believes the traditional model of CIA officers who train in Virginia and then serve in an embassy overseas undercover will be difficult to continue. “This new panopticon that we’re beginning to live in” makes it “very hard to put people in physical proximity to each other,” says Himes. “That’s obviously dramatically true in some of the cities in China; it’s a little less true in La Paz, Bolivia. But nonetheless, there’s going to be a strong tidal pull away” from traditional human intelligence gathering, he says. Yet he remains concerned about a tighter embrace between private industry and espionage. “We don’t, I think, want to be in a world where entire professions, whether it’s medical [workers] or journalists, are now at even more risk than they already are because people worry that they might be collecting intelligence,” says Himes. If the old models of human intelligence gathering are compromised, the new alternatives may be inconsistent with democratic values, and it’s unclear what is — or whether there is — a good path forward. “Some people believe that within 10 years, espionage as we know it is going to be done,” says a former intelligence official. Still, some within the CIA are sanguine about the future of the profession. “Anyone who says that human intelligence will become outdated is dead wrong,” says Marc Polymeropoulos, a recently retired CIA senior operations officer. “Intelligence services will always find ways to meet their agents.” But even publicly, some intelligence officials are lamenting the dangers posed to cover, though they disagree over whether the problem can be addressed with new programs or procedures. Many are pessimistic that tweaking existing approaches will suffice. “We can’t protect identities anymore. Tech is going to make it almost impossible. I think we need a new paradigm,” said Eric Haseltine, the former head of the NSA’s research directorate, at a lunch event in Washington in late October, when asked about the problem. “Our officers overseas are known,” he said. “That’s a hard pill to swallow.” Source
  5. Billionaire Peter Thiel has called for a federal investigation into Google’s refusal to work with the U.S. military and says that the tech giant’s relationship with the Chinese military is “treasonous,” according to a new report from Axios late Sunday. Image: Peter Thiel Thiel, a Facebook board member, wants the FBI and CIA to ask questions of Google, starting with, “how many foreign intelligence agencies have infiltrated your Manhattan Project for AI?” There are no public reports that foreign intelligence agencies have infiltrated Google, though Thiel did start the company Palantir, which currently works with the Trump regime and has amassed an enormous amount of data on U.S. citizens. It’s not clear if Thiel has any special information about Google or Chinese intelligence activities that have been gained through his company. “Number two, does Google’s senior management consider itself to have been thoroughly infiltrated by Chinese intelligence?” Thiel continued. “Number three, is it because they consider themselves to be so thoroughly infiltrated that they have engaged in the seemingly treasonous decision to work with the Chinese military and not with the U.S. military... because they are making the sort of bad, short-term rationalistic [decision] that if the technology doesn’t go out the front door, it gets stolen out the backdoor anyway?” Thiel made the comments to a packed crowd at the National Conservatism Conference in Washington, D.C., which started yesterday and runs through Tuesday. Thiel’s keynote speech was called “The Star Trek Computer Is Not Enough,” according to a schedule posted to the conference website. Thiel, an advisor to President Donald Trump, was likely referring to Google’s 2018 decision not to renew a contract with the U.S. Department of Defense developing artificial intelligence for drones over ethics concerns. Earlier this year, General Joseph Dunford, chairman of the Joint Chiefs of Staff, made similar comments about the Google decision but didn’t specifically use the word treason. Speaking to the Senate Armed Services Committee in March, Dunford said, “We watch with great concern when industry partners work in China knowing there is that indirect benefit, and frankly ‘indirect’ may be not a full characterization of the way it really is. It’s more of a direct benefit to the Chinese military.” According to other attendees at the conference on Sunday, Thiel also said that Americans were too fat and addicted to drugs, adding that, “the biggest problem in our society is the problem of political correctness.” “American exceptionalism has led us to a country that is exceptionally overweight, exceptionally addicted to opioids, exceptionally unaware and exceptionally un-self-reflective,” Thiel said, according to Keith Urban who attended the conference and previously worked for Defense Secretary Donald Rumsfeld. Thiel also reportedly called for America’s top universities to lose their non-profit status. Thiel has been a proponent of people dropping out of college to pursue entrepreneurial activities. The conference’s four keynote speakers include Thiel, national security advisor John Bolton, white supremacist talk show host Tucker Carlson, and Senator Josh Hawley from Missouri. Carlson’s keynote will be delivered today and is titled, “Big Business Hates Your Family.” Neither Google nor a representative for Mr. Thiel responded to a request for comment early Monday. Thiel secretly financed the lawsuit that bankrupted Gizmodo’s former parent company, Gawker Media, back in 2016. Thiel said that any links between Google and China, “need to be asked by the FBI, by the CIA, and I’m not sure quite how to put this, I would like them to be asked in a not excessively gentle manner.” Source
  6. Hackers from the CIA found a way to keep Samsung Smart TVs on “Fake-Off mode.” Hackers at the Central Intelligence Agency, with the help of colleagues from the British spy agency MI5, developed malware to secretly spy on targets through their Samsung Smart TVs, according to new documents published by WikiLeaks. On Tuesday, WikiLeaks dumped a large cache of documents allegedly coming from the CIA's hacking unit. Julian Assange's organization dubbed the release, which it says it's the first in a series, as "Vault 7," and billed it as the largest-ever of confidential CIA intelligence documents. "Weeping Angel already hooks key presses [...] to cause the system to enter Fake-Off rather than Off." The CIA and MI5 called the project to spy on Samsung Smart TVs "Weeping Angel," perhaps a reference to Doctor Who, where weeping angels are "the deadliest, most powerful, most malevolent life-form ever produced." The malware was designed to keep the smart TVs on even when they were turned off. This was dubbed "Fake-Off mode," according to the documents. The CIA hackers even developed a way to "suppress" the TVs LED indicators to improve the "Fake-Off" mode. "Weeping Angel already hooks key presses from the remote (or TV goes to sleep) to cause the system to enter Fake-Off rather than Off," one of the leaked document reads. "Since the implant is already hooking these events, the implant knows when the TV will be entering Fake-Off mode." After this article was published, Samsung reacted with a statement. "Protecting consumers' privacy and the security of our devices is a top priority at Samsung," read the statement sent via email. "We are aware of the report in question and are urgently looking into the matter." Security researchers have long warned that smart TVs could be used to covertly tap their owner's conversations. In 2013, two white hat hackers found that several models of Samsung Smart TVs could be compromised giving attackers the chance to turn on the camera, the microphone and even control the TVs apps, such as Facebook or Skype. Samsung itself is aware of these risks. In its privacy policy, the company warned customers to be aware that "if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition." The language reminded some of the George Orwell classic dystopian novel 1984. Once again, if something is potentially hackable, hackers will try to break into it. Or as some say, if you build it, they will come. This article was updated to include Samsung's statement. Source
×
×
  • Create New...