A Yahoo News report published on Friday quoted several former U.S. intelligence officials who said the covert Internet system employed by the Central Intelligence Agency (CIA) to communicate with intel sources worldwide suffered a “catastrophic” compromise between 2009 and 2013.
The sources claimed the compromise was linked to Iran’s vengeful hunt for American spies after the discovery of a secret underground uranium enrichment plant.
According to Yahoo’s narrative, the CIA communications disaster began in 2009 after Iran was caught enriching uranium at an underground facility kept secret from the International Atomic Energy Agency (IAEA). The event was deeply embarrassing for Tehran and began a sequence of events that ended with tough sanctions imposed against Iran’s nuclear program until they were lifted by then-President Barack Obama’s nuclear deal in 2015.
Iran launched an intensive “mole hunt” and discovered the CIA relied excessively upon a flawed and “elementary” covert communications system that proved relatively easy to crack. According to Yahoo’s sources, American officials found the covert Internet system easy to use, so they were reluctant to change it and they greatly overestimated how secure it was.
Over the course of the next year, Iran exposed dozens of CIA sources, imprisoning and executing many of them in what a former intelligence official described as an “incredibly damaging” vendetta against American informants. The Iranians reportedly “cultivated a double agent who led them to the secret CIA communications system,” which was used in many other “difficult operational environments.”
According to Yahoo News, CIA officials were stunned at how quickly and thoroughly the Iranians penetrated the system, which relied on phony corporate websites. One of the report’s cringe-inducing details is that once the Iranian double agent pointed out a disguised CIA website, Iranian intelligence unraveled the rest of the CIA network using Google searches for similar sites and monitoring traffic to those websites.
This was quickly followed by China’s catastrophic compromise of America’s spy network in 2011 and 2012, which culminated in the arrest and execution of about 30 U.S. agents and sources, essentially destroying the American network in China.
According to Yahoo’s sources, the Chinese penetrated the same CIA internet system uncovered by Iran, and may possibly have consulted with Iranian intelligence or made use of information passed by Iran to Russia, which was engaged in some “very suspicious” collusion on cyber-espionage at the time. Some other analysts have speculated China cracked the CIA network on its own and passed the information along to Russia.
Yahoo reported on Friday there is evidence Iran, Russia, and China have been working together on cyber-espionage against the United States and might have compromised American intelligence operations around the world:
There were discrete signs of potential cooperation. Around the time of the purges of CIA informants in Iran and China, senior counter-espionage officials from China’s Ministry of State Security visited their counterparts in Tehran, said four former U.S. officials.
Some officials believe the two countries engaged in a trade — perhaps with Iran providing China with the technical information needed to pinpoint signs of online activity on the communications system, in exchange for military hardware, speculated one former official. “That’s the spy service way,” said another former official.
With dawning horror, U.S. officials realized that once Iranian or Chinese intelligence officials were able to pinpoint CIA assets within their own borders, they were almost certainly capable of zeroing in on similar digital signatures in other countries, former officials said.
Former officials said the fallout from the compromises was likely global in scope — potentially endangering all CIA sources that used some version of this internet-based system worldwide.
The thrust of the Yahoo report is that Iranian penetration of CIA networks across the Middle East is much worse than previously admitted by U.S. officials, and the response from the Obama administration was agonizingly slow, hindered by politics, bureaucracy, and the inherent difficulty of making huge adjustments to covert networks without alerting adversaries. The near-total lack of accountability for anyone involved in creating this disaster is said to have dismayed whistleblowers.
“When we continuously allow things like this to happen, and Congress doesn’t do anything, and the institutions don’t do anything, you’re going to have worse issues,” said a former intelligence official.
“People will say, ‘I went to the inspector general and it didn’t work; I went elsewhere and it didn’t “work.’ People will see it as a game. It will lead to corruption, and it will lead to espionage. When people see that the system is corrupt, it affects everything,” the official added.
“We’re still dealing with the fallout,” said a former national security official. “Dozens of people around the world were killed because of this.”
In a possibly related development, Iran recently complained about its “infrastructure and strategic networks” coming under attack from a “more violent, more advanced, and more sophisticated” version of the Stuxnet virus, widely seen as a successful U.S. and/or Israeli cyber attack on Iran’s nuclear program in 2010. The Iranians claim they were largely able to repel the new virus attack.