CIA suffered ‘catastrophic’ compromise of its spy communication system

CIAThe United States Central Intelligence Agency suffered a “catastrophic” compromise of the system it uses to communicate with spies, which caused the death of “dozens of people around the world” according to sources. This is alleged in a major report published on Friday by Yahoo News, which cites “conversations with eleven former US intelligence and government officials directly familiar with the matter”. The report by the online news service describes the compromise of an Internet-based covert platform used by the CIA to facilitate the clandestine communication between CIA officers and their sources —known as agents or spies— around the world.

According to Yahoo News, the online communication system had been developed in the years after 9/11 by the US Intelligence Community for use in warzones in the Middle East and Central Asia. It was eventually adopted for extensive use by the CIA, which saw it as a practical method for exchanging sensitive information between CIA case officers and their assets in so-called ‘denied areas’. The term refers to regions of the world where face-to-face communication between CIA case officers and their assets is difficult and dangerous due to the presence of ultra-hostile intelligence services or non-state adversaries like the Taliban or al-Qaeda. However, it appears that the system was flawed: it was too elementary to withstand sustained scrutiny by Internet-savvy counterintelligence experts working for state actors like Iran, China or Russia.

In September of 2009, Washington made a series of impressively detailed revelations about the advanced status of Iran’s nuclear program. These angered Tehran, which redoubled its efforts to stop the US and others from acquiring intelligence information about the status of its nuclear program. Some sources told Yahoo News that one of the CIA assets inside Iran’s nuclear program was convinced by the Iranians to become a double spy. He proceeded to give Tehran crucial information about the CIA’s online communication system. Based on these initial clues, the Iranians allegedly used Google-based techniques “that one official described as rudimentary” to identify an entire network of CIA-maintained websites that were used to communicate with assets in Iran and elsewhere. The Iranians then kept tabs on these websites and located their users in order to gradually unravel an entire network of CIA agents inside their country. Around that time, Iranian media announced that the Islamic Republic’s counterintelligence agencies had broken up an extensive CIA spy ring consisting of more than 30 informants.

The Yahoo News report says that the CIA was able to successfully exfiltrate some of its assets from Iran before the authorities were able to apprehend them. The agency also had to recall a number of undercover officers, after they were identified by the Iranians. The effects of the compromise, however, persisted on a global scale, according to former US intelligence officials. In 2011 and 2012, another network of CIA spies was busted in China, leading to the arrest and execution of as many as three dozen assets working for the US. Many, says Yahoo News, believe that the Iranians coached the Chinese on how to use the CIA’s online communication system to identify clandestine methods and sources used by the agency.

Along with other specialist websites, IntelNews monitored these developments as they took place separately in Iran and China. However, the Yahoo News report is the first to piece together these seemingly disparate developments and suggest that they were likely triggered by the same root cause. What is more, the report suggests that the CIA had been warned about the potential shortcomings of its online communication system before 2009, when the first penetrations began to occur. In response to the compromise, the CIA has reportedly modified, and at times completely abandoned, its online communication system. However, the implications of the system’s compromise continue to “unwind worldwide” and the CIA is “still dealing with the fallout”, according to sources. The effects on the agency’s operational work are likely to persist for years, said Yahoo News.

Author: Joseph Fitsanakis | Date: 05 November 2018 | Permalink

Advertisements

French government report says thousands approached by Chinese spies on LinkedIn

LinkedInA French government report warns of an “unprecedented threat” to security after nearly 4,000 leading French civil servants, scientists and senior executives were found to have been accosted by Chinese spies using the popular social media network LinkedIn. The report was authored by France’s main intelligence agencies, the General Directorate for Internal Security (DGSI) and the General Directorate for External Security (DGSE). According to the Paris-based Le Figaro newspaper, which published a summary of the classified report, the two intelligence agencies presented it to the French government on October 19.

The report describes Chinese efforts to approach senior French scientists, business executives, academics and others, as “widespread and elaborate”, and warns that it poses an “unprecedented threat against the national interests” of the French state. It goes on to state that nearly 4,000 carefully selected French citizens have been approached by Chinese intelligence operatives via the LinkedIn social media platform. Of those nearly half, or 1,700, have leading posts in French industry, while the remaining 2,300 work in the public sector. In their totality, those targeted are involved nearly every area of industry and government administration, including those of nuclear energy, telecommunications, computing and transportation, said the report. According to Le Figaro, those targeted were approached online by Chinese spies who employed fake identities and identified themselves as headhunters for Chinese corporations, think-tank researchers or consultants for major companies. They then invited targeted individuals to all-expenses-paid trips to China for conferences or research symposia, or offered to pay them as consultants.

The DGSI-DGSE report concludes that most of those targeted displayed shocking levels of “culpable naivety” and a “completely insufficient” awareness of online espionage methods. To address this, French intelligence agencies have produced guidelines on detecting and evading attempts at recruitment or luring from intelligence operatives using social media, said Le Figaro. French civil servants are now being informed of these guidelines through a concerted campaign by the French intelligence community, said the paper. The report, however, did not say whether similar efforts were taking place in the French private sector.

Author: Joseph Fitsanakis | Date: 24 October 2018 | Permalink

Group of 13 North Korean defectors say they were ‘forcibly kidnapped’ by South

Pyongyang Restaurant in Jakarta, IndonesiaA group of 12 female North Korean restaurant workers and their male manager claim that their widely advertised defections in 2016 were fake, and that they were in fact abducted by South Korea’s spy services. The North Korean government maintains a chain of North Korea-themed restaurants throughout Asia, which operate as popular tourist attractions across Southeast Asia. The state-owned restaurants help provide the cash-strapped regime in Pyongyang with desperately needed foreign funds. The North Korean staff —almost all of them female— who work at these restaurants are carefully vetted and chosen to represent the reclusive regime abroad. Some observers claim that these restaurants serve “as a main front to conduct intelligence gathering and surveillance [against foreign] politicians, diplomats, top corporate figures and businessmen”.

In April of 2016, the entire staff of a North Korean restaurant in the Chinese city of Ningbo defected. They disappeared all of a sudden, and reappeared a few days later in South Korean capital Seoul, where South Korean authorities held a press conference. The South Koreans told reporters that the 13 North Koreans had decided to defect after watching South Korean television dramas, which allegedly caused them to lose faith in the North Korean system of rule. But Pyongyang dismissed the defections as propaganda and claimed that its citizens had been abducted by South Korean intelligence.

Now in a shocking interview published by South Korea’s Yonhap news agency, Ho Kang-il, the male manager of the North Korean restaurant in Ningbo said that he and his staff had been forcibly taken to South Korea. Ho told Yonhap that he had been approached by officers of South Korea’s National Intelligence Service (NIS) who tried to entice him to defect to South Korea. They told him that he could open a restaurant if he chose to lead a new life in the south. Initially Ho said he was interested in the offer. But when he appeared to change his mind, the NIS officers threatened to inform the North Korean embassy in China that he had been speaking with them. Ho also said that the NIS officers blackmailed his staff at the restaurant using similar methods. Consequently, all 13 of them decided to cooperate with the NIS, as they “had no choice but to do what they told [us] to do”, said Ho.

On Sunday, the United Nations’ Special Rapporteur on Human Rights in North Korea, Ojea Quintana, said during a press conference that the UN was concerned about the allegations made by Ho. He also said that some of the North Korean defectors had told UN personnel that they left China without knowledge of where they were being taken by South Korean intelligence. Quintana concluded his remarks by calling for a “thorough investigation” into the alleged abductions of the North Koreans.

Author: Joseph Fitsanakis | Date: 18 July 2018 | Permalink

Spy chiefs from Russia, China, Iran and Pakistan hold high-level meeting

Sergei NaryshkinIntelligence directors from Russia, China, Iran and Pakistan met on Tuesday to discuss regional cooperation with particular reference to combating the Islamic State in Afghanistan. Information about the high-level meeting was revealed yesterday by Sergei Ivanov, media spokesman for the Russian Foreign Intelligence Service (SVR). Ivanov told Russia’s state-owned TASS news agency that the meeting was held in Pakistan and included the participation of SVR director Sergei Naryshkin. TASS reported that the meeting was held under the auspices of Pakistan’s powerful Inter-Services Intelligence (ISI) Directorate and was attended by “senior intelligence officials” from Pakistan, Russia, Iran and China.

Ivanov said that discussions during the meeting “focused on the dangers arising from a buildup of the Islamic State on the Afghan territory”. The Islamic State announced the formation of its Afghan province (wilayah in Arabic) in January 2015, using the term “Khorasan Province”. By July 2016, two of its most prominent leaders had been killed in coordinated drone strikes by the United States, but the group continues to launch operations to this day. Its core is thought to be made up of nearly 100 fighters from the Islamic State’s former strongholds in Syria and Iraq. According to Russian reports, security officials in China, Russia, Pakistan and Iran are concerned that the Islamic State’s Afghan command is becoming stronger as fighters from the group are leaving the Middle East and moving to Afghanistan.

Tuesday’s high-level meeting in Islamabad follows an announcement last month by the Beijing-led Shanghai Cooperation Organization (SCO) that it would adopt a more active stance on security issues in Afghanistan. Early in June, Afghan President Mohammad Ashraf Ghani described the SCO as “an important platform for anti-terrorist cooperation and enhancing regional connectivity” in Central and South Asia. President Ghani made these comments shortly before traveling to China to attend the annual summit of the SCO, of which Afghanistan is an observer country.

Author: Ian Allen | Date: 11 July 2018 | Permalink

Chinese shipbuilding boss gave CIA aircraft carrier secrets, reports claim

Liaoning aircraft carrier ChinaOne of China’s most senior shipbuilding executives, who has not been seen in public for nearly two weeks, has been charged with giving secrets about China’s aircraft carriers to the United States. Sun Bo, 57, is general manager of the China Shipbuilding Industry Corporation (CSIC), China’s largest state-owned maritime manufacturer, which leads nearly every major shipbuilding project of the Chinese navy. Most notably, Sun headed the decade-long retrofitting of the Liaoning, a Soviet-built aircraft carrier that was commissioned to the Chinese Navy’s Surface Force after the collapse of the Soviet Union.

The ship arrived at the CSIC’s Dalian shipyard in northeastern China in 2002. Work on the vessel was completed in 2012. Today CSIC heads the construction of so-called Type 001A, China’s first home-built aircraft carrier, which is said to be modeled largely on the Liaoning. The company is also spearheading the construction of numerous Chinese Navy frigates, latest-generation destroyers, and numerous other vessels. Earlier this year, it was announced the CSIC would build the Chinese Navy’s first nuclear-powered aircraft carrier.

As the second most senior official of China’s largest and most important shipbuilder, Sun has supervised all of the company’s projects during the past two decades. But Sun effectively disappeared after June 11, when he made his last known public appearance at a CSIC event. On June 17, a brief notice posted on the company’s website stated that Sun had been placed under investigation for “gross violation of laws and [Communist] Party [of China] discipline”. The brief notice said that the probe of Sun’s activities was led by China’s National Supervision Commission and the Communist Party of China’s Central Commissariat for Discipline Inspection, but provided no further details.

It has now been reported by multiple Chinese news websites that Sun is under investigation not simply for graft, but for far more serious activities involving espionage. Specifically, it is claimed that Sun was recruited by the United States Central Intelligence Agency because of his supervisory role in China’s aircraft carrier building programs. He is believed to have provided the CIA with information about the decade-long retrofitting of the Liaoning. More importantly, there are reports that Sun gave the CIA blueprints and other technical specifications of the Type 001A, which is currently under construction at a top-secret facility. The Hong Kong-based English-language news website Asia Times said on Thursday that, given the sensitive nature of the charges against Sun, it is unlikely that the Chinese government would reveal the outcome of the investigation of the CSIC executive.

Author: Joseph Fitsanakis | Date: 22 June 2018 | Permalink

US evacuates more diplomats from China over ‘abnormal sounds and symptoms’

US consulate in GuangzhouThe United States has evacuated at least two more diplomatic personnel from its consulate in the Chinese city of Guangzhou, after they experienced “unusual acute auditory or sensory phenomena” and “unusual sounds or piercing noises”. The latest evacuations come two weeks after the US Department of State disclosed that a consulate worker in Guangzhou had been flown home for medical testing, in response to having experienced “subtle and vague, but abnormal, sensations of sound and pressure”.

The evacuations from China have prompted comparisons to similar phenomena that were reported by US diplomatic personnel in Cuba in 2016. Last September, Washington recalled the majority of its personnel from its embassy in Havana and issued a travel warning advising its citizens to stay away from the island. These actions were taken in response to allegations by the US Department of State that at least 21 of its diplomatic and support staff stationed in Cuba suffered from sudden and unexplained loss of hearing, causing them to be diagnosed with brain injuries. In April, the Canadian embassy evacuated all family members of its personnel stationed in Havana over similar health concerns.

US State Department sources told The New York Times on Wednesday that the two latest evacuees were among approximately 179 American diplomats and consular personnel stationed in Guangzhou, one of China’s largest commercial hubs. The city of 14 million, located 70 miles north of Hong Kong, hosts one of Washington’s six consulates in China. The building that houses the US consulate was presented to the public in 2013 as a state-of-the-art construction, which, as The Times reports, is “designed to withstand electronic eavesdropping and other security and intelligence threats”. The paper said that one Guangzhou consular employee that was evacuated this week is Mark A. Lenzi, who works as a security engineering officer. He is reported to have left China along with his wife and two children. An unnamed senior US official told The Times that a State Department medical team arrived in Guangzhou on May 31, and is currently examining all diplomatic personnel and their families.

Author: Joseph Fitsanakis | Date: 07 June 2018 | Permalink

Facebook shared user data with Chinese firm despite warnings by US intelligence

HuaweiThe online social media company Facebook shares data about its users with a Chinese telecommunications company that has been flagged in United States government reports as a threat to security. The New York Times revealed on Tuesday that Facebook has been routinely giving access to the private data of its users to four Chinese companies since at least 2010. The paper said that the data-sharing agreement with Lenovo, Oppo, TCL, and Huawei Technologies, has its roots in 2007. That was the year when Facebook began an effort to entice cell phone hardware and software manufacturers to include Facebook-friendly apps and features in their products. As part of the agreement, Facebook gave cell phone manufacturers access to its users’ private data, including “religious and political leanings, work and education history and relationship status”, said the Times.

However, several sources in the United States, United Kingdom, Australia and other governments, have repeatedly flagged Huawei as a company that is uncomfortably close to the Chinese government and its intelligence agencies. In 2011, the US Open Source Center, which acts as the open-source intelligence arm of the Office of the Director of National Intelligence, became the first US government agency to openly link Huawei with the Chinese intelligence establishment. It said that Huawei relied on a series of formal and informal contacts with the Chinese People’s Liberation Army and the Ministry of State Security, which oversee and administer China’s military and civilian intelligence apparatus. In 2013, the British government launched an official review of Huawei’s involvement in the UK Cyber Security Evaluations Centre in Oxfordshire, England, following a British Parliament report that raised strong concerns about the Chinese company’s links with the government in Beijing. And last year the Australian government expressed concern about Huawei’s plan to provide high-speed Internet to the Solomon Islands, a small Pacific island nation with which Australia shares Internet resources.

In a statement, Facebook said that all data shared with Huawei remained stored on users’ phones and was not downloaded on the Chinese’ company’s private servers. It also said that it would “phase out” the data-sharing agreement with Huawei by the middle of June. The Times noted on Tuesday that Facebook has been officially banned in China since 2009. However, the social media company has been trying to make a comeback in the Chinese market, by cultivating close links with Chinese Communist Party officials. Facebook founder Mark Zuckerberg visited China in October of last year, and met with Chinese Premier Xi Jinping and other senior officials.

Author: Joseph Fitsanakis | Date: 06 June 2018 | Permalink