Not long ago, I was targeted in a computer hack. The experience showed how the origin of a hack can be faked or spoofed in order to direct the blame elsewhere and muddy the waters.
The hacker initially did some reconnaissance that was traceable to an IP address in Tel Aviv, Israel, but then donned an electronic cloak of proxies in other countries before trying to crack my accounts. Most of the breach attempts over the next three days were launched through a proxy service with servers in multiple countries, from Russia to the Netherlands.
The proxy service provider was featured in an FBI flash alert and a Wired magazine article three years ago. Some experts believed there were “Russian fingerprints” on attacks directed at Illinois and Arizona board of elections websites in the run-up to the 2016 U.S. presidential election simply because the address of the attacker’s proxy cloak was Russian.
But the location of a proxy address proves nothing, as my situation illustrated.
We’ve seen that technology can be untrustworthy and exploitable. So why do intelligence agencies such as the CIA rely so heavily on it?
We live in an age where we gamble with our online information for the sake of convenience. An overwhelming number of shady online applications try to convince us to hand over access to our electronic devices (and all of the information they contain) in exchange for some supposed benefit.
But if anyone would be immune to the pitfalls of technological convenience, surely it would be the CIA, right? Wrong. And its mistake has proven costly.
Last month, the Iranian government disclosed that it had rounded up 17 people in a U.S. spy ring, all of them Iranians recruited by CIA officers. The director of the Iranian intelligence ministry’s counterespionage department said the 17 accused spies had worked in the economic, nuclear, infrastructural, military or cyber fields.
The detainees had no links to one another, each was separately linked to a CIA officer and some of them were lured by the promise of U.S. visas, according to the Iranian official, who added that several of the people arrested have been sentenced to death.
Iran released a stash of documents this week that purportedly identify the CIA officers involved in the spy ring. The documents include business cards, notes and family photos. Iran’s counterespionage chief said that CIA officers were recruiting Iranians online, and he claimed Iran had penetrated CIA systems that were masquerading as more benign websites.
Ali Shamkhani, secretary of Iran’s supreme national security council, said the spy network had been discovered a while ago and was operating in countries other than Iran.
So which country might have helped bust the CIA’s Iranian network?
In August 2018, Foreign Policy magazine published a story titled, “Botched CIA Communications System Helped Blow Cover of Chinese Agents.” The piece explained how Chinese counterespionage dismantled the CIA’s in-country espionage network from 2010 to 2012, leading to the execution of the CIA’s Chinese assets.
This disastrous episode was blamed on the agency’s use of a supposedly secure covert communication system that had been migrated over from the Middle East and allowed recruited assets to communicate with their CIA handlers.
Given that China, Russia and Iran are allies, what are the odds that the Chinese shared their findings about the CIA’s spy network with the Russians and Iranians? And if the system was originally developed for CIA intelligence operations in the Middle East, information about that system would clearly be useful to Iranian intelligence and to Russia’s efforts in countering CIA operations in Syria and elsewhere in the region.
As confident as some people are with technology — including the people responsible for keeping state secrets — the risk of entering into a house of mirrors is face-planting into a wall of glass.
