• chevron_right

      Security Vulnerabilities in Covert CIA Websites / Schneier · Sunday, 2 October, 2022 - 15:03 · 1 minute

    Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by —at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.”

    Citizen Lab did the research :

    Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication.

    The websites included similar Java, JavaScript, Adobe Flash, and CGI artifacts that implemented or apparently loaded covert communications apps. In addition, blocks of sequential IP addresses registered to apparently fictitious US companies were used to host some of the websites. All of these flaws would have facilitated discovery by hostile parties.


    The bulk of the websites that we discovered were active at various periods between 2004 and 2013. We do not believe that the CIA has recently used this communications infrastructure. Nevertheless, a subset of the websites are linked to individuals who may be former and possibly still active intelligence community employees or assets:

    • Several are currently abroad
    • Another left mainland China in the timeframe of the Chinese crackdown
    • Another was subsequently employed by the US State Department
    • Another now works at a foreign intelligence contractor

    Citizen Lab is not publishing details, of course.

    When I was a kid, I thought a lot about being a spy. And this, right here, was the one thing I worried about. It didn’t matter how clever and resourceful I was. If my handlers were incompetent, I was dead.

    Another news article .

    EDITED TO ADD (10/2): Shashdot thread .

    • chevron_right

      Mysterious health incidents rise to 130, US officials confirm

      Beth Mole · / ArsTechnica · Friday, 14 May, 2021 - 18:17

    1950s cars driving past a Brutalist, multistory concrete building is peak Cuba.

    Enlarge / Picture of the US embassy in Havana, taken on September 29, 2017, after the United States announced it was withdrawing more than half its personnel in response to mysterious "health attacks" targeting its diplomatic staff. (credit: Getty | AFP )

    Reports of mysterious health incidents that have led to brain injuries and caused a range of symptoms among government personnel continue to stream in. One of the latest cases occurred just within the last few weeks, and the total number of US personnel affected is now over 130, according to reports.

    The New York Times reported earlier this week that at least three CIA officers have suffered serious health effects from enigmatic episodes that occurred overseas since last December, one of them within the last few weeks. All three of the CIA officers required outpatient treatment at Walter Reed National Military Medical Center or other medical facilities, the Times noted.

    Officials told the Times that the number of cases is now topping 130, up from the previously reported 60 cases, which were mainly among diplomats and their families stationed in Cuba and Guangzhou, China.

    Read 18 remaining paragraphs | Comments