“Botched CIA Communications System Helped Blow Cover of Chinese Agents”
Zach Dorfman, Foreign Policy, August 15, 2018
As a rule of thumb, it is now about three orders of magnitude more difficult to defend against computer and network intrusions than to carry out the intrusions themselves.
It was considered one of the CIA's worst failures in decades: Over a two-year period starting in late 2010, Chinese authorities systematically dismantled the agency's network of agents across the country, executing dozens of suspected U.S. spies. …
Now, nearly eight years later, it appears that the agency botched the communication system it used to interact with its sources, according to five current and former intelligence officials. …
When CIA officers begin working with a new source, they often use an interim covert communications system — in case the person turns out to be a double agent.
The communications system used in China during this period was internet-based and accessible from laptop or desktop computers, two of the officials said.
This interim, or “throwaway,” system, an encrypted digital program, allows for remote communication between an intelligence officer and a source, but it is also separated from the main communication system used with vetted sources, reducing the risk if an asset goes bad.
Although they used some of the same coding, the interim system and the main covert communication platform used in China at this time were supposed to be clearly separated. In theory, if the interim system were discovered or turned over to Chinese intelligence, people using the main system would still be protected — and there would be no way to trace the communication back to the CIA. But the CIA's interim system contained a technical error: It connected back architecturally to the CIA's main covert communications platform. When the compromise was suspected, the FBI and NSA both ran “penetration tests” to determine the security of the interim system. They found that cyber experts with access to the interim system could also access the broader cover communications system the agency was using to interact with its vetted sources, according to the former officials. …
U.S. intelligence officers were also able to identify digital links between the covert communications system and the U.S. government itself, according to one formal official — links the Chinese agencies almost certainly found as well. These digital links would have made it relatively easy for China to deduce that the covert communications system was being used by the CIA. In fact, some of these links pointed back to parts of the CIA's own website, according to the former official.