The Trump Administration Has Given The CIA Free Rein To Engage In A Cyberwar
from the cybercoups-on-tap dept
Outside of the agencies desiring to participate in a cyberwar, cyberwars are generally considered to be a bad idea. At some point, the cyber is going to turn physical and we'll just be stuck in a regular war that actually kills people. And since accurate attribution still remains elusive, the potential for picking the wrong fight remains.
There was some talk of going to cyberwar with Russia after the DNC server hacking. The CIA, in particular, was all too willing to send its keyboard warriors out to do battle. This desire to draw virtual blood found some backing in the press when NBC acted as the agency's PR office, talking up the new bright, shiny warfare and asking viewers if they'd like to know more.
As long as officials have been claiming we're on the cusp of a "cyber Pearl Harbor," the CIA has been wanting to go on the offensive. The CIA already participates in plenty of cyber-attacks, but it's mostly of the one-to-one variety, targeting individuals the agency has placed under surveillance. But the agency does know how to disrupt elections, participate in coups, and otherwise wreak havoc in "enemy" lands.
Now it can do it at the cyber level. And, as Yahoo News was the first to report, it's been doing it for a few years now thanks to the new kid in town.
The Central Intelligence Agency has conducted a series of covert cyber operations against Iran and other targets since winning a secret victory in 2018 when President Trump signed what amounts to a sweeping authorization for such activities, according to former U.S. officials with direct knowledge of the matter.
The secret authorization, known as a presidential finding, gives the spy agency more freedom in both the kinds of operations it conducts and who it targets, undoing many restrictions that had been in place under prior administrations. The finding allows the CIA to more easily authorize its own covert cyber operations, rather than requiring the agency to get approval from the White House.
Rather than develop targets over months and years, the CIA can now rush in whenever it feels there's a target worth attacking. It's not just attacks targeting infrastructure or weapons development capability. It's also disinformation campaigns and the breaching of protected servers to obtain sensitive (and potentially embarrassing) documents to leak locally. Yes, the CIA is now a self-contained Wikileaks that sources and obtains its own documents.
But there's more to it than that. The authorization of CIA activities allows it to go after targets that were previously considered off-limits if it can find the slightest justification for doing so.
The presidential authorization makes it much easier for the CIA to target “cut-outs” believed to be working surreptitiously for hostile foreign intelligence services at media organizations, charities, religious institutions, or other non-state entities for disruptive or destructive cyber actions, said former officials. In the past, the burden of proof for targeting such entities was high; now, standards have been made far more lax, said former officials.
The administration has also given the CIA more power to attack foreign financial institutions, something previous administrations -- and the Treasury Department itself -- opposed due to concerns about collateral damage to international relations or the world economy itself. These concerns are now being ignored. The CIA -- thanks in part to the departed John Bolton -- now operates with near-impunity. The end result of the Trump Administration casting off the shackles binding this component of the Deep State is operations like the one described in the Yahoo article -- one that appears to have been performed by the CIA.
In another stunning hack-and-dump operation, an unknown group in March 2019 posted on the internet chat platform Telegram the names, addresses, phone numbers and photos of Iranian intelligence officers allegedly involved in hacking operations, as well as hacking tools used by Iranian intelligence operatives. That November, the details of 15 million debit cards for customers of three Iranian banks linked to Iran’s Islamic Revolutionary Guard Corps were also dumped on Telegram.
Although sources wouldn’t say if the CIA was behind those Iran breaches, the finding’s expansion of CIA authorities to target financial institutions, such as an operation to leak bank card data, represents a significant escalation in U.S. cyber operations.
The CIA is a power player in the cyber-arena now. It has finally secured the powers it's been seeking for three straight administrations. But, on top of concerns about potential international "incidents" the CIA may be leading us towards, there's the more immediate concern about how the CIA secures its own stuff. If you want to wage a cyberwar, you'd better have your home front locked down tight. Recent events have shown the CIA's approach to internal security is lax at best. If the agency is out picking fights with foreign hackers, it won't be long before someone takes the CIA's weapons and starts wielding them against our allies… or the United States itself.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Ah, you missed another point, now the CIA is going to be asking for more and more money for another eternal war like the war on terror and the war on drugs. This is the beginning of the approved cyberwar on whomever they feel is the enemy of the moment. No supervision. No prior approval. No public documentation. Just more and more taxpayer to give a cyber-beatdown to the bad-guys-of-the-moment or whatever else they feel like attacking. Look out Google and Amazon, TenCent and TikTok! The CIA feels like gunning for you today.
[ link to this | view in chronology ]
Re:
I suspect this war will Zoom on past. The agents will find they are much more productive with FaceTime relations with their contacts. And I'm sure the Vines of the national intelligence service will be invading mySpace - my personal space, any time now.
[ link to this | view in chronology ]
Instigation of another kind.
Why is it, that we have Tons of hacking around this country, and no one to Find?
Shouldnt be to hard to create a site, with a Honey pot and track those doing it.
Wouldnt be to hard to get Doctors offices, and medical corps and Credit card corps, to have this setup, to catch those trying to do it.
But for some odd reason we dont/cant/wont track down those doing it. Unless its an inside job, theres reasons to do it. NOT just to point fingers are Anyone/everyone and pass the blame for Unsecure systems to abound in this country.
The Last TIm eI read a follow up on Russia hacking something it Wasnt russia, it was in a country in that area, that gets PAID but outsiders to raid loactions.. Like the CIA paying a Foreign agency to run Such shenagigans..
[ link to this | view in chronology ]
Cyber war against whom?
This has been the CIA's stock-in-trade for decades. Please note that a fairly significant election may happen in November, and the current administration views everyone except themselves as an "enemy."
[ link to this | view in chronology ]
Re: Cyber war against whom?
With how much infighting and backstabbing they do, I'm not sure there's even that much of an "except".
[ link to this | view in chronology ]
'If it's good enough for you, it's good enough for us...'
Funny thing about using tactics like that, once you do it you utterly and completely destroy your ability to be taken seriously should you object when your enemies return the favor. By engaging in such indiscriminate hacking and release of data the CIA has painted a huge target on the american public, showing yet again that yet another government agency care more for what they want to do than what is actually good for the public, though given it's the torture-happy CIA this time I suppose there's nothing surprising there.
[ link to this | view in chronology ]
Re: 'If it's good enough for you, it's good enough for us...'
I think that's the point. By doing this, foreign state actors can attack us back creating two results:
1) Creating a (cyber) wartime president and indie and swing voters tend to favor Republicans in all things national defense.
2) An excuse to annul/question the legitimacy of the elections. If Trump can prove that the election was "hacked," he can have legitimate results overturn, call for a new election, etc. It's a way to undermine the results of an election, especially if you're losing.
[ link to this | view in chronology ]
Re: Re: 'If it's good enough for you, it's good enough for us...
Wanna bet Trump will still want a victory parade once his army of hackers has "won" the cyberwar?
[ link to this | view in chronology ]
Re: 'If it's good enough for you, it's good enough for us...'
We didn't spend 20 years creating more meatspace terrorists and aggrieved detractors for nothing.
[ link to this | view in chronology ]
You have no idea what cyber war is. Cyber war, also known as cyberterrorism to sane people is conducted by hostile foreigners against largely defenseless children and civilians using lasers that produce LSD and other poisons in the human nervous system. It is in fact a form of nazism developed by real asian and european nazis on real people including jews.
China is usually blamed. Xi jinping was in town when they did a massive largely automated cyber attack against me right before and after he signed a resolution against it.
[ link to this | view in chronology ]
Re:
All aggressive war is terrorism - after all, the difference between 9/11 and a drone strike is that the drone keeps flying after blowing people up. The purpose of both is the same - to change the political behavior of those who survive.
[ link to this | view in chronology ]
Re: Re:
Lawful war and terrorism are not the same thing but they are often confused.
[ link to this | view in chronology ]
Re:
...can't actually tell if this is supposed to be sarcasm or if we have a pro-trump deep-state acolyte of Qanon around...damn Poe and his Law.
[ link to this | view in chronology ]
Not sure whether to mark this as funny, insightful, or spam.
[ link to this | view in chronology ]
Yeah, icky Donald, right?
https://www.theguardian.com/world/2014/jul/31/cia-admits-spying-senate-staffers
And John Brennan -Obama too. What shit we have in government.
[ link to this | view in chronology ]