Interesting story of a CIA intelligence network in China that was exposed partly because of a computer-security failure:
Although they used some of the same coding, the interim system and the main covert communication platform used in China at this time were supposed to be clearly separated. In theory, if the interim system were discovered or turned over to Chinese intelligence, people using the main system would still be protected — and there would be no way to trace the communication back to the CIA. But the CIA’s interim system contained a technical error: It connected back architecturally to the CIA’s main covert communications platform. When the compromise was suspected, the FBI and NSA both ran “penetration tests” to determine the security of the interim system. They found that cyber experts with access to the interim system could also access the broader covert communications system the agency was using to interact with its vetted sources, according to the former officials.
In the words of one of the former officials, the CIA had “fucked up the firewall” between the two systems.
U.S. intelligence officers were also able to identify digital links between the covert communications system and the U.S. government itself, according to one former official — links the Chinese agencies almost certainly found as well. These digital links would have made it relatively easy for China to deduce that the covert communications system was being used by the CIA. In fact, some of these links pointed back to parts of the CIA’s own website, according to the former official.
People died because of that mistake.
The moral — which is to go back to pre-computer systems in these hihg-risk sophisticated-adversary circumstances — is the right one, I think.
*** This is a Security Bloggers Network syndicated blog from Schneier on Security authored by Bruce Schneier. Read the original post at: https://www.schneier.com/blog/archives/2018/08/cia_network_exp.html