CIA Compromised: Is Familiarity with Social Media the Death of Espionage?

In 2011, Iran unearthed a ring of US spies and their handlers somewhat inexplicably. This compromised the US’s negotiating power in terms of the nuclear deal and sabotaged bleeding-edge intel about the state of Iran’s nuclear development.

Last year the CIA and FBI admitted that their counterintelligence investigation into China’s discovery of US agents between 2010-2012 was inconclusive. China unearthed almost all of the CIA’s assets and spies within the country and they were eliminated one by one. “Sources described the loss of the network as “one of the worst in decades” and compared it to the loss of assets caused in the 1980s and 1990s by two notorious American spies.”

Recently it came to light that the common factor between both breaches was the discovery and decryption of the CIA’s online communications platform by malicious actors. The discovery was also underscored by carelessness by agents in their habits of logging in and out of the messaging system. The use of social media and technology that is connected to the internet have become crucial weak points in the United State’s effort to carry out secret activities in Iran, China, and Russia. Both of these events could signal to the CIA that their push to have a more tech savvy department is too ambitious and and could be the demise of CIA assets. The CIA’s catering to younger officers with a familiar format (IE social media and online communications) led to the greatest breach in assets and intelligence since the Cold War. Yet, aside from a technical point of view, this incident can have parallels to how civilians should think about the technology that they surround themselves with. If the CIA with its 4096 bit encryption and shell companies and websites can be compromised by simple violations in OPSEC and a reliance on social media, how vulnerable are you?

Phones, watches, TVs, tablets, and computers: all have the ability to send and receive information through the internet. Most people invite these devices into their homes and day to day lives because they offer a level of comfort and efficiency. The recent CIA hacks reveal that civilians should be more vigilant about the devices they use and how they use them, especially for devices that can track location and record voices or speech. Social media logs your face, location, interests, friends, education, and jobs. There is little it doesn’t know about you. Although most people don’t need to worry about nefarious actors and enemy agents, you should still be concerned how your data can be used to profile, track, and tag you both to advertisers, future employers, and Big Brother. There is a fine line that determines technology’s roll as a tool or a crutch in our daily lives.  

What’s the way forward? Maybe the CIA should be like China and rely heavily and almost exclusively on human resources (HUMINT) and low-tech signaling. It could try to go back to its roots of embedding agents and assets all over the world in every institution and organization both friend and foe. Maybe relying on simple tactics and old-school trade craft can help redeem the lost networks. Or maybe America’s first line of defense should copy the British approach where the CIA could rely heavily on HUMINT while hardening its technological capabilities and cryptology. By relying on encryption and digital detection, the CIA can peer into the world of hybrid threats.  For us civilians, the story shows a lesson. If the world’s most exclusive and elusive spy agency is compromised so easily due to an over reliance on technology, what could happen to you? You can cut the cord, or at the very least realize facetime and facebook are not superior to face-to-face interactions.