Written by Nick Heer.

Fatal Flaws in a Defunct CIA Covert Communications System

Citizen Lab:

Using only a single website, as well as publicly available material such as historical internet scanning results and the Internet Archive’s Wayback Machine, we identified a network of 885 websites and have high confidence that the United States (US) Central Intelligence Agency (CIA) used these sites for covert communication.

The websites included similar Java, JavaScript, Adobe Flash, and CGI artifacts that implemented or apparently loaded covert communications apps. In addition, blocks of sequential IP addresses registered to apparently fictitious US companies were used to host some of the websites. All of these flaws would have facilitated discovery by hostile parties.

I am an idiot and I was able to find several archived websites that appeared to be part of this scheme using only the information disclosed by Citizen Lab. If I could find part of this network, imagine what a more determined adversary would have been able to do. This is a shocking betrayal by the CIA of informants’ trust in its capabilities and security.

Joel Schectman and Bozorgmehr Sharafedin of Reuters published a full investigation based on Citizen Lab’s findings.