Under Barack Obama’s administration, the Central Intelligence Agency suffered what intelligence officers are calling one of the worst disasters in decades. Suddenly, in late 2010, undercover agents in China were being rounded up and hauled off for interrogation. Eventually, it’s believed at least 30 were executed. The pinpoint accuracy of the arrests was unnerving.
“You could tell the Chinese weren’t guessing. The Ministry of State Security were always pulling in the right people,” one source relates. The investigators final report concluded that a “confluence and combination of events” had “wiped out the spy network,” another of the former officials adds. Every agent arrested was eventually killed. Hillary Clinton and John Kerry escaped retribution, just like Benghazi, some say.
Over a span of the next two years (2010-2012), the Chinese government “systematically dismantled” the CIA’s network of spies. To play it down, it was originally reported as “more than a dozen” instead of almost three dozen assets killed by China. Since then, everyone has been wondering how they were able to do it.
A combination of three factors came into play, but one crucially overshadowed the others. Bad coding left a security hole big enough for the Chinese to walk right in the CIA’s back door.
A group of five “current and former intelligence officials” agreed to meet with reporters at news outlet Foreign Policy, to discuss the results of a “special task force” probe into what happened. The individuals requested anonymity due to the sensitive nature of the investigation.
The task force found three “potential causes of the failure,” the former officials report.
A double agent might have passed “information about the CIA asset network,” on to his Chinese handlers but overshadowing factors are more likely to blame.
The “CIA’s spy work had been sloppy and might have been detected by Chinese authorities,” the sources confirm. Most importantly, “the communications system had been compromised.”
“Shellshocked” intelligence officials tried to minimize the damage and hustle sources out of the country. “the last CIA case officer to have meetings with sources in China distributed large sums of cash to the agents who remained behind, hoping the money would help them flee.”
When they brought the software in from Middle East operations, they thought it was secure but didn’t factor in that the environment there was “considerably less hazardous.”
They also underestimated China’s capabilities to hack their way in. One source said the China office felt “invincible.” The attitude was “that we’ve got this, we’re untouchable.”
CIA officer Jerry Chun Shing Lee was recruited about then as a double agent. Working extensively in Beijing, Lee “was in contact with his handlers at the Ministry of State Security through at least 2011.”
According to court documents from his May indictment, Lee was paid hundreds of thousands of dollars by the Chinese.
The officials explain that as bad as Lee’s alleged treachery was, it still can’t explain what happened, simply because “information about sources is so highly compartmentalized that Lee would not have known their identities.”
Other clues support the theory that the worst part of the compromise was “that China had managed to eavesdrop on the communications between agents and their CIA handlers.”
Brand new sources are never trusted because they might be a spy already. Newbies only get to use a temporary “covert communications system.” The one they used in China was “Internet-based and accessible from laptop or desktop computers,” two former agents agreed.
The “throwaway” system was still encrypted, the agents explain and it allowed “remote communication between an intelligence officer and a source.” More importantly, it “also separated from the main communications system used with vetted sources, reducing the risk if an asset goes bad.”
They were supposed to be totally separate. If the interim system was breached, those using the main system should still be safe. If done correctly, there would be no way to “trace the communication back to the CIA.”
It was not done correctly. According to the sources, the “CIA’s interim system contained a technical error.” It was “architecturally” connected to “the CIA’s main covert communications platform.”
As soon as the link was discovered, both the Federal Bureau of Investigation and the National Security Agency ran “penetration tests,” that failed miserably. “Cyber experts with access to the interim system could also access the broader covert communications system the agency was using to interact with its vetted sources.”
If we could find the “digital links” then so could the Chinese. That “would have made it relatively easy for China to deduce that the covert communications system was being used by the CIA.” One expert asserts “some of these links pointed back to parts of the CIA’s own website.”
As far back as 2010 U.S. technicians were aware of China’s “highly sophisticated” internet monitoring. With their “Great Firewall,” they constantly monitor internet traffic looking for any unusual patterns.
The agency was well aware at the time, “online anonymity of any kind was proving increasingly difficult.”
Either double agent Lee gave the Chinese access to the communications platform, which he got from his handler or the Chinese may have identified another agent and accessed that person’s computer.
The interim system may have been detected simply through routine pattern analysis of the internet data.
Even assets who didn’t use the communications system were vulnerable. “Once a person was identified as a CIA asset, Chinese intelligence could then track the agent’s meetings with handlers and unravel the entire network.”
The sources are convinced that the Chinese shared the information they gathered with Russia, where a similar system was in use.
At the same time Chinese sources were being purged, “multiple sources in Russia suddenly severed their relationship with their CIA handlers,” NBC news reported and the former officials confirmed. Going dark is not a good thing. If they didn’t escape, they are dead.