Researchers at the University of Toronto pointed out last Thursday the existence of numerous flaws in sites used by the American intelligence agency.
They explain that they have found critical vulnerabilities in nearly 900 websites that they believe have been used by the CIA. These vulnerabilities, unacceptable at such a level, have already, according to them, compromised several agents and sources working for the American headquarters abroad.
Very real consequences for American agents
In its statement on the matter, the University of Toronto points out that in 2011 and 2012, a website used as a facade by the CIA to communicate with its agents abroad had been compromised by the Chinese and Iranian intelligence services. The security breach had caused the compromise of several dozen agents in these two countries, who had subsequently been identified, imprisoned and even executed. Despite the seriousness of the facts, this story only became known to the general public in 2018, thanks to the revelation of a journalist, Jenna McLaughlin, who denounced the fact that no one in the agency’s hierarchy suffered consequences.
Worse still, this technique of communicating with CIA agents internationally was not abandoned after these terrible failures. In 2022, an informant in Iran was identified, presumably in the same way, and sentenced to seven years in prison. Faced with these facts, the researchers have therefore decided to investigate the sites used, and if they do not disclose too many details so as not to worsen a very complicated situation, they announce that they have discovered critical vulnerabilities.
Archaic technology and measures far from sufficient
The researchers explain that from a single site and information available to everyone on the Internet, they managed to identify a network of at least 885 sites used by the CIA to communicate with its agents. These sites, which most often pretend to be information platforms, contain apparently very poorly concealed code that can be found in particular in more or less encrypted messaging applications. A quick analysis can also identify the IP addresses used by their administrators. This low security is mainly due to the technology, already outdated when these sites began to be used, around 2004.
If the investigation concludes that these systems are probably no longer used by the American secret services, they still contain valuable information. These make it possible to identify agents still active in hostile territory. The CIA has not yet commented on these revelations.
Sources: Citizenlab, Gizmodo