The US foreign intelligence service CIA-protected websites for whistleblowers were not secure enough that they were easy to find. The United States foreign intelligence service, the CIA (Central Intelligence Agency), operated websites that served as portals for whistleblowers. The CIA did not securely protect them strong enough and they were easy to find. Several of the whistleblowers from Iran were already in prison, the Reuters news agency reports.
Search fields on supposed Iranian information sites about football served as login fields. After successfully entering a password, the CIA sources were able to leave their information to the service. Security researchers from the Canadian Citizen Lab were able to identify up to 350 such sites using simple means: the search fields were labeled "password". Reuters describes the CIA's behavior in this regard as "negligent".
Operation already discontinued
It has been known since 2018 that such websites existed. Today's research by IT experts explains the scale of the campaign. According to Reuters, the domain names and languages ​​of the sites found by the Wayback Machine and DNS lookups indicated a variety of countries of operation, including China, Brazil, Ghana, Russia, and Thailand. "The CIA really failed with that," Citizen Lab's Bill Marczak said, according to Reuters.
Reuters presented the fate of various informants - mainly from Iran - who probably ended up in prison through the poorly camouflaged information portals: According to Reuters, the Iranian engineer Gholamreza Hosseini spent almost a decade in a prison in Tehran, Iran, after being convicted of espionage for the United States had been convicted. Mohammad Aghaei fled to Switzerland after spending nearly six years in an Iranian prison for espionage. He said the CIA never contacted him again after he was convicted, according to Reuters.
Support the Creator, Support Journalism
Your Support Can Help Us Bring More Investigative and Quality Content For You. Buy Me a Coffee Here!
Comments / 2