- A new Foreign Policy report cites sources detailing how the communication system between the CIA’s spies and handlers in China nearly a decade ago was compromised.
- The vulnerability contributed to the deaths of at least 30 spies, the sources said.
- This internet-based system, imported from operations in the Middle East, was apparently brought to China under the assumption that it could not be breached.
- But, according to the report, the program actually had telltale links to the CIA that would have allowed China to work out what was going on.
A firewall used by the CIA to communicate with its spies in China compromised their identities and contributed to their executions by the Chinese government, several current and former intelligence officials told Foreign Policy magazine in a report published Wednesday.
In a two-year period starting in 2010, Chinese officials began accurately identifying spies working for the US.
Chinese authorities rounded up the suspects and executed or imprisoned them before their handlers were able to determine what was going on.
“You could tell the Chinese weren’t guessing,” one of the US officials said in the report. “The Ministry of State Security were always pulling in the right people.”
"When things started going bad, they went bad fast."
US intelligence officials cited in the report are now placing the lion's share of the blame on what one official called a "f----- up" communications system used between spies and their handlers.
This internet-based system, brought over from operations in the Middle East, was taken to China under the assumption that it could not be breached and made the CIA "invincible," Foreign Policy reported.
"It migrated to countries with sophisticated counterintelligence operations, like China," an official said.
"The attitude was that we've got this, we're untouchable."
Intelligence officers and their sources were able to communicate with each other using ordinary laptops or desktop computers connected to the internet, marking a stark departure from some of the more traditional methods of covert communication.
This "throwaway" encrypted program, which was assumed to be untraceable and separate from the CIA's main communication line, was reportedly used for new spies as a safety measure in case they double-crossed the agency.
Unbeknownst to the CIA, however, this system could be used to connect with mainstream CIA communications, used by fully vetted CIA sources.
According to the report, the vulnerability would have even allowed Chinese intelligence agencies to deduce it was being used by the US government.
The Chinese set up a task force to break in to the throwaway system, Foreign Policy said, but it was unclear how they ultimately identified people.
The consequences for this breach were grim.
About 30 spies were reportedly executed, though some intelligence officials told Foreign Policy that 30 was a low estimate.
The US officials were reportedly "shell-shocked" by the speed and accuracy of Chinese counterintelligence, and rescue operations were organized to evacuate their sources.
The last CIA case officer to meet with sources in China reportedly handed over large amounts of cash in hopes that it would help them escape, Foreign Policy said.
The CIA has since been rebuilding its network in China, but the process has been an expensive and long endeavor, according to The New York Times, which in 2017 first reported on the suspected vulnerability and sources' deaths.