I was honestly a little surprised this morning when I saw the news pass by. The BBC (at https://www.bbc.co.uk/news/technology-67137773) gives us ‘Twitter glitch allows CIA informant channel to be hijacked’. To be honest, I have no idea why they would take this road, but part of me gets it. Perhaps in the stream of all those messages, a few messages might never be noticed. The best way to hide a needly is to drop it in a haystack. Yet the article gives us “But Kevin McSheehan was able to redirect potential CIA contacts to his own Telegram channel” giving us a very different setting to the next course of a meal they cannot afford. So when we are given “At some point after 27 September, the CIA had added to its X profile page a link – https://t.me/securelycontactingcia – to its Telegram channel containing information about contacting the organisation on the dark net and through other secretive means”, most of us will overlook the very setting that we see here and it took me hours to trip over myself and take a walk on the previous street to reconsider this. So when we are given “a flaw in how X displays some links meant the full web address had been truncated to https://t.me/securelycont – an unused Telegram username” the danger becomes a lot more visible. And my first thought was that a civilian named McSheehan saw this and the NSA did not? How come the NSA missed this? I think that checking its own intelligence systems is a number one is stopping foreign powers to succeed there and that was either not done, or the failing is a lot bigger then just Twitter. So even as the article ends with “The CIA did not reply to a BBC News request for comment – but within an hour of the request, the mistake had been corrected” we should see the beginning not the end of something. So, it was a set of bungles that starts with the CIA IT department, that goes straight into the NSA servers, Defence Cyber command and optionally the FBI cyber routines as well. You see, the origin I grasp at is “Installation of your defences against enemy retaliation” and it is not new, It goes back to Julius Caesar around 52BC (yes, more then two millennia ago). If I remember it correctly he wrote about it in Commentarii de Bello Gallico. Make sure your defences are secure before you lash out is a more up to date setting and here American intelligence seemingly failed.
Now, we get it mistakes will be made, that happens. But for the IT department of several intelligence departments to miss it and for a civilian in Maine to pick it up is a bit drastic an error and that needs to be said. This is not some Common Cyber Sense setting, this is a simple mistake, one that any joker could make, I get that. My issue is that the larger collection of intelligence departments missed it too and now we have a new clambake.
Yes, the CIA can spin this however they want, but the quote “within an hour of the request, the mistake had been corrected” implies that they had not seen this and optionally have made marked targets of whomever has linked their allegiance to the CIA. That is not a good thing and it is a setting where (according to Sun Tzu) dead spies are created. Yet they are now no longer in service of America, but they are optionally in service of the enemies of the USA and I cannot recall a setting where that ever was a good thing. You see, there was a stage that resembles this. In 942 the Germans instigated Englandspiel. A setting where “the Abwehr (German military intelligence) from 1942 to 1944 during World War II. German forces captured Allied resistance agents operating in the Netherlands and used the agents’ codes to dupe the United Kingdom’s clandestine organisation, the Special Operations Executive (SOE), into continuing to infiltrate agents, weapons, and supplies into the Netherlands. The Germans captured nearly all the agents and weapons sent by the United Kingdom” For two years the Germans had the upper hand, for two years the SOE got the short end of that stick and this might not be the same, but there is a setting where this could end up being the same and I cannot see that being a good thing for anyone (except the enemies of America). Now, I will not speculate on the possible damage and I cannot speculate on the danger optional new informants face or the value of their intelligence. Yet at this point I think that America needs to take a hard look at the setting that they played debutante too. I get it, it is not clear water, with any intelligence operation it never is. Yet having a long conversation with the other cyber units is not the worst idea to have. You see, there is a chance someone copied the CIA idea and did EXACTLY the same thing somewhere else. As such how much danger is the intelligence apparatus in? Come to think of it, if Palantir systems monitor certain server actions, how did they miss it too? This is not an accusation, it is not up to Palantir to patrol the CIA, but these systems are used to monitor social media and no one picked up on this?
Just a thought to have on the middle of this week.
Lawrence van Rijn - Law Lord to be 
X to the power of sneaky
I was honestly a little surprised this morning when I saw the news pass by. The BBC (at https://www.bbc.co.uk/news/technology-67137773) gives us ‘Twitter glitch allows CIA informant channel to be hijacked’. To be honest, I have no idea why they would take this road, but part of me gets it. Perhaps in the stream of all those messages, a few messages might never be noticed. The best way to hide a needly is to drop it in a haystack. Yet the article gives us “But Kevin McSheehan was able to redirect potential CIA contacts to his own Telegram channel” giving us a very different setting to the next course of a meal they cannot afford. So when we are given “At some point after 27 September, the CIA had added to its X profile page a link – https://t.me/securelycontactingcia – to its Telegram channel containing information about contacting the organisation on the dark net and through other secretive means”, most of us will overlook the very setting that we see here and it took me hours to trip over myself and take a walk on the previous street to reconsider this. So when we are given “a flaw in how X displays some links meant the full web address had been truncated to https://t.me/securelycont – an unused Telegram username” the danger becomes a lot more visible. And my first thought was that a civilian named McSheehan saw this and the NSA did not? How come the NSA missed this? I think that checking its own intelligence systems is a number one is stopping foreign powers to succeed there and that was either not done, or the failing is a lot bigger then just Twitter. So even as the article ends with “The CIA did not reply to a BBC News request for comment – but within an hour of the request, the mistake had been corrected” we should see the beginning not the end of something. So, it was a set of bungles that starts with the CIA IT department, that goes straight into the NSA servers, Defence Cyber command and optionally the FBI cyber routines as well. You see, the origin I grasp at is “Installation of your defences against enemy retaliation” and it is not new, It goes back to Julius Caesar around 52BC (yes, more then two millennia ago). If I remember it correctly he wrote about it in Commentarii de Bello Gallico. Make sure your defences are secure before you lash out is a more up to date setting and here American intelligence seemingly failed.
Now, we get it mistakes will be made, that happens. But for the IT department of several intelligence departments to miss it and for a civilian in Maine to pick it up is a bit drastic an error and that needs to be said. This is not some Common Cyber Sense setting, this is a simple mistake, one that any joker could make, I get that. My issue is that the larger collection of intelligence departments missed it too and now we have a new clambake.
Yes, the CIA can spin this however they want, but the quote “within an hour of the request, the mistake had been corrected” implies that they had not seen this and optionally have made marked targets of whomever has linked their allegiance to the CIA. That is not a good thing and it is a setting where (according to Sun Tzu) dead spies are created. Yet they are now no longer in service of America, but they are optionally in service of the enemies of the USA and I cannot recall a setting where that ever was a good thing. You see, there was a stage that resembles this. In 942 the Germans instigated Englandspiel. A setting where “the Abwehr (German military intelligence) from 1942 to 1944 during World War II. German forces captured Allied resistance agents operating in the Netherlands and used the agents’ codes to dupe the United Kingdom’s clandestine organisation, the Special Operations Executive (SOE), into continuing to infiltrate agents, weapons, and supplies into the Netherlands. The Germans captured nearly all the agents and weapons sent by the United Kingdom” For two years the Germans had the upper hand, for two years the SOE got the short end of that stick and this might not be the same, but there is a setting where this could end up being the same and I cannot see that being a good thing for anyone (except the enemies of America). Now, I will not speculate on the possible damage and I cannot speculate on the danger optional new informants face or the value of their intelligence. Yet at this point I think that America needs to take a hard look at the setting that they played debutante too. I get it, it is not clear water, with any intelligence operation it never is. Yet having a long conversation with the other cyber units is not the worst idea to have. You see, there is a chance someone copied the CIA idea and did EXACTLY the same thing somewhere else. As such how much danger is the intelligence apparatus in? Come to think of it, if Palantir systems monitor certain server actions, how did they miss it too? This is not an accusation, it is not up to Palantir to patrol the CIA, but these systems are used to monitor social media and no one picked up on this?
Just a thought to have on the middle of this week.
Leave a comment
Filed under IT, Military
Tagged as Abwehr, BBC, CIA, Commentarii de Bello Gallico, Common Cyber Sense, DoD, Englandspiel, FBI, Julius Caesar, Kevin McSheehan, Maine, NSA, Palantir, SOE, Special Operations Executive, Sun Tzu, Twitter