Brief Summary
The CIA created hundreds of fake websites from 2004 to 2013 to communicate with informants, particularly in Iran, given the lack of a diplomatic presence. These sites, disguised as fan pages and niche interest hubs, were intended for covert intel drops. However, poor security and sloppy construction allowed foreign governments to easily identify and dismantle the network, leading to the capture, imprisonment, or death of informants. The CIA's failure to address known vulnerabilities and protect its assets resulted in a significant intelligence failure.
- The CIA used fake websites to communicate with informants in countries like Iran.
- These websites had poor security and were easily identified.
- The compromised system led to the capture and death of informants.
Covert Communication Tools
The CIA utilized fake websites as covert communication tools, enabling informants to share information without detection. Many of these sites targeted informants in Iran due to the absence of a US diplomatic presence since the 1979-1980 hostage crisis. The agency developed a simple web-based system for informants to submit intelligence from any computer. For example, an informant would visit a phony website like classymotors.net, enter a secret password in what appeared to be a search bar, log in, and access a messaging function to communicate with the CIA.
Examples of CIA Spy Sites
Independent researchers found 885 CIA sites, each assigned to a single informant. These sites included a Star Wars fan page, iraniangoals.com (about soccer), alljny.com (a Johnny Carson fan site), wineconnoisseur.net, and armachoy.com (a Spanish-language gun site). The Star Wars fan page humorously featured Master Yoda's favorite video games. However, the graphic design and content were secondary to the security flaws that plagued these sites.
Security Flaws and Identification
The CIA's spy sites had significant security flaws that made them easy to identify. The source code of the sites revealed secret functions, with HTML for the search bar named "password" and functions named "message" and "compose," clearly indicating a password-protected messaging system. Identifying one site made it easier to find others due to sloppy practices, such as purchasing IP addresses in large bundles, resulting in neighboring IP addresses for many sites. Governments could easily find more spy sites by changing the last digit of the IP address.
Compromise and Consequences
Despite early warnings in 2008, the CIA continued using the flawed system, leading to severe consequences. Iran, with the help of a double agent, exposed 20 spies and used Google to find other sites with similar digital signifiers. China also independently cracked the system around the same time. By 2013, informants began disappearing, being imprisoned, or killed. By 2021, the CIA believed most of their spy network in Iran was gone. The CIA did not provide adequate training or support to protect the informants, leaving them vulnerable.
