CIA ‘free to launch wave of aggressive cyberattacks against Iran, Russia and China after secret Trump order’ – The Sun

THE CIA has conducted a number of covert cyber operations against Iran, Russian and other targets after winning a secret powers victory in 2018, reports claim.

Former U.S. officials with direct knowledge of the matter told Yahoo! News that President Donald Trump signed the sweeping authorization to undertake such activities.

The secret authorization, known as presidential finding, reportedly gives the U.S. spy agency more freedom regarding the kinds of operations it undertakes and who it targets.

According to reports, the findings mean the CIA can more easily authorize its own cyber operations, rather than having to seek White House approval first.

The directive was reportedly driven by the National Security Council and crafted by the CIA, focusing on capability rather than specific policy objectives overseas.

Supporters of the move have said it grants the intelligence agency room to act more nimbly, while critics have said that it could be a dangerous level of intelligence oversight.

One former official said: "Our government is basically turning into f****ing WikiLeaks, [using] secure communications on the dark web with dissidents, hacking and dumping.”

The finding is "very aggressive," one former U.S. government official said, adding that it "gave the agency very specific authorities to really take the fight offensively to a handful of adversarial countries."


Russia, China, Iran and North Korea were reportedly mentioned in the document, and the finding could relate to other countries, too.

Another official said: "The White House wanted a vehicle to strike back. And this was the way to do it."

The powers granted to the CIA do not cover hacking or the collection of data, but open a way of launching cyber operations that focus on disruption.

These offensives could include cutting off electricity or compromising an intelligence operation by dumping documents online.

In 2009, a U.S.-Israeli attack known as Stuxnet destroyed centrifuges in Iran that were tied to its nuclear program.

The finding makes it easier for the CIA to undertake the kinds of hack-and-dump operations that were used by Russian hackers and WikiLeaks.

It also makes it easier for the agency to damage the critical infrastructure of other countries.

Banks and other financial institutions, which were previously off-limits, may also be disrupted under the new finding, reports claim.

A former official said: "Before, you would need years of signals and dozens of pages of intelligence to show that this thing is a de facto arm of the government, as long as you can show that it vaguely looks like the charity is working on behalf of that government, then you’re good.”

They added that since Trump signed off on the new freedoms, more than a dozen operations have been carried out by the agency.


The CIA has been looking for an expansion of its cyber powers for a number of years.

Since the 2016, the agency has been searching for ways to hit back against the Kremlin, following reported Russian interference in the 2016 election.

A former senior official said that after launching operations in late summer of 2016, they were told to stand down by those in the highest levels of the Obama administration.

Plans for immediate retaliation against Russia were avoided in the early days of the Trump administration, one official said, but over time, discussions about expanding the agency's cyber authorities grew.

A current official, who did not discuss the specifics of the finding, said the CIA, the National Security Agency and the Pentagon “have been able to play like we should be playing in the last couple years."

In September 2018, John Bolton announced that Trump had signed a directive to ease Obama-era rules on cyber operations.

The underlying rules of engagement for military cyber operations remained secret, along with the CIA finding.

One example of the new powers being used included leaking the source code of Iran’s cyber-espionage tools.

Others included publicly dumping the details of 15 million payment cards from three Iranian banks and hacking two contractors that worked with Russia’s FSB.

Previous administrations had been against wiping out and leaking banking data, as it could potentially destabilize the global financial system.

Source: Read Full Article