CIA Apparently 'Impersonated' Senate Staffers To Gain Access To Documents On Shared Dri... - 0 views
www.techdirt.com/...-documents-shared-drives.shtml
CIA torture Senate-Intelligence_Committee-Report firewall-testing
shared by Paul Merrell on 01 Nov 14
- No Cached
-
No, the most interesting part of the latest Torture Report details almost falls off the end of the page over at The Huffington Post. It's more hints of CIA spying, ones that go a bit further than previously covered. According to sources familiar with the CIA inspector general report that details the alleged abuses by agency officials, CIA agents impersonated Senate staffers in order to gain access to Senate communications and drafts of the Intelligence Committee investigation. These sources requested anonymity because the details of the agency's inspector general report remain classified. "If people knew the details of what they actually did to hack into the Senate computers to go search for the torture document, jaws would drop. It's straight out of a movie," said one Senate source familiar with the document. Impersonating staff to gain access to Senate Torture Report work material would be straight-up espionage. Before we get to the response that mitigates the severity of this allegation, let's look at what we do know.
-
The CIA accessed the Senate's private network to (presumably) gain access to works-in-progress. This was denied (badly) by CIA director John Brennan. The CIA also claimed Senate staffers had improperly accessed classified documents and reported them to the DOJ, even though they knew the charges were false. Then, after Brennan told his agency to stop spying on the Senate, agents took it upon themselves to improperly access Senate email accounts. This is all gleaned from a few public statements and a one-page summary of an Inspector General's report -- the same unreleased report EPIC is currently suing the agency over. Now, there's this: accusations that the CIA impersonated Senate staffers in hopes of accessing Torture Report documents. Certainly a believable accusation, considering the tactics it's deployed in the very recent past. This is being denied -- or, at least, talked around.
-
A person familiar with the events surrounding the dispute between the CIA and Intelligence Committee said the suggestion that the agency posed as staff to access drafts of the study is untrue. “CIA simply attempted to determine if its side of the firewall could have been accessed through the Google search tool. CIA did not use administrator access to examine [Intelligence Committee] work product,” the source said. So, it was a just an innocuous firewall test. And according to this explanation, it wasn't done to examine the Senate's in-progress Torture Report. But this narrative meshes with previous accusations, including those detailed in the Inspector General's report. Logging on to the shared drives with Senate credentials would allow agents to check the firewall for holes. But it also would allow them to see other Senate documents, presumably only accessible from that "side" of the firewall. While there's been no mention of "impersonation" up to this point, the first violation highlighted by the IG's report seems to be the most likely explanation of what happened here.
- ...1 more annotation...
-
Five Agency employees, two attorneys and three information technology (IT) staff members, improperly accessed or caused access to the SSCI Majority staff shared drives on the RDINet Accessing another part of the shared network/drive by using someone else's credentials is low-level hackery, but not the first thing that springs to mind when someone says "impersonation." A supposed firewall test would be the perfect cover for sniffing around previously off-limits areas. Much of what has come to light about the agency's actions hints at low-level espionage. There's still more buried in the IG report that the agency is actively trying to keep from being made public. Just because these activities didn't specifically "target" Senate work material, it was all there and able to accessed. It doesn't really matter what the CIA says it was looking for. The fact that it was done at all, and done with such carefree audacity, is the problem. There are presumably ways to perform these checks that don't involve Inspector Generals, damning reports and multiple hacking accusations.